Guide DynaStar 1500 (DS1500-XFR) X.25 Frame Router

Transcription

DynaStar 1500
X.25 Frame Router
(DS1500-XFR)
Administrator's
Guide
Garrettcom, Inc.
25 Commerce Way #1
North A ndover, MA 01845
Phone: 978.688.8807
Fax: 978.688.8771
Part Number: 3-01-0083-01 Rev AA
$25.00 USD
DECLARATIONS
DOCUMENT NOTICE
Copyright
Copyright 2005 by Dymec, Inc. Printed in the US. All rights reserved.
This manual may not be reproduced or disclosed in whole or in part by any means without the written consent of Dymec,
Inc. DynaStar is a trademark of Dymec, Inc. All other trademarks mentioned in this document are the property of their
respective owners.
This document has been prepared to assist users of equipment manufactured by Dymec, Inc., and changes are made
periodically to the information in this manual. Such changes are published in Software Release Notices. If you have
recently upgraded your software, carefully note those areas where new commands or procedures have been added. The
material contained in this manual is supplied without any warranty of any kind. Dymec, Inc. therefore assumes no
responsibility and shall incur no liability arising from the supplying or use of this document or the material contained in it.
Rights
Except as set forth in the Software License Agreement, Dymec, Inc. makes no representation that software programs and
practices described herein will not infringe on existing or future patent rights, copyrights, trademarks, trade secrets or
other proprietary rights of third parties and Dymec, Inc. makes no warranties of any kind, either express or implied, and
expressly disclaims any such warranties, including but not limited to any implied warranties of merchantability or fitness
for a particular purpose and any warranties of non infringement. The descriptions contained herein do not imply the
granting of licenses to make, use, sell, license or otherwise transfer Dymec, Inc. products described herein. Dymec, Inc.
disclaims responsibility for errors which may appear in this document, and it reserves the right, in its sole discretion and
without notice, to make substitutions and modifications in the products and practices described in this document.
Part Number Information
Paper Version Part Number:
3-01-0083-01 Rev AA
CD Version Part Number:
3-01-0080-02 AD
pdf Version Part Number:
4-62-0083-00 AA
Revision History
Release Date
July 2005
Document
Revision
AA
Software
Release
7.2
Change Note
New product release, Hardware and
Software
DS1500-XFR Administrator’s Guide
i
DECLARATIONS
Warranty
WARRANTY
Dymec, Inc. warrants equipment manufactured by it to be free from defects in materials and workmanship for a period of
one (1) year from date of shipment. If within the warranty period the purchaser discovers such item was not as warranted
above and promptly notifies Dymec, Inc. in writing, Dymec, Inc. shall repair or replace the items at the company's option.
This warranty shall not apply to: (a) equipment not manufactured by Dymec, Inc.; (b) equipment which shall have been
repaired or altered by anyone other than Dymec, Inc.; (c) equipment which shall have been subjected to negligence,
accident, or damage by circumstances beyond Dymec, Inc. control, or to improper operation, maintenance or storage, or
to other than normal use or service. With respect to equipment sold but not manufactured by Dymec, Inc., the warranty
obligation of Dymec, Inc. shall, in all aspects, conform and be limited to the warranty actually extended to Dymec, Inc. by
its supplier.
The foregoing warranties do not cover reimbursement for labor, transportation, removal, installation, or other expenses
that may be incurred in connection with repair or replacement.
THE FOREGOING WARRANTIES ARE EXCLUSIVE AND IN LIEU OF ALL OTHER EXPRESS AND
IMPLIED WARRANTIES EXCEPT WARRANTIES OF TITLE, INCLUDING, BUT NOT LIMITED TO,
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
LIMITATION OF LIABILITY
Anything to the contrary herein contained notwithstanding, Dymec, INC., ITS CONTRACTORS AND SUPPLIERS
OF ANY TIER, SHALL NOT BE LIABLE IN CONTRACT, IN TORT (INCLUDING NEGLIGENCE OR
STRICT LIABILITY) OR OTHERWISE FOR ANY SPECIAL, INDIRECT, INCIDENTAL OR
CONSEQUENTIAL DAMAGES WHATSOEVER. The remedies of the purchaser set forth herein are exclusive where
so stated and the total cumulative liability of Dymec, Inc. its contractors and suppliers of any tier, with respect to this
contract or anything done in connection therewith, such as the use of any product covered by or furnished under the
contract, whether in contract, in tort (including negligence or strict liability) or otherwise, shall not exceed the price of the
product or part on which such liability is based.
Unless otherwise agreed to in writing by an authorized official of Dymec, Inc., products sold hereunder are not intended
for use in or in connection with a nuclear facility or activity. If so used, Dymec, Inc. disclaims all liability for nuclear
damage, injury or contamination, and purchaser shall indemnify Dymec, Inc. against any such liability, whether as a result
of breach of contract, warranty, tort (including negligence) or otherwise.
ii
DECLARATIONS
Patents
PATENTS
As to equipment proposed and furnished by Dymec, Inc., Dymec, Inc. shall defend any suit or proceeding brought against
purchaser so far as based on a claim that said equipment constitutes an infringement of any patent of the United States, if
notified promptly in writing and given authority, information, and assistance at Dymec, Inc.'s expense for the defense of
the claim. In event of a final award of costs and damages from such a suit, Dymec, Inc. shall pay such award. In event the
use of said equipment by purchaser is enjoined in such a suit, Dymec, Inc. shall, at its own expense, and at its sole option
either (a) procure for purchaser the right to continue using equipment, (b) modify said equipment to render it noninfringing, (c) replace said equipment with non-infringing equipment, or (d) refund the purchase price (less depreciation)
and transportation and installation costs of said equipment. Dymec, Inc. will not be responsible for any compromise or
settlement made without its written consent. The foregoing states the entire liability of Dymec, Inc. for patent
infringement, and in no event shall Dymec, Inc. be liable if the infringement charge is based on the use of Dymec, Inc.
equipment for a purpose other than that for which it was sold by Dymec, Inc. As to any equipment furnished by Dymec,
Inc. to purchaser and manufactured in accordance with designs proposed by purchaser, purchaser shall indemnify Dymec,
Inc. against any award made against Dymec, Inc. for patent, trademark, or copyright infringement.
RETURN OF EQUIPMENT
No equipment may be returned without purchaser first obtaining Dymec, Inc.'s written Return Material
Authorization (RMA).
Equipment accepted for credit, not involving a Dymec, Inc. error, shall be subject to all the terms of the original purchase
contract and to a service charge. Returned equipment must be of current manufacture, unused, and in reasonable
condition, securely packed to reach Dymec, Inc. without damage, shipped F.O.B. Dymec, Inc. facility with transportation
charges paid, and labeled with Return Material Authorization (RMA) number. Any cost incurred by Dymec, Inc. to put
equipment in first class condition will be charged to purchaser.
COMPLIANCE NOTICES
FCC Part 15
This device complies with part 15 of the FCC Rules. Operation is subject to the following two conditions: (1) This device
may not cause harmful interference, and (2) this device must accept any interference received, including interference that
may cause undesired operation.
Note: This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant to part 15
of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference when the
equipment is operated in a commercial environment. This equipment generates, uses and can radiate radio frequency
energy and, if not installed and used in accordance with the instruction manual, may cause harmful interference to radio
communications. Operation of this equipment in a residential area is likely to cause harmful interference in which case the
user will be required to correct the interference at his/her own expense.
Changes or modifications could void the user’s authority to operate the equipment. The user is cautioned not to change or
modify this product.
iii
DECLARATIONS
Safety
ACTA TIA/EIA IS-968A (Formerly FCC Part 68)
This equipment complies with ACTA TIA/EIA IS-968A rules. On the device is a label that contains, among other
information, the FCC registration number for this equipment. If requested, this information must be provided to the
telephone company. (Note: REN [Ringer Equivalence Number] does not apply to this equipment.)
The telephone company may make changes in its facilities, equipment, operations, or procedures that could affect the
operation of this equipment. If this happens, the telephone company will provide advance notice in order for you to make
necessary modifications to maintain uninterrupted service.
IC CS03 (Industry Canada)
This digital apparatus does not exceed the Class A limits for radio noise emissions from digital apparatus set out in the
interference-causing equipment entitled “Digital Apparatus”, ICES-003 of the department of Communications (Cet
appareil numérique respecte les limites bruits radioélectriques applicables aux appareils numériques de Class A prescrites
dans la norme sur le materiel brouilleur: “Appareils Numériques”, NMB-003 édictée par le ministre des
Communications).
EN55022
Warning: This is a Class A product. In a domestic environment this product may cause radio interference, in which case
the user may be required to take adequate measures.
SAFETY
WARNING: Service to this unit can be made only by factory authorized personnel. Failure to observe this caution can
result in malfunction to the unit as well as electrocution to personnel.
Avertissement: Cet appareil ne peut être examiné ou réparé que par un employé autorisé du fabricant. Si cette consigne
n’est pas respectée, il y a risque de panne et d’électrocution.
Vorsicht: Dieses Gerät darf nur durch das bevollmächtigte Kundendienstpersonal der fabrik instandgehalten werden. Die
Nichtbeachtung dieser Vorschrift kann zu Fehlfunktionen des Gerätes führen und das Personal durch Stromschläge
gefährden.
iv
DECLARATIONS
Safety
Industry Canada Warnings
Avis d’Industrie Canada
Notice:
Avis:
Before installing this equipment, users should ensure that it is
permissible to be connected to the facilities of the local
telecommunications company. The equipment must also be
installed using an acceptable method of connection. The
customer should be aware that compliance with the above
conditions may not prevent degradation of service in some
situations.
Avant d’installer ce matériel, l’utilisateur doit s’assurer qu’il est
permis de le raccorder aux installations de l’entreprise locale
de télécommunication. Le matériel doit également être installé
en suivant une méthode acceptée de raccordement. L’abonné
ne doit pas oublier qu’il est possible que la conformité aux
conditions énoncées ci-dessus n’empêche pas la dégradation
du service dans certaines situations.
Repairs to certified equipment should be coordinated by a
representative designated by the supplier. Any repairs or
alterations made by the user to this equipment, or equipment
malfunctions, may give the telecommunications company
cause to request the user to disconnect the equipment.
Les réparations de matériel homologué doivent être
coordonnées par un représentant désigné par le fournisseur.
L’entreprise de télécommunications peut demander à
l’utilisateur de débrancher un appareil à la suite de réparations
ou de modifications effectuées par l’utilisateur ou à cause de
mauvais fonctionnement.
Users should ensure for their own protection that the electrical
ground connections of the power utility, telephone lines, and
internal metallic water pipe system, if present, are connected
together. The precaution may be particularly important in rural
areas.
Pour sa propre protection, l’utilisateur doit s’assurer que tous
les fils de mise à la terre de la source d’énergie électrique, des
lignes téléphoniques et des canalisations d’eau métalliques, s’il
y en a, sont raccordés ensemble. Cette précaution est
particulièrement importante dans les régions rurales.
Service Personnel Warning
The DS1500-XFR may be AC or DC powered. Remove all power connections at the circuit panel before removing the
unit.
The installation of this product must comply with all applicable codes and practices specified by the country, city, and
operating company in which it is installed.
Conformité UL (E.-U. et Canada)
Dans le cas des unités devant fonctionner sous 120 V c.a., utilisez un cordon d’alimentation homologue UL constitué au
minimum d’un cordon de calibre 14 AWG (0,83 mm3) de type SVT ou SJT à trois conducteurs d’une longueur maximale
de 15 pieds muni d’une prise à lames parallèles avec mise à la terre et pouvant supporter 15 A à 125 V. Dans le cas des
unités devant fonctionner sous 250 V c.a. conformément aux normes internationales, utilisez un cordon d’alimentation
homologue UL constitué au minimum d’un cordon de calibre 14 AWG (0,83 mm3) muni d’une prise avec mise à la terre
pouvant supporter 15 A à 240 V, marqué HAR et conforme aux normes de sécurité en vigueur dans le pays où le materiel
doit être utilisé.
Grounding
This equipment is equipped with an external grounding bolt (#10/32 UNF-2B). All units requiring grounding use a
grounding wire a minimum size of 14 AWG at a maximum length of five feet. The ground lug bolt should be torqued to 32
inch pounds.
v
DECLARATIONS
Contacting Dymec
CONTACTING DYMEC
By Mail:
Dymec, Inc.
25 Commerce Way #1
North Andover, MA 01845
Telephone:
978.688-8807
Fax:
978.688-8771
Website:
www.dymec.com
Email:
[email protected]
Customer support representatives are available during normal business hours, 8 - 5pm EST.
vi
TABLE OF CONTENTS
DECLARATIONS
Document Notice .................................................................................................................................................................................. i
Copyright ................................................................................................................................................................................ i
Rights ....................................................................................................................................................................................... i
Part Number Information .................................................................................................................................................... i
Revision History .................................................................................................................................................................... i
Warranty ................................................................................................................................................................................................. ii
Limitation of Liability .......................................................................................................................................................................... ii
Patents ................................................................................................................................................................................................... iii
Return of Equipment .......................................................................................................................................................................... iii
Compliance Notices ............................................................................................................................................................................ iii
FCC Part 15 .......................................................................................................................................................................... iii
ACTA TIA/EIA IS-968A (Formerly FCC Part 68) ...................................................................................................... iv
IC CS03 (Industry Canada) ................................................................................................................................................ iv
EN55022 ............................................................................................................................................................................... iv
Safety ...................................................................................................................................................................................................... iv
Service Personnel Warning ................................................................................................................................................. v
Conformité UL (E.-U. et Canada) ..................................................................................................................................... v
Grounding ............................................................................................................................................................................. v
Contacting Dymec ............................................................................................................................................................................... vi
PREFACE
About This Manual ............................................................................................................................................................................ xiii
Conventions ........................................................................................................................................................................................ xiv
Related Documents ........................................................................................................................................................................... xiv
Web Access ......................................................................................................................................................................................... xiv
Comments ........................................................................................................................................................................................... xiv
CHAPTER 1:
DYNASTAR 1500 X.25 FRAME ROUTER PRODUCT OVERVIEW
1.1
Principal Features and Benefits ...........................................................................................................................................1-1
1.2
IP Routing Overview ............................................................................................................................................................1-4
1.2.1 IP Routing Over Frame Relay ............................................................................................................................1-4
1.2.2 IP Routing Over X.25 ..........................................................................................................................................1-6
1.3
Terminal Server Overview ...................................................................................................................................................1-7
1.4
Virtual Private Line Overview .............................................................................................................................................1-8
1.5
X.25 Over Frame Relay Overview ......................................................................................................................................1-9
1.6
Additional DS1500-XFR Features ....................................................................................................................................1-11
1.6.1 Ethernet Switching .............................................................................................................................................1-11
1.6.2 Integral CSU/DSU .............................................................................................................................................1-11
1.6.3 Security .................................................................................................................................................................1-11
1.6.4 Network Reliability .............................................................................................................................................1-11
vii
CONTENTS
1.6.5 DynaStar Supervisor .......................................................................................................................................... 1-11
1.6.6 LEDs and Alarms .............................................................................................................................................. 1-11
CHAPTER 2:
SUPERVISOR OVERVIEW
2.1
Supervisor .............................................................................................................................................................................. 2-1
2.2
Universal Commands for Supervisor Menu Navigation ................................................................................................ 2-1
2.2.1 Command Notation ............................................................................................................................................ 2-1
2.2.2 Navigation ............................................................................................................................................................. 2-2
2.2.3 Saving Changes ..................................................................................................................................................... 2-2
2.3
Accessing the DynaStar Supervisor ................................................................................................................................... 2-3
2.3.1 Accessing the System Operator Console ......................................................................................................... 2-3
2.3.2 Logging In ............................................................................................................................................................. 2-5
2.4
Supervisor Menus ................................................................................................................................................................. 2-5
2.4.1 Port Menus ............................................................................................................................................................ 2-7
2.4.2 Network Menus ................................................................................................................................................. 2-10
2.4.3 System Menus ..................................................................................................................................................... 2-11
2.4.4 Security Menus ................................................................................................................................................... 2-12
CHAPTER 3:
CONFIGURATION BASICS
3.1
Configuration Example ....................................................................................................................................................... 3-1
3.2
IP Router Services ................................................................................................................................................................ 3-2
3.2.1 Configure the Frame Relay Port for IP Routing ............................................................................................. 3-3
3.2.2 Configure Frame Relay for IP Routing Services ............................................................................................. 3-6
3.2.3 Assign an IP Address to the WAN Port and Ethernet Group(s) ................................................................ 3-8
3.2.4 Configure the Ethernet Ports ............................................................................................................................ 3-9
3.3
Terminal Server ................................................................................................................................................................... 3-11
3.3.1 Configure the Frame Relay Port to Support Terminal Server Functionality ............................................ 3-12
3.3.2 Configure the Frame Relay Connection for Terminal Server Functionality ............................................ 3-15
3.3.3 Assign an IP Address to the WAN Port for Terminal Server Functionality ............................................ 3-16
3.3.4 Configure the Serial Ports for Terminal Server Functionality .................................................................... 3-18
3.4
Direct-To-Frame ................................................................................................................................................................. 3-19
3.4.1 Configure the WAN Port for Serial Frame Relay ......................................................................................... 3-20
3.4.2 Configure Frame Relay for Direct-to-Frame Functionality ........................................................................ 3-22
3.4.3 Configure the Serial Port for Direct-to-Frame Service ................................................................................ 3-24
3.5
XOT ...................................................................................................................................................................................... 3-25
3.5.1 Configure the X.25 Port ................................................................................................................................... 3-26
3.5.2 Configure an HDLC Connection .................................................................................................................... 3-27
3.5.3 Configure the XOT Switching Table .............................................................................................................. 3-28
3.6
X.25-FRAD Example ........................................................................................................................................................ 3-30
3.6.1 Configure the Frame Relay Port(s) ................................................................................................................. 3-31
3.6.2 Configure DLCIs ............................................................................................................................................... 3-31
3.6.3 Configure Virtual X.25 Ports ........................................................................................................................... 3-32
3.6.4 Configure X.121 Addresses and Switching Table ......................................................................................... 3-34
CHAPTER 4:
4.1
TROUBLESHOOTING AND SOFTWARE MAINTENANCE
Troubleshooting .................................................................................................................................................................... 4-1
4.1.1 Port ......................................................................................................................................................................... 4-1
4.1.2 Network ................................................................................................................................................................. 4-2
viii
CONTENTS
4.1.3
4.1.4
4.1.5
4.1.6
Bridge ......................................................................................................................................................................4-2
Frame Relay ...........................................................................................................................................................4-3
X.25 .........................................................................................................................................................................4-3
Buffer Usage ..........................................................................................................................................................4-3
4.2
Boot Process ..........................................................................................................................................................................4-4
4.3
Initializing an IP Address .....................................................................................................................................................4-5
4.4
Software Maintenance ...........................................................................................................................................................4-6
4.4.1 FTP Commands ....................................................................................................................................................4-7
4.4.2 TFTP Commands .................................................................................................................................................4-8
4.4.3 Creating a Compressed Configuration File ......................................................................................................4-8
4.4.4 Placing a Compressed Configuration File on a DS1500-XFR ...................................................................4-10
4.4.5 Placing a Software Load on a DS1500-XFR .................................................................................................4-11
4.4.6 Reinitializing the System ....................................................................................................................................4-12
4.4.7 Deleting Files from the DS1500-XFR ...........................................................................................................4-13
APPENDIX A: PORT FUNCTIONS
A.1
Port Menus ............................................................................................................................................................................A-3
A.1.1 Functions For Port Menu ...................................................................................................................................A-4
A.2
Configuration ........................................................................................................................................................................A-6
A.2.1 Console Port Configuration ...............................................................................................................................A-6
A.2.2 Ethernet Port Configuration ..............................................................................................................................A-7
A.2.3 Frame Relay Port Configuration .......................................................................................................................A-9
A.2.4 Asynchronous (PAD) Port Configuration .....................................................................................................A-14
A.2.5 X.25 Port Configuration ...................................................................................................................................A-19
A.2.6 HDLC Port Configuration ...............................................................................................................................A-22
A.2.7 Transparent Port Configuration ......................................................................................................................A-24
A.2.8 PPP Port Configuration ....................................................................................................................................A-25
A.3
Statistics ................................................................................................................................................................................A-27
A.3.1 Ethernet Port Statistics .....................................................................................................................................A-27
A.3.2 Frame Relay Port Statistics ...............................................................................................................................A-28
A.3.3 DDS Statistics ....................................................................................................................................................A-31
A.3.4 Asynchronous Port Statistics ...........................................................................................................................A-33
A.3.5 X.25 Port Statistics ............................................................................................................................................A-34
A.3.6 HDLC Port Statistics ........................................................................................................................................A-37
A.3.7 Transparent Port Statistics ...............................................................................................................................A-38
A.3.8 PPP Port Statistics .............................................................................................................................................A-38
A.4
Disable, Enable, Busy, and Initialize Ports .....................................................................................................................A-40
A.5
Protocol Monitoring ..........................................................................................................................................................A-41
A.6
Port Mirror ..........................................................................................................................................................................A-43
A.7
Port Security ........................................................................................................................................................................A-44
APPENDIX B: NETWORK COMMANDS
B.1
Networking Setup and Status Menu .................................................................................................................................. B-4
B.2
Router (IP) ............................................................................................................................................................................. B-5
B.2.1 Assign IP Addresses and Protocols .................................................................................................................. B-6
B.2.2 IP Routes Display ................................................................................................................................................ B-8
B.2.3 Static Routing ....................................................................................................................................................... B-9
B.2.4 IP Filter ...............................................................................................................................................................B-10
ix
CONTENTS
B.2.5
B.2.6
B.2.7
B.2.8
B.2.9
B.2.10
TCP/IP Status ....................................................................................................................................................B-13
OSPF ...................................................................................................................................................................B-14
BootP/DHCP ....................................................................................................................................................B-22
Virtual Private Networks ..................................................................................................................................B-27
VRRP ...................................................................................................................................................................B-32
TCP Multicast .....................................................................................................................................................B-35
B.3
Bridge ....................................................................................................................................................................................B-37
B.4
Terminal Server ...................................................................................................................................................................B-40
B.5
Async Services .....................................................................................................................................................................B-44
B.5.1 PAD Profiles ......................................................................................................................................................B-44
B.5.2 Logon Screen ......................................................................................................................................................B-50
B.5.3 Async Services ....................................................................................................................................................B-50
B.5.4 Async Options ....................................................................................................................................................B-58
B.5.5 X.25 Mnemonics ................................................................................................................................................B-59
B.5.6 NUIs ....................................................................................................................................................................B-60
B.5.7 User Call Status ..................................................................................................................................................B-61
B.6
Frame Relay .........................................................................................................................................................................B-62
B.6.1 Prioritization .......................................................................................................................................................B-64
B.6.2 Frame Relay DLCI Status Screen ....................................................................................................................B-65
B.6.3 System Parameters .............................................................................................................................................B-66
B.7
X.25 .......................................................................................................................................................................................B-67
B.7.1 Bridge and Router Configuration ....................................................................................................................B-67
B.7.2 X.121 Routing Table .........................................................................................................................................B-69
B.7.3 PVC/SVC Switching .........................................................................................................................................B-73
B.7.4 XOT Switching Table .......................................................................................................................................B-75
B.7.5 X.121 Address Translation ...............................................................................................................................B-76
B.7.6 X.25 Multicast Table .........................................................................................................................................B-80
B.7.7 X.25 Connections ..............................................................................................................................................B-82
B.7.8 X.25 Multicast Status .........................................................................................................................................B-83
APPENDIX C: SYSTEM FUNCTIONS
C.1
System Functions and Commands .....................................................................................................................................C-2
C.1.1 Code Versions ......................................................................................................................................................C-2
C.1.2 Restarting the DS1500-XFR .............................................................................................................................C-3
C.2
Event Log ..............................................................................................................................................................................C-5
C.3
Buffer Usage ..........................................................................................................................................................................C-6
C.4
System Parameters ................................................................................................................................................................C-7
C.5
Date and Time ......................................................................................................................................................................C-9
C.6
SNMP ...................................................................................................................................................................................C-10
APPENDIX D: SECURITY COMMANDS
D.1
Security .................................................................................................................................................................................. D-2
D.2
Password Change ................................................................................................................................................................. D-3
D.3
Define Access Permissions ................................................................................................................................................ D-4
D.4
Security Options .................................................................................................................................................................. D-6
D.5
Port Selection ....................................................................................................................................................................... D-7
x
CONTENTS
D.6
Network Security ................................................................................................................................................................. D-8
D.7
Destinations .......................................................................................................................................................................... D-8
D.8
Console Monitor ................................................................................................................................................................ D-10
D.9
PAP/CHAP ....................................................................................................................................................................... D-13
Addendum 1: VLANs
Addendum 2: VRRP
xi
CONTENTS
xii
PREFACE
ABOUT THIS MANUAL
This manual provides the Administrator with instructions to configure, monitor and maintain the
DYNASTAR 1500 X.25 FRAME ROUTER (DS1500-XFR). This manual contains a basic description of the
DS1500-XFR uses, the basics of using the Supervisor application and the hierarchical menu structure, and
instructions for configuring the DS1500-XFR for specific applications. The specific applications and
configuration cover IP Routing over Frame Relay, Terminal Server, Direct-To-Frame operation, async,
Frame Relay, and X.25. The Appendices define each menu option in the Supervisor application. The
chapters are presented as follows:
Chapter 1, “DynaStar 1500 X.25 Frame Router Product Overview” - This chapter describes the specific
features of the DS1500-XFR.
Chapter 2, “Supervisor Overview” - This chapter describes the Supervisor application menu hierarchy and
defines each of the higher level sub-menus and how to configure, monitor, and control the DS1500-XFR.
This chapter also includes methods for navigating through the menus, Login procedures and an overview of
the Supervisor main subsections.
Chapter 3, “Configuration Basics” - This chapter describes configuring the DS1500-XFR for IP Routing
Over Frame Relay, Terminal Server, Direct-To-Frame, XOT, and X.25 over Frame Relay operation.
Chapter 4, “Troubleshooting and Software Maintenance” - This chapter explains how to check for
configuration and status information relating to the network and device. Also included are some basic
instructions for using tftp commands and software maintenance.
Appendix A, “Port Functions” - This appendix describes the Port Menu hierarchy and, using menu screen
illustrations, defines the fields and capabilities for each.
Appendix B, “Network Commands” - This appendix describes the Network Menu hierarchy and, using
menu screen illustrations, defines the fields and capabilities for each.
Appendix C, “System Functions” - This appendix describes the Security Menu hierarchy and, using menu
screen illustrations, defines the fields and capabilities for each.
Appendix D, “Security Commands” - This appendix describes the System Menu hierarchy and, using menu
screen illustrations, defines the fields and capabilities for each.
Addendum, “VLANs” - This addendum provides additional information on the VLAN capabilities included
in the DS1500-XFR.
Addendum, “VRRP” - This addendum provides more information on the VRRP configuration setup on the
DS1500-XFR.
xiii
DECLARATIONS
Conventions
CONVENTIONS
One common convention used throughout the manual is the use of callouts interspersed in the text of the
document. These callouts, shown and described below, draw the user’s attention to a condition or situation
that may require action or at least awareness. All callouts appear immediately before the step to which the
callout information pertains. The callouts are listed below with descriptions of their uses and information
content in the text fields.
!
NOTE: Notes are to provide the user with helpful information pertaining to an upcoming step
or action. Not following the information contained in a Note will not adversely affect the
operation of the unit but following the note may save time or increase the understanding of
the user.
CAUTION: Cautions inform the user that a condition may exist such that inaction may cause
the system to operate poorly or cause the system to cease operating.
RELATED DOCUMENTS
The DS1500-XFR documentation is contained in two manuals. The remaining document is:
•
DYNASTAR 1500 Installation and Maintenance Guide - This document contains the
instructions for installing and removing the DS1500-XFR.
WEB ACCESS
All of the DYNASTAR 1500 manuals are also available in .pdf format on the Dymec website,
www.dymec.com.
COMMENTS
If you find an error or have a helpful tip on the layout or informational content of this or any other Dymec
manual, please feel free to contact us via email with any problems or helpful information. All enquiries will
be responded to with a correction or whatever resolution is required. Please make all comments to
[email protected] or phone a support engineer at (877) 463-9632.
xiv
CHAPTER 1
DYNASTAR 1500 X.25 FRAME ROUTER
PRODUCT OVERVIEW
The DYNASTAR 1500 X.25 FRAME ROUTER is a purpose-built networking platform for distributed
industrial automation applications. This chapter provides an overview of the primary features and
benefits of the product and describes the four commonly implemented networking services: IP Router,
Terminal Server, Direct-to-Frame Virtual Private Line, and X.25 features, as well as other extended
features.
1.1
PRINCIPAL FEATURES AND BENEFITS
The DYNASTAR 1500 X.25 FRAME ROUTER (DS1500-XFR) is a multi-function, multi-protocol networking
platform that is purpose-built for distributed industrial automation applications such as Supervisory Control
and Data Acquisition (SCADA) systems. The DS1500-XFR supports a wide range of communications
interfaces used by industrial devices, enabling multiple generations of remote devices and support systems
to be consolidated onto a single integrated network infrastructure. The DS1500-XFR also operates
effectively in extremely harsh environmental conditions such as those within power utility substations,
pumping stations, waste water treatment plants and transportation systems. This robustness is primarily due
to extended-range specifications in areas such as electromagnetic interference, temperature and electrical
surges. Most other networking products will fail when facing these conditions.
Figure 1-1 depicts a typical DS1500-XFR network application. The figure shows a DS1500-XFR at each of
several remote industrial locations. The DS1500-XFR provides all of the data communications connectivity
for each location using a single integrated access link to the Wide Area Network (WAN). DS1500-XFR
networks can alternatively be deployed with dual, redundant configurations for added network reliability.
The DS1500-XFR consolidates connections from a variety of industrial devices having differing
communications interfaces, including bit- or byte-oriented Asynchronous serial connections at connection
rates of 300 bps to 230.4 Kbps and IP-oriented Ethernet connections at 10 or 100 Mbps. This interface
range covers most RTUs, PLCs, Intelligent Electrical Devices (IEDs), industrial servers and other devices
with digital data connectivity.
1-1
CHAPTER 1 - DynaStar 1500 X.25 Frame Router Product Overview
Principal Features and Benefits
Distributed
Industrial Site
Ethernet
Host Computer Site
DynaStar
1500
Serial
Management
System
IP
Device
DynaStar
1500
T1
Ethernet
1.5
4M
bp
S6
DD
s
4
6
/5
Kb
Serial
Serial
Devices
ps
S1
IP
Device
S2
..
.
Frame Relay or
X.25 Network
Management
System
DD
Host Computer Site
S6
4/
56
Kb
ps
Distributed
Industrial Site
IP
Device
Ethernet
DynaStar
1500
Ethernet
Serial
Serial
Devices
S1
Management
System
IP
Device
S2
Figure 1-1. Typical XFR Network Application
Figure 1-1 shows a DS1500-XFR deployed at a centralized computer center, providing multiple Async
serial connections from a host front-end over a single access line to an integrated WAN. The figure also
depicts the case with DS1500-XFRs deployed at all remote locations and more general-purpose non-Dymec
networking products used at a central IP/Ethernet-oriented data center.
The DYNASTAR 1500 X.25 FRAME ROUTER is optimized for use with wireline WAN services such as
private or carrier-provided X.25 or Frame Relay services. Both X.25 and Frame Relay are widely used
packet switching technologies that efficiently support multiple simultaneous data streams on a single circuit
(statistical multiplexing), thus reducing the cost of discrete physical circuits. Frame Relay and X.25 also
allow many different devices attached to a common network to establish discrete point-to-point Permanent
Virtual Circuits (PVCs) that link the device pairs securely and with specified performance characteristics
(e.g., bandwidth and priority). This makes it easy to add devices or new applications to an established
network. Once a new device or system has a single physical access link to an established network, data
connectivity to any or all other networked devices requires only software-based provisioning of additional
PVCs.
DS1500-XFRs can also use other WAN services including dedicated digital leased lines, an IP-based
Enterprise “intranet” or carrier-provided IP-based services such as an IP-VPN (Virtual Private Network). As
further described below, a common hybrid implementation is to use one set of Frame Relay connections to/
from the same remote site to form an IP-based routed backbone network for most IP-based traffic, and use
other Frame Relay or X.25 connections to support specific applications or protocols requiring special
treatment.
1-2
Principal Features and Benefits
While primarily a WAN access and integration device, the DS1500-XFR also supports local
communications within a distributed site. The DS1500-XFR provides Ethernet switching and AsyncEthernet terminal services, within the remote site, to support device-to-device connections, local craft access
(e.g., Human Machine Interface [HMI]), PCs, or device connection to local distributed servers (e.g., for
local data caching).
The DS1500-XFR provides the features of six different and often physically discrete networking devices
integrated in a single platform:
•
•
•
•
•
•
Terminal Server (IP to Async serial device support)
Ethernet switch (local switching and router access)
IP Router
Frame Relay Access Device (for IP or Direct-to-Frame serial traffic)
X.25 access
CSU/DSU (electrical and physical interface to the Wide Area Network)
DynaStar XFR
Serial Interface
Terminal
Server
FRAD
or
X.25
IP
Router
CSU/
DSU
WAN Interface
Ethernet
Switch
Ethernet
Interface
Figure 1-2. DynaStar XFR Functional Block Diagram
The 5:1 device integration depicted in Figure 1-2 provides investment and operational savings compared to
alternative solutions involving multiple less-integrated devices. Investment savings include both acquisition
cost as well as space allocation and engineering support requirements. Power system requirements are
consolidated and simplified, with the DS1500-XFR supporting direct feeds from a wide range of DC power
sources commonly used at industrial sites. Operational savings come from reduced maintenance and
administration, including having fewer different software-based devices to coordinate for network
configuration, diagnostics and software upgrades.
The DS1500-XFR supports four principal service types, listed below. These are most commonly used in
some combination across an integrated core network.
•
•
•
•
IP Routing
• IP/Ethernet devices connecting to IP-based systems
Terminal Server
• Interconnections of Async devices to/from TCP/IP-based systems
Direct-to-Frame Virtual Private Line
• Async serial devices mapped directly to Frame Relay PVCs for connectivity with
serial-based systems
X.25 Switch and Concentrator
• Access to X.25 nodes and interface for X.25 concentration and switching
1-3
IP Routing Overview
Used together, the Terminal Server and IP Routing services support an overall strategy of “IP Convergence.”
All device and application traffic from serial and Ethernet-based devices, once attached to the network, is in
the Internet Protocol (IP) format and is routed over a common IP-based infrastructure. This strategy is a
long-term goal for most Enterprises, leveraging the now-dominant presence of IP in general-purpose
Enterprise networks.
The unique Direct-to-Frame Virtual Private Line (VPL) service of the DS1500-XFR provides a transitional,
complementary approach to IP Convergence for established serial-based applications. In many cases,
mapping serial data streams to IP creates significant transmission overhead and less-efficient utilization of
core network resources. This results in reduced and less predictable network performance as measured by
latency, throughput and lost data. The Virtual Private Line approach segregates selected serial data streams
using different Frame Relay PVCs than the IP traffic. This still consolidates all traffic from a remote site
onto a single access line and frame-based core network but minimizes overhead and reduces latency.
The DS1500-XFR integrates several traditional X.25 functions into a single system. A port configured for
X.25 traffic can support traditional X.25 connections as well as remote LAN connections and X.25 traffic
over IP and TCP/IP networks. Possible uses of the X.25 service include:
•
•
•
•
•
•
The DS1500-XFR can be used as an X.25 concentrator and can route packets over a
standard X.25 network. The DS1500-XFR supports standard X.121 addressing and address
translation on both incoming and outgoing connections.
Multi-protocol routed and bridged traffic can be carried on the same X.25 access link. Each
virtual call provides a link to a different distant server and can be configured to support IP
routing or Ethernet bridging.
X.25-In and X.25-Out can be used to allow an X.25 user to reach a TCP/IP device or a TCP/
IP device to reach a remote X.25 device.
The DS1500-XFR provides a Telnet gateway over X.25.
XOT allows X.25 traffic to be encapsulated in TCP/IP traffic and routed over an IP
backbone network.
X.25 is also often used in conjunction with asynchronous devices such as PADs. The
DS1500-XFR provides support for various PAD functions, including call mnemonics and
Network User IDs (NUIs).
Each of the four principal network services are described in more detail below, followed by a brief summary
of other extended features supported by the DS1500-XFR. Configuration guidelines for these services are
provided in Chapter 3, while details of extended features are included in the command/menu reference
materials of Appendices A and B.
1.2
IP ROUTING OVERVIEW
The IP Routing service enables IP-based devices and systems connected directly or indirectly to a DS1500XFR, typically over an Ethernet interface, to communicate with remote systems using IP/Frame Relay or IP/
X.25 across a WAN. These applications are depicted in Figure 1-3 and Figure 1-4.
1.2.1
IP Routing Over Frame Relay
In Figure 1-3, there is an IP-based PVC established between the remote DS1500-XFR and another more
centralized IP router. The Frame Relay PVC is defined by specific Data Link Connection Identifiers
(DLCIs) at each end of the Frame Relay connection. The DLCI has only local significance at each access
point to the Frame Relay network, with the DLCI mapping taking place within the cloud. The DLCI denotes
the logical channel used by a given PVC on that local access link. In this example, the Frame Relay network
connects DLCI 320 on the link to/from the router at the data center to DLCI 120 on the link to/from the
DS1500-XFR at the remote site creating an end-to-end PVC.
1-4
IP Routing Overview
Remote Site
WAN W1
192.168.1.1
ps
b
6K
/5 0
4
S 6 I 12 0
DD DLC 149
C
RF
Data Center
192.168.10.1
255.255.255.0
192.168.1.2
255.255.255.0
DLCI 320
RFC 1490
Ethernet
Frame Relay Network
DynaStar
1500
E1
E2
E3
IP
Device
IP
Device
IP
Device
Ethernet Port Group
192.168.2.0
IP Router
(e.g., DynaStar)
Management
System
Figure 1-3. IP Routing Service Example Over Frame Relay
Figure 1-3 shows only one remote and one central router, but other intermediary routers could also be used.
The IP-based PVC from the DS1500-XFR is to the adjacent “next hop” router in the network. All IP-based
devices attached to the remote DS1500-XFR can share this IP routed connection.
IP Routing can also be used locally within a site, without using the Frame Relay connection. Local routing is
an alternative to layer-2 Ethernet switching among Ethernet ports. IP routing can provide communication
among devices in different Ethernet VLANs and can provide additional network security using IP address
filtering and IPsec encryption.
IP Routing is also used by the Terminal Server application described in “Terminal Server Overview” on
page 1-7. The Terminal Server feature converts Async serial communications to/from IP packets. IP routing
provides routing of these packets either locally, i.e., to an Ethernet-connected device, or remotely, i.e., using
the shared IP based PVC. Once IP routing service is established over a Frame Relay connection, all
permitted IP applications and devices can use the service, including both Ethernet-based devices and Serial
devices that use Terminal Server.
Figure 1-3 shows a single IP route from the DS1500-XFR to an adjacent router over the WAN. However,
using the multiplexing and switching capabilities of Frame Relay, many IP routes can exist over a single
physical access line. Each route has a unique IP-based PVC terminating on a “next hop” IP router. Multiple
routes can exist when a remote site needs to communicate with multiple data centers (host sites) and/or when
a more complex, resilient IP router network is created for added network reliability.
The default mode for IP routing uses the RIP protocol to exchange available route information with adjacent
routers. Advanced features available with IP Routing include:
•
•
•
•
•
•
IP address filtering (selective blocking of permitted sources and destinations)
IPsec VPNs (data encryption)
Multiple next hop links (RFC 1490 PVCs)
Static routing (explicit next hops, not using a routing protocol like RIP)
Dynamic routing with OSPF (Open Shortest Path First routing protocol)
DHCP client and server (automatic assignment of IP addresses)
1-5
IP Routing Overview
The Configuration Basics described in Chapter 3 deal primarily with default IP routing over Frame Relay
using RIP, supporting both Ethernet-based IP traffic and Terminal Server traffic. Other IP Routing features
are described primarily in the reference sections of Appendix B.
1.2.2
IP Routing Over X.25
Similar to the IP routing over Frame Relay described above, the DS1500-XFR also supports IP routing over
X.25, as illustrated in Figure 1-4.
Remote Site
DynaStar
1500
WAN W1
192.168.1.1
Data Center
30
192.168.10.1
255.255.255.0
6
0-
4K
LC
N
bp
s
22
192.168.1.2
255.255.255.0
IP
Device
IP
Device
IP
Device
LCN 34
Ethernet
E1
E2
E3
X.25 Network
Ethernet Port Group
192.168.2.0
IP Router
(e.g., DynaStar)
Management
System
Figure 1-4. IP Routing Service Example Over X.25
In Figure 1-4, there is an IP-based virtual circuit established between the remote DS1500-XFR and another
more centralized IP router. The X.25 virtual circuit is defined by specific Logical Channel Numbers (LCNs)
at each end of the X.25 connection. The LCN has only local significance at each access point to the X.25
network with the LCN mapping taking place within the cloud. The LCN denotes the logical channel used by
a given virtual circuit on that local access link.
Figure 1-4 shows only one remote and one central router, but other intermediary routers could also be used.
The IP-based PVC from the DS1500-XFR is to the adjacent “next hop” router in the network. All IP-based
devices attached to the remote DS1500-XFR can share this IP routed connection.
IP Routing can also be used locally within a site, without using the X.25 connection. Local routing is an
alternative to layer-2 Ethernet switching among Ethernet ports. IP routing can provide communication
among devices in different Ethernet VLANs and can provide additional network security using IP address
filtering and IPsec encryption.
Figure 1-4 shows a single IP route from the DS1500-XFR to an adjacent router over the WAN. However,
using the multiplexing and switching capabilities of X.25, many IP routes can exist over a single physical
access line. Each route has a unique IP-based virtual circuit terminating on a “next hop” IP router. Multiple
routes can exist when a remote site needs to communicate with multiple data centers (host sites) and/or when
a more complex, resilient IP router network is created for added network reliability.
1-6
Terminal Server Overview
1.3
TERMINAL SERVER OVERVIEW
The DS1500-XFR Terminal Server feature is typically used to enable a host-computer application based on
TCP/IP protocol to communicate with a remote industrial device that has an Async serial interface (see
Figure 1-5). All communication is in IP format from the central host to/from the remote site. The Terminal
Server feature at the remote site disassembles each TCP/IP packet and provides an Async serial stream to the
remote device. In the reverse direction, Async responses from the device are assembled into TCP/IP packets,
appropriately addressed and routed to the host application. More specifically, all traffic on a DS1500-XFR
serial interface is mapped to/from an IP address and a specific TCP/IP port or socket number.
Remote Site
WAN W1
192.168.1.1
Data Center
DD
192.168.1.2
IP Router
255.255.255.0
(e.g., DynaStar)
0
10 0
CI
D L 149 s
C
RF 6Kpb
4/5
S6
DLCI 300
Frame Relay Network
Ethernet
DynaStar
1500
Serial
Devices
S1
S2
192.168.10.1
255.255.255.0
192.168.10.2
255.255.255.0
Management
System
Figure 1-5. Terminal Server Example
In Figure 1-5, the Terminal Server feature utilizes the IP Routing Service described in “IP Routing
Overview” on page 1-4. Figure 1-5 illustrates IP packets being routed over an IP-based Frame Relay PVC
between the remote location and the central data center. However, IP packets can also be routed over an
X.25 network.
There are several variations of the Terminal Server application, including:
Remote Terminal Server - This is the application described above where typically a central IP-based host
initiates communications with a remote Async industrial device across an IP-based WAN.
Local Terminal Server - This is similar to the Remote Terminal Server, but involves a local IP host, i.e., a
host co-located with the serial devices and attached to a DS1500-XFR Ethernet port either directly or via a
Local Area Network (LAN). The IP host may be a distributed application server or a PC-based HMI device
at the remote site. This configuration uses IP routing within the DS1500-XFR but does require Frame Relay
or other WAN services.
Reverse Terminal Server - This application has the same physical topology as either the Remote or Local
Terminal Server but the communications connection is initiated on-demand by the Serial device, rather than
by the host application. This requires that the DS1500-XFR formulate a TCP/IP session request to the host
on behalf of the serial device. In the DS1500-XFR, this is configured as an “Async-IP” terminal server
connection, as differentiated from the more common and default “IP-Async” terminal server connection.
1-7
Virtual Private Line Overview
Back-to-Back Terminal Server - This application uses a Terminal Server capability at both the host and
remote ends of the connection, providing serial interfaces to both the host system and remote device, but
using an IP-based network for data transport. Back-to-Back terminal server allows end-to-end serial
connections to be consolidated onto an all-IP oriented network infrastructure, keeping with the spirit of “IP
Convergence,” at least at the transport layer of the network. In this configuration, the host end connection
would typically involve a DS1500-XFR or equivalent device at the central data center and would use an
“Async-IP” connection type, initiating the TCP/IP session. The remote industrial device would be connected
to a DS1500-XFR using the default “IP-Async” Terminal Server as described above.
The principal variant of Terminal Server used with the DS1500-XFR is the Remote Terminal Server, as
depicted above. Configuration guidelines for this service are provided in Chapter 3.
1.4
VIRTUAL PRIVATE LINE OVERVIEW
In contrast to the Terminal Server feature, the Virtual Private Line (VPL) service of the DS1500-XFR
provides a means for async serial devices and systems to communicate over a Frame Relay PVC or X.25
network without being converted into and out of a TCP/IP formatted packet stream. Instead, serial streams
are mapped directly into Frame Relay PVCs using efficient, low-overhead proprietary encapsulation
techniques or are mapped into X.25 connections. Figure 1-6 shows an example of VPL between a central
serial host and a remote serial managed device using Frame Relay. However, the DS1500-XFR also
supports this service using X.25.
Remote Site
DynaStar
1500
C
DL
I1
10
D
Management System
DD
1
I1
LC
S5
6/
64
1
p
Kb
Serial
Serial
Devices
s
S1
S2
DLCI 310
DynaStar
1500
DLCI 311
Frame Relay Network
Serial
Management
System
Figure 1-6. Direct-to-Frame VPL Service Example
1-8
X.25 Over Frame Relay Overview
In Figure 1-6, a serial stream from the host computer site is encapsulated directly into Frame Relay frames
and forwarded over a PVC between the central DS1500-XFR and the remote DS1500-XFR. At the remote
site, the Frame Relay encapsulation is stripped away and the serial stream is forwarded transparently to the
serial device. Extended features of Frame Relay such as Committed Information Rate (CIR) and Traffic
Prioritization can provide assured performance and security to specific applications similar to a leased
circuit (i.e., “Private Line”), hence the expression “Virtual Private Line (VPL)”.
The back-to-back Terminal Server option described in “Terminal Server Overview” on page 1-7 also
provides serial data transport over an integrated WAN. However, VPL Service provides an important
alternative to IP transport. The addition of an IP protocol header typically adds 45 bytes or more to each data
packet. Direct-to-Frame technology adds only four bytes per packet. With most Async serial protocols,
message sizes are relatively short, often only six to twelve bytes. Thus avoiding the extra overhead of TCP/
IP represents up to a seventy-five percent reduction in the overall amount of data being transmitted. In an
Industrial Ethernet environment with typical bandwidth of 100 Mbps or more, extra overhead may not be a
great issue. However, with WAN connections at 56 Kbps or even 1.5 Mbps, the potential four-times extra
overhead of TCP/IP may have significant impact on network utilization, end-to-end latency, timeouts and
retransmissions. The Direct-to-Frame “Virtual Private Line” is a low-overhead point-to-point alternative to
IP encapsulation, providing a discrete end-to-end path between devices and systems without creating
protocol-related performance issues.
1.5
X.25 OVER FRAME RELAY OVERVIEW
X.25 over Frame Relay is one of the X.25 services available on the DS1500-XFR. The X.25-FRAD (Frame
Assembler-Disassembler) support available on the DS1500-XFR allows the DS1500-XFR to exchange
X.25 packet data over Frame Relay networks. It also allows the DS1500-XFR to interoperate with other
systems that adopt the same encapsulation technique. This implementation, called X.25-FRAD, is based on
the Annex G specification for encapsulating data traffic over Frame Relay networks. By encapsulating X.25
LAPB frames directly inside the payload field of a Q.922 frame, the DS1500-XFR can transport X.25 layer
two and three protocol procedures over Frame Relay logical channels instead of over regular dedicated X.25
ports. A typical application is shown in Figure 1-7
DynaStar
1500
CI
XP
/V
6/
S5
DD XP
I /V
LC
DL
D
DLCI /VXP
DynaStar
1500
Serial
DLCI/VXP
Serial
Devices
Frame Relay Network
S1
S2
Figure 1-7. X.25-Over-Frame Relay Example
1-9
64
p
Kb
Serial
Serial
Devices
s
S1
S2
X.25 Over Frame Relay Overview
Interconnected X.25-FRADs provide end-to-end conversion and encapsulation services, establishing
reliable LAPB connections over Frame Relay permanent virtual circuits. This allows the DS1500-XFR
applications, such as the X.3/X.28/X.29 PAD, to forward X.25 traffic over a Frame Relay network interface
instead of a traditional X.25 connection. As an X.25 concentrator, the X.25-FRAD can also be used to
multiplex traffic of several X.25 lines onto one or more Frame Relay network connections.
To forward X.25 traffic over the DS1500-XFR Frame Relay ports, the X.25-FRAD implements a scheme in
which users configure a new type of port called a Virtual X.25 Port (VXP). Up to 128 VXPs are supported.
In addition, DS1500-XFR users can continue to define traditional ports to support different types of
interfaces such as X.25 line, PAD, and Frame Relay.
The scheme is based on associating a VXP with a unique Frame Relay PVC. A Frame Relay PVC can be
used by only one VXP. However, because a Frame Relay port can support several PVCs, several VXPs can
be mapped to a single Frame Relay port. Figure 1-8 illustrates the relationship between Virtual X.25 ports,
SVCs, Frame Relay ports and physical X.25 ports. The mapping scheme allows outgoing X.25 traffic
through a VXP to be forwarded over Frame Relay ports, and it allows incoming X.25 traffic from Frame
Relay ports to be internally routed to the DS1500-XFR applications as if it were received on regular X.25
ports. Figure 1-8 illustrates the relationship between the Frame Relay ports and the Virtual X.25 ports.
..
.
DLCI 1
SVC 1
SVC n
Virtual
X.25 Port
#600
..
.
Virtual
X.25 Port
#n
SVC 1
SVC n
Frame Relay
Port(s)
DLCI
Frame Relay Network
Interface(s)
DLCI
..
.
SVC 1
Virtual X.25 Ports
numbered 600 through 727
SVC n
Physical
X.25 Port(s)
X.25 Network
Interface(s)
Figure 1-8. Relationship Between the Frame Relay Network and the X.25 Ports
When the DS1500-XFR is booted, network paired X.25-FRADs automatically attempt to establish the X.25
link level (LAPB) for each VXP enabled on the PVC(s) that are established between them. Once LAPB is
established, traditional X.25 call establishment, data transfer, and clearing procedures can take place as they
would over regular X.25 circuits. Calls and data traffic from X.25 network-bound applications at either end
of the PVC can be initiated and are transferred transparently across the proxy Frame Relay network.
Consequently, a failure of the underlying Frame Relay PVC or frame loss due to network congestion will
trigger standard X.25 link and packet level recovery procedures as if the failure occurred on a regular X.25
link.
1 - 10
Additional DS1500-XFR Features
1.6
ADDITIONAL DS1500-XFR FEATURES
The four services described in the previous sections, 1.2, 1.3, 1.4, and 1.5, represent the primary applications
of the DS1500-XFR, usually used in some combination. There are also several extended services and
features of the DS1500-XFR. These include additional connectivity services, advanced options of the
principal services, and management capabilities for all services. The following are summaries of selected
additional features.
1.6.1
Ethernet Switching
The DS1500-XFR supports Layer-2 Ethernet switching among Ethernet ports. The primary use of the
Ethernet ports is to connect a local Ethernet network or several Ethernet devices to the WAN connection, but
the DS1500-XFR optionally also provides LAN services for local devices. In addition to basic LAN
switching, the embedded switch services include port groups, VLANs, traffic prioritization, Spanning Tree
Protocol and Rapid Spanning Tree Protocol (RSTP).
1.6.2
Integral CSU/DSU
Inherent in all the 56 Kbps DDS and T1/E1 Frame Relay access connections is an integral Channel Service
Unit / Data Service Unit (CSU/DSU). The CSU/DSU provides physical and electrical connectivity to digital
data circuits, typically provided by telecommunications carriers. The integral CSU/DSU provides loopbacks and operational measurements at both the CSU and DSU level.
1.6.3
Security
A number of security options are available with the DS1500-XFR. The DS1500-XFR Supervisor
application access security includes both logical access (e.g., IP address filtering, IPsec/VPN and secure
VLAN), and multi-level password protections. For applications using the DS1500-XFR as transport, secure
services include VLANs and port groups for Ethernet ports, IP address filtering for routed traffic, and IPsec
VPNs including data encryption. PPP connections can use PAP/CHAP security.
1.6.4
Network Reliability
DS1500-XFR offers alternate routing features across the WAN using Frame Relay, X.25, and IP. RSTP
provides rapid recovery of local Ethernet rings. With Frame Relay, alternate PVCs may be specified in case
of PVC failure or remote-end failure. The DS1500-XFR supports End-to-End Keep Alive (EEK) to rapidly
identify Frame Relay failures and to invoke alternative routes. OSPF provides dynamic alternate routing for
IP. The Virtual Router Redundancy Protocol (VRRP) is a feature that enhances rapid transition of IP routes
transparent to IP-based applications.
1.6.5
DynaStar Supervisor
Chapter 2 provides details on the DynaStar Supervisor application. This menu-based management
application supports configuration, diagnostics, performance monitoring and security functions for the
DS1500-XFR.
1.6.6
LEDs and Alarms
The DS1500-XFR has a number of visual alarm and status indicators implemented as LEDs on the wiring
panel of the device. There is also an alarm port that provides a hard contact status indication of major system
failures. These are described in detail in the DS1500 Installation and Maintenance Guide.
1 - 11
Additional DS1500-XFR Features
1 - 12
CHAPTER 2
SUPERVISOR OVERVIEW
This chapter provides an overview of the management application included in all DynaStars to
configure, administer, and troubleshoot the equipment and the network. The following sections
introduce the management application, describe access and login procedures, provide navigation
details and common commands, outline the menu hierarchy, and provide an overview of the supervisor
capabilities.
This chapter also describes a number of standard tasks associated with the Administration of the
DYNASTAR 1500 X.25 FRAME ROUTER in particular. These standard tasks are general in nature and
not dependent on any particular configuration of the network or interfacing equipment.
2.1
SUPERVISOR
The Supervisor application running on the DS1500-XFR manages the device. The Supervisor application is
a hierarchical menu-driven system allowing users to manage and configure the DS1500-XFR. Through the
supervisor application, the user can configure ports, services, and features, view statistics, carry out
maintenance activities, and perform troubleshooting. The Supervisor application is accessible through the
local console port or by connecting to the DS1500-XFR from the network.
2.2
UNIVERSAL COMMANDS FOR SUPERVISOR MENU NAVIGATION
This section describes the command notation used in this manual and the methods for navigation within the
Supervisor, along with how to select configuration settings, enter or modify data, and save changes.
2.2.1
Command Notation
This manual uses the following notation and conventions:
•
•
•
•
•
•
The names of keys are bold and contained in angle brackets, for example <Enter>.
Two keys pressed simultaneously appear in angle brackets separated by a hyphen (i.e.
<CTRL-D>).
Commands you must enter appear in italics.
The names of menu fields also appear in boldface.
Representative text in a command line appears in italics. For example, the word filename
indicates the actual name of a file or character entry.
System messages appear in italics.
2-1
CHAPTER 2 - Supervisor Overview
Universal Commands for Supervisor Menu Navigation
2.2.2
Navigation
To navigate down to a submenu:
•
Type the command number and press <Enter>.
- or •
Use the cursor keys (left, right, up and down arrows) to move to the desired function, and
press <Enter>.
To return to a previous menu:
•
Press the <Esc> key.
- or •
In menus with no modifiable fields, pressing the left arrow will display the previous menu.
To navigate within modifiable menu fields:
•
•
•
•
Use the cursor keys to move around the fields.
Use the <Tab> key to send the cursor to the next modifiable field.
To get to the Process selections field, while in the left-most field of the line or screen, press
the left arrow cursor movement key. This sends the cursor to the bottom right corner, which
is the Process selections field. The Process selections field appears on each screen where
there are modifiable parameters and is used to save the changes to volatile memory.
Although selecting Y and pressing <Enter> in the Process selections field saves the
changes, the user must also save the changes to Flash memory.
Pressing the left arrow key, when the cursor is already at the left side of the menu fields, is a
shortcut for moving the cursor to the bottom right corner, which is the Process selections
field.
To change a modifiable field:
•
•
To modify fields containing multiple toggle options, move the cursor with the arrow keys
until it is in the field to modify. Pressing <Enter> toggles the parameter to the next option.
Pressing the <Enter> key repeatedly cycles through all the field options. Moving out of the
field temporarily sets the field to the value entered. The change will become permanent
when the user saves the changes.
To enter information in a text or number field, place the cursor in the field and type the
desired information. Moving the cursor out of the field stops the editing of the data field, and
temporarily sets the field to the value entered. The change will become permanent when the
user saves the changes.
To edit input
•
2.2.3
The Supervisor Console is preconfigured to use the <Backspace> and <Delete> keys for
editing characters.
Saving Changes
Before a change can be saved to Flash memory it must first be processed. This adds the information to the
system from which the Flash memory is updated. The Process selections field is in the lower right corner of
all modifiable menus. To process the changed configuration information, move the cursor to the Process
selections field. The Process selections field should contain a <Y> but if it is <N> type in the letter <Y> and
press the <Enter> key. If the user does not wish to save the changes made, either press <Esc> to go back to
the previous menu, or type <N> in the Process selections field and press <Enter>.
2-2
Accessing the DynaStar Supervisor
Once the information is processed, the system will display a reminder to save the changes to Flash memory
by this highlighted message: Config has changed: use <CTRL-W> to save. Pressing <CTRL-W> saves the
system to Flash Memory. Once the save is complete, the message disappears and normal operation resumes.
If the system is restarted by the Warm restart method or a power interruption before changes have been
saved to Flash memory, all unsaved changes will be lost.
2.3
ACCESSING THE DYNASTAR SUPERVISOR
This section describes how to access and log in to the DS1500-XFR Supervisor application. The System
Operator Console is accessed either directly from the console port on the DS1500-XFR, or from a
workstation connected through the network. One way to do this is to connect from an IP device using Telnet,
assuming that the DS1500-XFR has a proper IP address assigned. The user can manage multiple DS1500XFRs from a single workstation when using Telnet. The user can also connect to the supervisor console
through an X.25 network by placing a call using the appropriate X.121 address of any port on the DS1500XFR followed by 99. All modes of access provide Password-based security.
2.3.1
Accessing the System Operator Console
For direct terminal mode access to the console port:
•
The required console terminal device is 9600 Baud, 7 bits, even parity, and 1 stop bit.
For access via an IP network:
•
Telnet to the DS1500-XFR’s IP address from a Telnet client (on standard port 23).
For access via an X.25 network:
•
Call any port on the DS1500-XFR using the correct X.121 address followed by 99.
If you are connecting from a LAN, the Telnet connection screen, shown in Figure 2-1, appears before the
Login screen. Select <1> and press <Enter> for access to the Login screen. Upon direct connection via the
Console port or over an X.25 network, the Login screen appears immediately. This screen displays the
supervisory herald, the software version number and a prompt for a password as shown in Figure 2-2.
2-3
Accessing the DynaStar Supervisor
DynaStar_26 services
1
2
Console
Virtual Async Port
Enter service selection:
Figure 2-1. Telnet Screen
DynaStar Supervisor
DynaStar 1500 XFR
Software Version number 7.2 (RC38)
Copyright (C) 1990-2005 Dymec, Inc. All rights reserved.
Press ESC to exit, Ctrl-W for Wyse Terminal
To return to Supervisor, type 9999 <RET>
Enter Password:
Figure 2-2. Login Screen
!
NOTE: If the DS1500-XFR was already booted before the console device was connected,
you may see a simple “*” prompt rather than the supervisory herald shown above. This
indicates the logon screen timed out terminating the active session and switched to a pure
listening mode. Type “9999” to display the logon/supervisory herald as shown in Figure 2-2.
2-4
Supervisor Menus
2.3.2
Logging In
At the Enter Password prompt, type the password and press <Enter>. The password is case sensitive. The
factory default password is “secret” and a first time login requires using the default login password. If a
valid password is not received in three attempts, the connection to the Supervisor clears, and the message
CLR PAD is displayed. To reconnect to the Supervisor, type in “9999” and press <Enter>. Check the Caps
Lock setting if a password fails unexpectedly.
Instructions for changing the default password and establishing multiple user levels and different passwords
for each level are provided in Appendix D, “Security Commands”.
2.4
SUPERVISOR MENUS
The Main Menu, shown in Figure 2-3, displays the four main branches of the Supervisor command
hierarchy. The submenus in these four main areas of the Supervisor provide a full set of menu driven
commands.
The four subsections shown in the Main menu are:
•
•
•
•
Port
Network
System
Security
*** Main Menu ***
1
2
3
4
-
Port
Network
System
Security
Configuration, statistics, activation, monitoring
TCP/IP, Bridge, Terminal Server and Frame Relay
Event log, buffer status, restart, SNMP, clock set
Passwords, menu access and security options
Enter command number:
__________[DynaStar_24]___________
Terminate input with <RET>
Press ESC to return to previous menu
Figure 2-3. Main Menu
An overview of the Supervisor application menu structure is shown in Figure 2-4. The menu structure is
divided into four sections: Port, Network, System and Security. The figure gives only the top level view of
the menu structure. The following subsections provide high-level descriptions of the structure and uses for
each of these four subsections. The Appendices provide an in-depth reference for each of the Main menu
command areas.
2-5
Supervisor Menus
<1>
<1>
Port
<2>
<Enter>
Statistics
Port Status
<1>
Router
<3>
<2>
<3>
Network
<4>
<5>
<6>
MAIN MENU
<1>
<3>
System
Disable/
Enable
Bridge
<4>
<2>
Configuration
Terminal
Server
<5>
Async
Services
<6>
Protocol
Monitor
Port Mirror
(Ethernet only)
Port Security
(Ethernet only)
Frame Relay
X.25
<1>
Password
Change
<2>
Access
Security
Code Versions
<2>
Restart
<3>
Security
Options
<4>
Port
Selection
<3>
Event Log
<4>
Buffer Usage
<5>
<5>
System
Parameters
Network
Security
<6>
<6>
<7>
<4>
Destinations
Date & Time
<7>
SNMP
Security
<8>
Console
Monitor
PAP/CHAP
Figure 2-4. Supervisor Menu Hierarchy Overview
2-6
Supervisor Menus
2.4.1
Port Menus
Selecting <1> Port on the Main menu takes the user to the Port Selection menu. From this menu, the user
selects a port to configure, enables/disables the port, views statistics, displays the current data being
transferred (using the built-in protocol monitor), or (for Ethernet Ports) sets up port mirroring or port
security. The Port Menu (Figure 2-5) displays a list of the DS1500-XFR ports, listing the Port number and
Port Name, along with a prompt asking the user to specify a port. Entering a port number presents the user
with the Port Function menu (Figure 2-7) showing the functions that are available on that port.
*** Port Menu ***
Port
Name
CON Console
10 Virtual PAD
99 Virtual X.25
E1
E2
E3
E4
E5
Enet
Enet
Enet
Enet
Enet
S1
S2
S3
S4
S5
S6
S7
S8
W1
1
2
3
4
5
__________[DynaStar_31]___________
SERIAL1-S1
SERIAL2-S2
SERIAL3-S3
SERIAL4-S4
SERIAL5-S5
SERIAL6-S6
SERIAL7-S7
SERIAL8-S8
TDM chan W1
Enter Port Number:
Press <RET> for port status
Figure 2-5. Port Menu
There is an advanced menu selection accessible from the Port Menu called the Port Status menu, and
shown in Figure 2-6. The advanced menu shows the current status of all ports and is reached by pressing
<Enter> while in the Port Menu. From the Port Status menu, the user may either select the port number to
jump to the Port Functions screen or press <Esc> to exit to the Port Selection menu.
2-7
Supervisor Menus
*** Port Status ***
Port Number, Name, Protocol, State, and Status
E1
Enet 1
Ethernet
Enabled
Link Down
S1
SERIAL-S1
X.25 line
Enabled
Down
E2
Enet 2
Ethernet
Enabled
Link Down
S2
SERIAL-S2
PPP
Enabled
Down
E3
Enet 3
Ethernet
Enabled
Link Down
S3
SERIAL-S3
PAD
Enabled
Down
S4
SERIAL-S4
Frm Relay
Enabled
Down
E4
Enet 4
Ethernet
Enabled
Link Down
S5
SERIAL-S5
PAD
Enabled
Down
E5
Enet 5
Ethernet
Enabled
Link Down
S6
SERIAL-S6
HDLC
Enabled
Down
S7
SERIAL-S7
PAD
Enabled
Down
S8
SERIAL-S8
PAD
Enabled
Down
W1
TDM chan
Frm Relay
Enabled
Down
Enter Port Number:
__________[DynaStar_11]___________
Figure 2-6. Port Status Menu
Selecting a port from either the Port Selection menu or the Port Status menu displays the Port Functions
menu shown in Figure 2-7. From the Port Functions menu the user can:
•
•
•
•
•
Configure the port
Obtain statistics on the port
Disable or Enable the port
Use the protocol monitor to view the traffic being passed on the port
Duplicate traffic from one Ethernet port onto another (available only for Ethernet ports)
Appendix A, “Port Functions” provides details on the port related menus.
2-8
Supervisor Menus
*** Functions For Port E1 ***
1
2
3
4
5
6
-
Configuration
Statistics
Disable/Enable
Protocol Monitor
Port Mirror
Port Security
Configure protocol and port parameters
Display port statistics
Disable, enable, initialize or busy
Display transmitted/received data packets
Configure Ethernet switch port mirror
Configure Ethernet port for security
__________[DynaStar_11]___________
Figure 2-7. Port Functions Menu
2-9
Supervisor Menus
2.4.2
Network Menus
The Network menu and its submenus provide the means to configure and check the wide or local area
network setup (e.g., X.25, IP Router, Frame Relay, and Ethernet switch). Selecting the <2> Network
submenu from the Main menu displays the Networking Setup and Status menu shown in Figure 2-8.
*** Networking Setup and Status ***
1
2
3
4
5
6
-
Router
Bridge
Terminal Server
Async Services
Frame Relay
X.25
Configure
Configure
Configure
Configure
Configure
Configure
and display router options
and display Bridge parameters
Async-TCP/IP terminal server
Async options
and display Frame Relay DLCIs
and display X.121 addresses
__________[DynaStar_31]___________
Figure 2-8. Networking Setup and Status Menu
Through these setup and status menu items, the user can configure the system Router, Bridge, Terminal
Server, Async, Frame Relay, and X.25 settings for all of the ports and connections to the DS1500-XFR. The
configuration options include:
•
•
•
•
Router - Setup and Status
• IP port configuration
• IP routes and display
• IP static route setup
• IP filters
• TCP/IP status
• OSPF (Open Shortest Path First)
• DHCP (Dynamic Host Configuration Protocol)
• VPN (Virtual Private Network)
• VRRP (Virtual Router Redundancy Protocol)
• TCP Multicast
Bridge - Configuration and Status
• Bridge configuration
• Bridge status
Terminal Server - Configuration
Async - Services, Configuration, and Status
• PAD (Packet Assembler Disassembler) profile settings
• Logon screen settings
• Async options
• X.25 mnemonics
• NUIs
• User call status
2 - 10
Supervisor Menus
•
•
Frame Relay - Configuration, Setup and Status
• Frame Relay DLCIs
• Frame Relay priority
• Frame Relay status
X.25 - Configuration, Setup, and Status
• X.25 router connections
• X.121 routing
• PVC/SVC switching table
• XOT switching table
• X.121 translation
• X.25 multicast
• X.25 connections
• X.25 multicast status
A complete reference for the Networking Setup and Status menus is in Appendix B, “Network Commands”.
2.4.3
System Menus
Selecting option <3> Systems from the Main menu displays the System sub-menu shown in Figure 2-9.
Within these submenus, the user can:
•
•
•
•
•
•
•
View the current versions of software running and stored on the DS1500-XFR
Restart the system with WARM and COLD start commands
View the event log
Check the buffer usage
Set a unique system name and screen herald
Configure the system clock and time
Set up the SNMP parameters
Selecting <1> Code Versions from the System Functions menu shows the file structure held in memory,
including the configuration files. From this screen, the user can also delete files from memory. The file
system can hold multiple copies of the Operating System in the Flash memory. The operator can delete
unwanted copies of the file system and free up space by defragmenting the file system.
Selecting <2> Restart from the System Functions menu allows the Administrator to restart the system using
a Warm restart, Cold restart, or Reinitialize (Reinitialize will only appear if there is a cnfgload.cmp file
present). All options will reboot the system and restart active operations; however, they differ in the source
used for the operating software and active configuration file during, and after, the restart operation.
Selecting <3> Event Log from the System Functions menu displays the event log for the DS1500-XFR. The
event log contains status, information, and error messages with date and time stamp.
Selecting <4> Buffer Usage from the System Functions menu displays the Buffer Pool Status screen
containing information on the installed memory and the current buffer utilization.
Selecting <5> System Parameters from the System Functions menu brings up a screen where the user can
set the Server name and Supervisor console herald, among others.
Selecting <6> Date & Time from the System Functions menu allows the administrator to modify the onboard Real Time Clock. The time and date are initially preset. The Real Time Clock is battery backed up so
this adjustment needs only periodic adjustments to compensate for leap years, etc.
Selecting <7> SNMP from the Systems Functions menu gives the user access to SNMP information and
settings including system information, read/write community strings, and SNMP trap addresses.
For a detailed description of the Supervisor System level hierarchy refer to Appendix C, “System
Functions”.
2 - 11
Supervisor Menus
*** System Functions ***
1
2
3
4
5
6
7
-
Code Versions
Restart
Event Log
Buffer Usage
System Parameters
Date & Time
SNMP
Display downloaded software versions
Restart or initialize system
Display system event log
Display system buffer usage
Configure system-wide parameters
Set the system date and time
Configure community strings, trap IP addresses
__________[DynaStar_24]___________
Figure 2-9. System Functions Menu
2.4.4
Security Menus
The Supervisor Security menu allows the Administrator (Root) to set various levels of security. The security
is assigned based on the user (operator) and also by setting access levels to functions. Selecting <4>
Security from the Main Menu accesses the Security Functions menu shown in Figure 2-10.
In addition to the standard root access, the DS1500-XFR supports access for up to five additional operators.
The root user defines the names and access authorizations of these operators. Three levels of access are
configurable: No Access (N), Read-Only Access (R), and Write Access (W). No Access blocks the operator
from accessing a given group of commands. Read-Only Access allows the operator to view parameters, but
not change them. Write Access provides the ability to read and modify parameters. The root user has Write
Access to all commands. By default, the operator settings are No Access for all groups of commands. There
are no default passwords for the five operators. The root user must configure these passwords, and it is also
recommended that a new root user password be assigned, right after the DS1500-XFR installation.
2 - 12
Supervisor Menus
*** Security Functions ***
1
2
3
4
5
6
7
8
-
Password Change
Access Security
Security Options
Port Selection
Network Security
Destinations
Console Monitor
PAP/CHAP
Set console user names & passwords
Set operator menu access permissions
Set validation options and methods
Set which ports have security enforced
Configure network passwords
Configure permitted destinations
Display or configure console monitor log
Configure PPP access security
_________[DynaStar_8307]__________
Figure 2-10. Security Functions Menu
To change the password of the root user or operators, Select <1> Password Change from the Security
Functions menu.
To set the access security parameters for the various system login accounts (user/operators), select <2>
Access Security from the Security Functions menu. The Access Control menu for the designated operators
appears. There are three types of security at the system level implemented on the DS1500-XFR. These give
access by function and also by user password.
By selecting <3> Security Options from the Security menu the administrator can enforce the use of secure
passwords. By selecting this method the system prompts for a user name as well as the use of minimum
length password and to use a mix of alpha and numeric characters when new passwords are entered. To
enable the Enforce Secure password policy, select <3> Security Options from the Security menu.
Option <4> Network Security allows the administrator to set up passwords for network users. The
administrator can select <5> Destinations to set up permitted destinations on the network. Option <6>
Console Monitor lets the user look at and/or configure the console monitor. Option <7> PAP/CHAP sets
up authentication for PPP lines.
CAUTION: If the root password is lost the user must contact Dymec customer support. For
contact instructions refer to “Contacting Dymec” on page vi.
Refer to Appendix D, “Security Commands” for details on setting other security options.
2 - 13
Supervisor Menus
2 - 14
CHAPTER 3
CONFIGURATION BASICS
This chapter provides basic configuration guidelines for the DYNASTAR 1500 X.25 FRAME ROUTER.
The DS1500-XFR can be configured for multiple applications such as IP Routing Services, Terminal
Server, Direct To Frame, XOT, and X.25 over Frame Relay. These configurations are described
separately but may be used simultaneously using all of the possible configurations or any one
individually. It is assumed that the physical network connections have been made to the DS1500-XFR
and that the network designs are completed and configuration data, including all Frame Relay
parameters and IP assignments, is available. The following sections contain an example network
showing the configurations as well as instructions to configure the DS1500-XFR.
3.1
CONFIGURATION EXAMPLE
Figure 3-1 shows a representative installation using DS1500-XFRS at three different locations connected to
one another over a WAN that could use Frame Relay or X.25 as its transport protocol. In this example, all
DS1500-XFRS have both IP and serial devices attached. Variations of this example will be used to illustrate
the examples given in sections 3.2 through 3.4.
IP
Device
Ethernet
DynaStar
1500
S6
DD
Serial
Management
System
4/
K
56
bp
Serial
Serial
Devices
s
S1
S2
DynaStar
1500
Ethernet
IP
Device
Frame Relay or
X.25 Network
Management
System
DD
S6
4/
56
Kb
ps
IP
Device
Ethernet
DynaStar
1500
Serial
Serial
Devices
S1
S2
Figure 3-1. Network Example
3-1
IP
Device
CHAPTER 3 - Configuration Basics
IP Router Services
3.2
IP ROUTER SERVICES
This section describes how to set up and configure the DS1500-XFR for IP routing over a Frame Relay
network. IP routing supports IP-based computer applications to communicate with IP devices attached to he
DS1500-XFR’s Ethernet ports. IP routing also supports the Terminal Server application. To enable routing
the user must configure the DS1500-XFR Ethernet ports, a Frame Relay port, and the Frame Relay
interface. Necessary information includes Ethernet device IP address information, Frame Relay line
information and DLCI numbers.
To configure IP routing services, the user must:
•
•
•
•
Configure the Frame Relay port
• Assign a port name
• Set clock source and Line Speed
• Assign DLCI management
Configure the Frame Relay connection
• Assign RFC 1490 to the connection
• Enter the DLCI number for the connection (in the example below, 120)
• Enter the IP address of the destination device (in the example below, 192.168.1.2)
Configure the Router features
• Enter the IP address for the Frame Relay port (in the example below, 192.168.1.1)
and Ethernet port group (in the example below, 192.168.2.3)
• Select the discovery protocol being used for both the Frame Relay and Ethernet
group
Configure the Ethernet ports
• Assign Ethernet properties for port group(s)
Note that IP routing can also take place over an X.25 connection. In this case, configure an X.25 connection
instead of a Frame Relay connection. To configure an X.25 connection, see “Configure the X.25 Port” on
page 3-26.
The figure below shows an example of network parameters used in the following sections. The DS1500XFR to the right, Labeled A, communicates to the Router or DynaStar on the left side of the figure, labeled
B.
3-2
IP Router Services
WAN W1
192.168.1.1
255.255.255.0
A
IP
Device
E1
DynaStar
1500
IP Router
(e.g., DynaStar)
B
192.168.1.2
255.255.255.0
Ethernet Port Group
192.168.2.3
255.255.255.0
D
0
12 0
CI
D L 149 s
C
RF 6Kpb
4/5
6
DS
E2
IP
Device
DLCI 320
Frame Relay Network
Ethernet
192.168.10.1
255.255.255.0
192.168.10.2
255.255.255.0
Management
System
Figure 3-2. IP-Over-Frame Configuration Example
3.2.1
Configure the Frame Relay Port for IP Routing
The port connecting to the Frame Relay network must first be configured to support IP routing over Frame
Relay. In the DS1500-XFR, the WAN port and any of the serial ports can support Frame Relay. The first step
is to verify that the default settings for the Frame Relay port being used are correct for the specific network
implementation being used. If connecting to a public data network, the default settings should be adequate
and no changes should be necessary. If otherwise, the user should have any alternative information, shown in
Figure 3-2, readily available prior to configuring the DS1500-XFR. This example uses the WAN port, W1,
as the Frame Relay port, but any serial port could also be used.
1.
The path to the WAN Port Configuration menu is: in the Main menu, select <1> Port. The Port
menu will be displayed, see Figure 3-3.
3-3
IP Router Services
*** Port Menu ***
Port
Name
CON Console
10 Virtual PAD
99 Virtual X.25
E1
E2
E3
E4
E5
Enet
Enet
Enet
Enet
Enet
S1
S2
S3
S4
S5
S6
S7
S8
W1
1
2
3
4
5
__________[DynaStar_31]___________
SERIAL1-S1
SERIAL2-S2
SERIAL3-S3
SERIAL4-S4
SERIAL5-S5
SERIAL6-S6
SERIAL7-S7
SERIAL8-S8
TDM chan W1
Enter Port Number:
2.
In the Port menu type W1 and press <Enter>. The Functions For Port menu shown in Figure 3-4
appears.
*** Functions For Port W1 ***
1
2
3
4
-
Configuration
Statistics
Disable/Enable
Protocol Monitor
__________[DynaStar_24]___________
Figure 3-4. Functions For Port Menu
3.
In the Functions For Port menu select <1> Configuration. The Frame Relay Port Configuration
menu for a DDS port is shown Figure 3-5 and for T1/E1 ports is shown Figure 3-6.
3-4
IP Router Services
*** Frame Relay Port Configuration ***
Port:
Port Name:
Clock Source:
Line Speed:
DLCI Management:
User, Net, NNI:
IP routing:
UNI/NNI Fragmentation:
W1 TDM channel
TDM chan W1
Rx Clock
56.0 Kbps
LMI
USER
Y
0
__________[DynaStar_26]___________
Use <TAB> and CURSOR to move fields
Press <CTRL-O> for more options
(14)
(0-1500)
Process selections (Y/N): Y
Figure 3-5. DDS Frame Relay Port Configuration Menu
Port:
Port Name:
Clock Source:
Timeslot Bandwidth:
DLCI Management:
User, Net, NNI:
IP routing:
W1 TDM channel
CSU/DSU chan 1
W1 RX Clock
0 Kbps (0 x 56K)
LMI
USER
Y
0
_______[DynaStar_6100a2e8]________
Use <CTRL-D> to delete entry
(14)
(0-1500)
Press <CTRL-T> to configure trunk
Figure 3-6. T1/E1 Frame Relay Port Configuration Menu
4.
In the Frame Relay Port Configuration menu ensure that the following items are set as follows:
(Refer to “Frame Relay Port Configuration” on page A-9 for field definitions.)
•
•
Port Name - a name can be assigned to this port to differentiate it. Maximum name length is
14 characters.
Clock Source - toggle values for Rx Clock or Local Clock for DDS and Rx Clock or Local
Clock for the T1/E1 ports.
3-5
IP Router Services
•
•
•
•
•
•
5.
3.2.2
Line Speed - this is the DDS line speed and is either 56 or 64 Kbps as determined by the
service provider
Timeslot Bandwidth - T1/E1 port, toggle values for allocated bandwidth per channel from 56
to 64 Kbps
DLCI Management - set to either LMI, CCITT, ANSI, or NONE. Standard setting is LMI.
User, Net, or NNI - normally set to User, other options include Network and NNI
IP Routing = Y (Yes) this setting signifies that there will be routing capabilities applied
UNI/NNI Fragmentation - normally set to 0
Process the changes by pressing the <Enter> key while in the lower right of the menu. Accept the
changes made by pressing <CTRL-W> now or when prompted.
Configure Frame Relay for IP Routing Services
This section sets up the Frame Relay connection from the WAN port to an IP address of a remote location.
1.
From the Main Menu select <2> Network. The Networking Setup and Status menu appears as
shown in Figure 3-7.
1
2
3
4
5
6
-
Router
Bridge
Terminal Server
Async Services
Frame Relay
X.25
Configure
Configure
Configure
Configure
Configure
Configure
Async options
__________[DynaStar_31]___________
Figure 3-7. Networking Setup and Status Menu
2.
From the Networking Setup and Status menu, select <5> Frame Relay. The Frame Relay
Parameters menu appears as in Figure 3-8.
3-6
IP Router Services
*** Frame Relay Parameters ***
1 - Frame Relay DLCIs
2 - Frame Relay Priority
3 - Frame Relay Status
Configure DLCIs
Configure priority weighting
Display DLCI connection status
__________[DynaStar_24]___________
Figure 3-8. Frame Relay Parameters Menu
3.
In the Frame Relay Parameters menu, select <1> Frame Relay DLCIs. The Frame Relay
DLCI Configuration Table menu appears as in Figure 3-9.
*** Frame Relay DLCI Configuration Table ***
Last changed: 7-15-04
Type
1 RFC 1490
Src
Port DLCI
W1 120
Dest
Port DLCI
__________[DynaStar_24]___________
CIR
Prty Kbps
1
0
IP
Y
Frag
Size
0
7:09:23
KA Dest IP Addr
N 192.168.1.2
<RET> to toggle or type value
Figure 3-9. Frame Relay DLCI Configuration Table Menu
3-7
IP Router Services
!
NOTE: If an RFC 1490 configuration already exists to the same destination IP address then a
new entry is not required. The DS1500-XFR will send all IP traffic on the configured RFC
1490.
4.
In the Frame Relay DLCI Configuration Table menu toggle the Type field to RFC 1490.
5.
Enter the DLCI number provided for this connection, shown in this example as DLCI 120.
6.
Enter the IP address of the destination device, in this example 192.168.1.2.
7.
Cursor to the bottom of the screen to the Process selections field and press <Enter>.
8.
Save changes by pressing <CTRL-W>.
3.2.3
Assign an IP Address to the WAN Port and Ethernet Group(s)
In this section, the user will configure the IP port information for the Router and any Ethernet port groups.
1.
From the Main menu select <2> Network, <1> Router. The Router Setup and Status menu
appears, as shown in Figure 3-10.
*** Router Setup and Status ***
1
2
3
4
5
6
7
8
9
10
-
IP Port Configuration
IP Routes Display
IP Static Routes
IP Filters
TCP/IP Status
OSPF Configuration
DHCP
VPN
VRRP
TCP Multicast
Configure port IP addresses
Display IP routing table contents
Configure static IP routes
Configure IP address filters
Display TCP connection status
Configure OSPF
Configure and display DHCP
Configure and display VPNs
Configure and display VRRP groups
Configure and display TCP Multicast groups
__________[DynaStar_11]___________
Figure 3-10. Router Setup And Status Menu
2.
In the Router Setup and Status menu select <1> IP Port Configuration. The IP Port
Information menu appears, see Figure 3-11.
3-8
IP Router Services
Port(s)
Interface
Local/ROM Address
E1 - E5 Ether Comm Mod
S1 - W1 TEOM
*** IP Port Information ***
Last changed: 7-23-04 9:07:52
IP Address
IP Mask
|-Use RET to toggle|
x.x.x.x
x.x.x.x
Protocol Encaps
255.255.255.0
RIP
Enet II
192.168.3.1
192.168.2.3
255.255.255.0
RIP
Enet II
192.168.1.1
255.255.255.0 RIP Enet II
__________[DynaStar_24]___________
Process IP Addresses (Y/N): Y
Lines with port ranges are multiport interfaces. Configure these ports together
on one line. Or with cursor on line, press <CTRL-O> to configure separately.
*Fields are blank on this screen if ports are configured separately.
Figure 3-11. IP Port Information Menu
3.
On the line starting with the W1, enter the IP address for the WAN port in the IP address field. A
default subnet mask will be filled in automatically, make changes as needed.
4.
Select the appropriate discovery protocol. Options are RIP (default), RIP II, NONE, and RIP RX.
Note that the DS1500-XFR also supports OSPF. (See Appendix B, “Network Commands” for
details on configuring OSPF, if needed.) Set this to NONE if you plan to use OSPF.
5.
On the line starting with E1 - E5 Ether Comm Mod enter the IP address for the Ethernet ports in
the IP address field. A default subnet mask will be filled in automatically. Make changes to the
default mask as needed.
6.
Select the discovery protocol to be used, based on the network usage. Options are RIP (default),
RIP II, NONE, and RIP RX. (See Appendix B, “Network Commands” for configuration of OSPF,
if needed.) Set this to NONE if you plan to use OSPF.
7.
With the cursor at the bottom of the menu, press the <Enter> key to Process IP Addresses.
8.
Save changes to flash by pressing <CTRL-W>.
3.2.4
Configure the Ethernet Ports
In this procedure the user sets the basic parameters for each Ethernet port using the configuration menu.
1.
At the Main Menu screen select <1> Port, type in (The Ethernet Port or port group to be
configured) and press <Enter>, then select <1> Configuration. The Ethernet Switch Port
Configuration menu appears as in Figure 3-12.
3-9
IP Router Services
*** Ethernet Switch Port Configuration ***
Last Changed:
0-0-90 22:29:40
Ageing Time (sec): 16
(0,16,32...4080)
VLAN Enabled: N
Port
E1
E2
E3
E4
E5
Group
100
100
100
100
100
Speed
auto
auto
auto
auto
auto
Duplex FlowCtl Pri DLL*
auto
N
low N
auto
N
low N
auto
N
low N
auto
N
low N
auto
N
low N
IP BRG
Y
N
Y
N
Y
N
Y
N
Y
N
*DLL = Disable TX if RX Link Loss
__________[DynaStar_31]___________
Use TAB & CURSOR keys to move among fields
Press ESC to abort command & exit
Figure 3-12. Ethernet Switch Port Configuration Menu
!
2.
NOTE: The following configuration assumes that the VLAN Enabled field is not toggled to Y
and that VLANs are not being configured here. Setting the VLAN Enabled field to Y changes
the menu selections. To configure VLANs refer to the VLAN Addendum.
In the Ethernet Switch Port Configuration menu set the following parameters:
•
•
•
•
•
•
•
•
Group number - Generally leave all devices in default group 100. By entering different three
digit numbers, 100 - 104, the Ethernet ports can be segmented from other ports. There can be
up to five group numbers used with the DS1500-XFR.
Speed - this is the connection speed used by the port when sending and receiving traffic from
an Ethernet device connected to a port. Toggle the field to view all options.
Duplex - this setting is defined by the Ethernet device connected to the port. The Ethernet
port Duplex setting can be: half, full, or auto. If it is unknown whether the device connected
to the port is half or full duplex, then use the auto setting and the port will determine the
device’s capabilities.
Flow Ctl (Flow Control) - default setting of N is the normal setting.
Pri (Priority) - This setting determines whether Ethernet traffic on this port will be handled
and sent on a high or low priority. The default setting is Low. This is used with 802.1P
Priority Queuing.
DLL (Disable Link Loss) - When set to Y (Yes) the port will disable TX (transmit) when a
RX (Receive) link loss is found. When set to N (No) the transmit function will continue
whether or not a receive link loss is determined. The default setting of N is recommended in
most cases. This feature is applicable to fiber ports only.
IP - Set Y which enables IP routing of packets to terminal server, WAN or Switch segments
if groups are used.
BRG (Bridging) - Settings are N (none), R (Rapid Spanning Tree), L (Legacy [Regular
Spanning Tree]), and E (End Point). The default setting of N is recommended for most
configurations.
3 - 10
Terminal Server
3.3
3.
When all ports are configured, cursor down to the Process selections and press <Enter>.
4.
TERMINAL SERVER
The Terminal Server feature allows for TCP/IP applications to interact with Async serial-based devices over
an IP-based network. Asynchronous data streams are packetized into TCP/IP formatted frames using
traditional terminal server functions. The frame is then routed over an IP network, either Frame Relay using
the RFC 1490 standard or an Ethernet network.
To configure the DS1500-XFR to act as a terminal server the user must do the following:
•
•
•
•
Configure the Frame Relay port
• Set clock source and line speed
• Assign DLCI management
Configure the Frame Relay connection
• Assign RFC 1490 to the connection
• Enter the DLCI number for the connection (in the example below, 100)
• Enter the IP address of the next hop router (in the example below, 192.168.1.2)
Configure the Router features
• Enter the IP address for the WAN port (in the example below, 192.168.1.1)
• Select the discovery protocol being used
Configure the serial ports
• Assign local socket number
• Set line speed and parity
• Assign DSS usage
• Assign the proper profile
Figure 3-13 shows a very basic network. The following procedure describes how to configure the DS1500XFR on the right, i.e. a typical remote site. The configuration allows the IP-based host system on the left,
labeled B, to send and receive data from all serial devices configured on the DS1500-XFR, labeled A. Refer
to this figure during the configuration to understand the connection process. The procedures use the
configuration data from the figure below. Note that the Router at location B (which could be a DS1500XFR) also requires configuration to complete the end-to-end network path.
3 - 11
Terminal Server
A
Remote Site
WAN W1
192.168.1.1
B
Data Center
IP Router
(e.g., DynaStar)
192.168.1.2
255.255.255.0
D
0
10 0
CI
D L 149 s
C pb
F
R 6K
/5
64
DS
DynaStar
1500
S1
Socket
10201
Serial
S1
S2
Socket
10202
Devices
DLCI 300
S2
Frame Relay Network
Ethernet
192.168.10.1
255.255.255.0
192.168.10.2
255.255.255.0
Management
System
Figure 3-13. Terminal Server Configuration Example
3.3.1
Configure the Frame Relay Port to Support Terminal Server
Functionality
For the Terminal Server application, the port connecting to the Frame Relay network must be configured to
support IP routing over Frame Relay. The first step is to verify that the default settings for this port are
correct for the specific network implementation being used. If connecting to a public data network, the
default settings should be adequate and no changes should be necessary. If otherwise, the user should have
any alternative information, shown in Figure 3-16, readily available prior to configuring the DS1500-XFR.
This example uses the WAN port, W1, as the Frame Relay port, but any serial port could also be used.
1.
The path to the WAN Port Configuration menu is: in the Main Menu, select <1> Port. The Port
Menu will be displayed, see Figure 3-14.
3 - 12
Terminal Server
*** Port Menu ***
Port
Name
CON Console
10 Virtual PAD
99 Virtual X.25
E1
E2
E3
E4
E5
Enet
Enet
Enet
Enet
Enet
S1
S2
S3
S4
S5
S6
S7
S8
W1
1
2
3
4
5
__________[DynaStar_31]___________
SERIAL1-S1
SERIAL2-S2
SERIAL3-S3
SERIAL4-S4
SERIAL5-S5
SERIAL6-S6
SERIAL7-S7
SERIAL8-S8
TDM chan W1
Enter Port Number:
2.
In the Port menu type W1 and press <Enter>. The Functions For Port menu shown in
Figure 3-15 will appear.
1
2
3
4
-
Configuration
Statistics
Disable/Enable
Protocol Monitor
__________[DynaStar_24]___________
3.
In the Functions For Port menu select <1> Configuration. The Frame Relay Port
Configuration menu for a DDS port is shown in Figure 3-16 and Figure 3-17 shows the menu for
a T1/E1 port.
3 - 13
Terminal Server
Port:
Port Name:
Clock Source:
Line Speed:
DLCI Management:
User, Net, NNI:
IP routing:
W1 TDM channel
TDM chan W1
Rx Clock
56.0 Kbps
LMI
USER
Y
0
__________[DynaStar_26]___________
(14)
(0-1500)
Port:
Port Name:
Clock Source:
Timeslot Bandwidth:
DLCI Management:
User, Net, NNI:
IP routing:
W1 TDM channel
CSU/DSU chan 1
W1 RX Clock
0 Kbps (0 x 56K)
LMI
USER
Y
0
_______[DynaStar_6100a2e8]________
(14)
(0-1500)
4.
In the Frame Relay Port Configuration menu ensure that the following items are set properly:
•
•
14 characters.
3 - 14
Terminal Server
•
•
•
•
•
•
service provider
Timeslot Bandwidth - for T1/E1 port, toggle values for allocated bandwidth per channel
from 56 or 64 Kbps
User, Net, or NNI - Normally set to User, other options include Network and NNI
5.
Process any changes by pressing the <Enter> key while in the lower right of the menu.
6.
Accept the changes made by pressing <CTRL-W> now or when prompted.
3.3.2
Configure the Frame Relay Connection for Terminal Server
Functionality
The previous step set up the WAN port as a Frame Relay port, but it does not provide information about the
end-to-end Frame Relay service. This section sets up the Frame Relay connection (PVC) from this DS1500XFR to the next hop router at the other end of the Frame Relay network.
1.
From the Main Menu select <2> Network. The Networking Setup and Status menu is displayed
(Figure 3-7).
2.
From the Networking Setup and Status menu select <5> Frame Relay. The Frame Relay
Parameters menu is displayed. See Figure 3-18.
Configure DLCIs
__________[DynaStar_24]___________
3.
In the Frame Relay Parameters menu select <1> Frame Relay DLCIs. The Frame Relay
DLCI Configuration Table menu is displayed, as shown in Figure 3-19. This menu is used to
specify the Data Logical Connection Identifier (DLCI) used to create a PVC for IP routed traffic.
3 - 15
Terminal Server
Type
1 RFC 1490
Src
Port DLCI
W1 100
Dest
Port DLCI
IP
Y
__________[DynaStar_24]___________
CIR
Prty Kbps
1
0
Frag
Size
0
7:09:23
KA Dest IP Addr
N 192.168.1.2
4.
In the Frame Relay DLCI Configuration Table menu toggle the Type field to RFC 1490.
5.
Enter the DLCI number provided for this interface. (Typically provided by the telecom carrier for
their Frame Relay service.)
6.
The default value of Y (Yes) in the IP field is required for IP traffic on this connection.
7.
In basic cases, retain the default values for: Prty, CIR Kbps, Frag Size, and KA fields. These fields
deal with prioritization, traffic management, fragmentation and end-to-end Keep Alive. These
advanced features are described in “Frame Relay” on page B-62.
8.
Enter the IP address of the destination device, this is the next hop router normally at the data
center, labeled B in the example shown in Figure 3-13.
9.
Cursor to the bottom of the screen and process the selections by pressing <Enter> in the Process
selections field.
10. Save changes by pressing <CTRL-W>.
!
3.3.3
NOTE: Press the <Esc> key and then reopen the Frame Relay DLCI Configuration Table menu
screen to verify that the changes were accepted. Incorrect or out-of-boundary entries will be
disregarded without warning.
Assign an IP Address to the WAN Port for Terminal Server
Functionality
In this section the user will configure the IP port information for the Router and the serial port. The previous
section specified the remote IP address. This section configures IP information for the local DS1500-XFR.
1.
From the Main menu select <2> Network, <1> Router. The Router Setup and Status menu
appears, as shown in Figure 3-20.
3 - 16
Terminal Server
1
2
3
4
5
6
7
8
9
10
-
IP Routes Display
IP Static Routes
IP Filters
TCP/IP Status
OSPF Configuration
DHCP
VPN
VRRP
TCP Multicast
Configure OSPF
__________[DynaStar_11]___________
Figure 3-20. Router Setup And Status Menu
For basic applications of the DS1500-XFR, the only IP-related functions that require configuration are the
local IP address and sometimes the version of routing protocol to be used. A number of advanced IP options
are also supported. For descriptions and instructions concerning these advanced options, refer to “Router
(IP)” on page B-5.
2.
In the Router Commands menu select <1> IP Port Configuration. The IP Port Information menu
appears, see Figure 3-21.
Port(s)
Interface
Local/ROM Address
S1 - W1 TEOM
Last changed: 7-23-04 9:07:52
IP Address
IP Mask
x.x.x.x
x.x.x.x
Protocol Encaps
255.255.255.0
RIP
Enet II
192.168.3.1
192.168.2.3
255.255.255.0
RIP
Enet II
192.168.1.1
255.255.255.0 RIP Enet II
__________[DynaStar_24]___________
Figure 3-21. IP Port Information Menu
3 - 17
Terminal Server
3.
On the line starting with S1-W1 TEOM, enter the IP address to be associated with the WAN port
(W1) of the local DS1500-XFR in the IP Address field. A default subnet mask will be filled in
automatically. Make changes to the default mask as needed.
4.
Select the discovery protocol to be used, based on the network usage. Options are RIP (default),
RIP II, NONE, and RIP RX. Select NONE if you plan to use OSPF.
5.
With the cursor at the bottom of the menu with a Y in the Process selections field, press the
<Enter> key.
6.
Save changes to flash by pressing <CTRL-W>.
3.3.4
Configure the Serial Ports for Terminal Server Functionality
In this section the user will configure the serial ports in the Terminal Server menu.
1.
The path to the Terminal Server menu is Main menu, <2> Network, <3> Terminal Server. The
Terminal Server Configuration menu, shown in Figure 3-22, is displayed.
*** Terminal Server Configuration ***
Port Name
(14)
S1
SERIAL1
S2
SERIAL2
S3
SERIAL3
S4
SERIAL4
S5
SERIAL5
S6
SERIAL6
S7
SERIAL7
S8
SERIAL8
Type
(Fixed)
IP-ASY
IP-ASY
IP-ASY
IP-ASY
IP-ASY
IP-ASY
IP-ASY
IP-ASY
Local
Socket
10201
10202
10203
10204
10205
10206
10207
10208
__________[DynaStar_24]___________
Cursor up/down for more entries
Tel
Raw
N
N
N
N
N
N
N
N
Async
Speed
9600 Baud
9600 Baud
9600 Baud
9600 Baud
9600 Baud
9600 Baud
9600 Baud
9600 Baud
Parity
7-EVEN
7-EVEN
7-EVEN
7-EVEN
7-EVEN
7-EVEN
7-EVEN
7-EVEN
DSS
Ignore
N
N
N
N
N
N
N
N
0:00:00
Profile
85(10)
89(14)
89(14)
89(14)
89(14)
89(14)
89(14)
89(14)
SCADA
CRT
CRT
CRT
CRT
CRT
CRT
CRT
Figure 3-22. Terminal Server Configuration Menu
2.
In the Terminal Server Configuration menu set the following parameters for each serial port to be
configured as a Terminal Server:
•
•
•
•
•
•
Name - The default name for this port may be changed. Enter a new name as desired,
maximum length is 14 characters
Local Socket - the default socket number assigned is 10200 + the port number. Move to this
field and type in a new value if required.
Tel Raw - N turns off TELNET negotiation between the IP endpoints of this connection
Async Speed used by the serial device connected to the serial port of the DS1500-XFR.
Toggle the values by pressing the enter key.
Parity - default 7-Even, toggle the values by pressing the enter key
DSS Ignore - toggle to Y the port will supply DSS but does not require DSS from the
attached device to be active.
3 - 18
Direct-To-Frame
•
3.4
Typically, in the Profile field type in 85, which is preconfigured as a SCADA profile, and
press <Enter>. To define or use other profiles refer to “PAD Profiles” on page B-44.
3.
Repeat the previous step for all other serial ports to be configured for Terminal Server.
4.
Cursor down to the Process selections field, ensure that a Y is displayed in the field and press
<Enter>.
5.
Save changes to Flash by pressing <CTRL-W>.
DIRECT-TO-FRAME
This section describes how to set up and configure the DS1500-XFR to provide Direct-To-Frame Virtual
Private Line (VPL) service for serial devices. This section covers the configuration of the DS1500-XFR’s
WAN port, Frame Relay and serial port interfaces. The user must have the necessary serial device’s
connection information, Frame Relay line information and DLCI numbers. To configure the DS1500-XFR
for serial connections over Frame Relay, the user must perform the following tasks:
•
•
•
Configure a Frame Relay port
Enter the Frame Relay configuration information
Configure the serial ports
Figure 3-23 shows the network parameters used in the following example. The configuration for Serial Over
Frame Relay, in this example, connects the remote serial device (labeled A in the figure below) to another
serial device (Labeled B in the figure below). The DS1500-XFR with the B serial device must also be
configured to allow for two way end-to-end communications.
Remote Site
DynaStar
1500
S
DD
56
DL
Computer Site
/6
CI
Frame Relay Network
DLCI 310
DynaStar
1500
Serial
Serial
Host
Computer
B
Figure 3-23. Serial-Over-Frame Configuration Example
3 - 19
4
11
p
Kb
0
Serial
Serial
Devices
s
A
S1
S2
Direct-To-Frame
3.4.1
Configure the WAN Port for Serial Frame Relay
The user must configure a port to support Frame Relay. The user needs to define the type of connection and
other protocol related settings. In most cases the default settings for these parameters are correct and should
not be changed except that the user may select a name for the Frame Relay port.
1.
The path to the Port Configuration menu is: in the Main Menu, select <1> Port. The Port Menu
will be displayed, see Figure 3-24.
*** Port Menu ***
Port
Name
CON Console
10 Virtual PAD
99 Virtual X.25
E1
E2
E3
E4
E5
Enet
Enet
Enet
Enet
Enet
S1
S2
S3
S4
S5
S6
S7
S8
W1
1
2
3
4
5
__________[DynaStar_31]___________
SERIAL1-S1
SERIAL2-S2
SERIAL3-S3
SERIAL4-S4
SERIAL5-S5
SERIAL6-S6
SERIAL7-S7
SERIAL8-S8
TDM chan W1
Enter Port Number:
2.
In the Port menu, type the number of the port and press <Enter>. The WAN port or any serial port
supports Frame Relay. The Functions For Port menu shown in Figure 3-25 will appear.
3 - 20
Direct-To-Frame
1
2
3
4
-
Configuration
Statistics
Disable/Enable
Protocol Monitor
__________[DynaStar_24]___________
3.
In the Functions For Port menu select <1> Configuration. The Frame Relay Port
Configuration menu for a DDS port is shown in Figure 3-26 and for a T1/E1 port is shown in
Figure 3-27.
Port:
Port Type:
Port Name:
Clock Source:
Line Speed:
DLCI Management:
User, Net, NNI:
IP routing:
W1 TDM channel
Frame Relay
TDM chan W1
RX Clock
56.0 Kbps
LMI
USER
Y
0
__________[DynaStar_31]___________
(14)
(0-1500)
3 - 21
Direct-To-Frame
Port:
Port Name:
Clock Source:
Timeslot Bandwidth:
DLCI Management:
User, Net, NNI:
IP routing:
W1 TDM channel
CSU/DSU chan 1
W1 RX Clock
0 Kbps (0 x 56K)
LMI
USER
Y
0
_______[DynaStar_6100a2e8]________
(14)
(0-1500)
4.
•
•
•
•
•
•
•
•
5.
3.4.2
14 characters.
service provider
to 64 Kbps
Process the changes by pressing the <Enter> key while in the lower right of the menu. Accept the
changes made by pressing <CTRL-W> now or when prompted.
Configure Frame Relay for Direct-to-Frame Functionality
This section sets up the Frame Relay connection from the Frame Relay port to a remote location for the
Direct-To-Frame source.
1.
The path to the Frame Relay Parameters menu is, Main Menu, <2> Network, <5> Frame
Relay. The Frame Relay Parameters menu, Figure 3-28, is displayed.
3 - 22
Direct-To-Frame
Configure DLCIs
__________[DynaStar_24]___________
2.
In the Frame Relay Parameters menu select <1> Frame Relay DLCIs. The Frame Relay DLCI
Configuration Table menu appears as shown in Figure 3-29.
Type
1 PAD-FR
Src
Port DLCI
S1
Dest
Port DLCI
110
__________[DynaStar_24]___________
IP
CIR
Prty Kbps
1
0
Frag
Size
0
7:09:23
KA Dest IP Addr
N
3.
In the Src Port field, type in the serial port number (i.e. S1, S2,..., or S8) being configured.
4.
In the Frame Relay DLCI Configuration Table menu, toggle the Type field to PAD-FR.
3 - 23
Direct-To-Frame
!
NOTE: Each connection requires its own line entry. Direct-to-Frame also supports multicast
PVCs. For details refer to Appendix B, “Network Commands”. A serial port can connect to
multiple PVCs by adding a second line entry for the same serial port and the second DLCI.
Also, a single PVC can connect to multiple serial ports by using the same DLCI for each
multicasted serial port.
5.
Enter the DLCI number provided for this interface, shown in the Figure above as DLCI 110.
6.
7.
Process selections by placing the cursor over the Y in the lower right corner of the menu and press
<Enter>.
8.
Save changes to flash by typing <CTRL-W>.
3.4.3
Configure the Serial Port for Direct-to-Frame Service
In this procedure the user sets basic parameters for the serial port in the configuration menu and defines a
profile for the attached device.
1.
The path to the Async Port Configuration menu is: Main menu, <1> Port, type in the number of
the serial port being configured, i.e. S1, then press <Enter>, <1> Configuration. The Async
Configuration menu appears as in Figure 3-30.
*** Async Port Configuration ***
Port:
Port Type:
Port Name:
Line Speed:
Parity
Ignore DSS
Profile
S8 IS-232
PAD
SERIAL8
9600 Baud
7-EVEN
N
89(14) CRT
__________[DynaStar_31]___________
(14)
Figure 3-30. Async Port Configuration Menu
2.
In the Async Port Configuration menu, set the following parameters:
•
•
Port Name - is the user-defined name given to the port, it can be up to 14 alphanumeric
characters in length
Line Speed used of the serial device connected to the serial port of the DS1500-XFR. Toggle
the values by pressing the enter key.
3 - 24
XOT
•
•
•
3.5
Parity - default 7-Even, toggle the values by pressing the enter key
Ignore DSS - toggle to Y
Type in the Profile field 85, which is preconfigured for SCADA traffic, and press <Enter>.
(Profile 85 is generally recommended. For other profile options refer to “PAD Profiles” on
page B-44.)
3.
Process selections by placing the cursor over the Y in the lower right corner of the menu and press
<Enter>.
4.
Save changes to flash by typing <CTRL-W>.
XOT
Remote X.25-based equipment can connect to X.25 host systems over an IP-based backbone, as shown in
Figure 3-31. The DS1500-XFR implements XOT for such connections. This standard, codified in RFC
1613, encapsulates X.25 packet information within the TCP packets. The DS1500-XFR can also transport
HDLC over an IP-based backbone using an XOT-like implementation.
Remote
PAD or
FRAD
X.25
Host
X.25
X.25 Network
XOT
DynaStar
1500
X.25
DynaStar
1500
XOT
TCP/IP Network
Figure 3-31. Using XOT to Connect X.25 Equipment over a TCP/IP Backbone
XOT, as specified in RFC 1613, provides transparent support for carrying X.25 packets over a TCP/IP
network. However, although TCP provides a reliable byte stream for encapsulating the data, the
encapsulation methods defined in XOT are needed to ensure that TCP byte streams do not interfere with
X.25 packet boundaries. A 4-byte message header is prefixed to the X.25 packet layer before encapsulation.
This header provides a message byte count so that if TCP fragments the packet during transport, the original
message can be recovered.
HDLC over TCP/IP is implemented in a similar fashion, but the connection behaves as a PVC and uses LCN
0 over the IP backbone. For X.25, XOT uses the LCN number in the X.25 frame.
The basic steps in configuring XOT are given below:
•
When using XOT to connect X.25 equipment over an IP-based backbone:
• Configure an X.25 port that supports the appropriate number of PVCs and SVCs
• Configure the XOT switching table
•
When using XOT for HDLC connections over TCP/IP:
• Configure an HDLC (transparent) port with appropriate parameters
• Configure the XOT switching table
3 - 25
XOT
3.5.1
Configure the X.25 Port
When using XOT to connect X.25 equipment over an IP-based backbone, the first step is to configure the
X.25 port.
1.
From the Main Menu, select <1> Port. The Port Menu is displayed (Figure 3-24).
2.
From the Port Menu, type in the number of the port that will carry the X.25 traffic. The WAN
port or any serial port can carry X.25 traffic. The Functions for Port xx menu is displayed
(Figure 3-25).
3.
From the Functions for Port xx menu, select <1> Configuration. The Port Configuration menu
appears. If the port type is not set to X.25, toggle until X.25 line appears and press <TAB>. The
X.25 Port Configuration screen is displayed (Figure 3-32).
*** X.25 Port Configuration ***
Port:
Port Type:
Port Name:
Clock Source:
Line Speed:
X.25 Mode:
Max Window Size:
Max Packet Size:
Packet/Window Neg:
IP routing:
Base PVC LCN
Number PVCs
Base SVC LCN
Number SVCs
S1 IS-232
X.25 line
SERIAL1
Local Clock
9600 Baud
DTE
7
1024
Y
Y
1
0
1
4095
__________[DynaStar_31]___________
(14)
(1-4095)
(0-240)
(1-4095)
(0-4095)
Figure 3-32. X.25 Port Configuration Screen
4.
In the X.25 Port Configuration screen, ensure that the following items are set properly:
(Refer to “X.25 Port Configuration” on page A-19 for field definitions.)
•
•
•
•
•
•
•
•
•
•
•
•
Port Type - this should be set to X.25 line.
14 characters.
Clock Source - toggle values for RX Clock or Local Clock
Line Speed - toggle for the correct value
X.25 Mode - set as DTE, DCE, DTE PASSIVE, or DCE PASSIVE
Max Window Size - Toggle for value from 1 to 7
Max packet Size - Toggle for value from 128 to 1024
Packet Window Negotiation - Set to Y or N
IP routing - Set to Y to allow IP routing on this connection
Base PVC LCN - The first Logical Channel Number (LCN) that will be assigned for PVCs.
PVC and SVC LCN numbers cannot overlap
Number PVCs - The number of PVCs that will be used on this link
Base SVC LCN - The first Logical Channel Number (LCN) that will be assigned for SVCs.
PVC and SVC LCN numbers cannot overlap.
3 - 26
XOT
•
Number of SVCs - The number of SVCs that this link will support. Be sure to configure the
correct number to support your XOT application.
5.
selections field.
6.
7.
Advanced X.25 parameters are available by pressing <CTRL-O>. The Advanced X.25 Port
Configuration screen is displayed (Figure 3-33). Enter the X.121 address and modify any other
parameters as required. See “X.25 Port Configuration” on page A-19 for more information.
8.
To complete the configuration for connecting X.25 equipment using XOT, see “Configure the
XOT Switching Table” on page 3-28.
Port:
X.121 Address:
Number of Flags:
Calling address mod:
Local Address Insert:
Require CUG:
Require NUI:
Require Rev. Charge:
Route calls on CUD:
Non-Zero DTE Causes:
Allow User Data:
S1 IS-232
1
NONE
N
N
N
N
N
N
Y
(0-15) LAPB Extended:
LAPB Window:
T1 Ack Timer:
T3 Idle Timer:
N2 Retransmit count:
N1 Max frame size:
Base In LCN
Number Incoming
Base Out LCN
Number Outgoing
__________[DynaStar_31]___________
(15 BCD)
N
7
(7-127)
3
(1-255 sec)
30 (0-255 sec)
20
(1-255)
8248
(bits)
1
(1-4095)
0
(1-4095)
4095
(1-4095)
0
(0-4095)
Figure 3-33. Advanced X.25 Port Configuration Screen
3.5.2
Configure an HDLC Connection
To use an HDLC connection in conjunction with XOT, the user must first configure the HDLC port.
1.
2.
From the Port Menu, type in the number of the port that will carry the HDLC traffic. The WAN
port or any serial port can carry HDLC traffic. The Functions for Port xx menu is displayed
(Figure 3-25).
3.
appears. If the port type is not set to HDLC, toggle until HDLC appears and press <TAB>. The
Transparent HDLC Port Configuration screen is displayed (Figure 3-34).
3 - 27
XOT
*** Transparent HDLC Configuration ***
Port:
Port Type:
Port Name:
Clock Source:
Line Speed:
S2 IS-232
HDLC
SERIAL2
Local Clock
9600 Baud
__________[DynaStar_31]___________
(14)
Figure 3-34. Transparent HDLC Port Configuration Screen
4.
In the Transparent HDLC Configuration screen, ensure that the following items are set properly:
•
•
•
•
Port Type - this should be set to HDLC.
14 characters.
Clock Source - toggle values for RX Clock or Local Clock
Line Speed - toggle for the correct value
5.
selections field.
6.
3.5.3
Configure the XOT Switching Table
Once the correct port is configured (X.25 or HDLC), the XOT switching table must be configured. The same
table is used for both X.25 over TCP/IP and HDLC over TCP/IP connections.
1.
From the Main Menu, select <2> Network. The Networking Setup and Status Menu is
displayed (Figure 3-7).
2.
From the Networking Setup and Status Menu, select <6> X.25. The X.25 Configuration and
Status Menu is displayed (Figure 3-35).
3 - 28
XOT
*** X.25 Configuration and Status ***
1
2
3
4
5
6
7
8
-
Bridge/Router
X.121 Routing Table
PVC/SVC Switching
XOT Switching table
X.121 Translation
X.25 Multicast Table
X.25 Connections
X.25 Multicast Status
Configure X.25 router connections
Configure X.121 routing table
Configure X.25 PVCs
Configure XOT connections
Configure address translation
Configure X.25 multicast
Display X.25 Call status
Display X.25 multicast connections
__________[DynaStar_31]___________
Figure 3-35. X.25 Configuration and Status Menu
3.
From the X.25 Configuration and Status Menu, select <4> XOT Switching Table. The XOT
PVC SVC Switching Table appears (Figure 3-36).
*** XOT PVC SVC Switching Table ***
Last changed: 3-24-05 13:56:05
Service
(Toggle)Port #
SVC/XOT
Local
LCN #
X121 Address
|
Port #
Remote
LCN #
IP Address
0.0.0.0
1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
__________[DynaStar_31]___________
Process entries (Y/N): Y
In Service field,use UP/DOWN to scroll and LEFT to process selections.
To change or add entry, enter new value
Figure 3-36. X.25 Configuration and Status Menu
For HDLC service, continue with Step 4 below. For X.25 service, skip to step 9.
4.
For HDLC, toggle the Service field to HDLC/XOT.
5.
In the Local Port # field, enter the number of the HDLC port for this DS1500-XFR.
3 - 29
X.25-FRAD Example
6.
In the Remote Port # field, enter the number of the HDLC port on the remote DS1500-XFR.
7.
In the IP Address column, enter the IP address of the remote DS1500-XFR.
8.
Skip to step 12 to complete your configuration.
9.
For X.25, SVC/XOT or PVC/XOT can be configured. For SVC, toggle the Service field until
SVC/XOT appears. Tab to the Local X121 Address field and enter the local X.121 address.
10. For PVC, toggle the Service field until PVC/XOT appears. Tab to the Local Port # and enter the
appropriate port. Tab to the Local LCN # field and enter the LCN. Tab to the Remote Port # and
LCN # fields and enter the remote port and LCN.
Note that for SVCs, XOT needs to be configured only on the DS1500-XFR that originates the
X.25 calls. For PVCs, configure a corresponding XOT PVC on the remote DS1500-XFR that will
receive the call.
11. For both PVC/XOT and SVC/XOT, tab to the IP Address column and enter the remote IP address.
12. Cursor to the bottom of the screen and process the selections by pressing <Enter> in the Process
selections field.
13. Save changes by pressing <CTRL-W>.
3.6
X.25-FRAD EXAMPLE
The X.25-FRAD application allows the DS1500-XFR to exchange X.25 packet data over Frame Relay
networks and to interoperate with other systems that adopt the same encapsulation technique. A sample
network diagram illustrating X.25 over Frame Relay is shown in Figure 3-37.
DynaStar
1500
CI
/V
XP
6/
S5
DD XP
I /V
LC
DL
D
64
p
Kb
Serial
Serial
Devices
s
S1
S2
DLCI /VXP
DynaStar
1500
Serial
DLCI/VXP
Serial
Devices
Frame Relay Network
S1
S2
Figure 3-37. Typical X.25-FRAD Implementation
Configuration of the X.25-FRAD is explained below. The order of the steps for configuring the FRAD is:
•
•
•
•
Configure the Frame Relay port(s)
Configure the Frame Relay DLCIs
Configure the Virtual X.25 ports (VXPs)
Assign X.121 addresses
3 - 30
X.25-FRAD Example
3.6.1
Configure the Frame Relay Port(s)
1.
2.
From the Port Menu, type in the number of the port that will carry the Frame Relay traffic. The
WAN port or any serial port can carry Frame Relay traffic. The Functions for Port xx menu is
displayed (Figure 3-25).
3.
appears. If the port type is not set to Frame Relay, toggle until Frame Relay appears and press
<TAB>. The Frame Relay Port Configuration screen is displayed (Figure 3-26).
4.
•
•
•
•
•
•
•
•
14 characters.
service provider
to 64 Kbps
5.
selections field.
6.
3.6.2
Configure DLCIs
Once the Frame Relay ports have been defined, the DLCIs that will be used to forward the encapsulated
VXP X.25 traffic must be configured.
1.
From the Main Menu, select <2> Network, <5> Frame Relay. The Frame Relay Parameters
menu, Figure 3-28, is displayed.
2.
From the Frame Relay Parameters menu select <1> Frame Relay DLCIs. The Frame Relay DLCI
Configuration Table menu appears as shown in Figure 3-29.
3.
Toggle the Type field to Annex G.
4.
Configure Source Port and DLCI and Destination Port.
5.
6.
selections field.
7.
3 - 31
X.25-FRAD Example
3.6.3
Configure Virtual X.25 Ports
After the Frame Relay ports and DLCIs that will be used for VXP traffic have been configured, the Virtual
X.25 ports must be defined. Up to 128 virtual X.25 ports can be defined.
While the physical behavior of a regular port is governed by its assigned type of interface, a VXP has no
external physical behavior and is not associated with an external connector. The VXP can be used only to
carry X.25 traffic, but, unlike a regular X.25 port, it only supports layers 2 and 3 of the X.25 protocol. A
VXP can be configured to use any of the DS1500-XFR’s Frame Relay ports as its physical port.
The scheme is based on associating a VXP with a unique Frame Relay PVC. First assign a Frame Relay port
to a VXP and then assign to it the Data Link Connection Identifier (DLCI) of the PVC earmarked for X.25
encapsulated traffic. A Frame Relay PVC can be used by only one VXP. However, because a Frame Relay
port can support several PVCs, several VXPs can be mapped to a single Frame Relay port.
Because a VXP supports all but the physical attributes of a physical X.25 port, it allows up to 4,095 SVCs to
be established over a single Frame Relay PVC. Additional SVCs can be routed over a Frame Relay port by
mapping several VXPs onto the same Frame Relay port. The mapping scheme allows outgoing X.25 traffic
through a VXP to be forwarded over Frame Relay ports, and it allows incoming X.25 traffic from Frame
Relay ports to be internally routed to the DS1500-XFR applications as if it were received on regular X.25
ports.
1.
From the Main Menu, select <1> Port. The Port Menu (Figure 3-3) is displayed.
2.
Enter 99 to access the list of Virtual X.25 ports (Figure 3-38). This screen shows the first 64
virtual X.25 ports that are available for routing X.25 traffic over the previously configured PVCs
(DLCIs) of the Frame Relay ports. (The second 64 ports can be seen by pressing the Down arrow.)
*** Port Menu ***
Port
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
Name
V
V
V
V
V
V
V
V
V
V
V
V
V
V
V
V
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
V
V
V
V
V
V
V
V
V
V
V
V
V
V
V
V
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
__________[DynaStar_31]___________
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
V
V
V
V
V
V
V
V
V
V
V
V
V
V
V
V
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
V
V
V
V
V
V
V
V
V
V
V
V
V
V
V
V
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
Figure 3-38. Virtual X.25 Port Selection Menu
3.
Enter the number of the Virtual X.25 port to configure. The Functions for Port xx menu appears
(Figure 3-4).
4.
From the Functions for Port xx menu, select <1> Configuration. The X.25 Virtual Port
Configuration screen appears (Figure 3-39).
3 - 32
X.25-FRAD Example
*** X.25 Virtual Port Configuration ***
Port:
Port Name:
X.25 Mode:
Max Window Size:
Max Packet Size:
Packet/Window Neg:
IP routing:
Base PVC LCN
Number PVCs
Base SVC LCN
Number SVCs
600
V X25 Port 600
DTE
7
1024
Y
Y
1
0
1
64
__________[DynaStar_31]___________
(14)
(1-4095)
(0-240)
(1-4095)
(0-4095)
Figure 3-39. Virtual X.25 Port Configuration Screen
5.
In the Virtual X.25 Port Configuration screen, ensure that the following items are set properly:
(Refer to “X.25 Port Configuration” on page A-19 for field definitions.)
•
•
•
•
•
•
•
•
•
•
14 characters.
X.25 Mode - set as DTE, DCE, DTE PASSIVE, or DCE PASSIVE
Max Window Size - Toggle for value from 1 to 7
Max packet Size - Toggle for value from 128 to 1024
Packet Window Negotiation - Set to Y or N
IP routing - Y or N
Base PVC LCN - The first Logical Channel Number (LCN) that will be assigned for PVCs.
PVC and SVC LCN numbers cannot overlap
Number PVCs - The number of PVCs that will be used on this link
Base SVC LCN - The first Logical Channel Number (LCN) that will be assigned for SVCs.
PVC and SVC LCN numbers cannot overlap.
Number of SVCs - The number of SVCs that this link will support.
6.
selections field.
7.
Advanced X.25 parameters are available by pressing <CTRL-O>. The Advanced X.25 Virtual
Port Configuration screen is displayed. (It is the same as the Advanced X.25 Port Configuration
screen shown in Figure 3-33). Enter the X.121 address and modify any other parameters as
needed. When you have completed your entries, enter Y <return> in the Process selections field.
8.
Configure any additional Virtual X.25 ports.
9.
NOTE: Frame relay networks typically support larger frames than their X.25 counterparts, and their tariff
structure is traffic sensitive. The user should consider adjusting the X.25 link and packet level parameters to
optimize the use of the Frame Relay network.
3 - 33
X.25-FRAD Example
3.6.4
Configure X.121 Addresses and Switching Table
The X.121 addresses and the routing table are used to route calls from DS1500-XFR applications to
outbound X.25 lines. They are not used to route incoming calls from the X.25 network. Virtual X.25 ports
use the same X.121 and switching mechanisms as standard X.25 ports.
For example, to route incoming calls from X.25, other VXPs, or PAD ports to outbound VXPs, you use the
X.25 Concentrator Routing Table (Figure 3-40) to associate X.121 called addresses with selected VXPs.
The DS1500-XFR presents you with the option of selecting VXPs (in addition to regular ports) when you
toggle the port values in the Port column of the screen.
1.
From the Main menu, select <2> Network, <6> X.25, <2> X.121 Routing Table. The X.25
Concentrator Routing Table appears (Figure 3-40).
2.
In the X.25 Concentrator Routing Table screen, ensure that the following items are set properly:
•
•
•
•
X.121 Address - The called address that is to be routed on an X.25 port.
Shared Scheme - Toggle to Share, Test, or None. See “Configure Shared Routing” on page
B-73 for more information.
Port - Toggle to select the correct virtual X.25 port to which the call will be routed.
Priority - Set the priority for this destination (0 to 3, 0 is the highest)
*** X.25 Concentrator Routing Table ***
Last changed: 3-24-05 13:56:05
X.121 address
Shared |- Use RET to Toggle -| X.32 dial line phone #
(1-15 BCD,D&X)
Scheme Port Priority
(max 19 characters)
1: 53274DD
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
__________[DynaStar_31]___________
Process Routing tables (Y/N): Y
Search for X.121 Address:
Select Share Scheme:
Figure 3-40. X.25 Concentrator Routing Table
3.
selections field.
4.
3 - 34
CHAPTER 4
TROUBLESHOOTING AND SOFTWARE
MAINTENANCE
This chapter provides ideas and suggestions for troubleshooting and maintaining the DS1500-XFR by
using features in the Supervisor application. This information is only a guide for specific situations. The
troubleshooting suggestions make reference to the Appendices that provide detailed screen and
parameter information. The Software Maintenance section of this chapter is concerned with software
maintenance and the loading of software versions.
4.1
TROUBLESHOOTING
The Supervisor application allows you to troubleshoot the DS1500-XFR and determine the current status at
each of the following levels:
•
•
•
•
•
•
Port
Network
Bridge
Frame Relay configured paths
System Level - Buffer Usage
Event Log
The user/operator can go into each of the listed areas to check whether a problem exists. The following
sections discuss the above menu items and give menu path information to reach them, along with crossreferences to descriptions.
4.1.1
Port
The user can examine the Ports on the DS1500-XFR to determine the current status, statistical details, and to
view the live data transfers in progress.
4.1.1.1
Port Status
The Port Status menu provides the current status of all ports on the DS1500-XFR. This data is current,
when the menu is loaded, and shows at a glance the status of all of the ports. To reach the Port Status menu,
press <1> Port from the Main Menu and from the Port Menu that appears, press <Enter> to display the
Port Status menu. This screen provides the user with the Port number, name, type of connection, current
availability, and whether it is currently operating. The Port Status menu is shown in Figure A-3 on page
A-4. To check for changes press <Enter>, which will refresh and update the screen, or wait for the
automatic sixty second update.
4-1
CHAPTER 4 - Troubleshooting and Software Maintenance
Troubleshooting
4.1.1.2
Port Statistics
The Port Statistics menus provide a host of information for troubleshooting most port-based problems. The
information on these screens shows the current status of the port (Up or Down), Tx and Rx rates, error
counts, details on transmissions, and a complete list of port-related data. To reach the Port Statistics menu
press <1> Port in the Main Menu and in the Port Menu that appears enter the port number (6 or CON for
Console, E1 - E5 for Ethernet, W1 for the WAN, S1 - S8 for Serial) followed by <Enter>. Then press <2>
Statistics. This screen displays statistics specific to the type of port selected.
The following list explains where in this manual to find figures and tables describing statistics for each port
type.
•
•
•
•
•
•
•
•
•
Console or asynchronous (PAD)-Figure A-23 on page A-33, Table A-19 on page A-33
Ethernet Switch - Figure A-19 on page A-27, Table A-15 on page A-27
Frame Relay - Figure A-20 on page A-29,Table A-16 on page A-29
DDS - Figure A-21 on page A-31, Table A-17 on page A-31
T-1 - Figure A-22 on page A-32, Table A-18 on page A-32
X.25 - Figure A-24 on page A-35, Table A-20 on page A-35
HDLC - Figure A-25 on page A-37, Table A-20 on page A-35
Transparent - Figure A-26 on page A-38, Table A-20 on page A-35
PPP - Figure A-27 on page A-39, Table A-20 on page A-35
4.1.1.3
Port Protocol Monitor
The Protocol Monitor shows the current data being transmitted and received on any selected port to assist in
determining the location of a fault somewhere in the system. To reach the Protocol Monitor Menu, press,
<1> Port in the Main Menu to enter the Port Menu. Next enter the port number to view (CON for Console,
E1 - E5 for Ethernet, W1 for the WAN, S1 - S8 for Serial), and press <Enter>. Then press <4> Protocol
Monitor. Figure A-29 on page A-41 shows a representative screen capture of an Ethernet port. More detail
on the Protocol monitor appears in “Protocol Monitoring” on page A-41.
Note that port mirroring allows unobtrusive viewing of IP traffic on an Ethernet switch port, see
Figure A-31 on page A-43.
4.1.2
Network
Using Network menus in conjunction with Port statistics and status helps determine if the Routing and IP
connections are operating as configured. The IP Addresses and TCP/IP Status menus display the ARP table,
routing table, and the connection status of all IP-based connections to the DS1500-XFR. To reach these
menus, press <2> Network from the Main Menu, then <1> Router, followed by either <2> IP Routes
Display or <5> TCP/IP Status. The IP Addresses menu is shown in Figure B-8 on page B-9 and the TCP
Connection Status screen is shown in Figure B-12 on page B-13.
4.1.3
Bridge
The Bridge Status Menu displays the state of the bridge ports, whether they are receiving Bridged Protocol
Data Units (BPDUs), the port’s current role, the state of the port, and whether the Bridge port is operating
properly. To reach the Bridge Port Status menu from the Main Menu, press <2> Network followed by
<2> Bridge, and <2> Bridge Status. Figure B-35 on page B-38 shows the Bridge Port Status menu.
4-2
Troubleshooting
4.1.4
Frame Relay
To display a Frame Relay port’s connection or check the operation status of the port, go to the Frame Relay
DLCI Status Menu. The Frame Relay DLCI Status menu shows the DLCI status by port, the sent/received
packet count, and the frame transmit and receive rates. This menu allows you to determine if an individual
DLCI is passing data and, when used in conjunction with Port statistics, whether the port should be receiving
and sending data. To reach the Frame Relay DLCI Status Menu, press <2> Network in the Main Menu,
then <5> Frame Relay, and <3> Frame Relay Status. The menu is shown in Figure B-53 on page B-66.
4.1.5
X.25
To display an X.25 port’s connection or check the operation status of the port, go to the X.25 Call Status
Menu. The X.25 Call Status menu shows the X.25 call status by port, the sent/received packet count, the
state of the source and destination, and the duration of the call. This menu allows you to determine if an
individual port and LCN are passing data and, when used in conjunction with Port statistics, whether the port
should be receiving and sending data. To reach the X.25 Call Status Menu, press <2> Network in the Main
Menu, then <6> X.25, and <7> X.25 Connections. The menu is shown in Figure B-68 on page B-82. More
detailed information can be obtained by pressing <CTRL-O> from the X.25 Call Status Menu. The X.25
Call Details screen is shown in Figure B-69 on page B-82.
4.1.6
Buffer Usage
The Buffer Usage informs you of a possible DS1500-XFR buffer resource overload due to line,
transmission, or protocol problems. Climbing In Use counts and declining Free buffer counts could be an
indication of a problem. To reach the Buffer Pool Status menu, enter <3> System from the Main Menu,
and then <4> Buffer Usage. Figure C-6 on page C-6 shows the Buffer Pool Status menu.
4-3
Boot Process
4.2
BOOT PROCESS
The onboard ROM is the source of the BOOT process; this ROM is based on a copy of the full operating
system and is normally fixed for the lifetime of the product. With a console port connected, the BOOT
process resembles information contained in Figure 4-1.
DynaStar skyrom is running
DYMEC, Inc.
Flash 0 is 4MB AMD top boot [ID = 01f6]
DS1500 ROM version 7.0 (RC30)
Serial number 40
Ethernet address 00206100b831
*** Press ESC to boot download immediately ***
*** Press CR to enter LAN monitoring mode ***
Test 8MB RAM addresses
Test 8MB RAM pattern
Monitoring LAN for ROM commands
Cannot find a valid SRAM
Current IP address is 0.0.0.0
Enter different IP address:
Loading DOWNLOAD.BIN
Decompressing 7.0 (RC30)... Done!
#portVars=184, #link=150, #pad=20, #packet=151
Using SRAM #1, length = 370754, (183 ports)
******* Error Log *******
2004-09-21 13:25:09 System reset (may be power up or deliberate restart)
******* Error Log End *******
Figure 4-1. BOOT Process Example
After initiating the boot process, the system temporarily halts for 20 seconds. The reason for pausing is to
provide the ability to configure the DS1500-XFR if no runtime operating system has been loaded. In
particular, the pause provides an opportunity to set an initial IP address for downloading software and
establishing Telnet command sessions. If an operating system already exists, then pressing <Esc> before the
end of the 20-second pause will resume the boot process. If no key is pressed and 20 seconds elapses, the
system will boot automatically.
This completes the boot process and the screen will display the opening banner and login menu. The current
contents of the event log are the last part of the boot process and can be useful in diagnosing boot problems
in the unlikely event the system fails to boot.
4-4
Initializing an IP Address
4.3
INITIALIZING AN IP ADDRESS
If an operating system does not already exist, then you must establish the “Local/ROM Address” during the
Boot process. The “Local/ROM Address” requires an IP address assigned to it in order to remotely
download software to the Supervisor and/or permit SNMP communications with the DS1500-XFR. If the
system is already running under an operating system, assignment of the Local/ROM Address is through the
console command menus. (Refer to “Assign IP Addresses and Protocols” on page B-6.) If no operating
system exists on the DS1500-XFR, execute the Boot process as described in “Boot Process” on page 4-4.
The Boot process will pause for 20 seconds as soon as the following message appears:
Current IP address is 0.0.0.0
During this time, the Console displays a prompt to enter an IP address. The IP assignment allows IP
applications like TFTP and Telnet to communicate with the DS1500-XFR from a remote location in order to
make configuration changes and/or upgrade the Operating System to a newer version.
The IP address can be entered in a normal IP address format e.g. 100.1.1.1 <Enter>. The system displays a
prompt with the IP address just entered.
100.1.1.1 <Enter>
The new IP address is accepted but not fully processed at this point. The IP address can be changed by
typing in another IP address or, if the address displayed is acceptable, just press <Esc> to commit this
address to Flash and complete the install process. Once an IP address is assigned, you can use TFTP to
install a new operating system (see “Placing a Software Load on a DS1500-XFR” on page 4-11).
4-5
Software Maintenance
4.4
SOFTWARE MAINTENANCE
To discuss the software maintenance tasks it is important that the user understand how the system operates.
For this, an understanding of the software files is required. For descriptions of the files stored on the system
and restarting methods refer to Appendix C, “System Functions” before continuing.
The system software resides in Flash memory on the DYNASTAR 1500. The system, as received from the
factory, will include Download.bin and, if the system has been in operation, the SRAM1 and SRAM2 files
will also be present. The SRAM files will appear after configurations are made in the unit. The
Download.bin file is the decompressed operational software loaded on the system at the factory. The SRAM
files are copies of memory that contain the current and previous configurations. The SRAM acts as a
temporary notepad to write system changes. When a <CTRL-W> Flash save operation is performed, the
system copies the current SRAM to Flash, thereby changing the active configuration of the DS1500-XFR.
The other SRAM contains a copy of the prior configuration. In this way, the SRAMs maintain copies of both
the current and prior configurations. As an example, a user on a DS1500-XFR makes changes to the
configuration without saving the changes to Flash. These changes are resident on one of the SRAMs, for this
example let us assume SRAM1. Warm restarting DS1500-XFR flushes SRAM1 and SRAM2 becomes the
active notepad. The changes made and not saved to Flash are lost and the SRAM2 now contains the current
configuration information for the system.
The Download.bin file will also have a version number associated with it and shown in the Directory
Management menu. The version will also have a Build number in parenthesis, such as (RC47), this
designates the numerical sequence of the file creation, therefore the higher the build number the newer the
software within each version. There can be up to three Download.bin files on the system at any one time.
Attempting to add a new Download.bin file will not be allowed by the system.
The cnfgload.cmp file is a compressed file containing the configuration data from the DS1500-XFR. This
file is created to maintain a backup of the configured system should it become necessary to restore this
configuration on a replacement system and also to reinitialize a system to and maintain the desired
configuration. The reinitialize restart type will only be present (shown to the user) if a cnfgload.cmp file is
present on the system. It should be observed that there is no information shown to the user about when or
what version of software the cnfgload.cmp file was created under. The cnfgload.cmp file must be generated
by the user by issuing a GET command using TFTP (Trivial File Transfer Protocol) or FTP (File Transfer
Protocol) to the DYNASTAR 1500 which then creates the file. When the DS1500-XFR receives the GET
cnfgload.cmp command it creates the file and sends it to the requestor, but does not store it on the system.
This file is the complete configuration of the system as entered by the user. To place the cnfgload.cmp
configuration on the system the user must place the file on the system using either the appropriate TFTP
PUT or FTP PUT command. To utilize the cnfgload.cmp configuration the user Boots the system using the
reinitialize command. During the Reinitialize Boot, the system sees the cnfgload.cmp file in Flash and uses
it to rebuild the configuration data. Refer to the release notes on any software upgrade to ensure that the
configuration data is portable to the newer version. There are two methods for transferring files to the
DYNASTAR 1500 using either TFTP or FTP commands. Use whichever method is appropriate for the
network design.
The following sections describe the steps necessary to:
•
•
•
•
•
•
•
Use FTP commands and syntax, definitions
Use TFTP commands and syntax, definitions
Use FTP/TFTP commands to create and download the cnfgload.cmp file
Use FTP/TFTP commands to save the cnfgload.cmp file to the DS1500-XFR Flash memory
Use FTP/TFTP commands to load a new software build on the DS1500-XFR
Reinitialize the system using a new software build
Fall back to a previous software load - The system is capable of storing multiple operating
system images which allows the user to revert to a prior version should compatibility issues
arise.
4-6
4.4.1
FTP Commands
The FTP facility allows standard FTP clients to connect to the DYNASTAR 1500 FTP host system using a
command line interface (CLI) such as MicroSoft DOS command window, Unix or Linux. This facility is
restricted to line-by-line command input mode. Not all of the standard FTP commands are supported on the
DYNASTAR 1500. FTP works by entering the “ftp IP address” string from a client FTP work station. When
the receiving host sees its IP address, it asks for the User Name and Password. The user name and password
are the same as the user names already designated on the system. Once accepted the user is logged into the
system and can perform “get” and “put” commands. Note that the user is logged into the system and should
quit or disconnect the session when tasks are completed. The system will time out after a short interval of
inactivity. The following commands are supported: (Note that the user entered parameters are in italics.)
ftp
Entering FTP followed by the remote server’s IP address starts a client FTP
session on the remote server. The server will then prompt the user for a user name
and password.
ftp connection example:
c:\localdirectory\user> ftp (IP Address of Dynastar host)
Connected to 10.0.0.1
220 Connected to DYMEC ftp Server.
User (10.0.0.1:(none)): (Enter the User Name - Root is default)
331 Password?
Password: (Enter password - secret is default not echoed to screen)
230 User logged on.
ftp>
user
Used to change the user, while connected in an FTP session, on the remote server.
ascii
Sets the file transfer mode to ascii. Entering “ascii” from the ftp> prompt sets the
transfer mode the server will respond with a “200 Command Okay.” Note that all
file transfers to the DYNASTAR 1500 must be in binary mode.
binary
Sets the file transfer mode to binary (bin). Entering “bin” from the ftp> prompt
sets the transfer mode the server will respond with a “200 Command Okay.” Note
that all file transfers to and from the DYNASTAR 1500 must be in binary mode.
get
Gets a remote file from the remote host to the local client. Note that the user
password is also required following the file being taken off the remote host. The
get command syntax is:
ftp> get file name/password file name
Where:
get (retrieve a file from a remote host)
file name (file name on the remote host)
password (the user’s password)
file name (file name being stored on the local system, files can be
renamed as they are stored)
get example:
ftp> get cnfgload.cmp/secret cnfgload.cmp
200 port command Okay.
150 File status okay
226 Data transfer complete
ftp: nnnn bytes received in n.nSeconds n.nnKbytes/sec.
ftp>
4-7
put
Puts a local file onto a remote host. Note that the user password is also required
following the file name of the file being placed on the remote host, not the file
name from the local system.
put example:
ftp> put cnfgload.cmp cnfgload.cmp/secret
ftp: nnnn bytes received in n.nn Seconds n.nn Kbytes/sec.
ftp>
quit
Terminates the current FTP session and returns the user to the local directory and
command prompt.
disconnect Terminates the FTP session while maintaining the ftp> prompt.
open
Used from the FTP prompt to open an FTP connection to a remote host. Same
syntax and command structure as FTP above.
help
Lists all standard FTP commands although most are not supported.
?
When used preceding a command, gives a short description of that command.
To perform FTP operations, the user logs into the system using a simple FTP command to the IP address of
the host FTP server. This operation also requires a valid user name and password.
4.4.2
TFTP Commands
There are various TFTP packages available and the syntax varies. The following syntax and command
structure is used in this manual for TFTP commands:
TFTP [-i] host [GET | PUT] source [filename] destination [filename]
-i
Specifies binary image transfer. In binary image mode the file is moved byte by
byte. Use this mode when transferring binary files.
host
Specifies the remote host (i.e. 192.168.42.5)
GET
Retrieves the file source from the remote source and saves the file in the current
local directory
PUT
Sends the file source on the local host to the file destination on the remote host
source
Specifies the file to transfer
destination Specifies the destination for the transferred file
4.4.3
Creating a Compressed Configuration File
A compressed configuration file is created to store the current configuration of the DYNASTAR 1500 in the
event that a new system is required or a new software build is implemented. When the cnfgload.cmp file is
present on the system and the system is initialized, the cnfgload.cmp file will be used to configure the
system. This saves the time required to re-enter the user configurable parameters. This section describes
using FTP and TFTP commands to “get” and create a compressed cnfgload.cmp file on a DS1500-XFR.
When the DS1500-XFR receives a GET cnfgload.cmp command it creates the file and sends it to the
requestor without saving it to local memory. Once received, it is recommended that this file be saved
elsewhere for contingency purposes, appropriately labeled to indicate its origin and any other information to
help a system administrator identify it. This file is very important as it contains all of the system
configuration information. The following examples show both FTP commands and a generic TFTP program
to create the file. Some of the syntax and command structure may vary depending on the platform or TFTP
software vendor. You will need to know the IP address of the DS1500-XFR before proceeding. (Refer to the
previous paragraphs, “FTP Commands” on page 4-7 and “TFTP Commands” on page 4-8.)
4-8
!
NOTE: The cnfgload.cmp file may be sent to the DS1500-XFR it was received from to
maintain a copy of it on the system. Be sure to use the proper file naming when returning it
to a DS1500-XFR. The system will only recognize and use a file with the exact file name of
cnfgload.cmp.
Also Note, the system will maintain several versions of the cnfgload.cmp but will only use
the last one saved.
If using FTP to create and get the file, perform the following steps:
1.
To start an FTP session on the DYNASTAR 1500 use the following example as a guide. FTP to the
IP Address of the DYNASTAR 1500 and enter the user name and user password.
331 Password?
230 User logged on.
ftp>
2.
At the FTP prompt, use the following example as a guide to “get” the configuration file. Note that
the user password is required after the file name being retrieved.
ftp> get cnfgload.cmp/(User Password) cnfgload.cmp
ftp: nnnn bytes received in n.nSeconds n.nnKbytes/sec.
ftp>
3.
Verify that the cnfgload.cmp file is present on the local system and “quit” the FTP session.
Store the file in a safe place.
If using TFTP to create and get the file perform the following steps:
1.
Enter the following command using a TFTP software package:
tftp -i 192.168.10.10 get cnfgload.cmp cnfgload.cmp
2.
A message will appear stating the file size and transfer rate, depending on the software used. It
would be wise to relabel the file indicating the origin of the DS1500-XFR cnfgload.cmp file. Store
this file in a safe place.
4-9
4.4.4
Placing a Compressed Configuration File on a DS1500-XFR
Placing a compressed configuration file on the DS1500-XFR is helpful when upgrading system software or
regressing to a previous build. The system uses the compressed configuration file to rebuild the old
configuration during the processing of the new operating system. Ensure that the configuration file used is
the correct file created from the current configuration of the DS1500-XFR, since this file will recreate the IP
addresses on the new operating system.
CAUTION: Rebooting the system using a configuration file with unknown passwords and IP
addresses will lock everyone out of the system when the boot and reconfiguration is
completed. Ensure that the passwords are known for the cnfgload.cmp being used.
The DS1500-XFR requires the name of the downloaded compressed configuration file to be cnfgload.cmp.
Correct spelling is mandatory. Use either FTP or TFTP commands to PUT the file on the DS1500-XFR. The
user must then reinitialize the system using the required software build. If there is no cnfgload.cmp file on
the system, then the reinitialize feature is not shown to the user. When the system begins to process the new
software build it will use the cnfgload.cmp file to restore the system parameters to those saved in the
configuration file.
!
NOTE: If there are multiple copies of the cnfgload.cmp on the DS1500-XFR, the system will
use the latest version to restore the configuration.
If using FTP to place the cnfgload.cmp file use the following steps: (refer to “FTP Commands” on page 4-7
for details on FTP commands.)
1.
Start an FTP session on the DYNASTAR 1500 using the following example as a guide. FTP to the
IP address of the DYNASTAR 1500 and at the prompts enter the user name and user password.
331 Password?
230 User logged on.
ftp>
2.
Put the cnfgload.cmp file on the remote DYNASTAR 1500 using the following example as a guide.
ftp> put cnfgload.cmp cnfgload.cmp/secret
ftp: nnnn bytes received in n.nnSeconds n.nnKbytes/sec.
ftp>
3.
Use the Supervisor commands to ensure that the file is on the DS1500-XFR before taking any
further actions. To get to the Directory Management Menu enter <3> System in the Main
Menu, then press <1> Code Versions to display the Directory Management Menu, this menu is
shown in Figure C-3 on page C-3.
4.
Ensure that the cnfgload.cmp is present with the correct date and timestamp before reinitializing
the system.
4 - 10
4.4.5
Placing a Software Load on a DS1500-XFR
This section describes placing an operating system on a DS1500-XFR. One file, obtained from Dymec Inc.,
named alfload.bin contains the operating system for the DS1500-XFR. The system renames the alfload.bin
file to download.bin while stored on the DS1500-XFR. The system also checks the file to determine if it is
an applicable load for the DS1500-XFR. The system recognizes the file and displays the build and version
numbers on the Supervisor menu system. Check the operating system loaded onto the DS1500-XFR for
proper version and build numbers before booting the system with that load.
!
NOTE: The system can store only two versions of the operating system. If two are already
present on the DS1500-XFR, the PUT command will fail prior to loading a new version.
Refer to “Deleting Files from the DS1500-XFR” on page 4-13 before continuing.
If using FTP to place the alfload.bin file use the following steps: (refer to “FTP Commands” on page 4-7 for
details on FTP commands.)
1.
Start an FTP session on the DYNASTAR 1500 using the following example as a guide. FTP to the
IP address of the DYNASTAR 1500 and at the prompts enter the user name and user password.
331 Password?
230 User logged on.
ftp>
2.
Put the alfload.bin file on the remote DYNASTAR 1500 using the following example as a guide.
ftp> put alfload.bin alfload.bin/secret
ftp: nnnn bytes received in n.nnSeconds n.nnKbytes/sec.
ftp>
3.
Use the Supervisor commands to ensure that the file is on the DS1500-XFR before taking any
further actions. To get to the Directory Management Menu enter <3> System in the Main
Menu, then press <1> Code Versions to display the Directory Management Menu, this menu is
shown in Figure C-3 on page C-3.
4.
Ensure that the alfload.bin is present with the correct date and timestamp before reinitializing the
system.
If using TFTP, perform the following steps to load the new operating system. Refer to “TFTP Commands”
on page 4-8 for the syntax and command structure used in the following steps.
1.
Use the TFTP PUT command to place the file on the DS1500-XFR.
tftp -i 192.168.10.10 put alfload.bin alfload.bin
This will take a few moments depending on the access speed.
2.
With the file received, go into the Supervisor menu system and verify the proper load is present.
Note the file name is changed to download.bin by the system with a build number associated with
it. The path is as follows: press <3> System from the Main Menu, then press <1> Code Versions
to display the Directory Management menu. This menu appears in Figure C-3 on page C-3.
4 - 11
3.
4.4.6
Check that the correct load is present on the system by verifying the version and build numbers of
the new download.bin file. If the system configuration is not going to change, a good practice is to
create a new cnfgload.cmp file and PUT it on the system prior to using a new software build. This
will take a few moments depending on the access speed. Refer to “Creating a Compressed
Configuration File” on page 4-8 and “Placing a Compressed Configuration File on A DS1500XFR” on page 4-10 to create and save the current configuration before using the new software
build.
Reinitializing the System
This section deals with booting the system using a new software build while maintaining the current
configuration on the system. This procedure is also used to fall back to a previous load of software should an
upgrade have unexpected results. Use the Supervisor menu system to reinitialize the DS1500-XFR. You
must have loaded the new operating system and verified that a current configuration (cnfgload.cmp) file is
present on the DS1500-XFR before attempting to reinitialize.
Although the system has enough memory space for several versions of operating systems, only two versions
are accessible using the reinitialize feature in the Supervisor menu system. If there are more than two
versions of the operating system on the DS1500-XFR, remove the oldest from the system prior to using a
new version. This protects the system in case there is some error with a new build. If there are three versions
of the operating system present on the system and there is a fault or error using the newest build, then you
will be required to fall back to the previous version. This will not be possible using the reinitialize feature as
the system only shows the oldest and newest versions of the operating system to you. Perform the following
steps to reinitialize the DS1500-XFR.
1.
!
Verify that the new download.bin file is on the system. Select <3> System from the Main Menu,
and the <1> Code Versions to display Directory Management menu. This menu appears in
Figure C-3 on page C-3.
NOTE: If there are currently more than two versions of download.bin files present on the
system, delete the oldest one before proceeding. Refer to “Deleting Files from the DS1500XFR” on page 4-13 before proceeding.
2.
Using the Directory Management menu, verify that a current cnfgload.cmp file is present.
3.
Open the Restart menu in the Supervisor application. The path is as follows: select <3> System in
the Main Menu, then enter <2> Restart to display the Restart System menu. This menu appears
in Figure C-4 on page C-4.
4.
Place the cursor over the Restart Type field and press <Enter>. This is a toggle field and if the
cnfgload.cmp file is present, then the Reinitialize option will be displayed.
5.
Move down a line in the menu to the Code Version field and press <Enter> to select the version of
the software to load.
6.
Move down to the next field named Password and enter the Root password for the DS1500-XFR.
7.
Move the cursor to the Process selections field and press <Enter>. The system will become
unavailable while loading the new operating system and restoring the old configuration. Wait
approximately one minute before attempting to reestablish contact with the DS1500-XFR.
8.
Upon reestablishing contact, you should go through the menus and verify proper port operation
and restoration of communications.
4 - 12
4.4.7
Deleting Files from the DS1500-XFR
It is recommended that the user actively manage the files stored on the DS1500-XFR. As previously
discussed, the system can maintain three versions of the operating system and numerous versions of the
cnfgload.cmp files. Only the two most recent versions of the operating system software are required. The
number of cnfgload.cmp files is not important since the system only uses the latest version; however, seeing
multiple versions of the same file with varying timestamps can be confusing. As only the current version is
required, older versions can be safely deleted. The following steps describe deleting a file from the system
using the Supervisor menu application.
1.
Open the Directory Management menu by selecting <3> System in the Main Menu and then
<1> Code Versions. The Directory Management menu opens, as shown in Figure C-3 on page
C-3.
2.
Determine the files to erase and toggle the values, which toggle from N (no) to Y (yes). Toggle this
field to Y to select files for deletion.
3.
Scroll down to the Defragment Flash Memory field. If an operating system file, download.bin, is
being deleted then it is recommended that you toggle this value to Y. Otherwise it is not required.
4.
Scroll down to the Enter password to erase files field and enter the Root password for the system.
When the correct password is entered, the files selected will be erased. It may take a moment for
the system to defragment the system if that has been selected.
4 - 13
4 - 14
APPENDIX A
Port Functions
This section describes the Port menu options and the tools available in this subsection of the Supervisor
management system. The Port features allow the user to configure, check statistics, activate a port,
monitor traffic and, in the case of the Ethernet ports, set up a mirrored port to observe traffic
unobtrusively. All user activity in the Port menus is on a per-port basis as the user is directed to first
select the port of interest. The hierarchy of Port functions is shown in Figure A-1. The remainder of this
chapter describes Port submenus.
A-1
APPENDIX A - Port Functions
<1>
<2>
<CON>
<10>
Functions for
Console (CON)
Functions for
Port 10
(Virtual PAD)
Configuration
Statistics
<3>
Disable/
Enable
<4>
Protocol
Monitor
<1>
<CTRL-O>
Port Monitor
Configuration
<1>
Configuration
<2>
<99>
Functions for
Port 99
(Virtual X.25)
<3>
Disable/
Enable
<1> Configuration
<4>
Protocol
Monitor
<2>
MAIN MENU
<En>
Functions for
Port En
<3>
<1>
<4>
Port Menu
<5>
<6>
<Enter>
Statistics
List of Virtual
X.25 Ports
<CTRL-O>
Port Monitor
Statistics
Disable/
Enable
Protocol
Monitor
<CTRL-O>
Port Monitor
Port Mirror
Port
Security
Port Status
<1>
<2>
<W1>
Functions for
Port W1
<3>
<4>
<1>
<2>
<Sn>
Functions for
Port Sn
Configuration
Statistics
<CTRL-O>
Config
Options
<CTRL-O>
Trunk
Statistics
Disable/
Enable
Protocol
Monitor
Configuration
<CTRL-O>
<CTRL-O>
Port Monitor
Config
Options
Statistics
<3>
Disable/
Enable
<4>
Protocol
Monitor
<CTRL-O>
Port Monitor
Figure A-1. Port Menu Hierarchy
A-2
A.1
PORT MENUS
Access to the Port Menu is from the Main Menu by selecting <1> Port. The Port Menu appears in Figure
A-2. The user either selects a port or enters the Port Status menu by pressing <Enter>. The Port Status
menu is shown in Figure A-3. From either the Port Menu or the Port Status menus, the user enters the port
number desired and presses <Enter>. The Functions For Port X (where X is the port number) appears. The
Functions For Port X menu is shown in Figure A-4.
All of the port types display the same Functions For Port menu with the exception of the Ethernet ports,
which have two additional menu selections displayed showing the Port Mirror option and Port Security
option, and the Virtual X.25 port (99), which displays an intermediate screen (Figure A-5) from which the
Functions for Port menu is reached. The virtual X.25 ports are used for Annex G operation over frame relay.
Selecting the Virtual Pad port (10) shows only a configuration menu.
*** Port Menu ***
Port
Name
CON Console
10 Virtual PAD
99 Virtual X.25
E1
E2
E3
E4
E5
Enet
Enet
Enet
Enet
Enet
S1
S2
S3
S4
S5
S6
S7
S8
W1
1
2
3
4
5
__________[DynaStar_31]___________
SERIAL1-S1
SERIAL2-S2
SERIAL3-S3
SERIAL4-S4
SERIAL5-S5
SERIAL6-S6
SERIAL7-S7
SERIAL8-S8
TDM chan W1
Enter Port Number:
Figure A-2. Port Menu
The Port Status menu provides an overview of each port on the DS1500-XFR. The display that appears
when Port Status is selected is shown in Figure A-3. The display provides the Port Number, Name, Protocol,
State, and Status of each port in the DS1500-XFR. The information is a snapshot of the port status when
Port Status is selected and is updated every minute or by pressing the <Enter> key. Table A-1 provides a
description of the information provided in the Port Status menu.
A-3
*** Port Status ***
Port Number, Name, Protocol, State, and Status
E1
Enet 1
Ethernet
Enabled
Link Down
S1
SERIAL-S1
X.25 line
Enabled
Down
E2
Enet 2
Ethernet
Enabled
Link Down
S2
SERIAL-S2
PPP
Enabled
Down
E3
Enet 3
Ethernet
Enabled
Link Down
S3
SERIAL-S3
PAD
Enabled
Down
S4
SERIAL-S4
Frm Relay
Enabled
Down
E4
Enet 4
Ethernet
Enabled
Link Down
S5
SERIAL-S5
PAD
Enabled
Down
E5
Enet 5
Ethernet
Enabled
Link Down
S6
SERIAL-S6
HDLC
Enabled
Down
S7
SERIAL-S7
PAD
Enabled
Down
S8
SERIAL-S8
PAD
Enabled
Down
W1
TDM chan
Frm Relay
Enabled
Down
Enter Port Number:
__________[DynaStar_11]___________
Figure A-3. Port Status Menu
Table A-1. Port Status Attributes
Display Attribute
Description
Port Number
The port number is the physical location assigned to the ports. En designates an
Ethernet port, Sn designates a serial port, and W1 indicates the WAN port.
Name
Name assigned to the port by the user.
Protocol
Identifies the protocol assigned.
State
Either Enabled or Disabled.
Status
Indicates the current status of the physical and logical connection to another device and
is designated by either Up or Down. If Spanning Tree protocols are being used on the
network, and the port is enabled, this field provides the current state of the port within
the Spanning Tree, i.e., Forwarding, Blocking, Listening, or Learning.
A.1.1
Functions For Port Menu
The Functions For Port menu allows the user to select the port function desired. The user may select from
the following:
•
•
•
•
•
•
Configuration
Statistics
Disable/Enable
Protocol Monitor
Port Mirror (Ethernet ports only)
Port Security (Ethernet ports only)
A-4
The Functions For Port menu is shown in Figure A-4. To reach the Functions For Port menu for the virtual
X.25 port (99), an intermediate screen (Figure A-5) is shown, from which the user selects the virtual X.25
port number (from 600 to 663).
*** Functions For Port E1 ***
1
2
3
4
5
6
-
Configuration
Statistics
Disable/Enable
Protocol Monitor
Port Mirror
Port Security
Configure Ethernet switch port mirror
Configure Ethernet port for security
__________[DynaStar_11]___________
Figure A-4. Functions For Port X Menu
*** Port Menu ***
Port
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
Name
V
V
V
V
V
V
V
V
V
V
V
V
V
V
V
V
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
V
V
V
V
V
V
V
V
V
V
V
V
V
V
V
V
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
__________[DynaStar_31]___________
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
V
V
V
V
V
V
V
V
V
V
V
V
V
V
V
V
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
V
V
V
V
V
V
V
V
V
V
V
V
V
V
V
V
Figure A-5. Virtual X.25 Port Selection Menu
A-5
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
X25
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
Port
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
A.2
CONFIGURATION
Selecting Configuration from the Functions For Port X menu allows the user to configure the protocol,
connection mode, line speed, addresses, and any other attributes for the port. The sections that follow
explain how to configure each port type.
A.2.1
Console Port Configuration
From the Port Menu type in <CON> and press <Enter>. From the Functions for Port CON menu select
<1> Configuration and press <Enter>. The Console Port Configuration screen, shown in Figure A-6, is
displayed. The options on this menu are described in Table A-2. This port is always configured for the
console and is a fixed DTE interface. Although this port is primarily used for access to the Supervisor
Management system, this port can also be used to host Telnet sessions (using port 23), can be used to PING
IP devices, or set up as a standard serial port.
*** Console Port Configuration ***
Port:
Port Name:
Line Speed:
Parity
Inactivity timer:
CON IS-232
Console
9600 Baud
7-EVEN
5
__________[DynaStar_31]___________
(14)
(0, 1-30min, 31-255 out)
Figure A-6. Console Port Configuration Menu
Table A-2. Console Port Menu
Parameter
Definition
Default
Range
Port
Port number with associated name
CON IS-232
N/A
Port Name
The display name for this port within the Supervisor
application menus
Console
14 characters
Speed
Speed of the RS-232 port
9600
Toggle values
300 bps 230.4 Kbps
A-6
Table A-2. Console Port Menu (Continued)
Parameter
Definition
Default
Range
Parity
Parity setting for console port.
7-EVEN
Toggle values
7 - auto/even/odd/
mark/space
8 - even/odd/mark/
space/none
Inactivity Timer
Timer for inactivity, after which the port will be
logged off automatically. Note that this is also the
value used for Telnet sessions and it is not
recommended to set this value to 0.
5 minutes
0 (disable), 1-30
min (applies to both
Tx and Rx traffic),
31-255 min
(applies to outgoing
traffic only)
A.2.2
Ethernet Port Configuration
Selecting Configuration from the Functions for Port Ex menu leads to a set of screens that configure portspecific Ethernet switching options. From the Port menu, type in the number <E1 - E5> and press <Enter>.
From the Functions for Port menu, select <1> Configuration and press <Enter>. The port types that are
installed in the DS1500-XFR and the default parameter settings for the ports are shown in Figure A-7.
These defaults can be changed by tabbing or moving the cursor to each field and using <Enter> to toggle
the field’s contents to the desired parameter setting. Table A-3 provides the parameter definitions and
options.
Last Changed:
0-0-90 22:29:40
(0,16,32...4080)
VLAN Enabled: N
Port
E1
E2
E3
E4
E5
Group
100
100
100
100
100
Speed
auto
auto
auto
auto
auto
auto
N
low N
auto
N
low N
auto
N
low N
auto
N
low N
auto
N
low N
IP BRG
Y
N
Y
N
Y
N
Y
N
Y
N
__________[DynaStar_31]___________
Figure A-7. Ethernet Switch Port Configuration Menu
A-7
.
Table A-3. Ethernet Switch Port Configuration Options
Parameter
Definition
Default
Range
VLAN Enabled
Indicates if the VLAN is enabled.
N
N/Y
Aging Time
The time, in seconds, after which a MAC address is removed
from the table if an idle condition is detected from that
device.
16
0 to 4080 in
increments of
16
Port Number
The port number corresponds to physical port as labeled
E1 - E5.
N/A
E1 - E5
Group Number
Defines the port group for the port.
100
100 to 104
Speed
Speed for copper 10/100 Mbps interfaces.
Auto
10, 100 or
Auto
Duplex
Defines the type of equipment infrastructure as half or full
duplex.
Auto
Half, Full or
Auto
FlowCtl
For full and half duplex ports, flow control is optionally
implemented using the 802.3x specification for Pause
packets. When congested, the switch will send Pause
packets to attached devices to request temporary
suspension of transmission of further frames.
N
N (No)
Y (Yes)
Priority (Pri)
This parameter sets switch priority of incoming traffic on this
port.
L
L (Low)
H (High)
DLL
Disable TX on Link Loss (DLL) feature will immediately
deactivate the TX interface of a port when the receive signal
is lost. This is useful for automatic link recovery procedures
but is applicable to fiber optic ports only.
N
N (No)
Y (Yes)
IP
IP parameter allows this port to participate with the internal
IP router. The internal router can be used to support remote
IP access to the Console system or to route IP packets
between Ethernet ports/groups and over the WAN port.
Y
Y (Yes)
** enabled
N (No)
Bridge (BRG)
With RSTP
selected as the
Bridge
Configuration
This parameter sets how this port participates in Spanning
Tree Protocols.
N
N (none)
R (RSTP)
L (Legacy
STP)
E (edge)
N (none)
Bridge (BRG)
With STP selected
as the Bridge
Configuration
This parameter sets how this port participates in Spanning
Tree Protocols.
N
N (No)
Y (Yes)
** Note: For IP routing to be active, IP addresses must be assigned. Other restrictions may also apply to IP
routing. See Appendix B, “Network Commands” for IP Router configuration options.
A-8
A.2.3
Frame Relay Port Configuration
Both the WAN port (W1) and the serial ports (S1-S8) can be configured with the frame relay protocol. The
Frame Relay Port Configuration menu is accessed from the Port menu by typing the desired port number and
pressing <Enter> and then selecting <1> Configuration from the Functions For Port X menu. Toggle the
Port Type field until it reads Frame Relay and press <Enter>. A Frame Relay Port Configuration menu
similar to the one shown in Figure A-8 appears. The fields in this menu are described in Table A-4.
An advanced menu is available by pressing <CTRL-O> and is shown in Figure A-9; the fields are
described in Table A-5.
Port:
Port Type:
Port Name:
Clock Source:
Line Speed:
DLCI Management:
User, Net, NNI:
IP routing:
W1 TDM channel
Frame Relay
TDM chan W1
RX Clock
56.0 Kbps
LMI
USER
Y
0
__________[DynaStar_31]___________
(14)
(0-1500)
Figure A-8. Frame Relay Port Configuration Menu
Table A-4. Frame Relay Port Configuration Values
Parameter
Description
Default
Values
Port
W1 TDM channel
or Sx IS-232
Fixed
Port Type
Protocol used on the port
Frame Relay (W1)
PAD (Serial)
For W1:
Frame Relay, PPP,
HDLC, X.25 line
For serial ports:
Frame relay, PPP,
X. 25 line, HDLC,
Transparent, PAD
Port name
A name to help you identify this port.
TDM chan 1 (W1)
SERIALx (Serial)
Max 14 chars
Clock Source
Indicates whether the clock is generated
internally or externally.
Rx Clock (W1)
Local Clock (Serial)
Rx Clock
Local Clock
A-9
Table A-4. Frame Relay Port Configuration Values (Continued)
Parameter
Description
Default
56 kbps (W1)
19.2 (Serial)
Values
Line speed
The speed of the line (interface
dependent).
56 or 64 kbps (W1)
300 baud to 256
kbps (Serial)
DLCI management
Specifies the standard to be used for the
Frame Relay implementation. CCITT
supports Q.922; ANSI supports Annex D
of T1.617.
LMI
LMI
CCITT
ANSI
None
User, Network, or
NNI
This parameter lets you select User,
Network, or Network-to-Network (NNI) as
the implementation. This indicates which
side initiates the poll. When NNI is
selected, polling occurs in both directions.
User
User
Network
NNI
IP Routing
Allows IP routing
Y
Y (Yes)
N (No)
UNI/NNI
Fragmentation
Determines the number of bytes per
fragment (not including FRF.12 or Q.922
address octets) when UNI/NNI
fragmentation is used.
NOTE: End-to-End fragmentation is
enabled and fragment size is set on the
Frame Relay Switching, Routing, and
Bridging Table described later in
advanced menu description.
0
0 (disabled)
1 to 1500 bytes
A - 10
Port:
W1 TDM channel
Keep Alive Parameters
Poll Timer:
Response Timer:
Window:
Errors:
Successes:
10
15
3
2
2
(1-255 Sec)
(1-255 Sec)
(1-255)
(1-255)
(1-255)
__________[DynaStar_31]___________
Figure A-9. Advanced Frame Relay Configuration Menu
Table A-5. Advanced Frame Relay Port Configuration Values
Parameter
Description
Default
Values
Poll Timer
How long in seconds the system waits for
a Poll
10
1 - 255 secs
Response Timer
How long in seconds the system waits for
a Keep Alive
15
1 - 255 secs
Windows
Number of Keep Alives
3
1 -255
Errors
Number of errors before DLCI inactive
2
1 - 255
Successes
Number of successes
2
1 - 255
A.2.3.1 WAN DDS and T1/E1
The WAN port can be a DDS port or a T1/E1 port, depending on the hardware installed in the DS1500-XFR.
These ports define the requirements for a normal connection to a public data network and can be left
unchanged in most applications. The menus for the WAN DDS port were described above (Figure A-8 and
Table A-4; Figure A-9 and Table A-5).
A sample screen for the T1/E1 Trunk is shown in Figure A-10 and explained in Table A-6. Pressing
<Ctrl-T> from the T1/E1 Port Configuration menu brings up the T1/E1 Trunk Configuration menu (Figure
A-11). The fields in this screen are explained in Table A-7.
A - 11
Port:
Port Name:
Clock Source:
Timeslot Bandwidth:
DLCI Management:
User, Net, NNI:
IP routing:
W1 TDM channel
CSU/DSU chan 1
W1 RX Clock
0 Kbps (0 x 56K)
LMI
USER
Y
0
_______[DynaStar_6100a2e8]________
(14)
(0-1500)
Figure A-10. T1/E1 Frame Relay Port Configuration
Table A-6. T1/E1 Frame Relay Port Configuration Values
Parameter
Description
Default
Port
Port name
A name to help you identify this port.
Clock Source
W1 TDM channel
Values
W1 TDM channel
N/A
Max 14 chars
Indicates whether the clock is generated
internally or externally.
Rx Clock
Rx Clock
or Local Clock
Timeslot bandwidth
Toggle value of the speed of the line per
channel.
56
56
and 64 Kbps
DLCI management
Specifies the standard to be used for the
Frame Relay implementation. CCITT
supports Q.922; ANSI supports Annex D
of T1.617.
LMI
LMI
CCITT
ANSI
None
User, Network, or
NNI
This parameter lets you select User,
Network, or Network-to-Network (NNI) as
the implementation. This indicates which
side initiates the poll. When NNI is
selected, polling occurs in both directions.
User
User
Network
NNI
IP Routing
Allows IP routing
Y
Y (Yes)
N (No)
A - 12
Table A-6. T1/E1 Frame Relay Port Configuration Values (Continued)
Parameter
UNI/NNI
Fragmentation
Description
Default
Determines the number of bytes per
fragment (not including FRF.12 or Q.922
address octets) when UNI/NNI
fragmentation is used.
NOTE: End-to-End fragmentation is
enabled and fragment size is set on the
Frame Relay Switching, Routing, and
Bridging Table described later in
advanced menu description.
Values
0
0 (disabled)
1 to 1500 bytes
*** T1/E1 Trunk Configuration W1 ***
Port:
Port Name:
Trunk Type:
Framing:
Line Coding:
CRC 6:
Yellow Alarm Mode:
Line Build Out:
Time Slots (W1):
Bandwidth (W1):
W1
CSU/DSU trunk
T1
ESF
B8ZS
On
FDL
0 to 133 ft
None
0 Kbps (0 x 56K)
_______[DynaStar_6100a2e8]________
(14)
(Toggle)
(Toggle)
(Toggle)
(Toggle)
(Toggle)
(Toggle)
(Ctrl-D For Max)
(Fixed)
Figure A-11. T1/E1 Trunk Configuration Menu
Table A-7. T1/E1 Trunk Configuration Values
Parameter
Description
Default
Port
Port number
Port number
Port Name
Port name assigned by the user
CSU/DSU
trunk
Trunk Type
Shows the port type configured
T1
Framing
The type of framing used on the trunk.
Note: For an E1 PRI configuration, the frame type
is always FAS.
A - 13
ESF
Values
W1 or W2
14 character field
name selection
based on user
input
T1 or E1
For T1:
ESF (default)
D4
For E1:
FAS (default)
CAS
Table A-7. T1/E1 Trunk Configuration Values (Continued)
Parameter
Description
Default
Line Coding
The type of coding used on the line: Alternate Mark
Inversion (AMI), in which each 1 bit changes
polarity from the preceding 1 bit, or Bipolar with 8
Zero Substitution (B8ZS), which allows all 64 Kbps
to be used in data transmission.
For E1 lines: AMI or High Density Bipolar 3-zeros
(HDB3), which replaces four zeros with a bipolar
violation.
B8ZS
CRC 6
When set to On, a cyclic redundancy check is
performed and included in the framing algorithm.
Note: If Frame Type = D4 (T1 only), this field is not
used.
On
On or Off
Yellow Alarm
Mode (T1 only)
Type of alarm signaling. This parameter is set to
FDL (facility data link) when Frame Type = ESF and
cannot be changed. If Frame Type = D4, the
options are bit 2 (all timeslots) or Fs bit 12 (bit 12 of
frame).
FDL
FDL
Line Build Out
Set this parameter to equal the length of the wire
from your facility to the location of the first repeater.
If you are connecting to a CSU, set the appropriate
attenuation.
0 to 133 ft
Time slots
Number of timeslots configured for this connection
using the syntax 1 - last number of channels. If
using 12 channels input as 1-12. Enter <CTRL-D>
for the max number of channels for T1, 1-24.
None
1-24
Bandwidth
Shows the bandwidth based on the channel
bandwidth, 56 or 64 Kbps, and number of channels.
0
N/A
A.2.4
Values
B8ZS or AMI
0 to 133 ft
133 to 266 ft
266 to 399 ft
399 to 533 ft
533 to 655 ft
-7.5 dB
-15 dB
-22.5 dB
Asynchronous (PAD) Port Configuration
The Async Port Configuration menu is accessed from the Port menu by typing in <S1 - S8> and then
selecting <1> Configuration. This is the default port type for the serial ports. The Async Port Configuration
menu is shown in Figure A-12 and the parameters are described in Table A-8.
An advanced menu is also available to set additional parameters for the Async port. The advanced menu is
accessed from the Async Port Configuration menu by pressing <CTRL-O>. The menu is shown in Figure
A-13; the fields are described in Table A-9.
A - 14
Port:
Port Type:
Port Name:
Line Speed:
Parity
Ignore DSS
Profile
S8 IS-232
PAD
SERIAL8
9600 Baud
7-EVEN
N
89(14) CRT
__________[DynaStar_31]___________
(14)
Figure A-12. Async Port Configuration Menu
Table A-8. Async Port Configuration Menu
Parameter
Definition
Default
Port
Port number
Port Type
Frame Relay
(W1)
PAD (Serial)
For W1:
Frame Relay, PPP,
HDLC, X.25 line
For serial ports:
Frame relay, PPP,
X. 25 line, HDLC,
Transparent, PAD
Port Name
SERIALx
where x = 1 to
8
14 characters
Speed
Speed of the port
Parity
Parity setting for Async port.
Ignore DSS
Allows the async port to ignore or not expect data
set signals from connected device, when set to N.
Setting to Y will cause the port to expect data set
signals (DCD).
N
Predefined parameters, using either preconfigured
or customer defined profile, for the async
connection.
89(14)
Profile
Sx IS-232
Range
9600
7-EVEN
A - 15
Fixed
300 bps 230.4 Kbps
7 - auto/even/odd/
mark/space
8 - even/odd/mark/
space/none
N (No)
Y (Yes)
Refer to “PAD
Profiles” on page
B-44.
Port:
Port X.121 Address:
Set M-bit on full Pkt:
Max port forward limit:
Call address field:
NUI Required:
Mnemonic type:
Port signalling:
Autoconnect:
X.28 command:
Retry timer:
Retry attempts:
S1 IS-232
(15 BCD)
X.121 sub-address:
0
(2 BCD)
(1-1024) Insert sub-address:
N
NONE
Inactivity timer:
0
N
(0, 1-30min, 31-255 out)
NORMAL
Remote (X.29) Profile
TERM
Forwarding Character:
(0x00 - 0x7F)
N
(32)
10
(1-255) Wait for DSS:
N
1
(1-128) Double break:
N
Drop DSS:
N
DSS flow control:
N
N
__________[DynaStar_31]___________
Figure A-13. Advanced Async Port (PAD) Configuration Menu
Table A-9. Advanced Async Port Configuration Parameters
Parameter
Description
Default
Sx IS-232
Range
Port
Port number
Port X.121 Address
The X.121 address assigned to this port. Required
only if the port receives calls. The X.121 address
forces an incoming call to a specific PAD port;
multiple PAD ports can share the same X.121
address to support hunt groups
None
Set M-bit on full Pkt
Allows a port-by-port override of the systemwide
M-bit setting. When enabled, sets the M-bit on full
packets to indicate they are part of a sequence.
N
Max port forward limit
Indicates when packets will be forwarded: either
every x bytes (1-1024) or according to X.3 values
(None)
None
None
1 - 1024 bytes
Call address field
Specifies how the calling address in incoming call
packets is handled. If set to Insert and the received
packet does not have a calling address, the port’s
X.121 address is inserted.If set to None, no action
is taken.
None
None
Insert
NUI Required
Specifies whether a Network User ID is required on
this port
N
Mnemonic Type
Specifies how addresses will be handled in calls
made with a mnemonic address. See “X.25
Mnemonics” on page B-59.
Normal
Fixed
Max 15 BCD
Y/N
N/Y
Normal
Secured
A - 16
Table A-9. Advanced Async Port Configuration Parameters (Continued)
Parameter
Description
Default
Range
Port signalling
Determines the way in which the port responds to
port ready on the interface and to changes in the
packet state of the port. The Host option is used for
host computers that can place and receive calls on
the same port. The Term option is used for dial-up
modems, directly connected terminals, and host
computers that expect leased-line signals. DTR is
always up so attached modems will always answer
and attached terminals and computer ports can
transmit and receive. With the Modem option, the
port drops its Data Set Signals for one second after
a call is cleared and then brings them back up. The
Incoming option is used for host computer ports
and terminals that can only receive calls. Half Dup
supports half-duplex signaling. To enable this
feature, set Connection mode to DSS DCE and
enable DSS Flow Control.
Term
Term - terminal
Host - legacy host
Modem - modem
Incoming - limits
data to incoming
only
Half Duplex transmits in only
one direction at a
time
Autoconnect
Indicates whether the PAD automatically attempts
to establish a data call using a prestored X.28
selection command when a terminal makes a
physical connection to the port. Y indicates when
the attempt will be made (upon receipt of DSS
signal, a character, or carriage return).
N
N
Y-DSS
Y-CHAR
Y-CR
X.28 command
For autoconnect calls, the X.121 address and
certain X.25 facilities can be entered in this field.
Facilities entered in the field are inserted into call
request packets generated by X.28 call requests
and autoconnections initiated by DSS or carriage
return. For manual calls, the information in this field
will be prepended to your manual entry at the PAD
prompt.
None
Max 32 BCD chars
Possible entries are X.121 address (numeric entry
of up to 32 characters) and packet size (Pn, where
n is the maximum bytes in a packet, interpreted as
a binary exponent, 2n). For example, 21 = 2, 22 = 4,
etc.
Retry Timer
Used on autoconnect calls to attempt to establish
the data call if a previous try is unsuccessful or if an
established data call is cleared.
10
1 - 255 seconds
Retry attempts
Number of times an autoconnect call attempts to
establish the data call.
1
1 - 128
X.121 sub-address
The subaddress (if any) to be appended to the
X.121 address. The subaddress is the last two
digits of the NTN (Network Terminal Number) and
often corresponds to the port number.
0
2 BCD
A - 17
Table A-9. Advanced Async Port Configuration Parameters (Continued)
Parameter
Description
Default
Range
Insert sub-address
Causes the subaddress to be added to the calling
address in the outgoing Call Request packet. If the
length of the address is less than 14 digits, the
subaddress is appended to the address. If the
address is greater than or equal to 14 digits, the
subaddress will overwrite the last two digits of the
address.
N
N/Y
Inactivity timer
Timer for inactivity, after which the port is logged off
automatically.
0
0 (disable), 1-30
min (applies to both
Tx and Rx traffic),
31-255 min
(applies to Tx traffic
only)
Remote X.29 profile
Specifies one of the predefined sets of X.3
parameters for use by the remote device
None
Any valid X.29
profile number
Forwarding Character
Characters that indicate that data should be placed
in a packet and forwarded. Used in addition to any
characters defined by X.3 parameters 3 and 4.
None
0x00 - 0x7F
Wait for DSS
The Waiting for Data Set Signals option prevents
tail-ending onto the last call by guaranteeing that a
new call cannot arrive at the port until the terminal
user, modem, or host computer port has
acknowledged the unit’s signal drop by dropping its
own signal. The available values depend on the
value of Port signals option.
N
N - disabled
Double break
When set to Y, the user can hit the Break key twice
to escape from data mode to command mode.
Equivalent to CTRL-P.
N
Y/N
Drop DSS
When enabled, the PAD port drops its data set
signals for approximately 5 seconds if a successful
X.25 connection has not been made within 3
minutes. The function is invoked only after an X.25
call is terminated, to allow dial modems to be
released and made available to other users. The
feature is usually used with the Port signals option
on this menu set to TERM.
N
Y/N
DSS flow control
Specifies that RTS/CTS data set signals be used. If
DSS flow control is set to Y, the PAD forces X.3
parameters 5 and 12 to values of 0 (i.e., flow
control using XON/ XOFF is not possible).
N
Y/N
Y (Yes)
A - 18
A.2.5
X.25 Port Configuration
Both the WAN port (W1) and the serial ports (S1-S8) can be configured with the X.25 protocol. The X.25
Port Configuration menu is accessed from the Port menu by typing the desired port number and pressing
<Enter> and then selecting <1> Configuration from the Functions For Port xx menu. If the port is not
configured as an X.25 port, toggle the Port Type field to X.25 line and press any arrow key. The X.25 Port
Configuration menu, shown in Figure A-14, appears. The parameters are described in Table A-10.
An advanced menu is also available to set additional parameters for the X.25 port. The advanced menu
is accessed from the X.25 Port Configuration menu by pressing <CTRL-O>. The menu is shown in Figure
A-15; the fields are described in Table A-11.
The configuration of the Virtual X.25 ports is similar to the configuration of the physical X.25 ports. (For an
explanation of the use of the Virtual X.25 ports, see “X.25 Over Frame Relay Overview” on page 1-9.)
However, when the user selects the Virtual X.25 port (99) from the Port Menu (see Figure A-2), an
intermediary menu listing all the Virtual X.25 ports (from 600 to 663) appears (see Figure A-5). Once the
user selects the Virtual X.25 port number, the configuration is similar to that of a physical X.25 port (Figure
A-14 and Figure A-15).
Port:
Port Type:
Port Name:
Clock Source:
Line Speed:
X.25 Mode:
Max Window Size:
Max Packet Size:
Packet/Window Neg:
IP routing:
Base PVC LCN
Number PVCs
Base SVC LCN
Number SVCs
S1 IS-232
X.25 line
SERIAL1
Local Clock
9600 Baud
DTE
7
1024
Y
Y
1
0
1
4095
__________[DynaStar_31]___________
(14)
(1-4095)
(0-240)
(1-4095)
(0-4095)
Figure A-14. X.25 Port Configuration Menu
Table A-10. X.25 Port Configuration Parameters
Parameter
Port
Description
Port number
Default
Internally
assigned port
number
A - 19
Values
Fixed
Table A-10. X.25 Port Configuration Parameters (Continued)
Parameter
Description
Default
Values
Port Type
Frame Relay
(W1)
PAD (Serial)
For W1:
Frame Relay, PPP,
HDLC, X.25 line
For serial ports:
Frame relay, PPP,
X. 25 line, HDLC,
Transparent, PAD
Port Name
WAN 1 or
SERIALx
14 characters
Clock Source
Source of line clocking
Line Speed
Speed of the line
X.25 Mode
Operation of the link at the logical level. When set
to DTE PASSIVE or DCE PASSIVE, the DS1500XFR waits for X.25 initialization messages from the
opposite end of the link; this is used with host
devices that refuse to initialize if they receive
messages from an attached device.
DTE
Max Window Size
Packet level window size. The size specified by this
parameter is used for X.25 and bridge and router
calls.
7
Max Packet Size
Maximum packet size. The size specified by this
parameter is used for X.25 bridge and router calls.
1024
Packet/Window
Neg
Sets window negotiation at the packet level on a
port-by-port basis
Y
Y/N
IP routing
Allows IP routing
Y
Y/N
Base PVC LCN
The Logical Channel Number of the first PVC
1
1-4095
Number PVCs
The number of PVCs that will be used
0
0-240
Base SVC LCN
The Logical Channel Number of the first SVC
1
1-4095
Number SVCs
The number of SVCs that will be used
4095
1-4095
Local Clock
9600 (serial
lines)
56 kbps (WAN
lines)
Local Clock
RX Clock
For WAN line: 56 or
64 kbps
For serial lines:300
bps - 256 kbps
DTE
DCE
DTE PASSIVE
DCE PASSIVE
1-7
128, 256, 512,
1024
A - 20
Port:
X.121 Address:
Number of Flags:
Calling address mod:
Local Address Insert:
Require CUG:
Require NUI:
Require Rev. Charge:
Route calls on CUD:
Non-Zero DTE Causes:
Allow User Data:
S1 IS-232
1
NONE
N
N
N
N
N
N
Y
(15 BCD)
N
7
(7-127)
3
(1-255 sec)
30 (0-255 sec)
20
(1-255)
8248
(bits)
1
(1-4095)
0
(1-4095)
4095
(1-4095)
0
(0-4095)
(0-15) LAPB Extended:
LAPB Window:
T1 Ack Timer:
T3 Idle Timer:
N2 Retransmit count:
N1 Max frame size:
Base In LCN
Number Incoming
Base Out LCN
Number Outgoing
__________[DynaStar_31]___________
Figure A-15. Advanced X.25 Port Configuration Menu
Table A-11. Advanced X.25 Port Configuration Parameters
Parameter
Description
Default
Internally
assigned port
number
Values
Port
Port number
X.121 Address
The address used to call this port
None
Max 15 BCD
Number of Flags
Provides the “throttle” feature that is used to insert
additional flags between frames. This is often used
for older equipment that requires more than a
single flag between frames.
0-15
1
Calling address
modification
Specifies how the calling address in incoming call
packets is handled. If the value is Insert and the
received incoming call packet does not have a
calling address, the port’s X.121 address is
inserted. If the value is Replace, the X.121 address
is inserted in all incoming call packets. If the value
is Unique, all calls (up to 16 per port) will have a
unique calling address that substitutes a value from
00 to 15 for the last two digits of the port calling
address.
None
None
Insert
Replace
Unique
Local Address
Insert
Inserts the X.121 address of the alternate X.25 port
as the calling address when the call could not be
established over the highest priority line, but was
sent instead over an alternate route.
N
N/Y
Require CUG
Specifies whether the X.25 network requires
Closed User Groups to be used.
N
N/Y
A - 21
Fixed
Table A-11. Advanced X.25 Port Configuration Parameters (Continued)
Parameter
Description
Default
Values
Require NUI
Specifies whether the X.25 network requires
Network User Identification to be used.
N
N/Y
Require Rev.
Charge
Specifies whether reverse charging is required on
outgoing calls.
N
N/Y
Route calls on
CUD
Allows a call to be routed using the data contained
in the Call User Data field of the incoming X.25 call
packet rather than routing the call on the called
address. This is intended for calls destined for PAD
ports.
N
N/Y
Non-Zero DTE
Causes
If set to Y, clear and reset causes may have a value
other than zero. Applies to the DTE only.
N
N/Y
Allow User Data
Specifies whether Call Request packets are
allowed to contain a 16-byte Call User Data field.
Y
N/Y
LAPB Extended
LAPB extended numbering (modulo 128) supports
extended sequence numbers for efficient operation
across media that have long delays, such as
satellite links.
N
N/Y
LAPB Window
The link level window size. Fixed at 7 if LAPB
extended=N.
7
7-127
T1 Ack Timer
The LAPB retransmission timer.
3
1-255 seconds
T3 Idle Timer
The LAPB idle timer.
30
0-255 seconds
N2 Retransmit
count
The link level retransmission counter.
20
1-255
N1 Max frame size
Based on the value of LAPB extended
8248
Base In LCN
The first incoming LCN number. Should not conflict
with Base Out LCN.
1
1-4095
Number Incoming
The maximum number of incoming virtual circuits
0
1-4095
Base Out LCN
The first outgoing LCN number. Should not conflict
with Base In LCN.
4095
1-4095
Number Outgoing
The maximum number of outgoing virtual circuits
0
0-4095
A.2.6
HDLC Port Configuration
Both the WAN port (W1) and the serial ports (S1-S8) can be configured with the HDLC protocol. The
HDLC Port Configuration menu is accessed from the Port menu by typing the desired port number and
pressing <Enter> and then selecting <1> Configuration from the Functions For Port xx menu. Toggle the
Port Type field until it reads HDLC and press <Enter>. A Transparent HDLC Port Configuration menu
similar to the one shown in Figure A-16 appears. The fields in this menu are described in Table A-12.
A - 22
*** Transparent HDLC Configuration ***
Port:
Port Type:
Port Name:
Clock Source:
Line Speed:
S2 IS-232
HDLC
SERIAL2
Local Clock
9600 Baud
__________[DynaStar_31]___________
(14)
Figure A-16. Transparent HDLC Configuration Menu
Table A-12. HDLC Port Parameters
Parameter
Description
Default
Internally
assigned port
number
Values
Port
Port number
Port Type
Frame Relay
(W1)
PAD (Serial)
For W1:
Frame Relay, PPP,
HDLC, X.25 line
For serial ports:
Frame relay, PPP,
X. 25 line, HDLC,
Transparent, PAD
Port Name
TDM chan W1
or SERIALx
14 characters
Clock Source
Indicates whether the clock is generated internally
or externally.
Rx Clock (W1)
Local Clock
(Sx)
Rx Clock
Local Clock
Line Speed
Speed of the line
9600 (serial
lines)
56 kbps (WAN
lines)
For WAN line: 56 or
64 kbps
For serial lines:300
bps - 256 kbps
A - 23
Fixed
A.2.7
Transparent Port Configuration
Any of the serial ports (S1-S8) can be configured with the Transparent protocol. The Transparent Port
Configuration menu is accessed from the Port menu by typing the desired port number and pressing
<Enter> and then selecting <1> Configuration from the Functions For Port xx menu. Toggle the Port Type
field until it reads Transparent and press <Enter>. A Transparent Port Configuration menu similar to the one
shown in Figure A-17 appears. The fields in this menu are described in Table A-13.
*** Transparent Port Configuration ***
Port:
Port Type:
Port Name:
Protocol:
Line Speed:
S3 IS-232
Transparent
SERIAL3
SES/PMS-91
1200 Baud
__________[DynaStar_31]___________
(14)
Figure A-17. Transparent Port Configuration Menu
Table A-13. Transparent Port Configuration Parameters
Parameter
Description
Default
Internally
assigned port
number
Values
Port
Port number
Port Type
Frame Relay
(W1)
PAD (Serial)
For W1:
Frame Relay, PPP,
HDLC, X.25 line
For serial ports:
Frame relay, PPP,
X. 25 line, HDLC,
Transparent, PAD
Port Name
SERIALx
14 characters
Protocol
The transparent protocol used
SES/PMS-91
N/A
SES/PMS-91
GETAC 7020
Conitel
TRW 9550
A - 24
Table A-13. Transparent Port Configuration Parameters (Continued)
Parameter
Description
Default
Line Speed
Speed of the line
TX delay
Transmit delay (available only if GETAC 7020,
Conitel, or TRW 9550 protocol selected)
0
Attached Device
Type of attached device. Available only if TRW
9550 protocol selected.
RTU
Restart Hunt
Mode
Available only if TRW 9550 protocol selected
A.2.8
1200
N
Values
300, 600, 1200,
2400 (depending
on protocol
selected)
0 - 255 X 10 msec
RTU
Mgt System
N/Y
PPP Port Configuration
Both the WAN port (W1) and any of the serial ports (S1-S8) can be configured with the PPP protocol. The
PPP Port Configuration menu is accessed from the Port menu by typing the desired port number and
pressing <Enter> and then selecting <1> Configuration from the Functions For Port x menu. Toggle the
Port Type field until it reads PPP and press <Enter>. A PPP Port Configuration menu similar to the one
shown in Figure A-18 appears. The fields in this menu are described in Table A-14.
The PPP ports can be configured to use the PAP/CHAP security mechanism. See “PAP/CHAP” on page
D-13.
*** PPP Synchronous Port Configuration ***
Port:
Port Type:
Port Name:
Clock Source:
Line Speed:
Compression:
IP routing:
Authentication
PAP:
CHAP:
Local PAP/CHAP ID:
S4 IS-232
PPP
SERIAL-S4
Local Clock
56.0 Kbps
N
Y
(14)
N
N
(31 Ascii)
_________[DynaStar_8307]__________
Figure A-18. PPP Port Configuration Menu
A - 25
Table A-14. PPP Port Configuration Parameters
Parameter
Description
Default
Internally
assigned port
number
Values
Port
Port number
Port Type
Frame Relay
(W1)
PAD (Serial)
For W1:
Frame Relay, PPP,
HDLC, X.25 line
For serial ports:
Frame relay, PPP,
X. 25 line, HDLC,
Transparent, PAD
Port Name
TDM chan W1
or SERIAL-Sx
14 characters
Clock Source
The physical level connection of the port. Local
clock means that the port provides clocking. RX
clock means that the port receives clocking from an
external source.
Line Speed
Speed of the line
Compression
Indicates whether compression will be used for the
IP traffic on this line. To use compression, you must
configure the PAP/CHAP screen. (See “PAP/
CHAP” on page D-13.)
N
N
Y
IP Routing
Indicates whether IP routing will be allowed on the
line
Y
Y
N
Local Clock
56.0 Kbps
N/A
Local Clock
RX Clock
300, 600, 1200,
2400, 4800, 9600,
19.2, 38.4, 56.0,
64.0
Authentication
PAP
Indicates if PAP authentication will be used on this
port. (See “PAP/CHAP” on page D-13.)
N
N
Y
CHAP
Indicates if CHAP authentication will be used on
this port. (See “PAP/CHAP” on page D-13.)
N
N
Y
Local PAP/CHAP
ID
The local PAP/CHAP ID, if required. (See “PAP/
CHAP” on page D-13.)
null
31 ASCII
characters
A - 26
A.3
STATISTICS
The Statistics menu for each port is reached from the Functions for Port x menu by selecting <2> Statistics.
The Statistics menu differs depending on the protocol running on the selected port. The following sections
describe the statistics menus and fields for each of the possible port types. In all statistics menus, the user
can clear the statistics by entering <CTRL-D> or update the statistics by pressing <Enter>.
A.3.1
Ethernet Port Statistics
The Ethernet Port Statistics screen is shown in Figure A-19 and its fields are described in Table A-15.
Statistics for Enet Switch port
Current status:
194216
19319
Alignment errors:
CRC/alignment errors:
Frame too short:
Frame too long:
PHY receive errors:
Dropped frames:
Jabber:
OSPF clock:
Enabled: 7-14-04 12:33:29
Cleared: 7-31-04 10:56:01
Link Up
TX to LAN
4052
485280
15
0
Frames:
Octets:
Broadcasts:
Multicasts:
64-byte frames:
256-511 bytes:
E3: Enet 3
RX from LAN
349526
68980088
42658
0
65-127 byte:
512-1023 bt:
0
0
22
0
0
0
0
72846
4163
128-255 byte:
1024-1522 bt:
Transmitter failure:
Collisions:
Late collisions:
Multiple collisions:
Excessive collisions:
Deferred transmissions:
39544
23490
0
19
0
6
0
22
0
__________[DynaStar_24]___________
Press <RET> for statistics update
Press <CTRL-D> to clear statistics
Figure A-19. Ethernet Port Statistics Menu
Table A-15. Ethernet Port Statistics Attributes
Field
Description
Port Number
The number of the port being displayed.
Enabled
Date and time the port was enabled.
Cleared
Displays date and time when statistics were last cleared using the <CTRL-D> option.
Current status
Indicates whether a connection is Up or Down. When Spanning Tree is active, shows
state in current spanning tree.
Frames
The number of frames sent/received.
Octets
The number of octets (bytes) sent/received.
Broadcasts
The number of LAN broadcast frames sent/received.
Multicasts
The number of LAN multicast frames sent/received.
Frame counts
Frame counts by frame size.
A - 27
Table A-15. Ethernet Port Statistics Attributes (Continued)
Field
Description
Alignment Errors
Number of frames that do not have an integral number of octets (LAN error condition).
CRC/Alignment errors
The number of LAN frames received that are dropped due to CRC error or because
frame is not an integral number of octets (LAN error condition).
Frame too short
The number of LAN frames received that were less than 64 bytes (LAN error condition).
Frame too long
The number of LAN frames received that were larger than 1514 bytes (LAN error
condition).
PHY Receive errors
Receive errors reported by the MAC layer, typically illegal codes.
Dropped frames
Number of frames dropped due to insufficient switch buffer resources.
Jabber
Counts for when a device on the network continually transmits and does not release the
carrier.
Transmitter failure
The number of times the LAN was not available to transmit a frame (congestion on the
LAN).
Collisions
The number of LAN frames with one or more collisions during transmission (high traffic
loads on the LAN).
Late collisions
In half-duplex mode, a collision occurs after the standard collision interval due to
misbehavior on the LAN, usually due to some station operating in full duplex.
Multiple collisions
Count of more than one collision.
Excessive collisions
Count when retries exceeds 16.
Deferred transmissions
Count of transmissions that were deferred.
OSPF Clock
OSPF protocol timeout
A.3.2
Frame Relay Port Statistics
Statistics for a frame relay line are shown in Figure A-20 and the fields are described in Table A-16.
A - 28
Statistics for frame relay port
W1: TDM chan W1
Enabled: 7-28-04 13:44:38
Cleared: 7-31-04 10:56:01
Connection type: Leased (DTE)
Last diagnostic code =
0
Current status:
Down
Incoming signals: CD = Off CTS =Off
Physical level:
BadCRCs =
0
FrShort =
0
FrLong =
0
Aborts =
Overrun =
0
Underrun=
0
NoBuffer=
0
NoRoom =
Residue =
0
TxFrames=
0
RxFrames=
0
Link level:
Rates (Kbps) Tx:
0.0 Max:
0.0 Rx:
0.0 Max
0.0
TxLICS Frames=
0
RxLICS Frames
=
0
RxBadAdd=
TxUI Frames =
0
RxUI Frames
=
0
Discarded=
TxFail =
0
Invalid Messages =
0
Rp/P Timeout=
Tx Keep Alives
0
Rx Keep Alives
=
0
Rx KA Errors=
KA Timeouts =
0
Total DLCIs:
Inactive DLCIs:
1
100
Total Active DLCIs
0
0
0
0
0
0
0
Errored DLCIs:
__________[DynaStar_24]___________
Press <CTRL-O> for trunk statistics
Figure A-20. Frame Relay Port Statistics Screen
Table A-16. Frame Relay Statistics
Field
Description
Port number
The number of the port whose statistics are displayed on this screen.
Enabled
Date and time that the port was enabled.
Cleared
Date and Time state for this port was last cleared.
Current status
Indicates whether a connection is Up or Down.
Connection type
DTE fixed
Incoming signals
Status (On/Off) of incoming data set signals (CD and CTS).
Last diagnostic code
Reason that the port last changed to Down.
Physical level statistics
Bad CRCs
The number of frames received with incorrect CRC (or FCS) (line errors).
Overrun
The number of times that an Interrupt server routine cannot process a byte message
that has been received from hardware, indicating there is more traffic than the DS1500XFR can handle. Check the configuration for maximum throughput.
Residue
The number of frames received that are not an integral number of octets (protocol error).
FrShort
The number of frames shorter than 4 octets (protocol violation).
Underrun
The number of times that an “Interrupt service routine cannot transfer a byte” message
has been received for the hardware, indicating that there is more traffic than the
DS1500-XFR can handle. Check the configuration for maximum throughput.
TxFrames
The number of physical level frames sent.
A - 29
Table A-16. Frame Relay Statistics (Continued)
Field
Description
FrLong
The number of frames longer than the maximum for type (protocol violation).
NoBuffer
The number of times that an “Interrupt service routine cannot obtain a buffer to store a
frame” message has been received, indicating there is more traffic that the DS1500XFR can handle. Check the configuration for maximum throughput.
RxFrames
The number of physical level frames received.
Aborts
The number of frames aborted by the PDN (line errors).
NoRoom
The number of times that an “Interrupt service routine cannot store a buffer containing a
frame” message has been received, indicating that there is more traffic than the
DS1500-XFR can handle. Check the configuration for maximum throughput.
Link Level statistics
Rates (Kbps) Tx:/Rx:
and Max
These fields display the TX and RX rates as well as the Max rates Transmitted and
Received.
TxLICS Frames
Link management frames transmitted.
TxUI Frames
The number of link level Unnumbered Information frames sent.
TxFail
The number of frames not totally transmitted before the timer expired (loss of
synchronous clock).
RxLICS Frames
Link management frames received.
RxUI Frames
The number of link level Unnumbered Information frames received.
Invalid Messages
Invalid link management frames received.
RxBadAdd
The number of frames received with invalid addresses (protocol violation).
Discarded
The number of frames containing LAN traffic that are discarded because too much data
is queued for the line (line congestion). Either increase the line speed or limit the amount
of traffic.
Rp/P Timeout
For the user side, T1 timeout has elapsed without receipt of a Status message. For the
network side, T2 timeout has elapsed without receipt of a STATUS ENQUIRY message
from the subscriber.
Tx Keep Alives
Number of transmitted keep alives
KA Timeouts
Number of keep alive timeouts
Rx Keep Alives
Number of received keep alives
Rx KA Errors
Number of keep alive errors received
Total DLCIs
The total number of configured DLCIs.
Total Active DLCIs
The number of currently active DLCIs.
Inactive DLCIs
The number of currently inactive DLCIs.
Errored DLCIs
DLCIs with keep alive errors
A - 30
A.3.3
DDS Statistics
When the WAN port is configured for T1/E1 use, two statistics screens can be accessed. DDS statistics are
shown in Figure A-21. The fields are explained in Table A-17. T1 statistics are shown in Figure A-22 and
the fields are explained in Table A-18.
Statistics for DDS Trunk
W1: CSU/DSU trunk 1
Enabled: 7-14-04 12:33:29
Current status: Receiver being reset
Line speed
Receiver gain (in dB)
Loop current direction
BPV (Line code errors)
=
=
=
=
Seconds since last error =
56 Kbps
50
low current
22817501
0
__________[DynaStar_24]___________
Figure A-21. DDS Trunk Statistics
Table A-17. DDS Trunk Port Statistics Attributes
Field
Description
Port Name
The name assigned to the WAN port
Enabled
Date and time the port was enabled
Current status
Shows trunk active alarms
Line speed
Shows the assigned line speed either 56 or 64 Kbps
Receiver gain (in dB)
Shows the selected gain set during configuration
Loop current direction
The loop current is shown here
Number of bipolar violations (two pulses of the same polarity in a row).
Seconds since last error
The time, in seconds, since the most recent error was reported.
A - 31
Statistics for T1 Trunk
W1: CSU/DSU trunk 1
Enabled: 1-6-05 13:32:53
Current status: No alarms
Frame bits in error
CRC errors received
=
=
=
0
0
0
Transmitter frame slips
Tx Elastic Store Full
Tx Elastic Store Empty
=
=
=
0
0
0
Receiver frame slips
Rx Elastic Store Full
Rx Elastic Store Empty
=
=
=
0
0
0
Seconds since last error =
98616
_______[DynaStar_6100a2e8]________
Figure A-22. T1 Trunk Statistics
Table A-18. Statistics for T1 Trunk Attributes
Field
Description
Enabled
Current status
Indicates whether the trunk has any active alarms.
Frame bits in error
The number of incorrect framing bits.
The number of bipolar violations (two pulses of the same polarity in a row).
CRC errors received
The number of CRC errors received on the line.
Far end CRC errors
(E1 only)
Number of CRC errors received at the remote end (as indicated by the E-bit setting in
frames received from the remote end).
Transmitter frame slips
The number of frame slips (loss of synchronization that caused a bit or bits to be omitted
or read twice) on the transmit side. If the number of slips is high, check the configuration
of the transmit clock source on the T1 Trunk Parameters screen.
Tx Elastic Store Full
A transmit slip has occurred because the selected clock is slower than the transmit
clock.
Tx Elastic Store Empty
A transmit slip has occurred because the selected clock is faster than the transmit clock.
Receiver frame slips
The number of frame slips (loss of synchronization that caused a bit or bits to be omitted
or read twice) on the receive side. If the number of slips is high, check the configuration
of the transmit clock source on the T1 Trunk Parameters screen.
Rx Elastic Store Full
A receive slip has occurred because the selected clock is slower than the receive clock.
Rx Elastic Store Empty
A receive slip has occurred because the selected clock is faster than the transmit clock.
Seconds since last error
Time, in seconds, since most recent error reported.
A - 32
A.3.4
Asynchronous Port Statistics
Figure A-23 shows the statistics screen for asynchronous lines. These statistics apply to the console port or
to any serial port configured as PAD. Figure A-23 shows a statistics display for an active connection. Fields
are described in Table A-19.
Statistics for console port
Current status:
Up
Flow control status:
Received
= No
Sent
= No
Character discard =
Characters
Breaks
Call attempts
Succeeded
Failed
To device
46170
0
0
0
CON: Console
Enabled: 3-24-05 13:56:05
Cleared: 4-11-05 8:02:27
Connection type: DTE
Incoming signals:
CD = On
CTS = Off
(Ps 3 Cs 2)
0
From device
154
0
4
4
0
Current connection information:
LCN
= 1
from =
port = CON
to
= 9999
port = VRT
Duration
= 0:00:28
__________[DynaStar_31]___________
Parity errors
Framing errors
Overruns
Unable to store character
Data packets
Data segments
Data characters
Interrupt packets
Reset packets
=
=
=
=
0
0
0
0
To port From port
52
10
84
10
4690
23
0
0
Figure A-23. Statistics for Asynchronous Ports
Table A-19. Asynchronous Port Statistics Attributes
Field
Description
Port Number
The number of the port whose statistics are being displayed.
Enabled
Cleared
Date and time when statistics were last cleared using the <CTRL-D> option.
Current Status
Indicates whether a connection is Up or Down. Also may show the Packet and Cell
states for diagnostic purposes and will display Disabled if port is disabled.
Connection Type
DTE or DCE (Fixed DTE for Console port)
Flow Control Status
Indicates whether flow control has been received (Yes /No) or sent (Yes/No) and shows
the number of characters discarded after flow control is sent. Flow control can be XON/
XOFF or data set signals.
Incoming Signals
Status (On/Off) of incoming data set signals.
Characters
The number of asynchronous characters sent/received.
Breaks
The number of line breaks received.
Call Attempts
Succeeded
Failed
The total number of call attempts, to and from, followed by the number of calls
successfully received (Succeeded) and Failed.
A - 33
Table A-19. Asynchronous Port Statistics Attributes (Continued)
Field
Description
Parity errors
The number of parity errors (line errors).
Framing errors
The number of incorrect stop bits on asynchronous characters (line errors).
Overruns
The number of times that an Interrupt service routine “cannot process character”
message was received from the hardware. This indicates there is more traffic than the
DS1500-XFR can process. Check the Configuration and verify proper flow control
operation.
Unable to store
character
The number of times that an Interrupt service routine “cannot store character” message
was received from the hardware. This indicates there is more traffic than the DS1500XFR can process. Check the Configuration and verify proper flow control operation.
The following fields are displayed under the Current connection information
heading if there is an active connection.
LCN
The Logical Channel Number of the active virtual call.
Call From/Port
The address assigned to the local port and the physical port number.
Call To/Port
The destination’s address and port in the DS1500-XFR.
Duration
The call’s duration in Hours:Minutes:Seconds.
Data Packets
The number of data packets sent/received (to port and from port, respectively)
Data Segments
The number of accounting data segments sent/received. A data segment is defined as a
packet that is 64 bytes or less. A data packet which is 65 bytes or more is counted as
two data segments.
Data characters
The number of data characters sent/received in Data packets.
Interrupt packets
The number of Interrupt packets sent/received.
Reset packets
The number of Reset packets sent/received.
A.3.5
X.25 Port Statistics
Statistics for X.25 lines are shown in Figure A-24. The fields are described in Table A-20. Statistics for a
Virtual X.25 line are similar, except that no physical level statistics are shown on the screen.
A - 34
Statistics for X.25 line port
S1: SERIAL1
Enabled: 4-10-05 7:01:10
__________[DynaStar_31]___________
Cleared: 4-11-05 8:02:27
Current status:
Down
0
Physical level:
BadCRCs =
0
FrShort =
0
FrLong =
0
Aborts =
0
Overrun =
0
Underrun=
0
NoBuffer=
0
NoRoom =
0
Residue =
0
TxFrames=
0
RxFrames=
0
Link level:
Rates (Kbps) Tx:
0.0 Max:
0.0 Rx:
0.0 Max
0.0
To net
From net
To net
From net
To net
From net
SABM
0
0
UA
0
0
RR
0
0
DISC
0
0
I
0
0
RNR
0
0
FRMR
0
0
UI
0
0
REJ
0
0
Discarded=
0
DM
0
0
T1TimeOt=
0
TxFail =
0
RxPollB =
0
RxBadAdd=
0
Packet level:
To net
From net
To net
From net
Restart
0
0
Call attempts
0
0
Restart Cause
0
0
Succeeded
0
0
Restart Confirm
0
0
Failed
0
0
Reset
0
0
Reset Cause
0
0
ClearNC =
0
ClearLPE=
0
ClearOCC=
0
ClearDER=
0
Number of Active Calls
0
Max
0
Figure A-24. X.25 Statistics Screen
Table A-20. X.25 Statistics Attributes
Field
Description
Port number
The number of the port whose statistics are displayed on the screen.
Enabled
Date and time that the port was most recently enabled.
Cleared
Date and time that the port was most recently cleared.
Current status
Indicates whether a connection is Up or Down. Up indicates duration (hh:mm:ss).
Connection type
Dial, Leased or Direct; DCE or DTE electrical interface.
Incoming signals
Status (On/Off) of incoming data set signals.
Last diagnostic code
Reason that the port last changed to Down.
Physical Level statistics
Bad CRCs
The number of frames received with incorrect CRC (or FCS) (line errors).
Overrun
The number of times that an Interrupt server routine cannot process a byte message
has been received from hardware, indicating there is more traffic than the DS1500-XFR
can handle. Check configuration for maximum throughput.
Residue
The number of frames received that are not an integral number of octets (protocol error).
FrShort
The number of frames shorter than four octets (protocol violation).
Underrun
The number of times that an Interrupt service routine cannot transfer a byte message
has been received from the hardware, indicating there is more traffic than the
DS1500-XFR can handle. Check configuration for maximum throughput.
TxFrames
The number of physical level frames sent.
A - 35
Table A-20. X.25 Statistics Attributes (Continued)
Field
Description
FrLong
The number of frames longer than maximum size for type (protocol violation).
NoBuffer
The number of times that an Interrupt service routine cannot obtain a buffer to store a
frame message has been received, indicating there is more traffic than the DS1500XFR can handle. Check configuration for maximum throughput.
RxFrames
The number of physical level frames received.
Aborts
The number of frames aborted by the PDN (line errors).
NoRoom
The number of times that an Interrupt service routine cannot store a buffer containing a
frame message has been received, indicating there is more traffic than the DS1500XFR can handle. Check configuration for maximum throughput.
Link level statistics ("to net" = sent; "from net" = received)
SABM
The number of SABM frames (used to establish the link to the PDN) sent/received.
DISC
The number of DISC frames (used to disconnect the link to the PDN) sent/received.
FRMR
The number of FRMR frames (used to signal protocol violations) sent/received.
Discarded
The number of frames containing LAN traffic that are discarded because too much data
is queued for the line (line congestion). This can be remedied by increasing the line
speed or limiting the amount of traffic.
T1TimeOt
The number of acknowledgments not received for a SABM, DISC, or Information frame
(line error or connection to PDN not available).
UA
The number of UA frames (unnumbered acknowledgments) sent/received.
I
The number of Information frames (containing X.25 packets) sent/received.
UI
The number of UI frames (unnumbered information) sent/received.
DM
The number of DM frames (used to report that the link is disconnected) sent/received.
TxFail
The number of frames not totally transmitted before the T1 timer expired (loss of
synchronous transmit clock).
RxPollB
The number of frames with poll bit set, indicating that the network is performing either
error recovery (T1 timeout) or link verification (T3 timeout).
RR
The number of RR (receive ready) acknowledgments to Information frames sent/
received.
RNR
The number of RNR frames (used to busy out the link to the PDN) sent/received. A
nonzero value indicates congestion.
REJ
The number of Reject frames (used to identify missing Information frames) sent/
received.
RxBadAdd
The number of frames received with invalid addresses (X.25 configuration error).
Packet level statistics
Restart
The number of Restart packets sent/received.
Restart Cause
The cause code for the most recent Restart packet sent/received.
Restart Confirm
The number of Restart Confirmation packets sent/received.
A - 36
Table A-20. X.25 Statistics Attributes (Continued)
Field
Description
Reset
The number of Reset packets sent/received.
ClearNC
The number of Clear packets received with clear cause “Network Congestion.”
ClearLPE
The number of Clear packets received with clear cause “Local Procedure Error.”
Number of Active Calls
The number of X.25 calls currently connected.
Max
High water mark for calls on an X.25 port.
Call attempts
The number of X.25 call attempts sent to and received from the PDN.
Succeeded
The number of successful call attempts sent/received.
Failed
The number of failed call attempts sent/ received.
Reset Cause
The cause code for the most recent Reset packet sent/received.
ClearOCC
The number of Clear packets received with clear cause “Occupied”
ClearDER
The number of Clear packets received with clear cause "Out of Order."
A.3.6
HDLC Port Statistics
Statistics for an HDLC line are shown in Figure A-25. The fields in this screen are the same as the Physical
Level statistics in the X.25 Statistics screen. A description of these fields can be found in Table A-20.
Statistics for HDLC port
S2: SERIAL2
Current status:
Down
Physical level:
BadCRCs =
0
FrShort =
0
Overrun =
0
Underrun=
0
Residue =
0
TxFrames=
0
Enabled: 4-10-05 7:03:51
Cleared: 4-11-05 8:02:27
0
FrLong =
NoBuffer=
RxFrames=
__________[DynaStar_31]___________
0
0
0
Aborts
NoRoom
=
=
0
0
Figure A-25. HDLC Statistics Screen
A - 37
A.3.7
Transparent Port Statistics
Statistics for a transparent port are shown in Figure A-26. The fields in this screen are the same as the
Physical Level statistics in the X.25 Statistics screen. A description of these fields can be found in
Table A-20.
Statistics for Transparent port
S3: SERIAL3
Current status:
Down
Physical level:
BadCRCs =
0
FrameErr=
0
Overrun =
0
Underrun=
0
Residue =
0
TxFrames=
0
Enabled: 4-10-05 7:05:59
Cleared: 4-11-05 8:02:27
0
NoBuffer=
RxFrames=
__________[DynaStar_31]___________
0
0
NoRoom
=
0
Figure A-26. Transparent Statistics Screen
A.3.8
PPP Port Statistics
Statistics for a PPP port are shown in Figure A-27. The fields in this screen are the same as those found in
the X.25 Statistics screen. A description of these fields can be found in Table A-20.
A - 38
Statistics for PPP port
S4: SERIAL-S4
Enabled: 6-15-05 5:39:43
Cleared: 6-15-05 5:26:39
Last diagnostic code = 160
Current status:
Down
Physical level:
BadCRCs =
0
FrShort =
0
FrLong =
0
Overrun =
0
Underrun=
0
NoBuffer=
0
Residue =
0
TxFrames=
0
RxFrames=
0
Link level:
Rates (Kbps) Tx:
0.0 Max:
0.0 Rx:
To line From line
UI
0
0
Discarded=
TxFail =
RxBadAdd=
__________[DynaStar_11]___________
Aborts
NoRoom
0.0 Max
=
=
0
0
0.0
0
0
0
Figure A-27. PPP Statistics Screen
A - 39
A.4
DISABLE, ENABLE, BUSY, AND INITIALIZE PORTS
This selection allows the administrator to shut down, turn on, and initialize all connections on the DS1500XFR. This function operates on a port basis and must be instigated one port at a time. The path to this
function is Main Menu select <1>Port, select a port, and select <3> Disable/Enable. Selecting the Disable/
Enable option displays the menu shown in Figure A-28.
The Port Activation menu shows the current status of the port. To change the current status, press the
<Enter> key; this toggles the Action field through the possible actions. The actions are: Disable, Enable,
Busy, or Initialize based on the current state of the port. Use care not to Disable the port which the
Supervisor connection is being made on. This will cause an immediate loss of contact and a new Supervisor
connection will have to be made through another port. Initializing the port being used for a Supervisor
session will cause a momentary interruption and the user will have to log back into the DS1500-XFR, but
the connection will return.
There are three possible current states for each port. They are Enabled, Disabled, or Busy. Note that Busy
will prevent any new connections to the port but will not cancel current active connections.
To change the current status of the port or to initialize a port, toggle the Action variable to the correct setting
and move the cursor over the Y in the Process Selections entry at the bottom of the menu. With the cursor
over the Y press the <Enter> key. This will activate the action selected. When disable is selected, a Warning
appears notifying the user that the connection will be lost.
*** Port Activation Menu ***
Current State:
Port CON is Enabled
Action:
Initialize
__________[DynaStar_31]___________
Figure A-28. Port Activation Menu
A - 40
A.5
PROTOCOL MONITORING
The Monitor function allows the operator to retrieve real time traces of traffic flowing on all ports. Real time
protocol level traces from any unit in the field can be seen and/or captured remotely. This function will
replace the need for a datascope or protocol analyzer for many diagnostic procedures, as well as allowing
these traces to be performed from a central console without manual dispatch. Access the Monitoring feature
from the <4> Protocol Monitor selection of the Functions For Port x menu.
Figure A-29 shows a sample basic real-time trace of an Ethernet port, Port E2, as displayed to a Telnet
session. It provides source and destination addresses, Transmit and Receive data messages and a HEX
printout of the data.
B740003606AE4DD86D7E1641A137F200501092
1893121D7173D4C25010FFFFC9E10000485454502F312E3120323030204F4B0D0A446174
653A205468752C2032362041756720323030342031333A33333A333020474D540D0A5033
503A20706F6C6963797265663D22687474703A2F2F7033702E7961686F6F2E636F6D2F77...
0020610060BA 0010C6188575 0800 1514 | 0010C61885750020610060BA0800450005DCC0
B840003606AE4CD86D7E1641A137F200501092
189317D17173D4C25010FFFF7371000043144D9CCDCE0788554A38EEA7659F4B8A63B762
C7888DBED684F1D2D0029142CD0862615CCBB151C68C4782C569AF7BFCE4E1C529F9F1E2
E2D9E0E1AF2F1EFFE61AEC5D1EE150839CFDF2F4E2E1D30BD7B80811A3ED5DF213728E73...
Source
Destination Type Length Data (PORT E2)
------------+------------+----+-----+------------------------------------------0010C6188575 0020610060BA 0800
60 | 0020610060BA0010C618857508004500002846
0A40007F06E5AE41A137F2D86D7E1610920050
7173D4C218931D85501044700E1D0000000000000000
0020610060BA 0010C6188575 0800 1514 | 0010C61885750020610060BA0800450005DCC0
B940003606AE4BD86D7E1641A137F200501092
18931D857173D4C25010FFFF5443000053EA1AADF8F7F2F4412B07389B2D41A823A5FF81
E97636B8351ACEA9A50EBCAC88B8ACA9B28200AD4F45D8607F387A77600FAE07F68E3D72
F6CC62169C00CE785717A78FDCEE962470ABDB5DA80391536BE41F97BB6341EE381E19E1...
Monitor Paused
Figure A-29. Protocol Monitor Trace Log
The monitor displays a notification message in the lower left corner of the screen when the operator pauses
and reactivates the monitor. The indication will be either “Monitor Active” or “Monitor Paused”. Use <Esc>
to quit the monitor. Press <Enter> to pause or resume the monitor. Once in the monitor display, there are
further options to allow the operator to display select parts of the frames, display data in ASCII instead of
HEX, display timestamps and filter the information displayed. For example, the user can get an IP header
decode, or filter to select only frames from a specific MAC address, an IP addresses or IP address/socket
number. This Port Monitor menu is accessible by entering <CTRL-O> while in the protocol monitor. The
Port Monitor menu is shown in Figure A-30; the selections are explained in Table A-20. To return to the
protocol monitor, enter <Y> to process selections (in the lower right) and enter <Enter> or press <Esc> to
return to the protocol monitor.
When in the protocol monitor screen displaying active traffic, press <Esc> to exit.
A - 41
*** Port Monitor S1 ***
Display
Format
Number of lines
Time Stamps
Frame Numbering
Packet Types
Start Channel
End Channel
Filter on
Mac Address
IP Address
TCP Socket
Link/All
Hex
5
None
N
All Frames
(0 = unlimited, 1-10)
(X.25 Only)
(DLCI or LCN)
(DLCI or LCN)
None
(Ctrl-D to clear)
(Ctrl-D to clear)
(0-65535)
0.0.0.0
0
__________[DynaStar_31]___________
Figure A-30. Port Monitor Menu
Table A-21. Port Monitor Menu Fields
Parameter
Definition
Default
Link/All
Range
Display
Indicates the type of display desired.
Format
Indicates how the data will be displayed.
Number of lines
Sets the maximum number of lines to display.
Time stamps
Indicates whether or not to use timestamps and, if
used, the type to use.
Frame Numbering
For X.25 only, indicates whether to use frame
numbering
Packet Types
Indicates the type of packets to display.
Start Channel/
End Channel
Indicates the range of data to display (specified by
the DLCI or LCN).
N/A
DLCI or LCN
number
Filter on
Specifies the type of traffic, if any, on which to filter.
Both
Both
None
Transmitted
Received
Hex
5
None
N
Data Only
Link/All
Packet
IP
IP-FULL
TCP
Hex
ASCII
0 (unlimited)
1-10
None
Relative
Differential
N/Y
All Frames
Data Only
Control
A - 42
Table A-21. Port Monitor Menu Fields (Continued)
Parameter
Definition
Default
MAC Address
Filter traffic on the MAC address given.
IP Address
Filter IP traffic by the address given.
TCP Socket
Filter TCP/IP traffic based on the given socket
number.
A.6
Range
None
0.0.0.0
0
0.0.0.0 255.255.255.255
0 - 65535
PORT MIRROR
The Port Mirroring feature allows the operator to replicate all the traffic on one Ethernet switch port onto a
second switch port. With a monitoring device attached to this second port, the operator can unobtrusively
observe the traffic on the port under study. To open the Port Mirror Setup menu, select <1> Port in the
Main Menu, type in the number of the Ethernet port to be mirrored (E1, E2, E3, E4, or E5) and press
<Enter>. Then select <5> Port Mirror from the Functions for Port menu. The screen shown in
Figure A-31 appears. Enter the port number of the port to be studied as the “Monitor Port” and indicate the
port number of the port to which the analysis device will be attached as the “Copy frames to this port” (the
port to which replicated data will be sent). To cancel mirroring, enter <CTRL-D> on each of the port
number entries.
*** Port Mirror Setup E1 ***
Monitor Port
Copy frames to this port
__________[DynaStar_24]___________
Figure A-31. Port Mirror Setup Screen
A - 43
A.7
PORT SECURITY
The Port Security feature allows the operator to activate a security feature on Ethernet ports. When
activated, this feature disables the Ethernet port when signal loss is detected. Once the port is disabled, the
root operator must reenable it from the supervisor console.
To access the Port Security Setup menu, select <1> Port in the Main Menu, type in the number of the
Ethernet port (E1, E2, E3, E4, or E5), and press <Enter>. Then select <6> Port Security from the
Functions for Port menu. The screen shown in Figure A-32 appears. To enable port security, toggle the
Port Security field to Y.
*** Port Security Setup E1 ***
Port Security:
N
__________[DynaStar_11]___________
Disable when link goes down
Figure A-32. Port Security Setup Screen
A - 44
APPENDIX B
Network Commands
This Appendix describes the Network menus available in the Supervisor management system. The
commands available here allow the user to configure the Router, Terminal Server, Async Services,
Frame Relay, and X.25 features and to display the status for these functions. Using these menus, the
user can configure the external connection requirements and assign protocol and interface information.
The hierarchy of menus for the Network portion of the Supervisor application is shown in Figure B-1
and Figure B-2. The remaining sections of this Appendix describe the submenus and screens.
B-1
APPENDIX B - Network Commands
<CTRL-O>
<1> IP Port
Configuration
<2> IP Routes
Display
<3>
<4>
<5>
IP I/F Ether
Comm Mod
<CTRL-O> E-net Switch
Grp Asgnmt
IP I/F Multiple
<CTRL-O> USART
IP Static
Routes
IP Filters
<CTRL-O>
UDP/TCP
Filter Table
TCP
Connection
Status
MAIN MENU
<1> OSPF Global
Configuration
<1>
<2>
Router
Setup and Status
<6> OSPF
Configuration
OSPF Area
Information
<3> OSPF Port
Information
<CTRL-O> IP I/F 100
Ether Comm
Module
IP I/F (2)
<CTRL-O> Mult. USART
<4> OSPF Range
Information
<5> Virtual Link
Information
<7>
DHCP
<1>
Client
Configuration
<2>
<CTRL-O> DHCP
Server
Configuration
Options
<3> DHCP Allocation Status
<2>
<8>
Network Setup
and Status
Configured
VPN Names
<1>
<9>
VRRP
<2>
<2>
<3>
Bridge
Configuration
and Status
Terminal Server
Configuration
<10>
TCP
Multicast
<1>
Bridge
Configuration
<2>
Bridge
Status
<CTRL-O>
VRRP
Configuration
VRRP
Groups
Advanced
Term. Srvr.
Configuration
<4> through <6> continued
on next figure
Figure B-1. Network Hierarchy Diagram, Selections 1 through 3
B-2
<1> through <3> on
previous figure
<1>
Profile # X.3 Param.
Values
Async
Profiles
<2> Async Logon
Screen
<4>
Async
Services
<3>
Async
Services
<4>
Async
Options
<5>
<Enter>
Async Svcs
Definition
X.25
Mnemonics
MAIN MENU
<6>
NUIs
<7>
User Call
Status
<1> Frame Relay
DLCIs
<5>
<2> Frame Relay
Priority
Frame Relay
Parameters
<3> Frame Relay
Status
<1>
<2>
<2>
Network Setup
and Status
Bridge/
Router
X.121
Routing Table
Test
X.25 Test
Routing Table
<3> PVC/SVC
Switch Table
<6>
<4> XOT Switching Table
X.25
<5>
X.121
Translation
Test
<6>
X.25
Multicast
<Enter>
Multicast
Services
<7> X.25
Connections
<CTRL-O>
X.25 Call
Details
<8> X.25 Multicast Status
<CTRL-O> X.25 Multicast Details
X.121 Adrs.
Trans. Test
Figure B-2. Network Hierarchy Diagram, Selections 4 through 6
B-3
B.1
NETWORKING SETUP AND STATUS MENU
The Networking Setup and Status Menu has six options as shown in Figure B-3 below. The commands
available from this menu allow the user to configure and monitor the network. The following paragraphs
describe the Network submenus shown in the figure below.
1
2
3
4
5
6
-
Router
Bridge
Terminal Server
Async Services
Frame Relay
X.25
Configure
Configure
Configure
Configure
Configure
Configure
Async options
__________[DynaStar_31]___________
Figure B-3. Networking Setup And Status Menu
B-4
B.2
ROUTER (IP)
The DS1500-XFR has an embedded IP router function used primarily for IP Terminal Server applications.
The IP router function can also be used for connecting the DS1500-XFR Supervisor application to an IP
network for remote operator access and for remote access to SNMP traps and operating software downloads.
The routing function can also be used by the other devices connected to the DS1500-XFR for routing traffic
beyond their specific bridged group. In particular, the routing function may be useful for allowing a single
system operator to have Telnet supervisory access to a number of remote devices which otherwise are
segregated into different groups with no facility for cross-group communications.
One key decision in configuring DS1500-XFR IP routing is to set the scope of access to the routing
function. By default, all Ethernet ports are in one group, share the assigned system IP address and have
access to the routing function for routing outside their bridged network. Individual ports can be disabled
from the IP routing function by using the Ethernet Switch Port Configuration screen described in
Appendix A, “Port Functions”. Routing can be further restricted using the IP Filter features described in
“IP Filter” on page B-10. When Port-based groups are used and you want these specific groups to participate
in IP routing, IP addresses must be assigned separately for each group, as described below. There are no
default IP addresses for groups and ports assigned to groups will not be able to route (except to the DS1500XFR Supervisor) until a group IP address is assigned.
A second key decision is to define the routing protocol. By default, routed ports are defined to use RIP as
their routing protocol. The other two options are Static Routing and OSPF routing. Each of these requires
filling in additional configuration screens.
In addition to basic IP routing, the DS1500-XFR also supports BootP Helper and DHCP Server functions to
assist devices that are attached to the DS1500-XFR in obtaining IP addresses and other parameters required
for the operation. BootP and DHCP functions are configured in the DS1500-XFR as part of this IP Router
section.
IP router configuration is accessed from the Main menu by selecting <2> Network and then <1> Router.
Figure B-4 shows the various router setup and status commands.
The IP addresses and routing protocols are assigned via the <1> IP Port Configuration submenu. The <3>
IP Static Routes and <6> OSPF sub-menus are only required when Static or OSPF routing are used,
respectively. <7> DHCP sub-menus are needed only if the respective helper/server tools are to be used. By
default, these services are not enabled.
B-5
1
2
3
4
5
6
7
8
9
10
-
IP Routes Display
IP Static Routes
IP Filters
TCP/IP Status
OSPF Configuration
DHCP
VPN
VRRP
TCP Multicast
Configure OSPF
__________[DynaStar_11]___________
Figure B-4. Router Setup And Status Menu
B.2.1
Assign IP Addresses and Protocols
To assign IP addresses to DS1500-XFR ports that have been enabled for IP support, select option <1> IP
Port Configuration from the Router Setup and Status menu. Figure B-5 shows a sample IP Port
Information screen.
V
Port(s)
Interface
Local/ROM Address
S1 - S4 TEOM
600 - 727 Virtual X.25
Last changed: 3-24-05 13:56:05
IP Address
IP Mask
x.x.x.x
x.x.x.x
Protocol Encaps
192.168.1.1
255.255.255.0
RIP
Enet II
*
192.168.2.3
255.255.255.0
RIP
*
__________[DynaStar_31]___________
Figure B-5. IP Port Information
B-6
The first entry, “Local/ROM Address,” allows configuration of an IP address that the Boot ROM will use
during initial Boot sequence. This address can be useful for upgrading the DS1500-XFR, for remote Telnet
access to the console, and for SNMP communications with the DS1500-XFR.
!
NOTE: While the IP address may be entered via the initial Boot process (as described in
“Boot Process” on page 4-4), that process does not permanently save the IP address for the
system. The IP Port Information screen allows the system IP address to be defined and
permanently saved.
Subsequent entries on the IP Port Information screen will vary, depending on how the different ports have
been configured. Entries with an asterisk (*) must be configured from a distinct IP port information screen
that is reached by pressing <CTRL-O>. A sample screen for grouped Ethernet ports is shown in
Figure B-6. A sample screen for Virtual X.25 lines is shown in Figure B-7. Entries on the IP Port
Information screen (Figure B-5) with the default address 0.0.0.0 can be configured directly on this screen.
In this case, if the entry covers a group of lines, all lines in the group will be configured identically. To
configure the lines separately, put the cursor on that line and press <CTRL-O>. Again, a port information
screen similar to the one in Figure B-6 appears.
Providing an IP address for ports enables Supervisor access via these ports or routed traffic among any of the
ports that are enabled for IP routing.
For each of these ports, cursor to the appropriate entry and enter the designated IP address. The sub-net mask
will appear automatically.
When an address is entered, RIP will appear as the default protocol and Enet II will appear as the default
encapsulation. If RIP is the desired routing protocol, no further action is needed.
If RIP is not the desired routing protocol, toggle this field to select the desired entry: RIP, RIP-II, RIP-RX
(receive-only RIP) or “None.”
“None” is the correct entry to disable RIP. No entries exist on this screen to explicitly select either Static or
OSPF routing. Refer to “OSPF” on page B-14 for OSPF setup.
*** Ethernet IP Port Information ***
Last changed: 3-24-05 13:56:05
Port/Name or Group
IP Address
IP Mask
x.x.x.x
x.x.x.x
Protocol Encaps
E1
2.2.2.1
255.0.0.0
RIP
Enet II
E2
0.0.0.0
0.0.0.0
RIP
Enet II
E3- E4
0.0.0.0
0.0.0.0
RIP
Enet II
E5
0.0.0.0
0.0.0.0
RIP
Enet II
__________[DynaStar_31]___________
Keep new IP Addresses (Y/N): Y
You can configure each group as a separate interface.
Press <CTRL-O> to see all ports in a group.
Press ESC to return to previous menu. Use <TAB> and CURSOR to move fields
Figure B-6. Ethernet IP Port Information Screen
B-7
Port(s)
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
V
V
V
V
V
V
V
V
V
V
V
V
V
V
V
*** WAN IP Port Information ***
Last changed: 3-24-05 13:56:05
Interface
IP Address
IP Mask
x.x.x.x
x.x.x.x
Protocol Encaps
X25 Port 600
0.0.0.0
0.0.0.0
RIP
X25 Port 601
0.0.0.0
0.0.0.0
RIP
X25 Port 602
0.0.0.0
0.0.0.0
RIP
X25 Port 603
0.0.0.0
0.0.0.0
RIP
X25 Port 604
0.0.0.0
0.0.0.0
RIP
X25 Port 605
0.0.0.0
0.0.0.0
RIP
X25 Port 606
0.0.0.0
0.0.0.0
RIP
X25 Port 607
0.0.0.0
0.0.0.0
RIP
X25 Port 608
0.0.0.0
0.0.0.0
RIP
X25 Port 609
0.0.0.0
0.0.0.0
RIP
X25 Port 610
0.0.0.0
0.0.0.0
RIP
X25 Port 611
0.0.0.0
0.0.0.0
RIP
X25 Port 612
0.0.0.0
0.0.0.0
RIP
X25 Port 613
0.0.0.0
0.0.0.0
RIP
X25 Port 614
0.0.0.0
0.0.0.0
RIP
__________[DynaStar_31]___________
Keep new IP Addresses (Y/N): Y
You can configure each port of a multiport interface separately on this
screen.
Press ESC to return to previous menu. Use <TAB> and CURSOR to move fields
Figure B-7. WAN IP Port Information Screen
B.2.2
IP Routes Display
The IP Routes Display menu provides details on the internal IP router. The menu shows the ARP and
Routing tables. The Routing tables can be extensive and the menu provides scrolling capabilities by using
the <CTRL-Q>, scroll, and <CTRL-S>, stop scrolling, to look at the complete table. The menu can also be
updated by pressing the Enter key and can be flushed by pressing <CTRL-F>. Use caution when
considering flushing the learned tables. Immediately after flushing the tables, the router will be unable to
route messages until the routing protocols rebuild the table. RIP discovery typically takes at least 30 seconds
and OSPF updates only occur during topology changes. Refer to Figure B-8 for a sample IP Addresses
menu.
B-8
*** IP Addresses ***
ARP Table:
IP Address
75.142.45.121
Routing Table:
Network Address
75.142.45.240
122.128.7.0
Port
103
MAC Address
0020610012AA
Network Mask
255.255.255.240
255.255.255.240
Age
120
Next Hop
75.142.45.121
__________[DynaStar_24]___________
Use XOFF <CTRL-S> and XON <CTRL-Q>
to control scroll.
Port Metric Age
E1
0
0
E1
1 238
VCN
OWNER
LOC
RIP
Press <CTRL-F> to Flush the Tables
Press <RET> for update
Figure B-8. IP Addresses Menu
B.2.3
Static Routing
As described above, the IP router can use RIP (the default), RIP-II, RIP-RX, OSPF, no routing protocol or
Static Routing. Different groups can use different routing protocols, including Static Routing, but only a
single instance of the routing protocol is used for all groups that share it. Specifically, there is only one Static
Routing table for the DS1500-XFR. This section describes how the Static Routing Table is defined.
To establish Static Routes for IP routing, enter <3> IP Static Routes at the Router Setup And Status submenu. Figure B-9 will appear.
B-9
*** IP Static Routes ***
Last changed: 7-23-04 9:07:52
IP Mask
Next Hop
Hops
x.x.x.x
x.x.x.x
(0 - 15)
0.0.0.0
192.168.52.101
1
IP Address
x.x.x.x
1: 0.0.0.0
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
Note: x = 0-255
__________[DynaStar_24]___________
Process Static Routes (Y/N): Y
In IP address field, use UP/DOWN to scroll and LEFT to process selections.
Figure B-9. IP Static Routes Menu
This screen is used to define one static route per line of the table. Up to 120 static routes can be configured.
For each route, enter the following information on a single line:
•
•
•
•
In the IP Address column, enter the IP address of the remote network.
• A default mask appears. If required, modify the IP mask for subnetting.
• Note: A static route of 0.0.0.0 can be used as a default route for routing any IP
address that does not have a match in the routing table.
Under Next Hop, enter the IP address of the remote IP port used to access the IP network
specified in this procedure. This will generally be the IP address of a router directly
connected to the same switched Ethernet network, but not necessarily directly attached to
this DS1500-XFR.
In the Hops column, enter the number of hops to the remote network using this static route.
• If the number of hops entered here is greater than the number of hops in a dynamic
route (using RIP) to the same IP network, then the dynamic route will be used.
When you have completed your configuration, enter Y in the Process Static Routes field
and press <Enter>.
After entering IP routes, it is a good practice to verify the routing information. From the Main menu, select
<2> Network, <1> Router then <2> IP Routes Display. These are described in the previous section.
B.2.4
IP Filter
IP filtering allows traffic blocking or forwarding based on specific IP addresses or address masks, as well as
on TCP, UDP or ICMP ports or sockets. Subnet mask support is also available.
To set up IP Filters, enter <4> IP Filter on the Router Setup And Status menu. The IP Filter Table screen
is shown in Figure B-10.
B - 10
Use the IP Filter Table to specify up to 60 specific filtering actions and also to designate a default IP action
for frames not matching any filter specification. The IP Filter process searches from the top of the table
(after a sort process described below) and performs a filtering action based on the first match that it finds for
an address. If no match is found for either the source or destination address, the call is blocked or forwarded
based on the selection in the Default filter action field. This field is initially configured to forward all
traffic.
*** IP Filter Table ***
Last changed: 7-14-04 12:33:29
Type Source IP
(Tog) (Address)
Mask
Destination IP
(Bits) (Address)
1
__________[DynaStar_24]___________
Mask
VPN
Protocol Filter
(Bits) (Tog) Ctrl O to configur
Forward
Figure B-10. IP Filter Table Menu
B.2.4.1 Configure IP Filtering
First, place the cursor in the Type column and press <Enter> to select the desired type of filter being
defined on that line of the filter table:
•
•
•
•
•
•
Both filters on both the source and destination addresses configured
Src (Source) filters on only the specific IP source address configured
Dest (Destination) filters on only the specific IP destination address configured
NetB (Netboth) filters both the source and destination network addresses based on the
masks entered on the same line
NetS (Netsource) filters the source network address based on the mask entered on the same
line
NetD (Netdest) filters the destination network address based on the mask entered on the
same line
Next, tab to the Source IP, Destination IP, and/or Mask fields as appropriate and enter a complete address
or mask as required for the type of filtering you are configuring.
•
The VPN field has reserved meaning and is not utilized at this time.
The Protocol Filter column entry is changed by pressing <CTRL-O> and toggling the Action field to
Block or Forward.
To set protocol-specific filters or to change the Default action from forward to block, enter <CTRL-O> to
access the optional UDP/TCP Filter Table screen shown in Figure B-11.
B - 11
•
Toggle the Action column settings for the protocols shown, as desired.
The Def protocol entry refers to the default action for all frames not meeting any of the other filter
definitions (i.e., either do not appear in the table or cannot be derived from masks that appear in the table).
The default setting is Forward.
When all entries are complete, enter <Y> in the Process selections field and press <Enter>. You will be
returned to the IP Filter Table.
The IP Filter Table will have been resorted by class and address according to the following sorting rules:
1.
Entries with specific addresses appear before entries with masks.
2.
Addresses and masks are sorted from low to high values.
3.
Actions are sorted (in order of decreasing priority) by class as follows:
a. BOTH (source and destination address)
b. SOURCE (source address only)
c. DESTINATION (destination address only)
d. NETBOTH (both source and destination network masks)
e. NETSOURCE (source network mask only)
f. NETDESTINATION (destination network mask only)
In the sorted table, an address or mask of *.*.*.* indicates “Don’t care” and is not used for filtering.
*** UDP/TCP Filter Table ***
Protocol
(Toggle)
1 Def
2
3
4
5
6
7
8
9
10
11
12
13
14
15
Socket
__________[DynaStar_31]___________
Name
8:53:02
Action
(Toggle)
Forward
Figure B-11. UDP/TCP Filter Table Menu
B - 12
B.2.5
TCP/IP Status
This screen is accessed from the Main Menu by selecting <2> Network, <5> TCP/IP Status. The screen,
shown in Figure B-12, displays the connection status of the TCP devices with current connections to the
DS1500-XFR. The fields shown in this screen can help assist the user in determining if connections are
being made to the DS1500-XFR as well as the port connections made and if traffic is passing.
*** TCP Connection Status ***
Local
Port
23
Remote
Remote
IP Address
Port
111.115.195.212
1905
Protocol
State
Window
Service/LCN or
TX
RX
Multicast Src
CONNECTED 65135 1460
TELNET
__________[DynaStar_24]___________
Press <CTRL-D> to clear call
Figure B-12. TCP Connection Status
B - 13
B.2.6
OSPF
OSPF (Open Shortest Path First) is a routing scheme that operates over the IP protocol. It is a link state
metric protocol that makes routing decisions based on link capacity, delay and throughput requirements, the
number of data units presently in queue for transmission over a particular link, the number of hops required
to reach a destination, and the ability to reach gateways and routers along the route. To take network
dynamics into account, OSPF includes a weighting factor for each route. OSPF is considered a more robust
protocol than RIP, which makes routing decisions based only on the number of hops to a destination.
To improve network efficiency, OSPF selectively limits route status messages and uses network partitioning
and subnetting to control the amount of traffic and memory required to update router information. For
example, one router can be designated to exchange routing tables with a local gateway, cutting down on the
congestion that might occur if all routers exchanged routing information with the gateway. As another
example, Link State Advertisements are distributed only when there has been a change to network status.
Further, if networks are designed correctly, sub-network status messages can be sent in a single Route
Summarization message.
The steps below correspond to a unique selection on the OSPF Configuration menu, shown in
Figure B-13. IP addresses are assigned on the IP Port Information screen as described in “Assign IP
Addresses and Protocols” on page B-6. The other five steps have their own OSPF parameters to be
completed. The parameter names and the default and optional values are given on the menu screens.
Parameters descriptions are provided in Table B-1 through Table B-5. OSPF configuration needs to be done
in the following order:
1.
IP Address (required)
2.
OSPF Global Parameters (required) - Shown in Figure B-14 and described in Table B-1
3.
OSPF Area Parameters (required) - Shown in Figure B-15 and described in Table B-2
4.
OSPF Port Parameters (required) - Shown in Figure B-16 and described in Table B-3
5.
OSPF Range Parameters - Shown in Figure B-17 and described in Table B-4
6.
OSPF Virtual Link Parameters - Shown in Figure B-18 and described in Table B-5
B - 14
*** OSPF Configuration ***
1
2
3
4
5
-
Global
Area
Port
Range
Virtual Link
Configure
Configure
Configure
Configure
Configure
global parameters
area parameters
port parameters
range parameters
virtual link parameters
__________[DynaStar_24]___________
Figure B-13. OSPF Configuration Menu
*** OSPF Global Configuration ***
Last changed: 7-14-04 12:33:29
Router ID
Route Sharing
Automatic V-Link
0.0.0.0
N
N
(4 bytes)
(Share routes with RIP)
<CR> to toggle
__________[DynaStar_24]___________
Figure B-14. OSPF Global Configuration Menu
Table B-1. OSPF Global Information
Parameter
Router ID
Description
Default
OSPF router ID, for this device, distinguishing it from all
others in the Autonomous System. This is typically the
primary IP address of the DS1500-XFR.
B - 15
0.0.0.0
Range
0.0.0.0 255.255.255.255
(4 bytes)
Table B-1. OSPF Global Information (Continued)
Parameter
Route Sharing
Description
Default
If set to Yes, routing information is exchanged with the
Range
N
Y, N
N
Y, N
DS1500-XFR’s RIP router.
Automatic
V-Link
If set to Yes, enables automatic generation of virtual links.
(Virtual links are required to restore backbone connectivity
when the Autonomous System is divided into non-contiguous
areas.) NOTE: To be able to configure virtual links, the
DS1500-XFR must be an area border router. If this
parameter is set to No, all required virtual links must be
configured manually.
*** OSPF Area Information ***
Last changed: 7-14-04 12:33:29
Area ID
x.x.x.x
1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
Authentication
<CR>
None
None
None
None
None
None
None
None
None
None
Import AS
<CR>
N
N
N
N
N
N
N
N
N
N
Stub Metric
(1-255)
0
0
0
0
0
0
0
0
0
0
Config has changed: use CTRL-W to save
In Area ID field, use UP/DOWN to scroll and LEFT to process selections.
Figure B-15. OSPF Area Information Menu
Table B-2. OSPF Area Information
Parameter
Description
Default
Range
AreaID
IP-like address unique to this particular area. By definition,
the backbone area is set for 0.0.0.0
0.0.0.0
0.0.0.0 255.255.255.255 (4
bytes)
Authentication
If set to None, no password is required. If set to Simple, a
password must be defined on the OSPF port configuration
menu, and all packets sent on the network must carry this
value in the OSPF header.
None
None, Simple
B - 16
Table B-2. OSPF Area Information (Continued)
Parameter
Description
Default
Range
Import AS
If set to Yes, AS (Autonomous System) external
advertisements are flooded through this area. The parameter
must be set to Yes for the backbone and areas connected to
the backbone by a virtual link. Set to No for a Stub area.
Routing tables will maintain information for the entire area,
regardless of the value of this parameter.
N
Y, N
Stub Metric
Applies to stub areas only. Determines the routing “cost” of
the default line. Stub areas are areas into which OSPF does
not flood AS (autonomous system) external advertisements.
You might want to configure stub areas if much of the
topological database consists of AS external advertisements,
and you want to minimize the size of the topological
databases on an area’s routers.
0
1-255
*** OSPF Port Information ***
Port(s) OSPF
<CR>
E1- E5 *
S1- W2 *
AreaID
x.x.x.x
PRTY Parameter Value
Password
0-255 <CR>
(1-65535,3600) 0-8 ASCII
Process OSPF ports (Y/N): Y
Lines with port ranges are multiport interfaces. Configure ports together or
with cursor on line, press <CTRL-O> to configure separately. *Fields are blank
if ports are configured separately. Press <CTRL-D> on metric value for default
Figure B-16. OSPF Port Information Menu
Table B-3. OSPF Port Information
Parameter
Description
Default
Range
OSPF
Indicate type of OSPF routing enabled on this interface. Set
to Broadcast for DS1500-XFR/LAN ports and Point-Point for
WAN ports.
Broadcast
Broadcast
Point-Point
None
AreaID
Identifier of OSPF area to which the port (interface) belongs,
as defined in the Area parameters. 0.0.0.0 is the backbone
area.
0.0.0.0
0.0.0.0 255.255.255.255
(4 bytes)
B - 17
Table B-3. OSPF Port Information (Continued)
Parameter
Priority
Description
Default
Priority used to determine whether this router will become the
network’s designated router. 0=this router is ineligible to be
the designated router. 255 is the highest priority. 255 means
that this router is responsible for sending network link
advertisements, which describe all the routers attached to the
network. These advertisements are flooded throughout a
single area. At least one router on each logical IP network or
subnet must be eligible to be the designated router.
0
Range
0-255
The following parameters are toggle fields under the “Parameter” column:
Transit (Transit
Delay)
Applies only to Broadcast ports and determines how often
Link State Advertisement packets are sent over this interface.
This interval determines the maximum packet transmission
rate on an interface, which affects network stability. Because
packets are built at the instant of transmission, only the latest
information is sent even if the transmission is delayed.
1
1-3600 seconds
Retran
(Retransmit
Interval)
The time between retransmissions of link state
advertisements when an acknowledgment is not received.
This parameter is used for adjacencies that belong to this
interface and for retransmissions of OSPF Database
Description and Link State Request packets. Set this
parameter to a value that is higher than the expected roundtrip delay between any two routers on the network attached to
this port. Otherwise, needless retransmissions will occur. The
default value, 5 seconds, is appropriate for a LAN connection.
Low-speed links require a higher value.
5
1-3600 seconds
Hello
(Hello Interval)
The length of time, in seconds, between Hello packets sent
on this interface. Must be the same value for all routers
connected to this interface. If you set the Hello Interval to a
short length of time, changes to the OSPF topological
database will be detected more quickly, but more OSPF
routing protocol traffic will be generated. The default value, 10
seconds, is suggested for a LAN connection.
10
1 -3600 seconds
Dead
(Dead Interval)
The length of time, in seconds, before neighboring routers
declare a router down when they stop receiving its Hello
Packets. The value of the Dead Interval parameter is
advertised in Hello Packets sent out from this interface and
must be the same on all other routers connected to this
interface. Set the Dead Interval to a multiple of the Hello
Interval.
40
1-3600 seconds
Metric
Cost, or weight, of sending a packet on this interface. NOTE:
The same basis for determining the metric (for example,
speed, throughput, or line cost) should be used throughout
the network.
1
1-65535
Password
Eight-character authentication: Must be the same for all
routers in an area.
No value
0 to 8 ASCII
characters
B - 18
*** OSPF Range Information ***
Last changed: 7-14-04 12:33:29
Range Net
Range Mask
Area ID
Status
x.x.x.x
x.x.x.x
x.x.x.x
<CR>
1: 0.0.0.0
0.0.0.0
0.0.0.0
Advertise
2: 0.0.0.0
0.0.0.0
0.0.0.0
Advertise
3: 0.0.0.0
0.0.0.0
0.0.0.0
Advertise
4: 0.0.0.0
0.0.0.0
0.0.0.0
Advertise
5: 0.0.0.0
0.0.0.0
0.0.0.0
Advertise
6: 0.0.0.0
0.0.0.0
0.0.0.0
Advertise
7: 0.0.0.0
0.0.0.0
0.0.0.0
Advertise
8: 0.0.0.0
0.0.0.0
0.0.0.0
Advertise
9: 0.0.0.0
0.0.0.0
0.0.0.0
Advertise
10: 0.0.0.0
0.0.0.0
0.0.0.0
Advertise
11: 0.0.0.0
0.0.0.0
0.0.0.0
Advertise
12: 0.0.0.0
0.0.0.0
0.0.0.0
Advertise
13: 0.0.0.0
0.0.0.0
0.0.0.0
Advertise
14: 0.0.0.0
0.0.0.0
0.0.0.0
Advertise
15: 0.0.0.0
0.0.0.0
0.0.0.0
Advertise
In Range Net field, use UP/DOWN to scroll and LEFT to process selections.
Figure B-17. OSPF Range Information Menu
Table B-4. OSPF Range Parameters
Parameter
Description
Default
Range
Range Net
Together with the Range Mask, identifies a group of subnets
in this address range. Routers may belong to multiple areas,
depending on their attached networks. When configuring the
Range Net values for all address ranges, keep all subnetted
networks in the same area. NOTE: Ranges are required only
for those areas that connect to the backbone via an area
border router.
0.0.0.0
0.0.0.0 255.255.255.255
(4 bytes)
Range Mask
Together with Range Net, identifies a group of subnets in this
address range.
0.0.0.0
0.0.0.0 255.255.255.255
(4 bytes)
AreaID
The Area ID that the address range is being summarized
from.
0.0.0.0
0.0.0.0 255.255.255.255
(4 bytes)
Status
If set to Advertise, a single route is advertised for this address
range on a summary link advertisement that is external to the
area. If set to Hide, no route is advertised for this address
range. This setting allows you to hide certain networks from
other areas.
Advertise
Advertise, Hide
B - 19
*** OSPF Vlink Information ***
Last changed: 7-14-04 12:33:29
1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
Transit ID
x.x.x.x
0.0.0.0
0.0.0.0
0.0.0.0
0.0.0.0
0.0.0.0
0.0.0.0
0.0.0.0
0.0.0.0
0.0.0.0
0.0.0.0
Router ID
x.x.x.x
0.0.0.0
0.0.0.0
0.0.0.0
0.0.0.0
0.0.0.0
0.0.0.0
0.0.0.0
0.0.0.0
0.0.0.0
0.0.0.0
Parameter
<CR>
Transit
Transit
Transit
Transit
Transit
Transit
Transit
Transit
Transit
Transit
Value
(1-65535,3600)
0
0
0
0
0
0
0
0
0
0
Autype
<CR>
None
None
None
None
None
None
None
None
None
None
Password
(0-8 ascii)
In Transit ID field, use UP/DOWN to scroll and LEFT to process selections.
Figure B-18. OSPF Virtual Link Parameters Menu
Table B-5. OSPF Virtual Link Parameters
Parameter
Description
Default
Range
Transit ID
Unique area identifier for the area that the virtual link passes
through.
0.0.0.0
0.0.0.0 255.255.255.255
(4 bytes)
Router ID
Router identifier for the other endpoint of the virtual link
(neighbor ID)
0.0.0.0
0.0.0.0 255.255.255.255
(4 bytes)
The following parameters are toggle fields under the “Parameter” column:
Transit (Transit
Delay)
How often Link State Advertisement packets are sent over
this interface. This interval determines the maximum packet
transmission rate on an interface, which affects network
stability. Because packets are built at the instant of
transmission, only the latest information is sent even if the
transmission is delayed.
1
1-3600 seconds
Retran
(Retransmit
Interval)
The time between retransmissions of link state
advertisements when an acknowledgment is not received.
This parameter is used for adjacencies that belong to this
interface and for retransmissions of OSPF Database
Description and Link State Request packets. Set this
parameter to a value that is higher than the expected roundtrip delay between any two routers on the network attached to
this port. Otherwise, needless retransmissions will occur. The
default value, 5 seconds, is appropriate for a LAN connection.
Low-speed links require a higher value.
5
1-3600 seconds
B - 20
Table B-5. OSPF Virtual Link Parameters (Continued)
Parameter
Description
Default
Hello
(Hello Interval)
The length of time, in seconds, between Hello packets that
the ESS sends on this interface. Must be the same value for
all routers connected to this interface. If you set the Hello
Interval to a short length of time, changes to the OSPF
topological database will be detected more quickly, but more
OSPF routing protocol traffic will be generated. The default
value, 10 seconds, is suggested for a LAN connection.
10
1-3600 seconds
Dead
(Dead Interval)
The length of time, in seconds, before neighboring routers
declare a router down when they stop receiving its Hello
Packets. The value of the Dead Interval parameter is
advertised in Hello Packets sent out from this interface and
must be the same on all other routers connected to this
interface. Set the Dead Interval to a multiple of the Hello
Interval.
40
1-3600 seconds
Autype
Authentication Type. If None, no password is required. If
Simple, a password must be defined on the OSPF port
configuration menu, and all packets sent on the network must
carry this value in the OSPF header.
None
None, Simple
Password
Eight-character authentication: Must be the same for all
routers in an area.
No value
0 to 8 ASCII
characters
B - 21
Range
B.2.7
BootP/DHCP
The DS1500-XFR can act as a BootP Helper and/or DHCP Server in order to provide temporary IP
addresses and other IP-related parameters to devices attached to the DS1500-XFR. From the Router Setup
And Status menu, <7> DHCP leads to a BootP/DHCP screen, shown in Figure B-19, that prompts you to
select either: <1> Client Configuration (for BootP) or <2> Server Configuration or <3> DHCP
Allocation to view the DHCP settings.
The following sections describe these submenus.
*** BootP/DHCP ***
1 - Client Configuration
2 - Server Configuration
3 - DHCP Allocations
Configure DHCP client and BootP helper
Configure DHCP server
Display IP address allocations
Figure B-19. BootP/DHCP Menu
B.2.7.1 BootP Client/Helper
The DS1500-XFR can act as a BootP relay agent to transfer BootP messages between clients and servers.
BootP (Bootstrap Protocol or Boot Protocol) provides to the requesting device the path and filename of its
bootstrap file, as well as its default router, its own IP address, and the BootP server’s IP Address. BootP
sends its messages in UDP headers enclosed in IP datagrams. In many cases, BootP clients and their
associated BootP server(s) do not reside on the same IP network or subnet. The actual BootP server can be
several hops away from the BootP client system. In such a case, a DS1500-XFR can act as a relay agent to
transfer BootP messages between clients and servers. To configure the DS1500-XFR to act as a BootP relay
agent, select <1> Client Configuration as described above. The screen, shown in Figure B-20, will appear.
The remote IP addresses of up to three remote BootP servers may be specified. The helper can be enabled/
disabled by operator command while keeping Server addresses stored for future use.
B - 22
*** Helper/Client Configuration ***
DHCP Client Poll Interval:
BootP Server1:
BootP Server2:
BootP Server3:
BootP Helper Enabled
0
0.0.0.0
0.0.0.0
0.0.0.0
N
__________[DynaStar_24]___________
0-Dis, 1-255 Secs.
IP Address
IP Address
IP Address
Figure B-20. Helper/Client Configuration Menu
B.2.7.2 DHCP Server
This feature allows hosts connecting to the network to be automatically configured with an IP address sent
by the DS1500-XFR, default route and the addresses of up to three DNS servers. Optionally, an IP address
can be statically assigned to a particular MAC address.
!
NOTE: The total number of IP Addresses that the DS1500-XFR DHCP server will assign is
50. Addresses made available beyond a total of 50 will never be used. The operator is not
prevented from defining additional addresses, but only the first 50 will be assigned.
To configure the DHCP Server, select <2> Server Configuration, as described above. An example of the
screen is shown in Figure B-21.
This DHCP Configuration screen defines the IP addresses that are held by the DS1500-XFR DHCP Server
and allocated upon request to the devices attached to the DS1500-XFR.
B - 23
*** DHCP Configuration ***
Start Address
IP Address
1 0.0.0.0
End Address
IP Address
0.0.0.0
__________[DynaStar_24]___________
Subnet Mask
x.x.x.x
0.0.0.0
0:00:00
Include Duration
Toggle Hours, 0=unlimited
Include 72
Figure B-21. DHCP Configuration
•
•
•
This table can be populated with up to 15 entries.
• Each entry can be a single IP address or a range of contiguous IP addresses (defined
by the Start Address and End Address of the range).
• To define a single address, enter the same address as both the Start and End address
of a range.
Each entry may represent addresses to Include or Exclude, indicated by toggling the
Include field on each line.
• For example, one line may provide a large range of addresses to be used by the
server. Another line may exclude one or more addresses within the range from
being assigned.
The duration of the address assignment (lease) is configurable in hours.
• The default lease is 72 hours.
• An ‘unlimited’ lease is specified by entering ‘0’ hours.
For each address or address range, additional parameters can be provided to the requesting device.
These include:
•
•
•
One to three DNS server addresses
A default router address
A MAC address for static assignment
These are configured using the DHCP Options Screen. This involves:
•
•
•
Within the DHCP Configuration screen, place the cursor on the IP address range with which
you want to associate additional parameters.
• Note this procedure can be repeated for each address or address range.
Press <CTRL-O>. The DHCP Options screen will appear (example shown in
Figure B-22).
Enter the IP and MAC addresses as appropriate.
B - 24
*** DHCP Options ***
DNS Server1:
DNS Server2:
DNS Server3:
Default Router:
Mac Address
0.0.0.0
0.0.0.0
0.0.0.0
0.0.0.0
000000000000
__________[DynaStar_24]___________
IP Address
IP Address
IP Address
IP Address
For Static Assignment
Figure B-22. DHCP Options Menu
B.2.7.3 DHCP Allocations
The DHCP Allocations option lists the DHCP Server IP and MAC addresses to which they are allocated.
The DHCP Allocations Status menu is shown in Figure B-23. The fields shown in the DHCP Allocation
Status menu are described in Table B-6. Note that while in this screen, the operator can use the <CTRL-D>
command to force the release of IP addresses in the pool one line item at a time. The <CTRL-D> command
releases the address on the line where the cursor is currently placed. The server may then assign the IP
addresses to new requests. The forced release does not release the addresses within the attached devices. The
devices will either make a new DHCP request once the previously assigned IP address times out or by
operator action. Once an IP address has been assigned to a client, the IP address will be reserved for that
client even if it times out. The IP address will only be reused if all free IP addresses have been allocated.
B - 25
*** DHCP Allocation Status ***
Client
IP Address
Assigned To
MAC Address
Status
Host Name
__________[DynaStar_24]___________
Press <CTRL-D> to clear entry
Time
(Hours)
Figure B-23. DHCP Allocation Status Menu
Table B-6. DHCP Allocations Status Menu Attributes
Field
Description
Client IP Address
The IP addresses in this field are the pool of IP addresses held by the DS1500-XFR
and assigned upon request from the client.
Assigned to MAC
Address
The MAC address of the device that has made a successful DHCP request.
Host Name
Shows the name of the unit assigned an IP from the DHCP server and is identified by
the user when they make a request.
Status
Free -unassigned IP address
Expired - timed out
Alloc - (Allocated) Active and current IP address
Time (Hours)
Shows the remaining Lease time, in hours, for the assigned IP address. At the end of
the Lease, the assignment times out and the IP address is released and the DHCP will
assign it to another client on request.
B - 26
B.2.8
Virtual Private Networks
The Virtual Private Network (VPN) allows organizations to use service provider networks for secure
exchanges with remote offices, vendors, and partners. VPN authenticates peer systems and optionally
encrypts transmissions using key exchanges, hashing, and encryption algorithms.
The DS1500-XFR implementation of the VPN conforms to IPSec RFC 2401 (using DES and Triple DES)
and provides VPN solutions for both site-to-site (router-to-router) and remote access VPN deployments.
IPSec provides security services at the IP layer by enabling a system to select required security protocols,
determine the algorithm(s) to use for the service(s), and set up any cryptographic keys required to provide
the requested services. IPSec can be used to protect one or more “paths” between a pair of hosts, between a
pair of security gateways, or between a security gateway and a host.
B.2.8.1 VPN Configuration
To configure a VPN on the DS1500-XFR, follow the procedure below.
1.
From the Main menu, select <2> Network.
The Networking Setup and Status menu appears.
2.
From the Networking Setup and Status menu, select <1> Router.
The Router Setup And Status menu appears.
3.
From the Router Setup And Status menu, select <8> VPN
The VPN Setup and Status screen (Figure B-24) appears.
*** VPN Setup and Status ***
1 - VPN Configuration
2 - VPN Connection Status
Configure VPNs
Display VPN connection status
__________[DynaStar_24]___________
Figure B-24. VPN Setup And Status Menu
4.
Select <1> VPN Configuration, the menu shown in Figure B-25 appears.
5.
Press <Enter> to add a new VPN entry, or type the number of a previously configured VPN and
press <Enter>.
The VPN Configuration screen (Figure B-26) appears.
B - 27
*** Configured VPN Names ***
0:00:00
__________[DynaStar_24]___________
To add entry, just press <RET>
To edit, enter service # <RET>
To delete, enter service # <CNTL-D>
NOTE: delete takes effect immediately
Figure B-25. Configured VPN Names Screen
*** VPN Configuration ***
VPN name:
Dest. IP address:
IKE Encryption:
IKE Hash:
IKE Lifetime:
IKE Setup:
Key Exchange:
Phase 2 Keys:
Private Key:
Diffie-Hellman:
Encapsulation:
IPSec Protocol:
IPSec Lifetime:
IPSec Hash:
(15)
0.0.0.0
Null
MD5
0
MAIN
Private
N
(Secs., 0=unlimited)
(16 Ascii)
768-bit
TUNNEL
AH
0
MD5
__________[DynaStar_31]___________
(Secs., 0=Unlimited)
Figure B-26. VPN Configuration Screen
6.
Complete parameters as required. Parameters and their values are explained in Table B-7.
7.
When entries are completed, enter Y in the Process selections field and press <Enter>.
The Configured VPN Names screen (Figure B-25) is displayed and the newly configured VPN is
listed on the screen.
8.
Set up IP filtering to define what traffic and what types of applications will use the VPN. Press
<Esc> three times to return to the Main Menu. Refer to “IP Filter” on page B-10.
B - 28
Table B-7. VPN Configuration Parameters
Parameter
Description
Values
VPN Name
A name to identify the VPN. This name does not
need to match the name at the distant location, but
this is recommended for continuity
Max 15 alphanumeric
characters
Dest. IP address
The IP address of the remote device.
0.0.0.0 255.255.255.255
(4 bytes)
Default = 0.0.0.0
IKE Encryption
IKE Hash
IKE Lifetime
IKE Setup
Key Exchange
Type of Internet Key Exchange encryption to be
used. Null is implemented as described in
RFC2401. DES is implemented as described in
RFC2405. 3DES, or Triple DES, is described in
ANSI X9.52-1998.
Null (default)
The method used to guarantee the integrity of your
data. MD5 is defined in RFC1321. SHA-1 is
described in FIPS180-1.
MD5 (default)
Sets the lifetime of an IKE Security Association
(SA). Set to zero for unlimited, or set number of
seconds. If the initiator and responder Lifetime
values are not the same, the shortest duration will
be adopted at both ends.
0 (= unlimited)
Main is a 6-step (3 round trip) process that provides
identity protection by encrypting the identities of the
peers. Aggressive mode is somewhat faster than
Main, but it does not protect the identities of the
communicating parties.
Main (default)
Manner in which keys are exchanged.
Private (default)
DES
3DES
SHA-1
1- 999999
0 (default)
Aggressive (not
currently supported)
Public (not currently
supported)
Private Key1
The key to exchange when Private is selected
above. It is required when Private is selected.
Max 16 hexadecimal
characters
Diffie-Hellman
This is a means for two parties to agree upon a
shared secret in such a way that the secret is
unavailable to eavesdroppers. The secret can then
be converted into cryptographic keying material for
other algorithms. The length of the key could cause
slower connection setup.
768 (default), 1024, or
1536 bit.
Encapsulation
Type of encapsulation used. Only tunnel mode is
available at this time.
Tunnel
B - 29
Table B-7. VPN Configuration Parameters (Continued)
Parameter
IPSec Protocol
IPSec Lifetime
IPSec Hash
Description
Values
The protocol format used. The protocol formats for
IPSec’s Authentication Header (AH) and IP
Encapsulating Security Payload (ESP) are
independent of the cryptographic algorithm,
although certain algorithm sets are specified as
mandatory for support in the interest of
interoperability. The AH protocol defines methods
of establishing the identity of the message
originator and ensures that the transmitted data
has not been tampered with. ESP protocol provides
the same functions as the AH protocol but
additionally defines encryption methods for the
data.
AH (default)
Sets the lifetime of an IPSec Security Association
(SA). Set as zero for unlimited or set number of
seconds. If the initiator and responder Lifetime
values are not the same, the shortest duration will
be adopted at both ends.
0 (= unlimited) (default)
The method used to guarantee the integrity of your
data. MD5 is defined in RFC1321. SHA-1 is
described in FIPS180-1.
MD5 (default)
ESP
1- 999999
SHA-1
B.2.8.2 VPN Status
VPN status is given in the VPN Connection Status screen. This screen is accessed from the VPN Setup And
Status screen by selecting <2> VPN Connection Status and is shown in Figure B-27.
The first entry (address 0.0.0.0) is looking for VPN setup attempts and should never change. If you clear this
entry with <CTRL-D>, no VPNs can be set up until the next warm start. Subsequent entries in the table
show setups for each configured VPN. Entries on this screen are explained in Figure B-27.
B - 30
V
*** VPN Connection Status ***
Dest. IP Addr.
0.0.0.0
Phase 1
State
LISTENER
Phase 2
State
Proto. SPI
RESRVD
__________[DynaStar_31]___________
Press <CTRL-D> to reinitialize entry
Sequence
TX
0
RX
0
Figure B-27. VPN Connection Status Screen
Table B-8. VPN Connection Status Parameters
Parameter
Description
Values
Dest IP Addr
The destination IP address that the VPN tunnel
connects to.
0.0.0.0 255.255.255.255
Phase 1 State
The state of the phase 1 Internet Key Exchange
(IKE) setup.
See Table B-9.
Phase 2 State
The state of the phase 2 IKE setup.
See Table B-9.
Protocol
The method of encapsulation.
AH (authentication
header)
ESP (encapsulating
security protocol)
SPI
A unique identifier for each connection.
Usually a random
number, displayed in
hexadecimal
Sequence TX/RX
The current sequence number in each direction.
This also indicates how many frames have been
sent and received since the last phase 2 rekeying
occurred.
Decimal number
B - 31
Table B-9. Phase 1 and Phase 2 States
State
Description
Phase 1 States
VPN IDLE
No setup attempt is pending (not normally seen)
PRE-SETUP
Waiting for timeout to initiate setup
AGGR INIT
Initiated aggressive mode setup
AGGR RESP
Aggressive mode response sent
MAIN SA IN
Main mode security association initiated
INIT RX
Main mode setup message received
MAIN SA RE
Main mode security association response sent
MAIN KEY IN
Main mode key setup set
MAIN KEY WT
Waiting for key response (this can take seconds depending
on the processor speed at the other end)
MAIN KEY RE
Main mode key response sent
MAIN ID IN
Main mode ID message sent
MAIN ID RE
Main mode ID response sent
CONNECTED
Phase 1 setup is complete
Phase 2 States
B.2.9
QK SETUP IN
Phase 2 setup (quick mode) initiated
QK SETUP WT
Waiting for phase 2 response (can take seconds depending
on the processor speed at the other end)
QK SETUP RE
Phase 2 response sent
NEW GRP IN
New group request initiated
VPN UP
VPN is up and sending data
VRRP
Two DYNASTAR 1500s can be configured to create backup router paths. One router is configured to be the
Main and the other the Backup. In the event the Main goes offline, the Backup will identify itself as the
“new” primary router. Using this configuration requires that the user configure both routers. To configure
the DYNASTAR 1500 the user enters the required information into the VRRP configuration menus. The
menus are found under <2> Network, <1> Router, <9> VRRP. The menu is shown in Figure B-28. From
the VRRP Setup and Status menu select <1> VRRP Configuration to display the Configured VRRP
Groups menu, shown in Figure B-29. This menu is blank until VRRP groups are configured. To add entries
press <Enter> to display the VRRP Configuration menu shown in Figure B-30. To review all configured
groups and review the status, select VRRP Groups <2> from the VRRP Setup and Status menu. The VRRP
Group Status menu shown in Figure B-31 is displayed. The fields are described in Table B-11. Refer to the
Addendum, “VRRP”.
B - 32
*** VRRP Setup and Status ***
1 - VRRP Configuration
2 - VRRP Groups
Configure VRRP groups
Display VRRP groups status
_______[DynaStar_6100a3d2]________
Figure B-28. VRRP Setup and Status Menu
*** Configured VRRP Groups ***
0:00:00
_______[DynaStar_6100a3d2]________
Figure B-29. Configured VRRP Groups
B - 33
*** VRRP Configuration ***
Virtual Router ID:
VRRP group name:
VRRP IP address:
(1-255)
(15)
0.0.0.0
_______[DynaStar_6100a3d2]________
Figure B-30. VRRP Configuration Menu
Table B-10. VRRP Configuration Attributes
Parameter
Description
Value
Virtual Router ID
Number assigned to the
VRRP router
Decimal value 1 -255
VRRP group name
Name assigned to the
VRRP group.
Up to 15 alphanumeric characters
VRRP IP address
The IP address of the
master router in the
VRRP group
Cannot be a
broadcast or
multicast IP address
B - 34
*** VRRP Group Status ***
Virtual Router ID
Group Name
Primary IP
_______[DynaStar_6100a3d2]________
State
Priority
Figure B-31. VRRP Group Status Menu
Table B-11. VRRP Groups Status Menu Attributes
Parameter
Description
Values
Virtual Router ID
Number assigned to the VRRP group
1 - 255
Group Name
Up to 15 character name assigned to the VRRP
group
A maximum of 15
alphanumeric
characters
Primary IP
The IP address of the master router
No broadcast or
multicast IP addresses
allowed
State
Indicates the state of the VRRP group
Shows master
Priority
The priority for each router in the VRRP group. 255
for the master and a default value of 100 for the
backup.
1 - 255
(0 indicates a master
router that is not acting
as master currently.)
B.2.10 TCP Multicast
The DS1500-XFR supports a broadcast feature that lets the user configure TCP multicast groups. A
maximum of 50 TCP sources can be defined, which can connect to a maximum of 60 destinations. Traffic
received on the source IP address and socket is sent to each of the destinations; any traffic received on the
destinations is sent only to the source. When a user connects to the source IP address and socket, TCP
connections are automatically launched to the destinations. If a destination is cleared, the DS1500-XFR
attempts to reestablish the connection every 10 seconds. If the source is cleared, all destinations are cleared.
B - 35
The source must be configured first; this is done by defining a Multicast async service type. (See “Async
Service Types” on page B-50; only the IP address and socket need to be defined.) The destinations are
configured from the Multicast Destinations screen, which is found under <2> Network, <1> Router, <10>
TCP Multicast. The Multicast Destinations screen is shown in Figure B-32.
*** Multicast Destinations ***
IP Address
1 0.0.0.0
Socket
Source Socket
0
0
__________[DynaStar_11]___________
0:00:00
Source Name
Figure B-32. TCP Multicast Screen
The destination IP address and socket are entered in the IP Address and Socket columns. Toggle the Source
Socket to obtain the source socket for this destination. In the Source Name, toggle to obtain the source name.
Note that destinations can be terminated on the same DS1500-XFR as the source. They can be converted to
X.25 via X25-OUT (see “Async Service Types” on page B-50), or they can be routed to another device.
B - 36
B.3
BRIDGE
The <2> Bridge submenu of the Networking Setup and Status menu provides access to parameters
associated with the Spanning Tree Protocol (STP). In compliance with IEEE 802.1d (STP) or 802.1w
(RSTP), the DS1500-XFR sends and receives data messages called STP Bridge Protocol Units (BDPUs) at
a regular, user-defined interval and calculates the best loop-free path through the network. Switches in the
network use the BDPU information to determine if multiple active paths exist between switches and then
provide STP settings that block the least desirable redundant paths so loops are not created. Once STP is
enabled on selected ports, the DS1500-XFR is self configuring. On power-up, the DS1500-XFR learns the
location of all nodes (e.g., LAN workstations) by examining network traffic and building address tables. It
then determines the best loop-free path for sending information across complex network topologies and
allows for bridging traffic over all available paths while ensuring that undesirable loops are not created. If a
link fails, an automatic reconfiguration function calculates the next best route and unblocks the appropriate
path, bridging traffic over another link.
To change the STP parameter values or to review them, the path from the Networking Setup and Status
menu is, <2> Bridge, shown in Figure B-33, then <1> Bridge Configuration, which displays the Ethernet
Spanning Tree Bridge Parameters screen, shown in Figure B-34. This screen allows customization of
STP parameter values. Tab or cursor to the appropriate field and toggle or type in the desired parameter
value. The parameters and their options are defined in Table B-12.
To view the status of the bridge ports follow the path from the Networking Setup and Status menu: <2>
Bridge, shown in Figure B-33, then <2> Bridge Status, which displays the Bridge Port Status screen,
shown in Figure B-35. This screen allows the user to see the port, state, role in bridging, network, and
BDPUs sent and received. This is a useful screen to review in cases where network paths are suspected of
failure. If the Bridge is the Root Bridge, the status screen will indicate this (Figure B-36).
*** Bridge Configuration and Status ***
1 - Bridge Configuration
2 - Bridge Status
Configure Bridge parameters
Display status of all Bridge ports
__________[DynaStar_24]___________
Figure B-33. Bridge Configuration And Status Menu
B - 37
*** Ethernet Spanning Tree Bridge Parameters ***
Last changed: 7-14-04 12:33:29
IEEE 802.1 Bridge Priority:
Bridge Ageing Time:
Bridge Hello Time:
Bridge Forward Delay:
Bridge MaximumAge:
Spanning Tree:
32768
5
2
15
20
Rapid
(0 to 65535)
(1 to 255 minutes)
(1 to 10 seconds)
(4 to 30 seconds)
(6 to 40 seconds)
(802.1d or 802.1w)
__________[DynaStar_24]___________
Figure B-34. Ethernet Spanning Tree Bridge Parameters Menu
*** Bridge Port Status ***
Port
State
Role
__________[DynaStar_24]___________
Network
BPDUs
TX
RX
Figure B-35. Bridge Port Status Screen
B - 38
*** Bridge Port Status (Root Bridge) ***
Port
State
Role
Network
__________[DynaStar_11]___________
BPDUs
TX
RX
Figure B-36. Bridge Port Status Screen Indicating Root Bridge
Table B-12. Spanning Tree Parameters
Parameter
Definition
Default
Range
Bridge Priority
Used by the IEEE 802.1d spanning tree algorithm
to determine the root of the interconnected
network. Bridge priority provides a means of
assigning a relative priority to each bridge within
the set of bridges in the bridged LAN. Enter 1 for
the Root node only.
32768
0-65535
Bridge Aging Timer
Value that the bridge uses to automatically remove
end stations (i.e., Ethernet addresses) after the last
activity from/to the end station. The aging timer
allows an end station to move to another LAN or
become inactive.
5
1-255 minutes
Bridge Hello Time
The amount of time between the transmission of
configuration BPDUs on any port.
2
1-10 seconds
Bridge Forward Delay
Controls how long the bridge waits after any state
or topology change before forwarding the
information to the network.
15
4-30 seconds
Bridge Maximum Age
Specifies the age of STP information learned from
the network on any port before it is discarded.
20
6-40 seconds
Spanning Tree Protocol
Selects protocol to be used, either Spanning Tree
Protocol (802.1d) or Rapid Spanning Tree Protocol
(802.1w)
Rapid
Normal (STP)
Rapid (RSTP)
B - 39
!
B.4
NOTE: Each STP network requires one Root node for the STP. The Root node is typically
selected as one of the nodes most central to the network topology. The Root node is the
device with the highest Bridge Priority. Setting the Bridge Priority to 1 (highest priority) is
suggested for the Root node. In some cases, there may be a specific node designated as
the primary alternative node should the Root node fail. This secondary Root may be
designated by assigning a different Bridge Priority, greater than 1 and less than the default
(e.g., 2).
Except for Root node designation, the default STP settings should work in most
environments. The STP algorithm effectively uses the default values and the current state of
the network to determine the best STP configuration. Adjusting the timers can affect the
speed of topology change convergence throughout the STP network. Care must be taken to
avoid loops under any circumstance. Adjustments should be made cautiously and with
knowledge of overall network topology and link delays.
If no changes are made to the default Bridge Priority setting, the switch with the lowest MAC
address is assigned as the Root node. The Bridge Priority is used to engineer which node is
the Root.
TERMINAL SERVER
The path to the Terminal Server menu is Main menu, <2> Network, <3> Terminal Server. The Terminal
Server Configuration menu is shown in Figure B-37 and provides access to the configuration parameters for
serial ports that have been configured as PAD. In the Terminal Server menu the Type field is fixed unless
you press <CTRL-O> which displays the Advanced Terminal Configuration menu, shown in Figure B-38.
The Port field is also fixed and the menu in Figure B-37 shows the default values for the ports. The fields in
the Terminal Server Configuration menus are described in Table B-13. The Advanced Terminal Server
Configuration menu is used to set the direction of the terminal server function. For terminal server out
connections the default IP-ASY (IP to asynchronous) setting is correct. To configure for reverse operation,
the user toggles the Type field value to ASY-IP. For further discussion on this feature refer to “Terminal
Server Overview” on page 1-7.
B - 40
*** Terminal Server Configuration ***
Port Name
(14)
S5
SERIAL5
S6
SERIAL6
S7
SERIAL7
S8
SERIAL8
Type
(Fixed)
IP-ASY
IP-ASY
IP-ASY
IP-ASY
Local
Socket
10205
10206
10207
10208
Tel
Raw
N
N
N
N
__________[DynaStar_31]___________
Async
Speed
9600 Baud
9600 Baud
9600 Baud
9600 Baud
Parity
7-EVEN
7-EVEN
7-EVEN
7-EVEN
DSS
Ignore
N
N
N
N
0:00:00
Profile
89(14)
89(14)
89(14)
89(14)
CRT
CRT
CRT
CRT
Figure B-37. Terminal Server Configuration Menu
Table B-13. Terminal Server Configuration Attributes
Parameter
Description
Default
Range
Port
Shows the port number
None
S1 through S8
Name
Port name
Serial1 through
Serial8
As defined by
user - up to 14
characters
Type (Fixed)
Not changeable in this menu, see
advanced menu to toggle.
IP-ASY
Fixed
Local Socket
Socket number assigned to port
10201 for Serial1,
1 - 16959
10202 for Serial2,
etc.
Tel Raw
In normal terminal emulation mode, a
session starts out with a negotiation
sequence where the two ends negotiate
parameters. Most terminal server
connections do not require negotiation
and setting the value to N sets the port to
Raw Mode or no negotiation.
N
Async Speed
Sets the port speed
9600
300 bps - 230.4
Kbps
Parity
Sets the parity for the port
7-Even
Toggle values
7 - auto/even/
odd/mark/space
8 - even/odd/
mark/space/none
B - 41
N - Raw Mode
Y - negotiate
Table B-13. Terminal Server Configuration Attributes (Continued)
Parameter
Description
Default
Range
DSS Ignore
Specifies that RTS/CTS data set signals
not be used. If DSS flow control is set to N
then data set signals are ignored.
N
N, Y
Profile
Predefined parameters, using either
preconfigured or customer defined profile,
for the async connection.
89(14)
Refer to “PAD
Profiles” on page
B-44.
*** Advanced Terminal Server Configuration ***
Port Name
(14)
S5
SERIAL5
S6
SERIAL6
S7
SERIAL7
S8
SERIAL8
Type
IP-ASY
IP-ASY
IP-ASY
IP-ASY
Local Remote Remote
Socket Socket IP Address
10205
10206
10207
10208
__________[DynaStar_31]___________
0:00:00
FR (Fixed) VRRP
Port DLCI V.R.ID
Figure B-38. Advanced Terminal Server Configuration
Table B-14. Advanced Terminal Server Menu Attributes
Parameter
Description
Default
Range
Port
Shows the port number
None
S1 through S8
Name
Port name
Serial1 through
Serial8
As defined by
user - up to 14
characters
Type
IP-ASY setting used where the remote IPhost initiates communications with the
attached serial device.
ASY-IP setting is a reverse terminal server
function where the DS1500-XFR creates
the TCP/IP session to the host on behalf
of the attached async client.
IP-ASY
IP-ASY
ASY-IP
PAD
B - 42
Table B-14. Advanced Terminal Server Menu Attributes
Parameter
Local Socket
Description
Socket number assigned to port
Default
10201 for Serial1,
Range
1 - 16959
10202 for Serial2,
etc.
Remote Socket
This is the remote socket number of the
end device, not the local device. This field
is accessible only when the Type field
shows ASY-IP.
None
1 -16959
Remote IP Address
The IP address of the next hop IP device.
This field is only accessible when the Type
field shows ASY-IP.
0.0.0.0
Valid IP address
FR Port
Lists which WAN port is assigned this
port’s traffic
N/A
W1 or W2
Fixed DLCI
The DLCI number assigned to this
connection, fixed in this case means the
user must enter the Frame configuration
menus to change the DLCI setup.
N/A
N/A
VRRP V.R. ID
The unique number, with the VRRP group,
assigned to the router group
N/A
1 - 255
B - 43
B.5
ASYNC SERVICES
The Async Services menu provides access to the PAD profile menus, the Logon Screen, async services and
options, X.25 mnemonics and NUIs, and the user call status screen. The Async Services menu is accessed
from the Networking Setup and Status menu by pressing <4> Async Services. The menu shown in Figure
B-39 is displayed.
*** Async Configuration ***
1
2
3
4
5
6
7
-
Async Profiles
Async Logon Screen
Async Services
Async Options
X.25 Mnemonics
NUIs
User Call Status
Configure Async profiles
Configure user connection screen
Configure async services
Configure async options
Configre X.25 mnemonics
Configure NUIs
Display connected users
__________[DynaStar_31]___________
Figure B-39. Async Configuration Menu
B.5.1
PAD Profiles
Profiles are predefined sets of X.3 parameters that are designed to be used with specific types of
asynchronous devices. Each profile is identified by a number and, optionally, a name. The DS1500-XFR has
two built-in profiles defined by the ITU-T that cannot be changed: the transparent profile (91) and the simple
profile (90). There are an additional 14 profiles (numbered 76 through 89) that you can configure. Five of
these profiles are predefined: one for display devices (CRT), one for printing terminals (TTY), one for
Telnet clients (TELNET), one for an X.29 set command for a LAN (LAN) and one set up for SCADA traffic
(85). The remaining profiles are set to default values that match the CRT profile.
For convenience, all profiles can be referenced by a second set of numbers, from 1 to 16, as indicated on the
PAD Profiles screen (Figure B-40). This screen lets you define an X.28 profile (local profile) and an X.29
profile (remote profile) for the port you are configuring. The values in the X.28 profile govern the internal
operation of the local PAD port. The X.29 profile, if defined, governs the operation of the remote PAD port.
When a call is initiated, the local PAD port sends an X.29 data packet to the device at the distant end
requesting a change in the X.3 parameters to match the profile listed in this field.
You can temporarily override the local profile set for your port with the X.28 PROF command, and you can
use the X.28 SET or SET? commands to temporarily change individual X.3 parameters.
The procedure below explains how to configure profiles:
1.
From the Networking Setup and Status menu, select <4> Async Services.
2.
Select <1> Async Profiles.
B - 44
3.
The PAD Profiles menu, shown in Figure B-40, appears. (The fields in this menu are described in
Table B-15.) Next to the number of the profile that you want to configure, enter a short name for
the profile.
4.
In the Profile # … column, enter the number of an existing profile that is the most similar to the
profile that you want to configure. This profile will be used as the starting point for the new
profile.
5.
In the Optional Description column, enter a description that will help identify the function of this
profile.
6.
In the Enter profile number to view/change X.3 parameters field, enter the number of the new
profile being defined and press <Enter>. The X.3 Parameter Values screen appears, as shown in
Figure B-41. The fields in this menu are described in Table B-16.
7.
Change the parameters as required by entering the new value in the Enter value column of the
appropriate parameter. Press <tab> or <Enter> to go to the next field. Invalid values will not be
allowed.
8.
When necessary changes are completed, enter Y in the Process Selections field and press
<Enter>. The PAD Profiles screen reappears.
9.
When completed with the configuration, enter Y in the Process Selections field of the PAD
Profiles screen and press <Enter>.
NOTE: You must save your changes on both screens for the changes to take effect.
Built-in
profiles:
91(16) - TRANS
90(15) - SIMPLE
*** PAD Profiles ***
CCITT transparent
Last changed: 7-14-04 12:33:29
CCITT simple
Profile # for
Optional description
initial values
(up to 32 characters)
90(15)
Display terminal
90(15)
Printing terminal
91(16)
Telnet client
91(16)
LAN X.29 SET
85(10)
Transparent, 20mS idle
89(14)
89(14)
89(14)
89(14)
89(14)
89(14)
89(14)
89(14)
89(14)
Enter profile number to view/change X.3 parameters:
__________[DynaStar_24]___________
Profile name must not start with number.
89(14)88(13)87(12)86(11)85(10)84(09)83(08)82(07)81(06)80(05)79(04)78(03)77(02)76(01)-
Profile name
(1-8 chars)
CRT
TTY
TELNET
LAN
SCADA
Figure B-40. PAD Profiles Screen
B - 45
Table B-15. Async Configuration Attributes
Field
Description
Built-in profiles
Lists the two ITU-T (CCITT) defined profiles that
are available in the DS1500-XFR (91 [transparent]
and 90 [simple]). These profiles cannot be
changed.
Profile Name
The profile name is optional; it provides a brief
identification for the profile. The name can also be
used in the X.28 PROF command instead of the
profile number.
Profile # for Initial
Values
The profile number that you use as the basis for
setting the X.3 parameters. If the profile named in
this column is later changed or deleted, the
parameters for this profile do not change.
Optional Description
This field is optional and can be used to enter up to
32 characters describing the device that uses the
profile or the circumstances under which you use
the profile.
*** X.3 Parameter Values ***
Profile 89(14)CRT
Enter value
Permitted values
1: PAD recall
1
0-no escape, 1-DLE, 32-126 define char
2: PAD echo
1
0-no echo, 1-echo
3: Data forwarding chars
2
0, 1, 2, 4, 8, 16, 32, 64, 128, 3-255
4: Idle timer
0
0-disabled, 1-250 * 50mS, 251-255 10-50mS
5: Flow control by PAD
1
0-no use of XON/XOFF, 1-use XON/XOFF
6: PAD service signals
5
0-none, 1-no prompt, 5-prompt & *, 8-15
7: Break handling
0
0, 1, 2, 5, 8, 21
8: Discard output
0
0-normal delivery, 1-discard
9: Padding after CR
0
0-none, 1-255 padding characters
10: Line folding
0
0-none, 1-255 graphic characters per line
12: Flow control of PAD
1
0-no use of XON/XOFF, 1-use XON/XOFF
13: LF after CR
4
0, 1, 4, 5, 6, 7
14: Padding after LF
0
0-none, 1-255 padding characters
15: Editing
1
0-none, 1-editing in data transfer
16: Character delete
127
0-126 IA5 character, 127-DEL
17: Line delete
24
0-23 & 25-127 IA5 character, 24-CAN
18: Line display
18
0-17 & 19-127 IA5 character, 18-DC2
19: Editing signals
2
0-none, 1-printing, 2-display terminal
20: Echo mask
240
0, 1, 2, 4, 8, 16, 32, 64, 128, 3-255
21: Parity treatment
3
0-none, 3-checking and generation
22: Page wait
0
0-disabled, 1-255 LFs
Figure B-41. X.3 Parameter Values
B - 46
Table B-16. X.3 Parameter Values Menu Attributes
Parameter Number and
Name
1
PAD Recall Char
Description
Indicates whether the terminal can communicate
directly with the PAD.
Possible Values
0 - Not possible
1 - Possible using DLE (Ctrl-P)
char.
2-127 - Possible using selected
character
2
Indicates whether there is a local echo.
Echo
3
Data Forwarding Characters
0 - No echo
1 - Echo
Indicates what characters will signal that data
should be forwarded.
0 - No data forwarding chars.
2 - CR
16 - EXT, EOT
18 - EXT, EOT, CR
126 - All chars + DEL
127 - Forward on every character
128+n -Forward after n
characters
4
Idle Timer
Indicates that a partially filled packet will be
forwarded if nothing is received from the terminal
for this amount of time.
0-250, the specified number is in
one-twentieths of a second
Also, special values:
251 - 3-10 ms
252 - 20 ms
253 - 30 ms
254 - 40 ms
255 - 50 ms
5
PAD to Terminal Flow
Control
Indicates if the PAD can send flow control signals to
the terminal.
0 - No XON, XOFF
1 - XON, XOFF in data transfer
mode
2 - XON, XOFF in data transfer
and command modes
6
Control of PAD Service
Signals
Indicates whether PAD service signals (messages)
are sent from the PAD to the terminal.
0 - Signals not sent
1 - Standard signals sent
5 - Signals + prompt sent
B - 47
Table B-16. X.3 Parameter Values Menu Attributes (Continued)
Name
7
PAD Action on Receipt of
Break
Description
Possible Values
Indicates how the PAD reacts when it receives a
Break signal.
0 - Do nothing
1 - Send Interrupt packet
2 - Reset
8 - Escape from data transfer
mode
21 - Discard output and send
Interrupt packet and Break
8
Disregard output
9
Padding after CR
10
Works in conjunction with parameter 7 to indicate
what to do with any output.
0 - Normal data delivery
Indicates what padding, if any, is used after a
carriage return.
0 - No padding
Indicates the number of characters to have per line.
0 - No line folding
1-7 One to seven NULLs, as
indicated
Line Folding
11
1 - Discard output
1-255 The number of characters
per line
The terminal speed. This is a read-only parameter.
Baud Rate
0 - 110 bps
2 - 300 bps
3 - 1200 bps
4 - 600 bps
5 - 75 bps
13 - 4800 bps
14 - 9600 bps
15 - 19200 bps
12
Terminal to PAD Flow
Control
13
Indicates if the terminal can send flow control
signals to the PAD.
0 - No XON, XOFF
Indicates whether a linefeed is inserted after a CR.
0 - No LF
Linefeed Insertion
1 - XON, XOFF
1 - LF inserted after CR
transmitted to DTE
2 - LF inserted after CR from the
DTE
4 - LF inserted after CR echo
5 - 1+4
6 - 2+4
7 - 1+2+4
B - 48
Name
14
Padding after Linefeed
Description
Indicates whether any padding is inserted after an
LF.
Possible Values
0 - No padding
1-7 Send the specified number of
Null characters
(Data transfer mode only)
15
Editing
16
Character delete
Indicates whether or not editing is allowed at the
terminal.
0 - No editing
Indicates which character is used as the character
delete function.
0-126 Specified character from
IA5
1 - Editing in data transfer mode
127 - DEL
17
Line Delete
Indicates which character is used as the line delete
function.
IA5
24 - CAN
IA5
18
Line Display
Indicates which character is used for the line
display function.
IA5
18 - DC2
IA5
19
Editing PAD Service Signals
Indicates whether the service signals can be
edited.
0 - No editing
1 - Editing for printing terminals
2 - Editing for display terminals
20
Indicates which characters are not echoed.
Echo Mask
0 - No mask
1 - CR
2 - LF
4 - VT, HT, FF
8 - BEL, BS
16 - ESC, ENQ
32 - ACK, NAK, STX, SOH, EOT,
ETB, ETX
64 - No echo of chars defined by
parameters 16, 17, 18
128 - No echo of characters not
listed above + DEL
21
Indicates whether parity is checked or generated.
Parity Treatment
0 - Neither
1 - Checking
2 - Generation
B - 49
Name
22
Description
Possible Values
Indicates the number of LFs that constitute a page.
Page Wait
0 - No page wait
1-255 LFs used by the PAD for
the page wait function
B.5.2
Logon Screen
The path to the Logon screen is: Main menu, <2> Network, <4> Async Services, <2> Async Logon
Screen. The Logon Screen, shown in Figure B-42, allows the user to change the default banner that is sent
when a serial device is connected to a serial port. Up to 30 lines of text can be entered, with a maximum of
75 characters per line.
*** Logon Screen ***
0:00:00
Enter Text, Spaces Permitted
(75 Chars Max)
1
__________[DynaStar_24]___________
Figure B-42. Logon Screen
B.5.3
Async Services
The purpose of the Async Services menu is to facilitate delivery of encapsulated asynchronous data to or
from a TCP/IP network, frequently through an intermediate X.25 network. The Async Services menu can be
configured with appropriate information for establishing several different connections by naming a
configuration and then specifying service type, network addresses, and, when appropriate, Telnet and X.3
parameters to be used.
B.5.3.1 Async Service Types
Several types of service are available in the DS1500-XFR: X25-In, X25-Out, X25-Out Stream, Echo Test,
and Multicast. The type of service selected determines how the DS1500-XFR uses the various screen
parameters in establishing a connection.
B - 50
X25-In. Figure B-43 shows a typical X25-In application. In the example, async data from the PAD is sent
to the DS1500-XFR over an X.25 line. When the DS1500-XFR receives a call request from the PAD, the
DS1500-XFR checks the X.121 address and CUG (if present) against async service configurations. (If a
CUG is defined for the async service, both the X.121 address and CUG in the call request must match.) If a
match is found for an X25-In service, the X.25 frame information is stripped off and the data is transmitted
as an IP data stream to the IP address and socket number specified on the same Async Services menu.
IP
Device
Ethernet
DynaStar
1500
IP
Device
X.25
PAD
X.25 Network
Figure B-43. X25-In Application
X25-Out. Figure B-44 illustrates a typical use of the X25-Out application. In the example, the Telnet
client places a call to the IP address assigned to the DS1500-XFR connection. The DS1500-XFR checks the
IP address in the Telnet request against Async Service entries. If a match is found for an X25-Out
configuration, the DS1500-XFR launches an X.25 call to the X.25 host, based on the X.121 address entered
on the same Async Services menu. The X.25 call is processed by the local X.25 routing table before it is
passed to the appropriate X.25 port.
X.25
DynaStar
1500
Telnet Client
X.25
Host
TCP/IP Network
Figure B-44. X25-Out Application
At this point, the Telnet session is established and the Telnet client is connected to the X.25 host. The session
can be cleared by the X.25 device or the Telnet client. Note that X.25 Q, D, and M bits cannot be transported
over Telnet and will be lost. Note also that X25-Out forwards data to the X.25 host based on TCP packets
received and maintains packet boundaries from TCP to X.25. Normal X.3 forwarding conditions defined by
Virtual Port 10, X.3 Profile Parameters 3 and 4, and FWD characters are ignored. The only exception is if
the TCP packet received is bigger than the X.25 packet size, in which case the TCP packet will be split into
two or more X.25 packets.
X25-Out Stream. X25-Out Stream service operates like X25-Out, except that it handles data forwarding
differently. The X25-Out Stream service forwards data only on the forwarding condition specified by X.3
parameter 3, 4, and the FWD character that is defined in Virtual Port 10 or in the Service X.3 Profile.
B - 51
Multicast. The Multicast service provides a TCP/IP broadcast feature. A maximum of 50 TCP sources
that can connect to a maximum of 60 TCP destinations can be defined. See also “TCP Multicast” on page
B-35.
Echo Test. The Echo Test service lets the user set up an X.121 address (for X.25 communication) and if
an application connects to this address, all data received is echoed back.
B.5.3.2 Async Service Configuration
The path to the Async Services screen is Main menu, <2> Network, <4> Async Services, <3> Async
Services. The Async Service Names screen, shown in Figure B-45, lists any previously defined async
services. The user can select the number of an async service to edit, or press <Enter> to define a new
service. The Async Services screen, shown in Figure B-46, is displayed; the fields in this screen are
described in Table B-17.
*** Async Service Names ***
6:13:38
1 - TEST
__________[DynaStar_31]___________
Figure B-45. Async Service Names Menu
B - 52
*** Async Services ***
Service name:
Service type:
IP address:
Socket Number:
X.121 Address:
X.3 Profile:
Telnet Command:
CUG:
Call UserData:
TCP Idle Timer:
TEST
X25-In
0.0.0.0
23
(15)
(15 BCD)
(Name or #)
(23)
(0-99)
(32)
(1-255 min., 0=OFF)
87(12) TELNET
0
Figure B-46. Async Services Definition Screen
Table B-17. Async Services Attributes
Parameter
Description
Default
Range
Service Name
A name provided by the user to describe
the service.
None
Up to 15
alphanumeric
characters
Service Type
The type of service on the line, which
determines how the DS1500-XFR uses
the screen parameters to establish a
connection. See “Async Service Types”
on page B-50 for a description of service
types
X-25-In
X25-In
X25-Out
X25-Out Stream
Echo Test
Multicast
IP address
Inbound Services: A connection is
launched to this IP address and socket
when the X.121 address (and CUG) on
this menu are called.
Outbound Services: The DS1500-XFR
checks this IP address and socket
against the called address. If there is a
match, the DS1500-XFR places a call to
the X.121 address specified on this
menu.
0.0.0.0
Any valid IP
address on the
same network as
the Ethernet port
or the IP address
of any WAN port
Caution: Do not use the IP address of
the Ethernet Port with the default socket
(23), as this will lock you out of the
Console port.
Avoid using Socket 1998, which is
reserved for the XOT function
B - 53
Table B-17. Async Services Attributes (Continued)
Parameter
Description
Default
Range
Socket Number
Socket number used for the call
23 (Telnet)
0-65535
X.121 Address
Inbound Services: This address is
compared to the X.121 address of
incoming X.25 calls. For X25-In, if there is
a match, a Telnet session is established
using the IP address and socket specified
on this menu.
Outbound Services: A call is launched to
the X.121 address if a Telnet connection
is made to the IP address and socket
specified on this menu.
None
Any valid X.121
address
X.3 Profile
For X.25-In, sends an X.29 Q packet
containing an X.29 Set command, which
overwrites X.3 parameters of the calling
device.
For X.25-Out, configures the X.3
parameters of the local virtual X.25-Out
service. If the X.3 profile is disabled by
entering 0 to delete the contents of the
field, the standard Virtual Port 10 profile is
used. Besides whatever profile is
assigned, the additional forward condition
defined in Virtual Port 10 “forwarding
character” is also active. To disable the
special forwarding character, use <CTRLD> to delete the contents of the field.
Valid forwarding characters are 00
through 7F.
87(12) TELNET
Name or number
of any defined
X.3 profile. (See
“PAD Profiles” on
page B-44.)
Telnet Command
Inbound Services: For X25-In, all Telnet
commands listed in Table B-18 that are
applicable to a client can be used in
establishing a Telnet session.
NOTE: For optimum inbound
performance, it is recommended that you
enter -D 8 -Q -N. These parameters set
8-bit data mode, automatically disconnect
Telnet when an X.25 Clear is received (or
automatically disconnect X.25 if a Telnet
clear is received), and inhibit escape to
Telnet command mode.
None
Any valid Telnet
command up to
23 characters
Outbound Services: Only the following
commands can be used: -H, -J,-LF, -N, R, -T
CUG
Limits communication to within a given
CUG. Applies only to X25-In calls.
None
0-99
Call User Data
X25-Out services can automatically insert
a call user data string of up to 32
characters into the CALL REQUEST
packet.
None
Up to 32
characters
B - 54
Table B-17. Async Services Attributes (Continued)
Parameter
TCP Idle Timer
Description
If the TCP connection has been idle for
the configured period of time, a keep alive
message is sent. If the server does not
receive a response, the message is
retried every 45 seconds for 5 times
before the session is taken down.
Default
0
Range
0 (Disabled)
1-255 minutes
Table B-18. Telnet Command Descriptions
Command
Description
Options
?
Telnet>?
Displays current settings and options. Used before and
during connection.
None
IP Address
Telnet>192.100.100.14
Places a Telnet call to the specified address. Used before
connection.
None
Socket Number
Telnet>192.100.100.14 24
Adds port/socket number to the IP address (Socket #24 in
example). A space separates the IP address from the
socket number. Used before connection.
Caution: Do not use the IP address of the Ethernet Port
with the default socket (23), as this will lock you out of the
Console port.
Avoid using Socket 1998, which is reserved for the XOT
function. See “XOT Switching Table” on page B-75.
1-65535
Default = 23
-A
Abort
Telnet>-A
Sends an Abort Output command to the Telnet host. The
process that is running on the host will run to completion
but will stop transmitting to the Telnet Client. Used during
connection.
None
-B
Break
Telnet>-B
Sends a break to the Telnet Host. Used during connection.
None
-C
Close
Telnet>-C
Closes current Telnet connection and returns a Telnet>
prompt. Used during connection.
None
-D
Data Bits
Telnet>-D 8
Sets the Telnet connection for 7 or 8 data bit operation.
Used before and during connection. There must be a
space between the -D and the number.
7, 8
Default = 7 bits
B - 55
Table B-18. Telnet Command Descriptions (Continued)
Command
-E
Echo
Description
Options
Telnet>-E R
Controls the echo function for the connection. Options are:
Terminal: Characters entered at the terminal are sent to
the host and are displayed on the screen by the terminal.
Local: Characters entered at the terminal are sent to the
host and are returned (echoed) by the DS1500-XFR for
display on the screen by the terminal.
Remote: Characters entered at the terminal are sent to
the host and are returned (echoed) by the host for display
on the screen by the terminal. Used before and during
connection.
T (Terminal)
R (Remote)
L (Local)
-F
Force CR
Telnet>-F N
Defines the second character that is sent along with a
Carriage Return character. Used before and during
connection.
C (CR alone, CR
Sent)
L (Line Feed,
CRLF Sent)
N (Null, CRNull
Sent).
Default = L
-H xxxx
(where xxxx are two
hexadecimal bytes
that will be sent as a
Telnet command)
Will Suppress Go Ahead
For example:
-H FB03
would send 0xfb (251 decimal parameter code for AWill@)
followed by 03 (value for suppress go ahead).
Can be entered
at server only.
-I
Interrupt
Telnet>-I
Sends an interrupt command to the Telnet host. Normally,
this stops the process that is running on the host but does
not disconnect the connection. Used during connection.
None
-J
Telnet> -J
Sets up 8-bit transfer with no negotiation of Telnet
parameters. Can be entered only on Async Services
menu for Outbound Services. Used during connection.
None
-K
Kill
Telnet>-K
Ends the Telnet session and returns the *PAD prompt.
Used before and during connection.
None
-L
Telnet>-L x
Defines the character the user will enter to display the
Telnet prompt when in a Telnet session. This allows the
user to change Telnet options. For example, entering ^]
from the terminal causes the system to respond with
Telnet> -X, which clears the Telnet> prompt and returns to
the Telnet connection. Used before and during
connection.
]
entered as ^]
-LF
Remove line feeds from the data stream.
Can be entered
at server only.
-M
Enables Modbus over TCP protocol.
Local
Default = R
B - 56
Table B-18. Telnet Command Descriptions (Continued)
Command
Description
Options
-N
No Escape
Telnet>-N
Disables the ability to escape from a Telnet connection to
the Telnet> facility menu with the ^] command. This setting
is required for transparent operation with systems that
could include an escape sequence (e.g. ^]) in the data
stream. Used before and during connection.
None
-NULL
Remove any NULL characters that follow carriage returns
in the data stream.
Can be entered
at server only.
-P
Telnet>-P 90
Used to set a local port’s X.3 profile or to call an X.29
command to set a remote port’s X.3 profile. Used before
and during connection.
Name or number
of any profile
defined on the
PAD Profiles
screen. (See
“PAD Profiles” on
page B-44.)
Default = Null
-Q
Telnet>192.100.100.14 -Q
Clears the X.25 call when a Telnet session ends. (Causes
the DS1500-XFR to clear an X.25 call if it receives a TCP
clear.) Can be entered on Async Services menu or directly
on Telnet command line. Used before connection.
None
-R
Raw
Telnet>-R
Raw mode. Allows for raw data transfer. Creates a TCP
connection without any Telnet parameters. If you are using
raw mode, the only Telnet commands that have effect are
-K and -Q.
Can be entered
at either client or
server.
-T
Terminal
Telnet>-T VT100
Allows the user to signal to the host the type of terminal in
use. This is a string that is passed to the host. The string
can be up to 40 characters long. Embedded spaces are
not allowed. (This is not a command to configure
emulation in the DS1500-XFR.) Used before and during
connection.
Any terminal type
supported by the
Telnet client
Default = NVT
(network virtual
terminal)
-T N
Won’t Negotiate Terminal Type. That is, the server sets
the terminal type. (By default, the command Do Negotiate
Terminal Type is sent.)
Can be entered
at server only.
-W
Invitation to Clear.
When the Telnet session is cleared, it uses an X.29
Invitation to Clear packet to terminate the X.25 portion of
the call.
Can be entered
at either client or
server.
-X
Exit
Telnet>-X
Exits the Telnet> facility menu and returns to the Telnet
connection. Used after connection.
None
-Y
Hello
Telnet>-Y
Sends an “are you there” message to the Telnet host.
Used during connection.
None
B - 57
B.5.4
Async Options
Async Options let the user define several systemwide parameters that apply to the asynchronous ports. The
path to the Async Options screen is Main menu, <2> Network, <4> Async Services, <4> Async Options.
The DynaStar PAD Parameters screen, shown in Figure B-47, appears. The fields are described in
Table B-19.
*** DynaStar PAD Parameters ***
Last changed: 3-24-05 13:56:05
PAD herald:\N\RAsync Port \P\N\R
(64)
Command mode timeout:
6
(0 = disabled, 1 - 255 ten second increments)
Dial call timeout:
9
(0 = disabled, 1 - 255 ten second increments)
ETB Terminated:
N
<CR> to toggle
M-BIT Enable:
Y
<CR> to toggle
PAD Service Signal:
(36 chars max)
PAD Service Signal Timer: 0
(0-disable, 1-60 sec)
__________[DynaStar_31]___________
Figure B-47. DynaStar PAD Parameters Screen
Table B-19. DynaStar PAD Parameters
Parameter
Description
Default
Values
PAD herald
The message that is displayed (along
with the physical port number) when you
dial in to a PAD port or when you connect
a terminal directly. The following control
characters can be included: \N (line feed),
\R (carriage return), and \P (port number).
Async Port
Up to 64
alphanumeric
characters
Command mode
timeout
Specifies the amount of time, in 10second increments, that the PAD can be
in command mode without receiving a
valid command. If the timer expires
before a valid command is entered, the
PAD outputs an ERR service signal and
returns the terminal to data transfer
mode.
6
0 (disabled)
1-255 in 10second
increments
B - 58
Table B-19. DynaStar PAD Parameters
Parameter
Description
Default
Values
Dial call timeout
Specifies the amount of time, in 10second increments, after which the PAD
will free a dial port if no call has been
established. The timer is started when the
user makes a telephone connection to a
dial port. If the timer expires before data
is sent, the PAD drops the physical
telephone connection.
9
0 (disabled)
1-255 in 10second
increments
ETB Terminated
Allows you to configure PAD messages to
end with the ETB character required by
some networks.
N
N/Y
M-BIT Enable
Allows the M-bit to be disabled. This
value can be overridden for individual
ports in the port configuration screen.
Y
N/Y
PAD Service Signal
Prompt that will appear in front of the
standard ITU-T asterisk. As part of the
prompt, the following can be used: \N
(line feed), \R (carriage return), \P (port
number).
NOTE: The user-defined service signal
works in conjunction with X.3 parameter
6. If, for example, you set the parameter
value to 1, the asterisk will not be
displayed.
None
Up to 36
alphanumeric
characters
PAD Service Signal
Timer
The frequency with which the PAD
Service Signal will be resent. When the
Service Signal Timer is disabled, the
user-defined prompt does not appear,
although the standard asterisk prompt
may appear.
0
0 (disabled)
1-60 seconds
B.5.5
X.25 Mnemonics
Call mnemonics (also called abbreviated addresses) let the user connect to a remote destination by entering a
meaningful name rather than an X.121 numeric address. To use mnemonics, the user enters a dot (“.”)
followed by the mnemonic at the PAD prompt. For example: > .CONSOLE.
Call mnemonics have been implemented with two options: Normal and Secured. In Normal mode, the
PAD port replaces the mnemonic name with the equivalent X.121 address and then places the X.25 call. In
Secured mode, the X.121 address again replaces the mnemonic name, but, in addition, the calling address is
also placed in the X.25 call packet. The calling address can then be used by the destination for security
checking. Normal or Secured mode is selected from the Mnemonic Type field of the PAD Port
Configuration menu (see “Asynchronous (PAD) Port Configuration” on page A-14.)
The path to the X.25 Mnemonics screen is Main menu, <2> Network, <4> Async Services, <5> X.25
Mnemonics. The Mnemonics Address/X.121 Address Mapping screen, shown in Figure B-48, appears. The
fields are described in Table B-19.
B - 59
*** Mnemonics Address/X.121 Address Mapping ***
Mnemonic
(16 Chars Max)
1 CONSOLE
2 RENO_6
3 TAMPA
Called
(15 BCD)
9999
2321449
174268
__________[DynaStar_31]___________
Calling
(15 BCD)
9:19:14
Max. Sessions
(0-255 or ^D)
255
Figure B-48. Mnemonics Address/X.121 Address Mapping Screen
The destination mnemonic is entered in the Mnemonics column and the destination address is entered in the
Called column. If Secured mode was set in the PAD Port Configuration menu, the calling address to be used
for this destination needs to be entered in the Calling column. In the Max. Sessions column, enter the
maximum number (from 1 to 255) of concurrent calls allowed using this mnemonic. CTRL-D or a blank
entry means an unlimited number of calls; a zero inhibits the use of call mnemonics to this destination.
NOTE: The root operator can fill in the called and calling X.121 addresses and leave the Mnemonics field
blank. A lower level operator with write permissions could then fill in a meaningful name at a later time.
This operator can modify the name field but cannot view the associated called and calling addresses. If an
operator defines a name for an entry that has no addresses configured, the addresses in the first table entry
will be copied to that entry. If an operator with read permission accesses the menu, he can view the
mnemonics but he does not see the addresses.
B.5.6
NUIs
The Network User Identification (NUI) facility is supported for PAD ports. The NUI is much like a
password and can be used as a security mechanism to verify that only authorized callers are placing calls.
NUI use is configured in the Advanced Async Port Configuration menu. (See “Asynchronous (PAD) Port
Configuration” on page A-14.)
If the NUI option is enabled for a port, all outgoing calls on this port will require an NUI in the call request
packet. The DS1500-XFR compares the NUI entered by the user to the entries in the NUI table before it
sends the call out to the network. If the entered NUI does not match an entry in the NUI table, the DS1500XFR refuses to place the call and returns an error message to the PAD screen. If the NUI does match an
entry in the NUI table, the DS1500-XFR places the NUI in the user data field of the call request packet and
then sends the call out to the network. A maximum of 50 NUIs can be defined.
The path to the NUI screen is Main menu, <2> Network, <4> Async Services, <6> NUIs. The Network
User IDs screen is shown in Figure B-49.
B - 60
NUI (16 chars)
*** NETWORK USER IDS ***
Last changed: 0-0-90 0:00:00
Enter the X.121 address for each NUI
X.121 address
1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
__________[DynaStar_31]___________
Use TAB & CURSOR keys to move among fields Press ESC to abort command & exit
Figure B-49. Network User ID Configuration Screen
To configure NUIs, enter the NUI in the NUI column (this is the string that the user will enter when he
places the call) and the called X.121 address associated with the NUI in the X.121 Address column.
B.5.7
User Call Status
The path to the User Call Status screen is Main menu, <2> Network, <4> Async Services, <7> User Call
Status. The User Call Status screen, shown in Figure B-50, appears. This screen lists the following
information for current calls: the name of the user who placed the call, call source, last destination reached,
packets transmitted and received, and the duration of the call. Pressing <Enter> updates the screen. To clear
a call, place the cursor on the appropriate line and press <CTRL-D>. Arrow keys can be used to see
additional entries if more than one screen of calls is listed.
B - 61
*** User Call Status ***
User Name
Src
Last
Destination
__________[DynaStar_31]___________
Packets
Transmit Receive
Duration
D:HH:MM:SS
Figure B-50. User Call Status Screen
B.6
FRAME RELAY
Once the Frame Relay line is configured (see “Frame Relay Port Configuration” on page A-9), configure the
Frame Relay connections. These connections are based on the Frame Relay DLCI. The DLCI is used to
provide a logical identification for a connection. The user must indicate which port and DLCI to use for a
given connection. A single DLCI is used for a connection terminating at the DS1500-XFR. A maximum of
1024 DLCIs are available.
The procedure for configuring Frame Relay connections is given below. All parameters in the Frame Relay
DLCI Configuration table are described in Table B-20.
1.
From the Main men, select <2> Network, <5> Frame Relay and then <1> Frame Relay DLCIs.
The Frame Relay DLCI Configuration Table (Figure B-51) is displayed.
2.
In the Type column, toggle to select the type of connection. For Router/Bridge traffic, select RFC
1490. For Switched traffic, select Annex G. For Direct-to-Frame, use PAD-FR.
3.
For both Switching and Router/Bridge traffic, configure the port and DLCI that the incoming call
will use in the Source Port/DLCI columns.
4.
For Switching traffic only, configure the outgoing port and DLCI that the call should use in the
Dest Port/DLCI columns.
For Router/Bridge traffic, indicate whether IP, IPX, and/or Bridged traffic will be allowed on this connection
in the IP and B columns
5.
Indicate the priority of the call in the PRTY column.
6.
In the CIR field, indicate the Committed Information Rate for this call. This parameter is used to
rate limit data out to the Frame Relay network.
B - 62
7.
If End-to-End fragmentation is to be used for this PVC, enter the number of bytes per fragment,
not including the four-byte header.
8.
For IP traffic, indicate the destination IP address in the column of the same name.
9.
When your configuration is complete, enter Y in the Process Table selections field and press
<Enter>.
Type
1 RFC 1490
Src
Port DLCI
W1 100
Dest
Port DLCI
__________[DynaStar_24]___________
IP
Y
CIR
Prty Kbps
1
0
Frag
Size
0
7:09:23
KA Dest IP Addr
N 192.168.1.2
Figure B-51. Frame Relay DLCI Configuration Table
Table B-20. Frame Relay Connection Parameters
Parameter
Type
Description
The type of connection. For IP routed traffic,
Router/Bridge traffic, and Terminal Server
connections, select RFC 1490. For Direct-ToFrame connections select PAD-FR. For switched
traffic, use Annex G. TRANS-FR is used with
transparent ports and the multicast function.
Backup is used to create secondary path over
another DLCI. When the LMI function determines
that the primary DLCI has been down a critical
amount of time the secondary (backup) DLCI is
activated. When the primary DLCI returns to an
active state, the LMI function reroutes traffic over
the primary and deactivates the backup. Note:
Receipt of a call on the backup DLCI will
automatically cause the backup DLCI to become
the active connection.
Source Port and
DLCI
The Frame Relay port and DLCI the traffic will use
as it enters the DS1500-XFR.
B - 63
Values
RFC 1490
PAD-FR
Backup
Annex G
TRANS-FR
Port values depend on
configuration
16-1022 for DLCI
Table B-20. Frame Relay Connection Parameters (Continued)
Parameter
Description
Dest Port and DLCI
Applies only when Type is set to Switch. The Frame
Relay port and DLCI the traffic will use as it exits
the DS1500-XFR.
Port values depend on
configuration
16-1022 for DLCI
IP
Applies only when Type is set to RFC1490. If set to
Y, IP traffic is enabled. A valid IP address must also
be entered.
Y
Determines priority to be given to the call. There
are 6 priority levels, 0 to 5. See Prioritization later in
this Appendix for more information.
0-5
CIR Kbps
The Committed Information Rate for the Frame
Relay traffic. This is the transfer rate that the Frame
Relay network is committed to transfer under
normal operating conditions. See Prioritization later
in this Appendix for more information.
Any value in 1 kbps
increments
Frag Size
Number of bytes per fragment (not including
FRF.12 or Q.922 address bytes) for this PVC when
End-to-End fragmentation is used.
NONE (disabled;
default)
PRTY
Values
N
1 = default
1 to 1500 bytes
Note: When UNI-NNI fragmentation is used,
fragment size is set on the Frame Relay Port
Configuration menu.
KA
Keep Alive. Used to detect end-to-end failures
across a frame circuit. It is turned on at the end
points and essentially is a keep alive message
which can be sent in one direction, Poll get a
response in return or Poll in both directions.
N - No
BI - bidirectional polling
RQ - unidirectional
(requestor)
RP - responder only
PA - passive missing
polls not errored
Dest IP Address
Applies only when Type is set to RFC1490 and IP is
set to Y. Indicates the destination IP network.
Any valid IP address
B.6.1
Prioritization
Through the judicious use of the CIR, fragmentation, and priority parameters, the user can carefully manage
the traffic so that no application is starved of bandwidth and time-critical requirements are met even under
conditions of heavy load.
The CIR parameter lets you allocate bandwidth between multiple Frame Relay DLCIs on a port. If a port has
56k bandwidth available, this can be allocated between multiple DLCIs. For example, you could limit IP
traffic to 28kbps, leaving 28kbps for other traffic, including time-critical SCADA traffic and management
frames (LMI). When you configure a CIR for a DLCI, the traffic is shaped so that the DLCI uses its
bandwidth allocation over time, not in bursts of heavy activity. This ensures that time-critical traffic is not
held up in the network behind a burst of other traffic.
The Frame Relay DLCI Priority Weighting screen is reached from the Main menu by selecting <2>
Network, <5> Frame Relay and then <2> Frame Relay Priority. The Frame Relay DLCI Configuration
Table (Figure B-52) is displayed and lets the user set differing weights to the priority levels. The priorities
are then assigned to the DLCIs as explained in the previous section.
B - 64
There are six priority levels, numbered from 0 to 5. The weighting of priority levels 0 and 5 is fixed by the
system and cannot be changed. Priority level 5 has a fixed weighting of 0, which is the highest priority.
Normally, this is reserved for Frame Relay management frames (LMI), but it can also be used for limited
amounts of time-critical frames. Priority level 0 is fixed to a value of 10.
Priority levels 1 through 4 can be assigned a weighting from 1 to 9. By default, these priority levels are set
at 2. This means that two higher priority frames are sent for each lower priority frame (except for 0, which
always goes first). If you want priority level 1 to always go before priority level 2, set the weighting of
priority 1 to 10. If 9 priority level 1 frames are to go before each priority level 2 frame, set the weighting to
9, and so on. Be careful not to starve applications at times of heavy demand. In some cases, it may be better
to set the CIR to limit lower priority traffic rather than blocking it completely.
*** Frame Relay DLCI Priority Weighting ***
Priority
0 (Fixed)
1
2
3
4
5 (Fixed)
0:00:00
Weighting
(1-9, 10 = Unlimited)
10
2
2
2
2
__________[DynaStar_31]___________
Figure B-52. Frame Relay DLCI Priority Weighting Menu
B.6.2
Frame Relay DLCI Status Screen
You can check the bandwidth that is being used by each DLCI from the DLCI Status screen. The DLCI
Status menu is shown in Figure B-53.
B - 65
*** Frame Relay DLCI Status ***
Source
Dest
Port DLCI Port DLCI
W1
100
Type
State
RFC 1490 INACT
Packets
Source Dest
0
0
__________[DynaStar_24]___________
Rate (Kbits/sec)
Source
Dest
0.0
0.0
Press UP/DOWN to scroll
Figure B-53. Frame Relay DLCI Status
B.6.3
System Parameters
Table B-21 describes the system parameters that are used for Frame Relay. The values for these parameters
are set by the DS1500-XFR and are not configurable by the user.
Table B-21. Frame Relay System Parameters
Parameter
Description
Fixed Value
N391
Full Status Polling Cycles. The user requests a Full
Status Report every N391 polling cycles. A polling
cycle is a Status Enquiry and Status message
exchange.
6
N392
Error Threshold. The number of errors during N393
monitored events that cause the channel/user
device to be declared inactive. The user can also
use this number as the number of errors during
N393 monitored events that cause the network to
be declared inactive.
3
N393
Monitored Events Count. From the network’s
perspective, a monitored event is the receipt of a
Status Enquiry message or the expiration of timer
T392. From the user’s perspective, a monitored
event is the transmission of a Status Enquiry
message. This parameter specifies the size of the
sliding window that is used by the network (or user)
to determine whether a channel or user device is
active.
4
B - 66
Table B-21. Frame Relay System Parameters (Continued)
Parameter
B.7
Description
Fixed Value
T391
Link Integrity Verification Timer. Indicates how
frequently the user should initiate a Status Enquiry
message.
10 seconds
T392
Polling Verification Timer. Indicates the length of
time the network should wait between Status
Enquiry messages. If no Status Enquiry message is
received within T392 seconds, the network records
an error.
15 seconds
X.25
The X.25 menu that is accessed from the Networking Setup and Status menu provides access to various
configurable X.25 parameters and addressing attributes, as well as access to X.25 and multicast call status
screens. The X.25 Configuration and Status menu shown in Figure B-54 is accessed from the Main menu by
selecting <2> Network, <6> X.25. In order to use these menus, the user must have already defined the X.25
ports. (See “X.25 Port Configuration” on page A-19.)
*** X.25 Configuration and Status ***
1
2
3
4
5
6
7
8
-
Bridge/Router
X.121 Routing Table
PVC/SVC Switching
XOT Switching table
X.121 Translation
X.25 Connections
Configure X.25 router connections
Configure X.121 routing table
Configure X.25 PVCs
Configure XOT connections
Configure address translation
Configure X.25 multicast
Display X.25 Call status
Display X.25 multicast connections
__________[DynaStar_31]___________
Figure B-54. X.25 Configuration and Status Menu
B.7.1
Bridge and Router Configuration
The DS1500-XFR can establish a virtual call over an X.25 link to any distant bridge or router that can be
reached through the X.25 Public Data Network (PDN). The distant bridge or router can be connected
directly to the PDN or can be connected through PDN managed gateways. Requirements for the distant
bridge or router, based on the application traffic carried on the link, are summarized in Table B-22.
B - 67
Table B-22. Bridge and Router Requirements
Application
Distant Device
Protocol Compliance
IP Router
Any IP Router
RFC 1356
Ethernet Bridge
Any Ethernet Bridge
IEEE 802.1d, RFC 1356
The bridge and router function is configured by entering the called X.121 address of the remote device in the
bridge and router address table. A maximum of 60 X.121 addresses can be entered. However, if 60 X.121
addresses are specified and both applications (IP and Bridged) are permitted for each entry, it is possible to
have 120 simultaneous virtual calls. (The IPX traffic value is not supported in this release.) The Bridge/
Router Calls screen (Figure B-55) is reached from the Main menu by selecting <2> Network, <6> X.25,
<1> Bridge/Router.
The DS1500-XFR automatically tries to establish a virtual call for Ethernet bridge traffic to each X.121
address where the application is permitted. If the call attempt is unsuccessful or if an established virtual call
is cleared, the DS1500-XFR tries to reestablish the call at the frequency defined by the X.25 call setup retry
timer (defined with the async port parameters). For IP router traffic, the DS1500-XFR sets up calls when
there is traffic to send. The unit tries to establish a virtual call to each X.121 address where the application is
permitted and where the IP addresses match.
Note that if IP traffic is set to N, TFTP and SNMP traffic cannot be exchanged with the distant IP router
unless there is an alternate path.
The fields in this screen are explained in Table B-23.
*** X.121 Addresses for Bridge and Router calls ***
Last changed: 4-18-05 13:24:59
Distant X.121 address
|-- Use RET to toggle values --|
Distant IP Address
(1-15 BCD)
Port #
Traffic: B
IP
x.x.x.x
1: 3333
S1
Y
N
2: 2222
S1
N
Y
100.1.1.54
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
Process X.121 selections (Y/N): Y
In X.121 address field, use UP/DOWN to scroll and LEFT to process selections.
Figure B-55. X.121 Addresses for Bridge and Router Calls Screen
B - 68
Table B-23. Bridge and Router Call Parameters
Parameter
Description
Distant X.121 address
The X.121 address of the port on the far end where the X.25
bridge or router call will terminate
Port
Toggle to enter the X.25 port on which the virtual call should
be established
Traffic
Indicate whether bridged or IP traffic will be supported for
this called address (IPX is not supported in this release). If
both types are enabled, IP packets will be routed and all
other protocols will be bridged.
Distant IP Address
If IP traffic is permitted, enter the distant IP address. This IP
address must be part of the same IP network as the X.25
line. NOTE: Be sure that only valid destinations are listed in
this column.
B.7.2
X.121 Routing Table
The X.25 concentrator function routes incoming calls from an X.25 or PAD port to outbound X.25 lines. The
routing algorithm consults the X.25 Concentrator Routing table whenever an incoming call does not
terminate in the DS1500-XFR at a PAD port, the supervisory process, or a LAN application.
B.7.2.1 X.121 Addressing
Destinations in an X.25 network are designated by an address, which contains from 1 to 15 digits. For
example, in the network illustrated in Figure B-56, A’s address is 12345 and B’s address is 67890. If A were
to place a call to B, the called (destination) address would be 67890 and the calling (source) address would
be 12345.
User A
X.121 address = 12345
DynaStar
1500
Calling address = 12345
Called address = 67890
DynaStar
1500
DynaStar
1500
User B
X.121 address = 67890
Figure B-56. Private Network Showing X.121 Addressing
The address scheme shown in Figure B-56 is a simple one similar to those often used on private X.25
networks. If the DS1500-XFR were connected to a public data network (PDN), the DS1500-XFR port
would be assigned an address by the PDN so that it would be reachable by other users of the PDN. PDN
addresses tend to be longer than private addresses. For example, in the United States, PDN addresses
normally consist of 14 digits.
B - 69
The routing function in the DS1500-XFR is based on called X.121 addresses. To provide maximum
flexibility during configuration and to reduce the number of entries in the routing table, the DS1500-XFR
lets you enter the letters D and X in the routing table in addition to the digits 0 through 9. A “D” is a
placeholder for any single digit. For example, a table entry of 1DD would be a match for 123, 144, 167, 193,
and so on. An “X” stands for any number of digits or for no digits. There can be only one X per address, and
the X must be placed either at the beginning or the end of the address. For example, X23 is a match for all of
the following: 23, 123, 4455623, and so on. Up to 255 addresses can be entered in the table, but with the use
of D’s and X’s, a single entered address can represent multiple called addresses.
B.7.2.2 Routing Algorithm
Because of its multifunctionality, the DS1500-XFR can potentially make several checks of the called
address before it decides how to route a given call. The flowchart in Figure B-57 shows the order in which
the checks are made. If none of the checks produces a match with the called address, the call is cleared.
When searching for a route for a call, the DS1500-XFR implements what is called exhaustive routing. The
call is initially sent via the best route for the particular destination. If the destination is unavailable via that
route (line down, congestion, etc.), the DS1500-XFR consults the routing function again to see if there is an
alternate path. The DS1500-XFR continues to try all possible paths until one reaches the destination or until
all paths have been tried unsuccessfully. In the latter case, the call is then cleared back to the source.
B - 70
Call User Data
present?
YES
Route to correct
physical port
YES
Route to that
physical port
YES
Route to
Supervisor port
NO
Address = physical
port address?
NO
Address = 9999
NO
Address = async
services entry?
YES
Route according
to corresponding entry
YES
Route to
Telnet >
YES
Route according
to PVC/SVC
table
YES
Route according
to XOT table
YES
Route according
to X.121 table
NO
Address =incoming port address?
NO
Address = entry in
PVC/SVC table?
NO
Address = entry in
XOT table?
NO
Address = entry in
X.121 table?
NO
Clear call
Figure B-57. X.25 Routing Algorithm Flowchart
B - 71
B.7.2.3 Shared Routing
You can configure two or more paths to the same destination to be shared routes. When paths are configured
as shared, the routing algorithm balances the traffic over the designated routes by calculating the number of
LCNs used on each route and placing a new call on the route that has the fewest number of currently active
LCNs. This is also called load balancing. You configure shared entries in the X.25 routing table after you
have configured the routes.
B.7.2.4 Configure the X.121 Routing
The X.25 Concentrator Routing Table screen (Figure B-58) is reached from the Main menu by selecting
<2> Network, <6> X.25, <2> X.121 Routing Table. The fields on this screen are described in Table B-24.
*** X.25 Concentrator Routing Table ***
Last changed: 3-24-05 13:56:05
X.121 address
Shared |- Use RET to Toggle -| X.32 dial line phone #
(1-15 BCD,D&X)
Scheme Port Priority
(max 19 characters)
1: 53274DD
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
__________[DynaStar_31]___________
Process Routing tables (Y/N): Y
Select Share Scheme:
Figure B-58. X.25 Concentrator Routing Table
Table B-24. X.25 Concentrator Routing Table Fields
Field
Description
X.121 address
This is the called address that is to be routed on an
X.25 port.
Shared Scheme
Toggle to set to SHARE, TEST, or NONE. See
“Configure Shared Routing” below for more
information.
Port
Toggle to enter the number of the X.25 port to which
the call will be routed.
Priority
Priority for this destination, from 0 to 3 (0 is the
highest). If it is possible to route the call on more than
one port, the DS1500-XFR will attempt to route the
call on the port having the highest priority.
X.32 dial line phone #
Not supported in this release.
B - 72
B.7.2.5 Configure Shared Routing
To configure shared routing, the routes that you want to designate as shared routes must already be
configured in the X.25 Concentrator Routing Table. Access the Concentrator Routing Table (Figure B-58)
from the Main menu by selecting <2> Network, <6> X.25, <2> X.121 Routing Table. In the Search for
X.121 address field at the bottom of the menu, enter the destination address of the route that you want to
define as a shared route and press <Enter>. (The Search for X.121 Address field is accessed by placing the
cursor in the Process Routing tables field and then pressing Down arrow followed by Left arrow.) In the
Select Share Scheme field at the bottom of the screen, toggle to enter SHARE. Move to the Process Routing
tables field and enter <Y> <Enter>.
Once a shared route has been defined, the TEST option causes a screen to appear (Figure B-59) that shows
all routes matching the address in the order that they will be matched. If you want to remove shared status
from an existing shared route, select NONE.
*** X.25 Test Routing Table ***
Results For Address: 2222
1:
Type
Exact
Shared Port
SHARE
S1
Priority/LCN
1
__________[DynaStar_31]___________
IP Address
Socket
Figure B-59. X.25 Test Routing Table
B.7.3
PVC/SVC Switching
The DS1500-XFR supports the use of X.25 PVCs (Permanent Virtual Circuits) and switching of X.25 calls
from SVCs (Switched Virtual Circuits) to PVCs and from PVCs to SVCs. These types of calls are
configured from the X.25 PVC SVC Switching table (Figure B-60), accessed from the X.25 Configuration
and Status menu.
A PVC is defined by assigning a logical channel number (LCN) to a port. For a PVC/PVC call, there will be
both an inbound and an outbound assignment. SVCs are represented by an X.121 address that is not
associated permanently with any particular port. Each PVC must be unique, but a single X.121 address can
be switched to different PVCs.
B - 73
Once a PVC/PVC call or a PVC/SVC call is configured, the DS1500-XFR automatically tries to establish
the connection. In the case of a PVC/PVC call, the unit searches the PVC table for a match to the inbound
PVC. If a match is found, the call is routed to the corresponding outgoing port using the port and LCN
numbers provided in the table. For PVC/SVC calls, the PVC/SVC table is first searched to find an X.121
address corresponding to the given PVC. The asynchronous port and X.121 routing tables are then searched
for this SVC called address. If a match is found, the SVC is set up and connected to the PVC.
For SVC/PVC calls, the SVC-to-PVC switching table is searched for the called or calling address (as
configured) when an X.25 call request packet is received. If a match is found, the call is answered and
connected to the PVC, which is reset. If a match is not found, the call is delivered to the standard X.121
routing routine (SVC/SVC calls).
The screen configuration differs somewhat, depending on what type of connection is being defined. During
the configuration, the cursor cannot be moved to another line until the current line is valid. (A beep sounds if
the line is invalid.) Up to 240 entries can be defined.
*** X.25 PVC SVC Switching Table ***
SW_Type
In Bound
(Toggle)Port # LCN #
X121 Address
PVC/PVC
S1
0
Port #
S1
9:55:54
Out Bound
LCN #
X121 Address
0
1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
__________[DynaStar_31]___________
In SW Type field,use UP/DOWN to scroll and LEFT to process selections.
Figure B-60. X.25 PVC SVC Switching Table
B.7.3.1 Configure PVC/PVC
Access the X.25 PVC SVC Switching Table (Figure B-60) from the Main menu by selecting <2> Network,
<6> X.25, <3>PVC/SVC Switching Table. In the Switching Type (SW_Type) field, toggle until PVC/PVC
appears. The incoming side of the PVC is configured by selecting a port number and LCN under the In
Bound heading. The outgoing side of the PVC is configured by selecting a port number and LCN number
under the Out Bound heading. The user can toggle through available X.25 ports in the Port # field. The
available LCN numbers are based on the starting LCN numbers and the number of PVCs allowed for the
port as configured on the X.25 Port Configuration screen.
B - 74
B.7.3.2 Configure SVC/PVC and PVC/SVC
The configuration of the SVC-to-PVC and PVC-to-SVC connections is identical except that the inbound and
outbound sides are reversed. Note that for a PVC-to-SVC connection, the called address must be configured
in the X.121 routing table or in a PAD port configuration. In the Switching Type (SW_Type) field, toggle
until SVC/PVC or PVC/SVC appears. In the case of SVC/PVC, the SVC (X.25 called) address must be
entered in the X.121 Address column under In Bound. The Port # and LCN # must be entered in the
appropriate columns of the Out Bound heading. (The X.121 address is automatically set to NULL.)
B.7.4
XOT Switching Table
XOT allows X.25 and/or HDLC traffic to be encapsulated in TCP/IP traffic and routed over an IP backbone
network. The XOT switching table is used to configure both of these types of traffic. An HDLC or X.25 port
must have been configured before the XOT switching table can be configured. (See “Configure the XOT
Switching Table” on page 3-28 for a configuration example.) Access the XOT PVC SVC Switching Table
(Figure B-61) from the Main menu by selecting <2> Network, <6> X.25, <4>XOT Switching Table.
*** XOT PVC SVC Switching Table ***
Last changed: 3-24-05 13:56:05
Service
(Toggle)Port #
SVC/XOT
Local
LCN #
X121 Address
|
Port #
Remote
LCN #
IP Address
0.0.0.0
1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
__________[DynaStar_31]___________
In Service field,use UP/DOWN to scroll and LEFT to process selections.
Figure B-61. XOT PVC SVC Switching Table
The Service field can be toggled through the following selections: SVC/XOT, PVC/XOT, HDLC/XOT, and
STUN/XOT. The additional fields to be filled in will depend on the type of service selected:
•
•
•
•
For SVC/XOT, complete the Local X.121 Address field and the Remote IP Address field.
For PVC/XOT, complete the Local Port # and LCN fields (the port field will toggle through
available X.25 ports) and the Remote Port #, LCN #, and IP Address fields.
For HDLC/XOT, complete the Local Port # field (the port field will toggle through available
HDLC ports) and the Remote Port # and IP Address fields.
STUN/XOT is not supported in this release.
B - 75
B.7.5
X.121 Address Translation
The DS1500-XFR provides a robust scheme for handling address translations between public and private
networks. After entries have been configured in the DS1500-XFR, they can be tested before being used on
the actual network.
B.7.5.1 Address Translation Overview
In some routing situations for X.25 calls, it is necessary to convert a called or calling X.121 address into a
different address. This conversion is called address translation. For example, in the network illustrated in
Figure B-62, the two DS1500-XFRs are connected through a PDN. Normally, the addressing scheme used
on the private units (the DS1500-XFRs) is simpler than the addressing scheme used on the PDN, which, in
the United States, generally requires a 14-digit address. Because of this, it is necessary to translate the
private address into a public address as the call exits the DS1500-XFR, and then to translate the public
address back to a private address as the call reaches its destination on the remote DS1500-XFR.
As another example, address translation would be needed if two private networks that use different
addressing schemes are connected together.
X.25
Public Data Network
DnaStar
DynaStar
1500
DynaStar
1500
Call Progress
Private Address
Called=1234
Calling=5678
Public Address
Called=31107035551212
Calling=31107035556677
Private Address
Called=1234
Calling=5678
Figure B-62. Address Translation from Private to Public Network
The DS1500-XFR address translation feature provides a flexible method for handling all address translation
needs for both inbound and outbound called and calling addresses. Inbound address translation occurs as the
call enters the DS1500-XFR before it is routed to its destination. Outbound address translation occurs after
the call is routed but before it exits the DS1500-XFR.
B.7.5.2 Address Matching
The inbound and outbound addresses are compared to addresses that the user has entered in the X.121
address translation table. Entries in the table can contain the digits 0 through 9, the letter D, or the letter X.
As explained in “X.121 Routing Table” on page B-69, the letter D represents any single digit, while the
letter X represents any number of digits or no digits at all.
Table B-25 provides examples of using these notations and shows the resulting translations. The Called or
Calling Address is the address as contained in the Call Request packet. The From address is the original
address as given in the translation table, and the To address is the resulting address as given in the translation
table. The Resulting Translation is the actual address that will be placed in the Call Request packet after the
translation function completes its processing.
Address translation supports the use of nulls to provide an address for a null calling address or to insert a null
address when an actual address has initially been provided. The last entry in Table B-25 illustrates this.
B - 76
Table B-25. Address Translation Examples
“From”
Address
Called or Calling Address
“To” Address
Resulting
Translation
12345
12345
67890
67890
12345
123DD
456DD
45645
12345
12X
3X
3345
12345
X5
3110
3110
null
null
333
333
Where possible, the table also provides translations in the reverse direction. For example, take the first entry
in Table B-25. If the address 12345 is presented, it is converted into the address 67890. Conversely, if the
address 67890 is presented, it will be translated into the address 12345, and you do not need to explicitly
configure this second translation as long as the first one is configured. However, some entries (such as
X5--->3110) do not lend themselves to reverse translation.
It is also possible to have the calling address translated based on the value of the called address, and the
called address translated based on the value of the calling address. For example, if a called address (“From”
address in Figure B-62) of 8001 arrives, the calling address is translated into 5678 (the “To” address). This
is indicated in the configuration screen as “Called tr calling.” (The reverse would be “Calling tr called.”)
Addresses in inbound and outbound calls are compared to entries in the table to determine if address
translation should take place. For incoming calls, addresses are compared before they are routed to their
destination. For outgoing calls, addresses are compared after the routing function has determined the call’s
destination but before it has been sent there. (Addresses are also compared on incoming and outgoing
extended accepts. These packets include X.121 addresses for both DTE and DCE connections.)
If the call address on the designated port matches the From address in the table, the call address is replaced
with the To address. D’s and X’s are treated as shown in Table B-25.
B.7.5.3 Address Translation Example
Figure B-63 shows the translation process in the DS1500-XFR, using the translation table given in
Table B-26.
B - 77
User B
Packet as delivered
to User B (after
processing):
Calling address=703
Called address=09
Call Progress
:(
DynaStar
1500
DynaStar
1500
X.25
Public Data Network
User A
A's call request packet
(before processing):
Calling address=null
Called address=6409
Outgoing call request
packet (after processing):
Called address=7035553209
Incoming call request
packet (before processing):
Called address=7035553209
Figure B-63. Example Address Translation Process
Table B-26. Address Translation Table for Figure B-63
Called/Calling
From
To
User A’s Table
Called
64X
70355532X
User B’s Table
Called
70355532X
X
Calling
Null
703
B.7.5.4 Configure Address Translation
Access the X.121 Address Translation Table (Figure B-64) from the Main menu by selecting <2> Network,
<6> X.25, <5>X.121 Translation. A maximum of 255 entries can be configured. Table B-27 explains the
fields in this screen. If a port is reconfigured so that it is no longer an X.25 port, the corresponding address
translation entries for that port are automatically deleted.
B - 78
*** X.121 Address Translation Table ***
From
(X121,D or X)
To
(X121,D or X)
Port
In/Out
(Toggle) (Toggle)
1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
__________[DynaStar_31]___________
Test
In X.121 address field, use UP/DOWN to scroll
0:00:00
Called/Calling
(Toggle)
(CR):
Process Entries (Y/N): Y
and LEFT to process selections.
Figure B-64. X.121 Address Translation Table
Table B-27. X.121 Address Translation Table Fields
Parameter
Description
From
The address that the translation function will compare the
inbound or outbound call address to.
To
The address that will replace the inbound or outbound call
address
Port
The port to which this translation applies
In/Out
Whether the translation applies to inbound or outbound
calls
Called/Calling
Whether the translation applies to the called address, the
calling address, called tr calling, or calling tr called.
Once addresses have been entered and saved, they will be sorted in the following order:
•
•
•
•
•
Ascending port order
Inbound/Called followed by Inbound/Calling
Outbound/Called followed by Outbound/Calling
Ascending From address
Ascending To address
B.7.5.5 Test the Address Translation Entries
Once the addresses have been entered in the X.121 Address Translation table, they can be tested to see the
matches and resulting addresses. Any entry that has been saved in the translation table can be tested.
B - 79
To test an entry, the user needs to move the cursor to the Test field in the X.121 Address Translation
Table. To get to the Test field, move the cursor to the Process Entries field, press the left arrow key,
and press <Enter>. The X.121 Address Translation Table (Figure B-65) is displayed.
*** X.121 Address Translation Test Table ***
Address
(X121)
2222
Port In/Out Called/Calling Matched With
|--- CR to toggle ---|
(X121)
S1 In
Called
2222
Result
(X121)
33333
Calculate [from->to] (CR):
Calculate [to->from] (CR):
__________[DynaStar_31]___________
Another Entry
(Y/N): Y
In X.121 address field, use UP/DOWN to scroll and LEFT to process selections.
Figure B-65. X.121 Address Translation Test Table
In the Address field, enter the address that you want to test. In the Port field, toggle until the port number
that you want appears. In the In/Out and Called/Calling fields, toggle until the correct indication appears. Go
to the Calculate [from -> to] or Calculate [to -> from] field, as required, and press <Enter>.
The translation algorithm processes the address entered based on the currently saved translation table. If a
match is found for the entered address, the matching address from the translation table is shown in the
Matched With field, and the resulting address is given in the Result field. If there is no match, Not Found
appears in the Matched With column.
To test another entry, enter <Y> in the Another entry field. To exit the table, enter <N> or <Esc>.
B.7.6
The DS1500-XFR supports an X.25 broadcast feature that can be used to associate inbound and outbound
addresses. A maximum of 50 inbound addresses can be defined; each of these can be associated with a
maximum of 32 outbound addresses. Traffic received on the inbound address is sent to each of the outbound
addresses.
When a call with the designated inbound address is received, the call is sent to each of the associated
outbound addresses. If an outbound address is cleared, the DS1500-XFR attempts to reestablish the
connection every 10 seconds. If the call to the inbound address is cleared, calls to all corresponding
outbound addresses are also cleared.
To configure the X.25 inbound/outbound multicast associations, select <2> Network from the Main menu,
then <6> X.25, <6> X.25 Multicast Table. The X.25 Inbound Multicast Names screen appears
(Figure B-66).
B - 80
*** X.25 Inbound Multicast Names ***
Last changed: 4-20-05 12:25:04
1 - MULTICAST_1
__________[DynaStar_31]___________
Figure B-66. X.25 Inbound Multicast Names Screen
The X.25 Inbound Multicast Names Screen lists all configured multicast definitions. Initially, it will be
blank. To configure a new multicast definition, press <Enter>. To edit an existing definition, enter that
definition’s corresponding number and press <Enter>. The Multicast Services screen (Figure B-67)
appears.
*** Multicast Services ***
Multicast name:
MULTICAST_1
(15)
Inbound Address:
2222
Outbound Address 1:
3333
2:
18:
3:
19:
4:
20:
5:
21:
6:
22:
7:
23:
8:
24:
9:
25:
10:
26:
11:
27:
12:
28:
13:
29:
14:
30:
15:
31:
16:
32:
Figure B-67. Multicast Services
Assign a name to this multicast service and enter the Inbound Address. Enter the Outbound Addresses
associated with this Inbound Address; up to 32 Outbound Addresses can be configured per inbound address.
B - 81
B.7.7
X.25 Connections
The X.25 Connections option provides the status of all active X.25 calls. To access the X.25 Call Status
Screen, select <2> Network from the Main menu, <6> X.25, <7> X.25 Connections. The X.25 Call Status
Screen appears (Figure B-68). Pressing <CTRL-O> from the X.25 Call Status screen brings up a screen
with more detailed information for the call selected (Figure B-69). The information in this screen can be
refreshed by pressing <Enter>. The fields in these screens are explained in Table B-28.
*** X.25 Call Status ***
Source
Port LCN
CON 1
Dest
Port LCN
VRT 1
Type
State
Src Dest Source Dest
SVC CON DATAXFR DATAXFR
__________[DynaStar_31]___________
Packets
Source
1019
Dest
2420
Duration
4:20:17
Press UP/DOWN to scroll
Press <CTRL-O> for call details
Figure B-68. X.25 Call Status
*** X.25 Call Details ***
Source Port
Source LCN
Destination Port
Destination LCN
Called Address
Calling Address
Window Available
Negotiated Window
Packet Size
Segmentation
Data Packets
Data Segments
Data Characters
Interrupt Count
Reset Count
Packet Queue
Call Start Date
Call Start Time
6
1
19
1
9999
7/6
7/7
1024/1024
N
54/141
54/251
134/13350
0/0
0/0
0/0
4-22-05
8:03:41
__________[DynaStar_31]___________
Figure B-69. X.25 Call Details
B - 82
Table B-28. X.25 Call Status Parameters
Parameter
B.7.8
Description
Source Port
The name or number of the source port.
Source LCN
The source LCN being used for this call.
Destination Port
The name or number of the destination port.
Destination LCN
The destination LCN being used for this call.
Source Type/
Destination Type
The type of call at the source/destination.
Source State/
Destination State
The state of the call at the source/destination. Possible
states are: Idle, Calling, Called, Dataxfr, Resetng, Callres,
Clearng, Cleared, Sendcal, 9, 10, 11, 12, 13, 14, WaitSVC,
Callrec, Passwrd.
Duration
The amount of time the call has been up.
Called Address
The X.121 called address of this call.
Calling Address
The X.121 calling address of this call.
Window Available
The available window at the source/destination.
Negotiated Window
The window size negotiated at the source/destination.
Packet Size
The packet size at the source/destination.
Segmentation
Whether segmentation has been used.
Data Packets
The number of data packets sent at the source/
destination.
Data Segments
The number of data segments sent at the source/
destination.
Data Characters
The number of data characters sent at the source/
destination.
Interrupt Count
The number of interrupts at the source/destination.
Reset Count
The number of resets at the source/destination.
Packet Queue
The number of queued packets at the source/destination.
Call Start Date
The date the call started.
Call Start Time
The time the call started.
The X.25 Multicast Status option provides the status of all active multicast calls. To access the X.25
Multicast Status Screen, select <2> Network from the Main menu, then <6> X.25, <8> X.25 Multicast
Status. The X.25 Multicast Status Screen appears (Figure B-70). Pressing <CTRL-O> from the X.25 Call
Status screen brings up the Multicast Detailed Status screen (Figure B-71). The information in this screen
can be refreshed by pressing <Enter>. The fields in these screens are explained in Table B-28.
B - 83
*** Multicast Status ***
Called Address
Name
Src Src
Port LCN
__________[DynaStar_31]___________
Dest Dest Packets
Duration
Up
Down From source D:HH:MM:SS
Press <CTRL-O> for call details
Figure B-70. Multicast Status Screen
*** Multicast Detailed Status ***
Address
1000
1001
10002
Port
LCN
0
0
0
State
IDLE
IDLE
IDLE
Packets
From dest
0
0
0
Reset
Count
0
0
0
Duration
D:HH:MM:SS
0:00:01:44
0:00:01:44
0:00:01:44
__________[DynaStar_31]___________
Figure B-71. Multicast Detailed Status Screen
B - 84
Table B-29. Multicast Status Parameters
Parameter
Description
Called Address
The X.121 called address of the multicast call.
Name
The name provided by the user when the multicast call
was defined.
Source Port
The source port used for this call.
Source LCN
The source LCN used for this call.
Destination Up
The number of destinations that are up.
Destination Down
The number of destinations that are down.
Packets from source
The number of packets sent from the source.
Duration
The amount of time the call has been up.
State
The state of the connection (see Table B-28)
Packets from Dest
Number of packets received from the destination
Reset Count
Number of resets received
B - 85
B - 86
APPENDIX C
System Functions
The System Functions portion of the Supervisor application provides for tasks where systemwide
changes are made. This submenu allows the user to check code versions, restart the DYNASTAR 1500
X.25 FRAME ROUTER, view the event log, monitor the buffer usage, change the system name, set the
system time and date, and set the SNMP parameters. The System Functions hierarchy is shown in
Figure C-1 and the menus are described in the remainder of this Appendix.
<1>
MAIN MENU
Code
Versions
<2>
Restart
<3>
Event Log
<3>
<4>
System Functions
Buffer Usage
<5>
System
Parameters
<6>
Date & Time
<7>
SNMP
Figure C-1. System Functions Hierarchy Diagram
C-1
APPENDIX C - System Functions
C.1
SYSTEM FUNCTIONS AND COMMANDS
The System Functions sub-menu (Figure C-2) can be reached by selecting option <3> System from the
Main menu. Within these sub-menus, the Administrator can change or review the system quickly. The
following sections describe the System Functions submenus.
*** System Functions ***
1
2
3
4
5
6
7
-
Code Versions
Restart
Event Log
Buffer Usage
System Parameters
Date & Time
SNMP
Display downloaded software versions
Restart or initialize system
Display system event log
Display system buffer usage
Configure system-wide parameters
Set the system date and time
Configure community strings, trap IP addresses
__________[DynaStar_24]___________
Figure C-2. System Commands Menu
C.1.1
Code Versions
The Directory Management screen (Figure C-3) is reached from the System Functions menu by pressing
<1> Code Versions. This menu option shows the files held in memory, including the configuration files.
This menu also allows the user to delete files from memory.
The file system can hold multiple copies of the Operating System in Flash memory. This screen allows an
operator to delete unwanted copies of the file system to make space for new versions. It also enables
defragmentation of the file system when Defragment Flash Memory? is set to Y. Deleting a file simply
marks the file as unusable; defragmentation actually reorganizes the memory space and erases files to make
space for new ones. The current ROOT password is required to initiate the Defragment Flash Memory
process or the erasing of files. A series of dots will appear on the screen to indicate that fragmentation is
taking place.
C-2
*** Directory Management ***
File name
DOWNLOAD.BIN
CNFGLOAD.CMP
CNFGLOAD.CMP
DOWNLOAD.BIN
SRAM1
SRAM2
Loaded/Created
2-16-05 14:25
2-17-05 12:47
2-18-05 13:01
3-17-05 13:59
4-11-05 8:24
4-11-05 8:23
Size
883712
8704
7168
900864
17036
17036
Version
7.1 (RC47)
Expected
7.1.1 (RC37)
7.1.1 (RC37)
7.1.1 (RC37)
Erase
N
N
N
N
N
N
Defragment Flash Memory? N
__________[DynaStar_31]___________
Enter password to erase files: _______
Press ESC to exit screen
Figure C-3. Directory Management Menu
The following software elements are typical:
•
•
•
•
C.1.2
DOWNLOAD.BIN - operating software
SRAM1 - this is the first version of configuration
SRAM2 - this is the second version of configuration (these files alternate as changes to the
configuration are made.)
CNFGLOAD.CMP - compressed configuration file used for upgrades or restarting a
previous saved configuration
Restarting the DS1500-XFR
There are three commands for restarting the DS1500-XFR via the Supervisor. These are reached from the
System Functions menu by selecting <2> Restart (Figure C-4). The Warm and Reinitialize options will
reboot the DS1500-XFR and restart active operations. However, they differ in what source is used for the
active configuration file during and after the restart operation. Select the desired option by placing the cursor
over the Restart Type field, select the version of software to boot with (shows all versions of software on the
system), and scroll down and enter the Root password to authorize the operation. Then scroll down to the
Process selections field and press <Enter>.
C.1.2.1
Cold Restart
This option is used to reboot the DS1500-XFR system. The system will reboot using FACTORY
DEFAULTS; all preconfigured options will be lost. Use EXTREME CAUTION as invoking this command
remotely will cause loss of contact across a network. Since this affects the system’s availability for a brief
period, the command requires the current ROOT password to be entered to ensure authorized usage. When
Cold Restart is toggled, the menu presents a list of all operating system versions presently available in the
Flash Memory. The operator can select which version the DS1500-XFR should use when restarting by
moving the cursor to the Code Version field and pressing <Enter>. This will toggle between the oldest and
the newest versions of code stored on the system.
C-3
C.1.2.2 Warm Restart
This option is used to reboot the DS1500-XFR system without losing configuration data. The
system will reboot using configuration parameters that are currently saved in Flash. Since this
affects the system’s availability for a brief period, the command requires the current ROOT
password to be entered to ensure authorized usage. The command presents a list of all operating
system versions presently available in the Flash Memory. The operator can select which version the
DS1500-XFR should use when restarting by moving the cursor to the Code Version field and
pressing <Enter>. This will toggle between the oldest and the newest versions of code stored on the
system.
C.1.2.3 Reinitialize
This option is only available if there is a compressed configuration file present (cnfgload.cmp).
Selecting this option uses the cnfgload.cmp file when booting. Since this affects the system’s
availability for a brief period, the command requires the current ROOT password to be entered to
ensure authorized usage. The command presents a list of all operating system versions presently
available in the Flash Memory. The operator may select which version the DS1500-XFR should
use when restarting by moving the cursor to the Code Version field and pressing <Enter>. This will
toggle between the oldest and the newest versions of code stored on the system.
*** Restart System ***
Restart Type:
Code Version:
Password:
Warm Restart
7.0 (RC6)
Password Required
__________[DynaStar_24]___________
Figure C-4. Restart System Menu
C-4
C.2
EVENT LOG
The Event Log is a buffered text memory list of events that have occurred since the last time the Event Log
was cleared. The path to the Event Log is Main Menu, <3> System, <3> Event Log. The Event Log is
displayed one screen at a time, to display additional screens press the <Enter> key. Once done viewing the
log, hit <Esc> to return to the System menu. A sample of the Event Log is shown in Figure C-5. The Event
Log may also be cleared by pressing the Y key followed by the <Enter> key. Hitting <Esc> allows the user
to skip to the selection line if there are multiple screens.
Press <CR> for More:
2004-07-29
2004-07-29
2004-07-29
2004-07-29
2004-07-29
2004-07-29
2004-07-29
2004-07-29
2004-07-29
2004-07-29
2004-07-29
2004-07-29
Severe log
2004-07-29
2004-07-30
2004-07-30
2004-07-31
2004-08-02
2004-08-02
13:24:20
13:24:20
13:24:20
13:24:20
13:24:20
13:24:21
13:24:21
13:24:21
13:24:21
13:24:21
13:24:21
13:24:21
is full!
15:08:36
8:32:14
8:48:04
10:56:01
9:31:24
9:50:46
pV
pV
pV
pV
pV
pV
pV
pV
pV
pV
pV
pV
205
206
207
208
215
101
102
103
104
105
201
202
System
System
System
System
System
System
NUM
NUM
NUM
NUM
NUM
NUM
NUM
NUM
NUM
NUM
NUM
NUM
100
100
100
100
100
100
100
100
100
100
100
100
reset
reset
reset
reset
reset
reset
sub
sub
sub
sub
sub
sub
sub
sub
sub
sub
sub
sub
(may
(may
(may
(may
(may
(may
5
6
7
8
15
1
2
3
4
5
1
2
be
be
be
be
be
be
power
power
power
power
power
power
up
up
up
up
up
up
or
or
or
or
or
or
deliberate
deliberate
deliberate
deliberate
deliberate
deliberate
Enter Y<RET> to clear the system event log, otherwise N<RET> :
Figure C-5. Event Log
C-5
restart)
restart)
restart)
restart)
restart)
restart)
C.3
BUFFER USAGE
The path to the Buffer Usage screen is Main menu, <3> System, <4> Buffer Usage. The Buffer Pool Status
screen provides information on the number of USED buffers and the number of free buffers. This
information can be used by your DS1500-XFR technical support representative for troubleshooting. The
Buffer Pool Status screen is shown in Figure C-6.
*** Buffer Pool Status ***
Card
0
Type
Idle Count
Current Min.
Main Proc. 92431
70870
Buffers
In Use Free
Min.
4
767
761
63 in ISR
DIMM installed: 8 Mbyte
__________[DynaStar_24]___________
Figure C-6. Buffer Pool Status Screen
C-6
C.4
SYSTEM PARAMETERS
The System Parameters screen allows the operator to change the Console Herald and DS1500-XFR system
name and to set various systemwide X.25 parameters. The <5> System Parameters selection sub-menu
leads to the System Parameters screen, shown in Figure C-7. Fields in this menu are described in
Table C-1
*** System Parameters ***
Server Name:
Supervisor Console Herald:
Dial IP Idle Timer:
X.25 Call Set-up Timer:
XOT Idle Timer:
PPP IP Prioritisation:
Reserved LCNs:
Exhaustive Routing:
Console X.121 Address
Pad To Frame No Pkt Header:
DynaStar_8307
(45)
DynaStar Supervisor
(32)
2
(0-disable, 1-254 min, 255-10 sec)
5
(1-30 min)
0
(0-disable, 1-30 min)
0
(0-disable, 1-99)
N
<CR> to toggle
ENDPOINT
<CR> to toggle
9999
(15 BCD)
N
<CR> to toggle
_________[DynaStar_8307]__________
Figure C-7. System Parameters Menu
Table C-1. System Parameters
Parameter
Server Name
Supervisor Console Herald
Definition
Default
Range
Appears at the bottom of DS1500-XFR
Supervisor screens as a navigation aid.
Spaces are not allowed in this name.
For example, the name could be set to
indicate equipment location.
DynaStar_xx
Up to 45
alphanumeric
characters
Greeting that appears on the initial
DynaStar
Supervisor
Up to 32
alphanumeric
characters
DS1500-XFR Supervisor screen.
Dial IP Idle Timer
If no traffic is detected on the line for the
specified period, the dial IP call is
dropped.
2
0 (disable)
1-254 minutes
255 (10 sec)
X.25 Call Set-up Timer
The frequency at which the DS1500XFR attempts to reestablish a call when
a call attempt is unsuccessful.
5
1 - 30 minutes
XOT Idle Timer
If no traffic is detected on the line for the
specified period, the connection is
cleared.
0
0 (disabled)
1 - 30 minutes
C-7
Table C-1. System Parameters
Parameter
Definition
Default
Range
PPP IP Prioritisation
Gives priority to data packets with the
DynaStar’s Ethernet IP address as the
source address. The value (1-99)
determines the number of times the
DynaStar data packets will be
considered for transmission before other
IP traffic is considered.
0
0 (disable)
1 - 99
Reserved LCNs
If enabled, the top 10 entries in the
mnemonic table are reserved as priority
LCNs.
N
Y
N
Exhaustive Routing
Specifies how calls are rerouted after a
setup attempt fails.
Endpoint = calls can be routed back
over the trunk they came in on.
Privilege = calls cannot be routed back
over the trunk they came in on. The
DS1500-XFR finds the best valid route
and attempts to establish a call.
Exhaustive = calls cannot be routed
back over the trunk they came in on.
The DS1500-XFR tries each valid route
until a call is established or no further
routes exist.
Endpoint
Endpoint
Privilege
Exhaustive
Console X.121 Address
The address of the console (supervisor)
port.
9999
Any valid X.121
address
Pad to Frame No Pkt Header
When set to Y, uses a 2-byte header for
direct PAD-to-Frame relay encapsulation rather than the standard 5-byte
header.
N
Y
N
C-8
C.5
DATE AND TIME
The time and date are preset. To modify the on-board Real Time Clock, select option <6> Date & Time from
the System Functions menu. Simply cursor through the fields and overtype the modified values. Save the
new values by exiting through the Process selections command in the bottom right of the screen. The Real
Time Clock is battery backed up.
*** System Date & Time ***
Current Date
Current Time
month:
day:
year:
hour:
minute:
second:
4
11
5
14
14
22
__________[DynaStar_31]___________
(1 (1 (95(0 (0 (0 -
12)
31)
53)
23)
59)
59)
Figure C-8. Change System Date & Time Menu
C-9
C.6
SNMP
The path to SNMP is Main menu, <3> System, <7> SNMP. The SNMP sub-menu allows you to set up the
various SNMP parameters associated with this DS1500-XFR. This setup will be necessary in order to use
SNMP to configure the unit remotely or use the SNMP trap generator to report port Link Status changes to a
remote network management server. The DS1500-XFR can send TRAPS (Port status changes) to as many
as four remote systems. Enter the IP address of the remote servers and enable the “Enable Trap” field. The
Traps generated will include a status of up/down/time and Port Number.
*** SNMP Parameters ***
Last changed: 7-14-04 12:33:29
________________________ Enter a maximum of 48 characters --------------------System description:
DynaStar 1500
System contact:
System name:
System location:
Read-only Community name:
Read-write Community name:
Private Community name:
--------------- Enter 4 integers, 0-255, separated by a period --------------Trap IP address:
0.0.0.0
Trap IP address:
0.0.0.0
Trap IP address:
0.0.0.0
Trap IP address:
0.0.0.0
________________________ Use RET to toggle value -----------------------------Enable authentication: N
Enable traps:
N
__________[DynaStar_24]___________
Figure C-9. SNMP Parameters Menu
Note: In order to use SNMP, the “Local/ROM Address” must have an assigned IP address as described in
“Assign IP Addresses and Protocols” on page B-6.
The definitions, defaults and permitted values of the SNMP Parameters screen are provided in the following
table.
Table C-2. SNMP Parameter Definitions
Parameter
Description
Default
Range
System
Description
A textual description of the system used to set the MIB-II
sysDescr variable.
DynaStar
1500
48 characters
System
Contact
The name of a contact person for the DS1500-XFR, together
with information on how to contact this person. It is used by
the Supervisor to set the MIB-II sysContact variable.
null
48 characters
System Name
The identifier for the DS1500-XFR that the Supervisor has
used to set the MIB-II sysName variable.
null
48 characters
System
Location
The physical location of the DS1500-XFR (e.g., “telephone
closet, 3rd floor”). It is used by the Supervisor to set the MIBII sysLocation variable.
null
48 characters
C - 10
Table C-2. SNMP Parameter Definitions (Continued)
Parameter
Description
Default
Range
Read-Only
Community
Name
Used by the SNMP agent as a simple authentication
mechanism for read-only access to all MIBs. If no string is
defined, all standard and private MIB information is read-only,
and no authentication failure trap is issued.
null
48 characters
Read-Write
Community
Name
mechanism for read access to all MIBs and write access to
standard MIBs. If no string is defined, all MIB information is
read only, and no authentication failure trap is issued.
null
48 characters
Private
Community
Name
mechanism for read and write access to Enterprise MIBs. If
no string is defined, all MIB information is read-only, and no
authentication failure trap is issued.
null
48 characters
Trap IP
Address
When a trap condition occurs, the SNMP agent sends an
SNMP trap PDU to this address’s management station.
Addresses can be entered for up to four SNMP managers.
0.0.0.0
Valid IP address
Enable
Authentication
When set to Y(es), the agent matches the community string
on an incoming PDU with community names. If there is no
match, no access is allowed. If Enable Traps is also set to
Y(es), the agent issues an authentication failure trap. If there
is a match, read only or read/write access is allowed,
depending on the name matched. When Enable
Authentication is set to N(o), no check is made, and read only
access to all MIBs is allowed.
N
Y, N
Enable Traps
When set to Y(es) and an error condition occurs, the agent
sends an SNMP trap PDU to the IP addresses specified as
Trap IP addresses. When Enable Traps is set to N(o), no
traps are sent.
N
Y, N
C - 11
C - 12
APPENDIX D
Security Commands
This Appendix contains information on the Security Commands part of the Supervisor application. The
Security features provided on the DYNASTAR 1500 X.25 FRAME ROUTER allow the Administrator or
Root user to maintain security of the DS1500-XFR system by controlling user names and user
passwords, granting access to functional levels of the Supervisor, and by enforcing controlled password
usage. The hierarchy of Security Commands is shown in Figure D-1, and the remainder of this
Appendix describes the submenus.
<1>
<2>
Password
Change
Access Security
Console Operator
Access
Permissions
MAIN MENU
<3>
Security
Options
<4>
Port
Selection
<5>
Network
Security
<4>
Security
Functions
<6>
Destinations
User
Permitted
Destinations
Access Log
<7>
Console
Monitor
Configuration
<8>
PAP/CHAP
Figure D-1. Security Menu Hierarchy
D-1
APPENDIX D - Security Commands
D.1
SECURITY
This section describes the security features of the DS1500-XFR that protect access to the Supervisor and
other management functions. Security functions are accessed from selection <4> Security on the Main
menu of the Supervisor. The main Security Functions menu is shown in Figure D-2.
*** Security Functions ***
1
2
3
4
5
6
7
8
-
Password Change
Access Security
Security Options
Port Selection
Network Security
Destinations
Console Monitor
PAP/CHAP
Set console user names & passwords
Set operator menu access permissions
Set validation options and methods
Set which ports have security enforced
Configure network passwords
Configure permitted destinations
Display or configure console monitor log
Configure PPP access security
_________[DynaStar_8307]__________
Figure D-2. Security Functions Menu
In addition to the standard Root access, the DS1500-XFR supports up to five additional operator
authorizations. The Root user defines the additional operators and their access authorizations. Only the Root
user can change the names, passwords and access capabilities of these operators. By default, Operator_1
through Operator_5 do not have passwords assigned to them. These operators are not active until the Root
operator creates passwords for them. Each operator must have a unique password. The system will reject any
duplicate password and prompt the Root user for another one.
D-2
D.2
PASSWORD CHANGE
To change a name and/or the password of the Root user or an individual operator, do the following: from the
Security Functions menu, select <1> Password Change. A Console User Names and Passwords screen
appears, as shown in Figure D-3.
*** Console User Names And Passwords ***
Last changed: 3-24-05 13:56:05
1
2
3
4
5
6
User Name
(16 Chars Max)
ROOT
Operator_1
Operator_2
Operator_3
Operator_4
Operator_5
Password
(16 Chars Max)
Password Accepted
Password Required
Password Required
Password Required
Password Required
Password Required
__________[DynaStar_31]___________
Figure D-3. Console User Names and Passwords
!
NOTE: Passwords are case sensitive. They may be any alphanumeric string up to 16
characters.
The passwords are not echoed to the screen, so be sure to remember the root password
and protect it, as it is critical to gaining operator/supervisor access for operation and
maintenance purposes.
To change the user name, move to the operator name you wish to change and type in the new name. New
unique names should be assigned to all operators or levels of operators being utilized. Names may be any
alphanumeric string up to 16 characters. For example:
•
•
•
•
•
•
Root …...……...might become ….SysAdmin
Operator_1 ….. might become.….NOC Supervisor
Operator_2……might become…..Provisioning
Operator_3……might become…..Net status
Operator_4……might become…..Tech Support
Operator_5……might become…..Field Support
After changing the name use <Tab> to move to the Password Required (or Password Accepted) field, type
in the new password and press <Enter>.
After entering a new password, a message to “Re-enter password” will appear on the screen. Just enter the
password and press <Enter> one more time. As long as the password was typed in exactly the same both
times, “Password Accepted” is displayed. If not, “Password Required” will be displayed and the process
must be repeated.
When done editing user names and passwords, enter <Y> in the Process selections field and press <Enter>.
D-3
D.3
DEFINE ACCESS PERMISSIONS
To configure the Supervisor access permissions for different operators, from the Main Menu select <4>
Security then <2> Access Security. The Operator Menu Access screen appears.
*** Operator Menu Access ***
Last changed: 3-24-05 13:56:05
1
2
3
4
5
6
-
^>"lP`p+vR&ni
Operator_1
Operator_2
Operator_3
Operator_4
Operator_5
__________[DynaStar_31]___________
Figure D-4. Operator Menu Access Screen
The Operator Menu Access screen provides a list of the defined users.
To change the access permissions for any given user, enter the number of the operator whose access
authorization you want to change. The Operator Menu Access Permissions screen for the selected operator
appears, as shown in Figure D-5.
D-4
*** Operator Menu Access Permissions ***
Port Configuration:
Port Status:
Network Configuration:
Network Status:
System Configuration:
System Status:
Security:
W
W
W
W
W
W
W
_______[DynaStar_6100a2e8]________
Figure D-5. Operator Menu Access Permissions Screen
The Operator Menu Access Permissions screen lists the functional areas that can be configured for limited
access to operators. Figure D-5 lists the functional areas which the administrator can limit access to. Each
category may have its own rules for operator access. Set the authorizations as required for each available
category by toggling W, R or N in the associated Permissions column. Refer to Table D-1 for authorization
descriptions. Tab or cursor down to the next field and toggle the Permission value using <Enter>.
When you have finished configuring the operator access for the operator that was selected, enter Y in the
Process selections field and press <Enter>. Repeat this process for each of the other operators (or class of
operators).
Table D-1. Operator Authorization Descriptions
No Access (N)
Blocks the operator from accessing a given group of
commands
Read-only Access (R)
Allows the operator to view parameters but not change them
Write Access (W)
Provides the ability to read and modify parameters
D-5
Default for
Operator 1-5
Default for Root
D.4
SECURITY OPTIONS
The next menu choice sets various security options for the use of the password and user access. The
Security Options menu is found in the Security Functions menu by selecting <3> Security Options. The
Security Options menu is shown in Figure D-6 and the fields are described in Table D-2.
*** Security Options ***
Enforce Secure Passwords:
Local User Validation:
Local Console Validation:
Password Aging:
User Expiration:
User Timeout:
N
N
N
None
0
0
__________[DynaStar_31]___________
(0-255 Days)
(0, 1-30 Min)
Figure D-6. Security Options Menu
Table D-2. Security Options Descriptions
Enforce Secure
Passwords
Forces the user to select a password of at least eight
characters with at least one alphabetic and one numeric
character as part of the password.
Y
N (default)
Local User Validation
Requires users connecting to the DS1500-XFR to present a
valid username and password. Users can be directly
connecting to physical ports or remotely accessing via
Telnet.
Y
N (default)
Local Console
Validation
Requires users connecting via port 6 to present a valid
username and password.
Y
N (default)
Password Aging
Time after which the user must change his password.
None (default)
30 days
60 days
90 days
User Expiration
If a user has not used his account for this number of days,
the account will be disabled.
0 -255 days
0 = default (never
disable)
User Timeout
Inactive calls are cleared after this amount of time. This
value applies to all users of the system.
0 = default
(disabled)
1 - 30 minutes
D-6
D.5
PORT SELECTION
The next menu choice sets security options on a per-port basis. Ports can be configured to enforce local
security and/or to enforce the use of SecurID. The Port Security menu (Figure D-7) is found in the
Security Functions menu by selecting <4> Port Selection. Tab to the entries for each port and press
<Enter> to toggle the value to “Y”.
*** Port Security Menu ***
Port
Name
Local
CON Console
N
10 Virtual PAD
N
99 Virtual X.25
N
E1 Enet 1
N
E2 Enet 2
N
E3 Enet 3
N
E4 Enet 4
N
E5 Enet 5
N
S1 SERIAL-S1
N
S2 SERIAL-S2
N
S3 SERIAL-S3
N
S4 SERIAL-S4
N
S5 SERIAL-S5
N
S6 SERIAL-S6
N
S7 SERIAL-S7
N
S8 SERIAL-S8
N
_________[DynaStar_8307]__________
SecurID
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
Figure D-7. Port Security Menu
When “Local” is set to “Y”, names and passwords defined in the Network Security and Mnemonics screens
must be presented before a user is allowed to access a given port. When SecurID is set to “Y”, SecurID
access security is used. SecurID is a feature that enables only authorized users to access the secured network
by sending a user’s name and passcode across a TCP/IP network to a remote server. The server authenticates
the user and responds back to the DS1500-XFR with an access granted or access denied message.
D-7
D.6
NETWORK SECURITY
The Network Security Information table lets the administrator enter up to 100 user names and passwords.
These users will be allowed to access the mnemonic destinations that were defined under Async Services
(see “X.25 Mnemonics” on page B-59). When a new entry is added to the table, a flag is set that forces the
user to enter a new password the first time that he logs onto the network. This allows the network
administrator to set up a group of new users with temporary passwords, but the users will be forced to assign
their own passwords the first time they access the network.
To set up an entry in this table, the administrator types in the user name and presses <Enter>. The
administrator then enters the password for this user. For security reasons, the system requires the
administrator to re-enter the password.
The Network Security Information menu is found in the Security Functions menu by selecting <5>
Network Security. The Network Security Information screen is shown in Figure D-8.
*** Network Security Information ***
User Name
(16 Chars Max)
1 SUZY
2 BOB
3
4
9:13:30
Password
(16 Chars Max)
Password Accepted
Password Accepted
Figure D-8. Network Security Information Table
D.7
DESTINATIONS
The Destinations option allows the administrator to associate the defined users with the destinations that
they are allowed to access. The User Directory screen (Figure D-9) is found in the Security Functions
menu by selecting <7> Destinations. This is a read-only list of the previously defined users. (See “Network
Security” on page D-8 for information on defining users.) From the User Directory screen the administrator
selects the user with whom to associate one or more destinations by typing in the corresponding user
number. Once this is done, the User Permitted Destinations screen (Figure D-10) appears. This screen lists
the mnemonic destinations that were defined when the ports were defined (see “X.25 Mnemonics” on page
B-59). To allow a user to access a given destination, toggle the “Permitted”
field to Y.
D-8
*** User Directory ***
9:13:30
1 - SUZY
2 - BOB
__________[DynaStar_31]___________
Figure D-9. User Directory Screen
*** User Permitted Destinations ***
Destinations
9:13:30
Permitted
1 CONSOLE
2 RENO_6
3 TAMPA
N
N
N
User Name:
__________[DynaStar_31]___________
SUZY
Figure D-10. User Permitted Destinations Screen
D-9
D.8
CONSOLE MONITOR
The Console Monitor functions allow the user to display the console monitor log and to configure which
parameters will be logged. The Console Monitor Functions menu (Figure D-11) is found in the Security
Functions menu by selecting <7> Console Monitor.
*** Console Monitor Functions ***
1 - Access Log
2 - Configuration
Display console monitor log
Configure console monitor log
__________[DynaStar_11]___________
Figure D-11. Console Monitor Functions Menu
From the Console Monitor Functions menu, selecting <1> Access Log displays the Console Access Log
(Figure D-12). This log provides the following information:
•
•
•
•
•
Date and time the event occurred
The event that occurred (see Table D-3 for a list of possible events)
The UserID, if it can be determined, of the user that caused the event
The address, if it can be determined, of the user that caused the event
The local DS1500-XFR port over which the console session is transmitted. For example,
“Console” for the physical console port or “728” for a telnet session using the first virtual
port.
After a screen of information has been displayed, the message “Press <CR> for More:” appears. When all
information has been displayed, the message “Enter Y<RET> to clear the system event log, otherwise
N<RET>:” is displayed. Enter Y to clear the log and exit; enter N to exit the log without clearing the
information.
D - 10
Console Access log:
Date/Time
Event
User ID
Addr
Port
2005-06-06
9:13:04 Logon
ROOT
Console
2005-06-06
9:14:52 Logon
ROOT
Console
2005-06-06
9:25:16 Logon
ROOT
Console
2005-06-06
9:25:57 Logon
ROOT
Console
2005-06-06
9:26:10 Logon
ROOT
Console
2005-06-06
9:55:02 PwdErr
No User ID
Console
2005-06-06
9:55:04 Logon
ROOT
Console
2005-06-06
9:57:25 Logon
ROOT
Console
2005-06-06
9:58:02 Logon
ROOT
Console
Figure D-12. Console Log
From the Console Monitor Functions menu, selecting <2> Configuration displays the Console Monitor
Functions (Figure D-13). The parameters are explained in Table D-3.
*** Configure Console Monitor Logging ***
Log Logons
Log Logouts
Log Failed Password
Log Max Failed Password
Log Failed UserID
Log Max Failed UserID
Alarm Logons
Alarm Logouts
Alarm Failed Password
Alarm Max Failed Password
Alarm Failed UserID
Alarm Max Failed UserID
Y
N
Y
Y
Y
Y
N
N
N
Y
N
Y
__________[DynaStar_11]___________
Figure D-13. Console Monitor Logging Configuration Screen
D - 11
Table D-3. Console Monitor Logging Parameters
Parameter
Description
Default
Log Logons
When enabled, each logon generates
a log entry.
Y
Log Logouts
When enabled, each logout
generates a log entry.
N
Log Failed Password
When enabled, an invalid password
entry generates a log entry.
Y
Log Max Failed Password
When enabled, generates a log entry
if the maximum permissible
(successive) number of password
failures occurs. The maximum is fixed
at 3.
Y
Log Failed UserID
when an invalid UserID is used.
Y
Log Max Failed UserID
(successive) number of UserID
at 3.
Y
Alarm Logons
When enabled, each logon generates
an SNMP trap.
N
Alarm Logouts
When enabled, each logout
generates an SNMP trap.
N
Alarm Failed Password
When enabled, an invalid password
entry generates an SNMP trap.
N
Alarm Max Failed Password
When enabled, sends an SNMP trap
(successive) number of password
at 3.
Y
Alarm Failed UserID
when an invalid UserID is used.
N
Alarm Max Failed UserID
(successive) number of UserID
at 3.
Y
D - 12
D.9
PAP/CHAP
PAP (Password Authentication Protocol) and CHAP (Challenge Handshake Authentication Protocol) are
both authentication mechanisms that can be negotiated as part of the Link Control Protocol (LCP) on a PPP
link to identify the remote end. By default, authentication is not required on a PPP link. However,
authentication is frequently used to ensure that only valid users are gaining access to network resources. It is
possible for one party to ask for authentication with PAP and for the other party to ask for authentication
using CHAP.
PAP security is based on a shared password that is transmitted over the line. The party that is asked to
authenticate itself sends its ID and password to the other side, which compares them to its table of valid IDs
and passwords. However, because the ID and password are sent in the clear, they are vulnerable to
eavesdropping.
CHAP security is based on a shared “secret” that is configured in both units but is never transmitted. The
party that is asked to authenticate itself is sent a randomly derived challenge, to which it provides a response
that contains an ID and a value derived from the challenge data and the “secret” value that is shared by the
two parties. Since this response changes with each request, an eavesdropper will not be able to provide a
valid response at the next authentication request.
If PAP or CHAP is requested, the higher layers are not configured until the authentication is successful. With
CHAP, a challenge can be issued at any time, even after the higher layers have been configured. The
DS1500-XFR will respond to challenges at any time, but it will issue a challenge only once after the link
layer has been configured.
The PAP and CHAP values are configured from the PAP/CHAP Values screen (Figure D-14), which is
accessed from the Security Functions menu by entering <8> PAP/CHAP. The entries on this screen are
used both to authenticate remote units and to provide authentication of the local unit with remote units
(parameters are explained in Table D-4).
*** PAP/CHAP Values ***
Last changed: 6-9-05 5:46:32
01: ID:
PW:
Secret:
Scope
02: ID:
PW:
Secret:
Scope
02: ID:
PW:
Secret:
Scope
02: ID:
PW:
Secret:
Scope
(32
(32
(32
(12
(32
(32
(32
(12
(32
(32
(32
(12
(32
(32
(32
(12
Port:
Port:
Port:
Port:
ASCII)
ASCII)
ASCII)
NUMBER)
ASCII)
ASCII)
ASCII)
NUMBER)
ASCII)
ASCII)
ASCII)
NUMBER)
ASCII)
ASCII)
ASCII)
NUMBER)
Process selections (Y/N):Y
__________[DynaStar_11]___________
In left most field, use UP/DOWN to scroll and LEFT to process selections.
To change or add entry, enter new value. Use <CTRL-D> to delete entry.
Use TAB & CURSOR keys to move among fields. Press ESC to abort command & exit.
Figure D-14. PAP/CHAP Values Screen
D - 13
Table D-4. PAP/CHAP Parameters
Parameter
Description
ID
This field is mandatory for each entry. It provides an
identification that can be used to identify a remote unit or
the local unit.
PW
The password to be passed for PAP authentication.
Secret
The secret value to be used for CHAP authentication.
Scope Port
If a port number is entered, the entry can be used for
authentication of units attached to this port only. A port
number of 255 indicates that this entry is for local
identification only and will be provided in response to a
remote’s request for authentication.
The ID, PW, and Secret fields accept up to 32 alphanumeric characters. The fields are case sensitive. If an
ID has both a password and secret defined for it, then it could be used for PAP or CHAP. If both the PW and
Secret fields are blank, the ID can be used for PAP authentication and the password will be blank. The
example below illustrates the use of PAP and CHAP in a small network.
In the example shown in Figure D-15, the Chicago DS1500-XFR initiates a PPP call to Miami that comes
in on port 3. Miami wishes to use PAP to authenticate this call. The DS1500-XFR in Dallas calls from its
port 4 to Miami port 4; in this case, both ends want to verify the remote using CHAP authentication.
.
PAP Authentication
3
DynaStar
1500
DynaStar
1500
Chicago
Miami
4
CHAP Authentication
4
DynaStar
1500
Dallas
CHAP Authentication
Figure D-15. PAP/CHAP Example
Configuration of Miami DS1500-XFR
1. Configure the remote PAP authentication for port 3
ID: DS100Chicago3
[ID of remote unit]
PW: LakeMichigan
[PAP password]
Secret:
[For CHAP, so not needed here]
Scope Port:
[Not limited to any port]
2. Configure the remote CHAP authentication for port 4
ID: DS100Dallas4
[ID of remote unit]
PW:
[For PAP, so not needed here]
Secret:FortWorth
[CHAP secret]
Scope Port: 4
[Limits use to port 4 only]
D - 14
3. Configure the local CHAP authentication for port 4
ID: DS100Miami4
[ID of local unit]
PW:
Secret: OCEAN
[CHAP secret]
Scope Port: 255
[For local unit to authenticate itself, not used for remote.]
Configuration of Chicago DS1500-XFR
1. Configure the local PAP authentication
ID: DS100Chicago3
[ID of this unit]
PW: LakeMichigan
[PAP password]
Secret:
[For CHAP, so not needed here]
Scope Port: 255
Configuration of Dallas DS1500-XFR
1. Configure the local CHAP authentication
ID: DS100Dallas4
[ID of this unit]
PW:
Secret: Fort Worth
[CHAP secret]
Scope Port: 255
2. Configure the remote CHAP authentication for port 4
ID: DS100Miami4
[ID of remote unit]
PW:
Secret: OCEAN
[CHAP secret]
Scope Port: 4
[Use for port 4 only]
D - 15
D - 16
ADDENDUM1
VLANs
This purpose of this Addendum is to provide the user with more in-depth details on using VLANs on the
DYNASTAR 1500 product. The first section of this Addendum gives an overview of the VLAN feature
and the remaining section gives basic configuration details.
1.1
VLAN OVERVIEW
Basic tagged VLANs are very similar to Port Groups used in the DYNASTAR 1500. In the most basic
configuration, devices attached to the DYNASTAR 1500 are not themselves aware of being a member of a
VLAN and do not participate in creating or interpreting VLAN tags. Rather, the DYNASTAR 1500 port is
provisioned to assign a VLAN membership to the device attached to that port, or more specifically to the
frames that enter the network on that port. The DYNASTAR 1500 and other interconnected tagged VLAN
switches then create a “VLAN” or Virtual Local Area Network where frames are only MAC-layer switched
among ports of the same VLAN. Typically, the devices attached to the DYNASTAR 1500 have no visibility to
devices that are not part of their VLAN except and unless the traffic is routed by an IP router. (Note that
unlike most Ethernet switches, the DYNASTAR 1500 has an embedded IP routing function that can route
traffic among VLANs if that is desired.)
The main differences between tagged VLANs and Port Groups are that with Tagged VLANs, the frames are
assigned a ‘tag’ or an additional field in their header per 802.1Q. This tag allows VLAN membership to be
associated with a frame rather than a port, and this VLAN membership information can be passed to other
devices in an interconnected network. Most commonly, tags are used to allow shared trunks among Ethernet
switches to carry traffic for multiple VLANs on a shared basis without compromising the security of the
VLANs, i.e., the VLAN traffic is logically separate and the VLAN membership can be screened as required
in the downstream Ethernet switch.
As a default mode when using Tagged VLANs, all ports are assigned to VLAN number 1. With all ports in
the same VLAN, the DYNASTAR 1500 behaves as it would with no VLANs, i.e., all traffic is allowed among
all ports. Using the Port Configuration screen, each port may be assigned an alternative VLAN number.
VLAN numbers assigned to ports may range from 1 to 4094. This VLAN number will be applied to all
incoming frames that do not have previously marked 802.1Q tags. (This typically is the case for all frames
coming into a DYNASTAR 1500 from a device other than another VLAN-enabled Ethernet switch, but
special cases are noted below.) All ports that the operator wishes to secure from general traffic should be
assigned to a VLAN other than VLAN 1. All ports that the operator wants to participate in a specific VLAN
must be assigned the same VLAN number.
VLAN Addendum
1
ADDENDUM - VLANs
VLAN Overview
1.1.1
VLAN Tagging Options
There are three additional configuration parameters associated with VLANs, two dealing with ingress tags
and one with egress. The Ingress Tag Required parameter indicates whether frames on a given port are
required to already have an 802.1Q tag in their header. Similarly, the Egress Tagging parameter indicates
whether frames leaving a port should contain an 802.1Q tag in their header, or alternatively have any such
tag removed by the DYNASTAR 1500 as the frame leaves the switch. For the case of Basic VLANs, the
devices attached to the DYNASTAR 1500 will not be VLAN-aware (i.e., will not create or expect to see
VLAN tags). In these cases, the Ingress and Egress parameters should be left at their default values:
“Optional” (rather than “required”) for ingress tags and “No” (meaning remove tags) rather than “Yes”
(meaning leave tags intact) for Egress Tagging.
The primary use of the Ingress and Egress Tag parameters other than the default settings is to configure
VLAN trunks. In some cases, other devices attached to the DYNASTAR 1500 may be “VLAN Enabled” and
create and interpret 802.1Q tags. In these cases, the Ingress Tagging may be set to either Required or
Optional (depending on the application) and Egress Tagging should be set to “Y”. Using values other than
the default should be done with caution and with some knowledge of the operation of 802.1Q VLANs. The
other related parameter is the Ingress Security parameter. This indicates whether the DYNASTAR 1500
should enforce filtering of frames based on the provisioned VLAN membership. In general, this parameter
should always be left at the default setting of “Yes” since VLAN membership should always be enforced. In
the case where VLANs are not being actively used, but 802.1Q tagging is still being performed (e.g., when
802.1p traffic prioritization is used, which also depends on tags), then all ports should be assigned to VLAN
1 so that default security will permit all traffic among all ports.
1.1.2
VLAN Membership Verification
When using multiple VLANs, it is a good idea to verify that the VLAN membership has been configured
correctly by using the VLAN Membership screen. This screen is accessed from the Ethernet Switch Port
Configuration menu, see Figure 1-1, (when VLAN Enabled is “Y”) by entering <CNTL-V>. A screen
similar to the Figure 1-2 will appear.
All of the VLAN ID numbers that are recognized by the DYNASTAR 1500 are listed on the VLAN
Membership screen, shown in Figure 1-2. Each physical port is listed across the top creating a column per
port. An “*” (asterisk) in a column indicates this VLAN is the default VLAN for this port. A “-” (hyphen)
indicates that the port is not a member of this VLAN. A “+” (plus sign) indicates that the port is also a
member of this VLAN, but not as the primary (default VLAN) for this port. The primary (default) VLAN
represents the VLAN number that will be assigned to any unmarked frames entering the DYNASTAR 1500
on this port (unless Tagging Required is set to “Y”, in which case untagged frames will be discarded
anyway). The other VLANs that a port is assigned to are used as VLAN filters. Assuming VLAN Security is
set (parameter is “Y”), then frames for VLANs in which the port is not a member will be discarded. In most
cases, ports will belong to their primary (default) VLAN only. The main application for a port belonging to
multiple VLANs is for VLAN Trunks. (See “VLAN Trunk Provisioning” on page 4.)
VLAN Addendum
2
ADDENDUM - VLANs
VLAN Overview
Last Changed:
0-0-90 22:29:40
(0,16,32...4080)
VLAN Enabled: Y
Port
E1
E2
E3
E4
E5
Group
1
1
1
1
1
Speed
auto
auto
auto
auto
auto
auto
N
low N
auto
N
low N
auto
N
low N
auto
N
low N
auto
N
low N
Ingress
Tag Sec
opt Y
opt Y
opt Y
opt Y
opt Y
IP BRG
Y
N
Y
N
Y
N
Y
N
Y
N
Egress
Tag
N
N
N
N
N
__________[DynaStar_31]___________
Press Ctrl-V to configure VLAN groups
Figure 1-1. Ethernet Switch Port Configuration Menu
*** VLAN Membership ***
Ingress
VLAN
1 1
Name
(15)
Port
1------8
*****
__________[DynaStar_31]___________
Members
9-----16
0:00:00
Active
17----24
25-26
Y
Figure 1-2. VLAN Membership Menu
VLAN Addendum
3
ADDENDUM - VLANs
VLAN Overview
1.1.3
VLAN Trunk Provisioning
In general, ‘trunks’ are Ethernet connections between adjoining Ethernet switches, whether the switches are
both DYNASTAR 1500’s or other comparable devices. “VLAN Trunks” are Ethernet connections (trunks)
from one Ethernet switch to another that support 802.1Q tagged frames and enable multiple VLANs to
securely share the trunk and/or support 802.1p frame marking for traffic prioritization. VLAN Trunks
require 802.1Q tags, both on frames that enter on a trunk port and egress on a trunk port. This in contrast to
Basic VLAN ports described above which typically do not use tagged frames between the DYNASTAR 1500
and the attached device. With VLAN trunks, the frame tag is how VLAN membership and/or traffic priority
regarding the frame is passed on to the next switch in the network.
There are two main steps that are required to define VLAN trunks besides general Port Provisioning
described above (using the VLAN Enabled procedure in “VLAN Membership Verification” on page 2).
•
•
Enable ingress and egress tags on the port configuration screen
Set the VLAN Membership for the trunk to include all VLANs
On the Ethernet Switch Port Configuration screen (with VLANs Enabled), for the ports that represent
VLAN trunks, set:
•
•
•
Ingress Tagging to “Req” (for required)
Ingress Security to “N”
Egress Tagging to “Y” to propagate tags onto the trunk
Access the VLAN Membership screen from the Ethernet Switch Port Configuration screen by entering
<CNTL-V>. A VLAN Membership screen similar to Figure 1-2 appears. For each Port that represents a
VLAN Trunk, toggle the VLAN Membership entries so that there is a “+” (plus sign) in all entries of the
column associated with that port, indicating that the trunk port is a member of all VLANs.
!
NOTE: In some cases it may be necessary to add additional VLANs to the VLAN
Membership table.
In a network of several switches, some switches may represent pass-through or transit nodes for VLAN
traffic where no members of that VLAN are local ports on that switch. (For example, this could occur in a
large ring configuration of several switches.) These distributed VLANs have members on other switches in
the network, but not on this particular switch. In order for this VLAN traffic to be switched through the
transit switch without being filtered out (discarded), the trunks must be defined as members of these
distributed VLANs. To do this, simply type a new line into the VLAN Membership table, starting with the
VLAN Number of the distributed VLAN. Then toggle the VLAN membership for the Trunk Ports such that
the Trunk Ports are included in this new VLAN. Do not make any of the other local ports members of this
new VLAN.
1.1.4
Priority Management Using 802.1p
In many ways, traffic prioritization using 802.1p is similar to basic traffic prioritization described in “VLAN
Tagging Options” on page 2. DYNASTAR 1500 ports are marked as High or Low priority in the Ethernet
Switch Port Configuration screen and all traffic entering the switch on that port then carries an output
queuing priority of either High or Low. However, basic prioritization has meaning only within a single
switch. By contrast, with 802.1p, frames are marked with a priority tag that can be passed onto other
switches (via VLAN tags) or even to other end devices attached to the DYNASTAR 1500. The High/Low
queuing priority can then be maintained at all points along the network path.
VLAN Addendum
4
ADDENDUM - VLANs
General VLAN Configuration
The DYNASTAR 1500 has two levels of priority defined for the transmission of frames. For VLAN tagged
frames arriving at the Ethernet port the subsequent transmit queuing priority will be either high or low.For
frames that have tags added on ingress, the priority value is defined by the high / low setting in the Ethernet
Switch Port Configuration screen (Figure 1-1).
1.1.5
Configure Traffic Prioritization
To implement traffic prioritization using 802.1p, there are two main requirements:
•
•
Set the Priority parameter for each port to High or Low
Create VLAN trunks between all Ethernet switches in the network
To set the Priority parameters, use the Ethernet Switch Port Configuration screen (with VLANs Enabled
= Y) and toggle the Priority column to either H or L for each port, as desired. 802.1p Priority Tags will be
internally generated for each frame arriving on these ports.
To pass the priority tags to other switches, configure VLAN Trunks as described in “VLAN Trunk
Provisioning” on page 4. The priority tag is a sub-field of the 802.1Q VLAN tag, so 802.1Q VLANs must be
enabled in order for 802.1p prioritization to function. If you are not using VLANs, you must still use VLAN
Enabled provisioning and activate 802.1Q. However, you would leave all ports (including the trunk ports) as
members of VLAN number 1 (the default VLAN). All traffic would then be allowed among all ports, but
VLAN tags will be created within the network to carry the 802.1p priority information.
1.2
GENERAL VLAN CONFIGURATION
General operation of VLANs is first enabled by setting the VLAN Enabled Field on the Ethernet Switch
Port Configuration menu to Y. Once enabled and the cursor is moved into another field the Ethernet
Switch Port Configuration menu changes to include the VLAN parameters as shown in Figure 1-1.
The ports are numbered E1 through E5 representing the five Ethernet ports. The Group field allows you to
define the VLAN tag that will be used for this port and can be set up as individual ports or groups of ports
using the same VLAN tag. Note that if traffic is arriving without tags present and egress tags are not used
then the switch simply behaves as a simple Ethernet switch, allowing switching only between ports in the
same group.
There are three controls associated with VLAN operation: Ingress Tag, Ingress Sec (Security) and Egress
Tag options.
The Ingress Tag field configures the switch to allow either “opt” (Optional) Tag, i.e. the incoming traffic can
contain or not contain a VLAN tag or “req” (Required) meaning the incoming traffic must contain a VLAN
tag. Traffic without a VLAN Tag is discarded.
The Ingress Sec field works in conjunction with the Ingress Tag setting, where if the Ingress Tag is set to
“req” and the Ingress Sec field is set to “N” (No) then the switch will accept any frame that contains a tag.
However, untagged frames are discarded and if security is set to “Y” (Yes) then inbound frames must
contain the same VLAN tag number as the VLAN tag assigned to that port. Failure to match the port
configured VLAN tag will result in the frame being discarded.
The Egress Tag field controls whether outbound frames contain a VLAN tag or not. When set to “N” (No),
all VLAN tags are removed prior to transmission. When set to “Y” (Yes), frames arriving with VLAN tags
already assigned are forwarded unchanged and frames arriving without tags have VLAN tags inserted
according to the number defined in the configuration menu for the port the frame arrived on. In the
configuration example in Figure 1-3, untagged frames arriving on E1 will be transmitted with VLAN tag
100 inserted. Changing the Group field to 100 changes the VLAN ingress tag in the VLAN Membership
menu.
VLAN Addendum
5
ADDENDUM - VLANs
Last Changed:
0-0-90 22:29:40
(0,16,32...4080)
VLAN Enabled: Y
Port
E1
E2
E3
E4
E5
Group
100
2
2
2
2
Speed
auto
auto
auto
auto
auto
auto
N
high N
auto
N
low N
auto
N
low N
auto
N
low N
auto
N
low N
IP BRG
Y
N
Y
N
Y
N
Y
N
Y
N
Ingress
Tag Sec
opt Y
opt Y
opt Y
opt Y
opt N
Egress
Tag
N
N
N
N
Y
________[DynaStar_b441334]________
Press Ctrl-V to configure VLAN groups
Figure 1-3. Ethernet Switch Port Configuration Example
The next part of the VLAN configuration is the VLAN membership table. This table defines on which port
or ports a particular tagged traffic can be shared. The table can be accessed by pressing <CTRTL-V> from
the Ethernet Switch Port Configuration screen. The VLAN Membership menu is shown in Figure 1-4.
With the port configurations defined above, we have two port groups defined: Port E1 VLAN ID 100 and
ports E2 through E5 in the same group with VLAN tag 2.
The VLAN membership configuration deals only with frames that contain VLAN tags. For other, nontagged frames, the traffic will be shared only within the same port group as the traffic was received from. So
for port E1 above the traffic has nowhere to go, but port E5 can switch untagged frames between any of the
four ports in its group.
For frames with tags, either already present when received or because they had tags added by the incoming
port, then the destination ports are defined by this VLAN membership table.
VLAN Addendum
6
ADDENDUM - VLANs
Ingress
VLAN
1 2
2 100
Name
(15)
Port
1------8
-****
*----
________[DynaStar_b441334]________
Members
9-----16
7:56:52
Active
17----24
25-26
Y
Y
Figure 1-4. VLAN Membership Example
The VLAN Membership screen, Figure 1-4, will initially default to the port VLAN addresses defined in
the Ethernet Switch Port Configuration screen. The table shows that frames tagged with ID 2 can only be
transmitted on port E2 through E5, whereas frames tagged with 100 can only be transmitted on port E1. The
“*” shows the default ports that are shared by this particular tag, as defined by the port group number. The
“-” indicates that this port cannot transmit traffic marked with this tag value. The “-” field can be modified to
show “+”; the “+” sign then adds this particular port into the sharing of the VLAN tag. The example in
Figure 1-5 has been changed to allow frames marked with VLAN tag 100 to be shared between the default
port E1 and the addition of port E5.
VLAN Addendum
7
ADDENDUM - VLANs
Ingress
VLAN
1 2
2 100
Name
(15)
Port
1------8
-****
*---+
________[DynaStar_b441334]________
Members
9-----16
7:56:52
Active
17----24
25-26
Y
Y
Figure 1-5. VLAN Membership Example Shared VLAN Tags
VLAN tags can also be added to define flood maps, this would be the case in a more complex setup where a
number of switches are present and VLAN tagged frames could arrive at a particular switch that do not
match any of the port-based VLAN tags (the switch is just a switching node). The example in Figure 1-6
adds tags 25 and 31 to the VLAN Membership table.
1
2
3
4
Ingress
VLAN
2
25
31
100
Name
(15)
Port
1------8
-****
+---+
+--+*---+
________[DynaStar_b441334]________
Members
9-----16
7:56:52
Active
17----24
25-26
Y
N
N
Y
Figure 1-6. VLAN Membership Example Adding Tags
Here, VLAN tag 25 can transit ports E1 and E5, and VLAN tag 31 can transit E1 and E4.
VLAN Addendum
8
ADDENDUM2
VRRP
This purpose of this Addendum is to provide the user with more in depth details on using VRRP on the
DYNASTAR 1500 product.
1.1
VRRP OVERVIEW
VRRP (Virtual Router Redundancy Protocol) specifies an election protocol that dynamically assigns
responsibility for a virtual router to one of the VRRP routers on a LAN. The VRRP router controlling the IP
address(es) associated with a virtual router is called the Master, and forwards packets sent to these IP
addresses. The election process provides dynamic fail over in the forwarding responsibility should the
Master become unavailable. The advantage gained from using VRRP is a quicker switch over to back up
routers than can be obtained with standard Neighbor Discovery [ND] mechanisms. All protocol messaging
is performed using multicast datagrams, thus the protocol can operate over a variety of multiaccess LAN
technologies supporting multicast. Each VRRP virtual router has a single well-known MAC address
allocated to it. The virtual router MAC address is used as the source in all periodic VRRP messages sent by
the Master router to enable bridge learning in an extended LAN.
A virtual router is defined by its virtual router identifier (VRID) and a set of address(es). A VRRP router
may associate a virtual router with its real address on an interface, and may also be configured with
additional virtual router mappings and priority for virtual routers it is willing to back up. The mapping
between VRID and its address(es) must be coordinated among all VRRP routers on a LAN. However, there
is no restriction against reusing a VRID with a different address mapping on different LANs. The scope of
each virtual router is restricted to a single LAN.
To minimize network traffic, only the Master for each virtual router sends periodic VRRP Advertisement
messages. A Backup router will not attempt to preempt the Master unless it has higher priority. This
eliminates service disruption unless a more preferred path becomes available. It is also possible to
administratively prohibit all preemption attempts. The only exception is that a VRRP router will always
become Master of any virtual router associated with the address it owns. If the Master becomes unavailable,
then the highest priority Backup will transition to Master after a short delay, providing a controlled transition
of the virtual router responsibility with minimal service interruption.
The VRRP protocol design provides rapid transition from Backup to Master to minimize service
interruption, and incorporates optimizations that reduce protocol complexity while guaranteeing controlled
Master transition for typical operational scenarios. The optimizations result in an election protocol with
minimal runtime state requirements, minimal active protocol states, and a single message type and sender.
The typical operational scenarios are defined to be two redundant routers and/or distinct path preferences
among each router. A side effect when these assumptions are violated (i.e., more than two redundant paths
all with equal preference) is that duplicate packets may be forwarded for a brief period during Master
election. However, the typical scenario assumptions are likely to cover the vast majority of deployments,
loss of the Master router is infrequent, and the expected duration in Master election convergence is quite
small (<< 1 second). Thus the VRRP optimizations represent significant simplifications in the protocol
design while incurring an insignificant probability of brief network degradation.
VRRP Addendum
1
ADDENDUM - VRRP
VRRP Provisioning and Implementation on DynaStar Products
1.2
VRRP PROVISIONING AND IMPLEMENTATION ON DYNASTAR
PRODUCTS
The two basic scenarios discussed here are LAN protection and WAN/serial protection. In the first case the
LAN protection is implemented by creating the VRRP group and assigning one of the routers the master role
and another router(s) as backup. The second scenario requires that two VRRP groups be established. The
first group is connected to the serial devices via a splitter link, thus sending all traffic to both the master and
backup routers. The second group created is the WAN side protection. The following sections describe the
provisioning requirements and rules as well as implementation of the two basic VRRP scenarios of LAN and
WAN/serial.
1.2.1
Provisioning
The following require setup and provisioning to complete the VRRP setup:
•
•
•
•
•
•
Ethernet Ports
Frame Relay ports and DLCIs (if required)
IP addresses
OSPF
VRRP group (need to supply VRID, name, and IP address)
Advanced Terminal Server for protected serial ports, supply VRID
There are certain parameters and rules that must be followed when creating a VRRP group. The menu
shown in Figure 1-1 shows the fields that require completion by the network administrator. This screen can
be accessed by entering <2> Network, <1> Router, <9> VRRP, <1> VRRP Configuration. At this point,
the Configured VRRP Groups screen appears. Any configured groups will be listed on this screen; if no
groups have been defined, the screen will be blank. Press <Enter> to access the screen shown in Figure 1-1.
*** VRRP Configuration ***
Virtual Router ID:
VRRP group name:
VRRP IP address:
(1-255)
(15)
0.0.0.0
_______[DynaStar_6100a3d2]________
Figure 1-1. VRRP Configuration Menu
The three provisioning parameters are Virtual Router ID (VRID), VRRP group name, and the VRRP IP
address. The following describe the requirements for each.
VRRP Addendum
2
ADDENDUM - VRRP
•
•
•
1.2.2
VRID: must be unique on a DynaStar, must be the same for all the DynaStars that belong to
a VRRP group (which is defined by the VRID). The scope of the VRRP protection group is
the LAN. All the VRRP routers in the same group must have interfaces on the same
network.
The group name should be consistent between the VRRP routers in the same group.
The IP address that is protected by a group has to be the same for all VRRP routers in the
group. The protected IP address can only belong to one VRRP group. The IP address cannot
be a multicast or broadcast address.
Implementation
The DynaStar’s implementation of the VRRP protocol allows for two typical scenarios:
•
•
LAN protection
WAN/Serial connection protection.
In the LAN protection case, the DynaStar devices behave as VRRP routers, allowing hosts to setup a single
default gateway. If the default gateway should fail, the backup DynaStar automatically takes over and routes
packets for the hosts. This scenario is shown in Figure 1-2. In this case two routers are connected to a LAN
and one is the master VRRP router and the other is the backup. Should the master fail the backup will
automatically assume the master router role.
DynaStar
VRRP Group
DynaStar
DynaStar
LAN
E1
E2
E3
Ethernet Devices
Figure 1-2. VRRP Example for LAN
1.2.2.1
LAN Protection
Once the network is setup (using RIP or OSPF), the user then provisions the VRRP group, assigning an
arbitrary unique VRID, Name and the IP address of the Master router. This step is repeated for both routers.
!
NOTE: There can be more than one backup router. All routers in the VRRP group need to have
identical VRRP provisioning information and belong to the same LAN.
VRRP Addendum
3
ADDENDUM - VRRP
In the second case, a typical network, as shown in Figure 1-3, allows the user to set up a serial connection
(telnet, ftp, etc.) for the far end RTU over a Frame Relay network. If a DynaStar or a connection in the main
path fails, the packets will get automatically rerouted if possible. Alternately, the TCP/IP session will
terminate and the user can then reestablish it (using the same remote IP address and socket) within seconds.
1.2.2.2
WAN/Serial Protection
Once the network is set up and OSPF is provisioned and established, the user provisions two separate VRRP
groups. One group is for the Host side, and one group is for the RTU side. On the RTU side, the user also
needs to go to the advanced terminal server screen to fill in the VRID field. That field determines which
serial port(s) are protected by the VRRP group.
DynaStar
VRRP Group
DynaStar
DynaStar
LAN Connection
LAN Connection
VRRP Group
Ethernet Connection
DynaStar
DynaStar
Link
Device
Serial Devices
S1
S3
RTUs
S2
Figure 1-3. WAN and Serial Protection Example
VRRP Addendum
4

Guide DynaStar 1500 (DS1500-XFR) X.25 Frame Router

Transcription

Similar documents

#104 300 Klahanie Drive • Port Moody

Dog Meet and Greet! Saturday June 6th

Proceeds go to support NJROTC scholarships and the Port

A Port Profile - Port Washington School

Port Operations

Lentune Norway

Port Operation

Koper Port of Slovenia

Portuary Activity

VX550 - Lpc Uk