Professional Documents
Culture Documents
DT2048 SHDSL/R 2W
DT2048 SHDSL/R 4W
205.1671.50-2
2009 - DIGITEL S.A. INDÚSTRIA ELETRÔNICA
Rua Dr. João Inácio, 1165
Bairro: Navegantes
CEP 90230-181 Porto Alegre/RS Brasil
Tel.: 55 51 3337.1999
Fax: 55 51 3337.1923
http://www.digitel.com.br
E-mail: info@digitel.com.br
Instalation and Configuration
General Guidelines
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
• Before using the equipment, please read all general information and installation instructions in this manual.
○
○
• Disconnect the equipment before cleaning it. Do not use liquids, pastes, aerosols or abrasive products; use
○
○
a soft cloth, dry or slightly moistened. Never let any objects or substances fall inside the equipment through its
○
openings.
○
○
○
• Do not expose your equipment to rain or humidity levels and temperature variations beyond those specified
○
in this manual.
○
○
• Make sure that the connections of plugs, connectors, cables and accessories comply with the technical
○
○
specifications presented in this manual. Check whether these connections are correctly and firmly plugged.
○
Always turn off the equipment before making any connections and installing peripherals or accessories.
○
○
• You may insert some products manufactured by Digitel into cabinets or sub-racks without having to
○
○
disconnect them. To do so, follow the instructions on Product Installation.
○
○
• Do not overload the power feeding plugs. If you need to use an extension cord, make sure to use a cord and
○
○
a plug that are compatible with those used by the equipment.
○
○
• If you have to replace equipment parts or components, always use original parts. If you have questions and
○
doubts, contact our Technical Support Center.
○
○
• Take the necessary measures concerning antistatic and surge protection by grounding wires, using power
○
○
supply filters, voltage stabilizers and no-breaks.
○
○
• In case of cabinets, always mount them on a firm and flat surface. Cabinet slots and openings are meant to
○
○
avoid overheating. Therefore, these openings can not be blocked or covered. Make sure there are at least 3.5
○
cm of free space above the cabinet; never stack the equipment.
○
○
• Digitel has the right to change the specifications presented in this manual without prior notice.
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
For information on warranty and technical support, see the section at the end of this manual.
○
○
3
• Table of Contents
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
• I n t r o d u c t i o n ...................................................................................................................................................................... 7
• Instalation and configuration.........................................................................................................9
MODEM INSTALATION AND CONFIGURATION ................................................................................................................................. 9
Straps configuration ............................................................................................................................................................................ 9
Interface Selection ............................................................................................................................................................................ 10
Impedance Selection for G.703 ...................................................................................................................................................... 10
G.703 Input Grounding ..................................................................................................................................................................... 11
Requirements for Initial Configuration ............................................................................................................................................ 11
Board Configuration .......................................................................................................................................................................... 12
Modem Configuration ....................................................................................................................................................................... 12
Interface G.703 Configuration ......................................................................................................................................................... 14
Interface V.35 Configuration ............................................................................................................................................................ 14
OPERATION MODE ................................................................................................................................................................................. 15
RDL Reception .................................................................................................................................................................................. 15
Automatic Rate .................................................................................................................................................................................. 15
Rate ..................................................................................................................................................................................................... 15
Transmission Clock ........................................................................................................................................................................... 16
Status I ................................................................................................................................................................................................ 17
Status II .............................................................................................................................................................................................. 18
Tests .................................................................................................................................................................................................... 19
CABINET INSTALATION ........................................................................................................................................................................ 20
DTSMP20-H and DTSMP20-HT Subrack Instalation .................................................................................................................. 20
• Router Configuration .................................................................................................................... 21
REQUIREMENTS FOR INSTALLATION AND INITIAL CONFIGURATION ...................................................................................... 21
IP ADDRESS RECONFIGURATION (OPTIONAL) ............................................................................................................................... 21
INITIAL CONFIGURATION VIA WEBCONFIG ..................................................................................................................................... 21
INITIAL CONFIGURATION VIA CLI ...................................................................................................................................................... 22
• P A N E L S / C O N N E C T O R S ............................................................................................................................................... 2 3
PANNELS/CONNECTIONS .................................................................................................................................................................... 23
LAN Indicator ..................................................................................................................................................................................... 23
Console port Connection ................................................................................................................................................................. 24
LAN Port Connection ........................................................................................................................................................................ 24
Rear Pannel ........................................................................................................................................................................................ 25
Power Supply ..................................................................................................................................................................................... 25
DTE Connector .................................................................................................................................................................................. 25
V.35 Interface ..................................................................................................................................................................................... 26
Line Connector .................................................................................................................................................................................. 26
• C a b l e s ............................................................................................................................................................................... 2 6
LAN CROSS CABLE (CB-LAN/X-NR) ................................................................................................................................................... 25
RJ CONSOLE CABLE (CB-CONS/AUX-NR) ........................................................................................................................................ 27
DB9 TERMINAL ADAPTER (AD-RJ/TERM/DB9-NR) .......................................................................................................................... 27
V.35 CABLE (ISO) .................................................................................................................................................................................... 28
G.703 INTERFACE .................................................................................................................................................................................. 29
• M O D E M O P E R A T I O N ................................................................................................................................................... 3 1
MODEM OPERATION ............................................................................................................................................................................. 31
NORMAL OPERATION ............................................................................................................................................................................ 31
OPERATION IN VG MODE ..................................................................................................................................................................... 31
TYPICAL APPLICATIONS ...................................................................................................................................................................... 31
OPERATION IN TEST ............................................................................................................................................................................. 34
• R O U T E R O P E R A T I O N .................................................................................................................................................. 3 7
ROUTER OPERATION ............................................................................................................................................................................ 37
BOOTING AND RESET ........................................................................................................................................................................... 37
DT2048 SHDSL/R BOOT AND OPERATION MODES ....................................................................................................................... 37
SAFE MODE ............................................................................................................................................................................................. 37
NORMAL OPERATION ............................................................................................................................................................................ 40
CONFIGURATION via webConfig ......................................................................................................................................................... 40
CONFIGURATION VIA CLI (TELNET/CONSOLE/SSH) ..................................................................................................................... 43
• CLI Guide - Command Line Interface ................................................................................................................... 4 5
INTRODUCTION TO CLI ........................................................................................................................................................................ 45
Accessing an equipment via CLI .................................................................................................................................................... 45
Commands ......................................................................................................................................................................................... 45
CHANGING USERNAME AND PASSWORD ....................................................................................................................................... 49
CHANGING THE HOSTNAME .............................................................................................................................................................. 49
EXPORTING AND IMPORTING CONFIGURATION FILES ................................................................................................................ 50
4
Table of Contents
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
SOFTWARE UPDATE ....................................................................................................................................................................... 50
○
○
Operating system update ................................................................................................................................................................. 51
○
BOOTLOADER and SOFTWARE update ....................................................................................................................................... 52
○
ADDING IP ADDRESS IN THE ETHERNET INTERFACES .................................................................................................................... 53
○
○
CONFIGURING ETHERNET VIRTUAL ADDRESS .................................................................................................................................. 54
○
CONFIGURING VLAN (802.1Q) ............................................................................................................................................................. 56
○
○
FRAME RELAY PROTOCOL ................................................................................................................................................................... 55
○
PPP PROTOCOL ..................................................................................................................................................................................... 56
○
HDLC PROTOCOL .................................................................................................................................................................................. 57
○
○
X25 PROTOCOL ...................................................................................................................................................................................... 57
○
Introduction ........................................................................................................................................................................................ 57
○
○
Commands List .................................................................................................................................................................................. 57
○
UNNUMBERED INTERFACE CONFIGURATION ............................................................................................................................... 60
○
ADDING STATIC ROUTES ..................................................................................................................................................................... 61
○
○
DYNAMIC ROUTING PROTOCOLS ...................................................................................................................................................... 63
○
RIP (Routing Information Protocol) ................................................................................................................................................. 63
○
○
OSPF (Open Shortest Path First) .................................................................................................................................................... 64
○
NAT (NETWORK ADDRESS TRANSLATOR) ....................................................................................................................................... 65
○
Introduction ........................................................................................................................................................................................ 65
○
○
Configuring the NAT MASQUERADE ............................................................................................................................................. 65
○
Configuring the NAT REDIRECT .................................................................................................................................................... 65
○
○
Configuring the NAT 1:1 ................................................................................................................................................................. 66
○
Configuring the NAT EXCLUSION .................................................................................................................................................. 66
○
Configuring the NAT POOL ............................................................................................................................................................. 67
○
○
ENABLING SNMP - SIMPLE NETWORK MANAGMENT PROTOCOL ............................................................................................ 67
○
IP TUNNELING ........................................................................................................................................................................................ 67
○
○
GRE (Generic Routing Encapsulation) ........................................................................................................................................... 68
○
PPTP (Point-to-Point Tunneling Protocol) ...................................................................................................................................... 69
○
L2TP (Layer 2 Transport Protocol) .................................................................................................................................................. 70
○
○
IPSEC - SECURE IP OVER THE INTERNET ....................................................................................................................................... 71
○
Introduction ........................................................................................................................................................................................ 71
○
○
IPSEC Protocols ................................................................................................................................................................................ 71
○
DHCP (DYNAMIC HOST CONFIGURATION PROTOCOL) ............................................................................................................... 75
○
○
DHCP Server ..................................................................................................................................................................................... 76
○
DHCP Reservation ............................................................................................................................................................................ 77
○
DHCP Relay ....................................................................................................................................................................................... 77
○
○
QUALITY OF SERVICE (QOS) ............................................................................................................................................................... 78
○
Traffic control ..................................................................................................................................................................................... 78
○
○
Service disciplines ............................................................................................................................................................................. 79
○
HTB (Hierarchy Token Bucket) ...................................................................................................................................79
○
TBF (Token Bucket Filter) ...........................................................................................................................................80
○
○
SFQ (Stochastic Fairness Queuing) ........................................................................................................................... 80
○
FIREWALL ................................................................................................................................................................................................. 82
Introduction ........................................................................................................................................................................................ 82 ○
○
○
Policies ................................................................................................................................................................................................ 82
○
Chains ................................................................................................................................................................................................. 82
○
○
Introduction ........................................................................................................................................................................................ 86
○
○
Radius ................................................................................................................................................................................................. 87
○
Tacacs ................................................................................................................................................................................................ 87
○
○
SYSLOG .................................................................................................................................................................................................... 91
○
○
Facility ................................................................................................................................................................................................. 91
○
5
Table of Contents
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
6
• Introduction
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
○
○
DT2048 SHDSL/R, Digitel’s second generation of routers, is a family of high-performance access routers,
○
designed mainly to the corporate market, suitable to any type of company or network. With features, such as different
○
○
interfaces, protocols and services, these routers serve a large number of applications in various communications
○
networks that are available nowadays. The new models show how routers have been improved, and this results from
○
○
Digitel’s intention to have and maintain its own line of routers, which has been demonstrated by continuous investment
○
in the development and manufacture of IP products.
○
○
The DT2048 SHDSL/R family is composed of different models, attending the most varied combinations of V.35
○
○
or G.703 interfaces, VG or Ethernet-G.703, ISO or TELEBRAS connector, 2 or 4 wires.
○
○
The DT2048 SHDSL/R family presents, among other innovations, a hardware architecture of high performance
○
○
in the WAN and LAN port of up to 10Mbps. It supports the 3DES (168 bits key) or AES (256 bits key) cryptography
○
without the necessity of additional software packets.
○
○
With its own operating system, developed by Digitel and based on embedded Linux , these routers include the
○
○
most recent features and network protocols, such as Firewall, traffic control (QoS) and VPN/IP (IPSec/3DES/AES). The
○
use of an open operating system allows quick incorporation of technological developments that may be soon available
○
○
on the market.
○
○
The DT2048 SHDSL/R family is basically subdivided in two architectures containing two or four lines with ISO
○
or TELEBRAS connector. All models have a 10/100 Base-TX interface and V.35 and G.703 interfaces.
○
○
The configuration of the SHDSL/R is performed through the CLI (Command Line Interface) system, that uses
○
○
command lines and it makes possible the quick configuration of all features of the router and it allows the access to
○
the modem’s supervisor interface making possible the total access to the configurable characteristics of the equipment.
○
○
The CLI can be accessed via Console, TELNET or SSH interface.
○
○
The update of the router and modem’s firmware is performed independently, making possible the update of
○
○
only the router or of only the modem.
○
○
The modem characteristics of the equipment can be configured, controlled and monitored through the Digitel
○
Modems Management System, compatible with SNMP obtained through the management board of the TELEBRAS
○
○
standard sub-rack. Via SNMP it’s also possible to track the router’s functions activities obtaining the information
○
about MIB II.
○
○
Furthermore, it presents tests facilities, allowing the perform of local analog loops, local digital loops and
○
○
digital remote loops, offering a quick isolation of the problem in case of communication fails.
○
○
The DT2048 SHDSL/R family is composed of four models:
○
○
- DT2048 SHDSL/R/2W/E: modem router SHDSL 2 wires, with TELEBRAS standard connector;
○
○
○
- DT2048 SHDSL/R/2W/S: modem router SHDSL 2 wires, with ISO standard connector;
○
○
○
○
- DT2048 SHDSL/R/4W/E: modem router SHDSL 4 wires, with TELEBRAS standard connector;
○
○
○
- DT2048 SHDSL/R/4W/S: modem router SHDSL 4 wires, with ISO standard connector;
○
○
○
○
The DT2048 SHDSL/R leaves factory with a individualized MAC Address, with Digitel’s private Company
○
○
ID, registered in the IEE (Institute of Electrical and Electronics Engineers). The software is loaded at the factory,
○
but the user can perform updates when necessary (the Digitel’s website have the latest version).
○
○
The set of characteristics implemented in the DT2048 SHDSL/R family is adequate to support
○
○
from the basic to needs of intinternetworking with router modem of access to more complex applications,
○
always ensuring an excelent relation of cost benefit. Next, there are some of the main characteristics:
○
○
○
7
Introduction
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
- Possibility of configuration of VLAN tagging (IEEE 802.1q) and prioritization (IEEE 802.1p);
- Stateful inspection firewall with datagrama filters per IP address of origin or destination and
intervals of TCO (sockets) or UDP (of destination) ports and access list;
- IPSec for safe VPN nets, including the ones with 3DES cryptography (168 bits key) and AES (256
bits key);
- Support the priorization of packets, band limitation, charge balancing and congestion control,
through the QoS tools;
- Three user and authentication levels in external servers via TACACS, TACACS+ (AAA) and/or
RADIUS;
8
• Instalation and Configuration
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
○
MODEM INSTALATION AND CONFIGURATION
○
○
○
○
Before proceeding the installation of the DT2048 SHDSL/R, make sure that the equipment didn’t suffer
○
any mechanical damage during transportation, such as scratches, squashes, broken parts, etc. If any problem
○
○
is detected during de inspection, notify the transport company and the Digitel Technical Assistance Center,
○
wich will provide the substitution or the repair of the equipment.
○
○
The DT2048 SHDSL/R is presented in a printed circuit board, that can be used in cabinets or sub-racks.
○
○
1. Configure the straps of the modem board
○
○
○
2. Install the cabinet or sub-rack.
○
○
3. Insert the board in the cabinet or sub-rack.
○
○
4. Configure the operation terminal (when applicable).
○
○
○
○
○
○
STRAPS CONFIGURATION
○
○
○
○
Before the insertion of the board in the cabinet or sub-rack, it’s needed to configure the dip-switches and
○
○
straps. The pictures below show the straps’ localization.
○
○
S1: GND -G.703 grounded input
○
○
NC - ungrounded G.703 input
○
○
○
○
○
S4, S6:
○
1-2 - 75 ohms S2: GND -G.703 grounded output
○
NC - ungrounded G.703 output
○
2-3 - 120 ohms
○
○
○
○
○
S5: V.35/VG
○
○
○
S3: G.703
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
9
Instalation and Configuration
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
1. Interface selection:
- V.35
- G.703
- V.35 and G.703 simultaneously (needs habilitation via CLI)
2. Impedance selection for G.703
- 75 ohms
- 120 ohms
3. G.703 grounding
- G.703 grounded input
- G.703 grounded output
INTERFACE SELECTION
The selection of the interface is performed through the straps, according to the following table:
IMPORTANT!
The definition of the origin of the V.35 (connector) or router is defined through the CLI
command:SET MODEM V35FROM<WAN/CONNECTOR>
In the V.35 operation mode the modem might transmit simultaneously the data present in the
V.35 and G.703. In this case it’s necessary to enable via CLI the VG mode through the command
SET MODEM VGMODEM ON, and the strap S3/S5 has to be in the position S5.
The impedance of the G.703 interface is selected through the straps, according to the following table:
Impedance S4 S6
75 ohms* 1-2
120 ohms 2-3
*Factory configuration
10
Instalation and Configuration
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
G.703 INPUT GROUNDING
○
○
○
○
○
○
○
○
Options S1
○
○
Grounded G.703 input GND
○
○
Ungrounded G.703 input NC
○
○
*Factory configuration
○
○
○
○
IMPORTANT!
○
○
The grounding in the G.703 interface must be selected only if the impedance is of 75 ohms.
○
○
○
○
○
○
○
○
○
REQUIREMENTS FOR THE INITIAL CONFIGURATION
○
○
○
○
It’s adequated to use a ASCII terminal with asynchronous serial interface, or a program of terminal
○
○
emulation instaled in a work station with asynchronous serial standard interface.
○
○
○
Supervisor
○
○
Through the CLI, SET MODEM SUPERVISOR, it’s possible to configure, monitore and perform tests in the
○
○
DT2048 SHDSL/R modems.
○
○
The main screen of the supervisor is composed for the options: Board Configuration, Modem
○
Configuration, Status I, Status II, Tests and Information.
○
○
○
○
DIGITEL S.A. Industria Eletronica
○
○
Supervisor DT SHDSL/R/s
○
○
○
[1] Board Configuration
○
[2] Modem Configuration
○
○
[3] Status I
○
[4] Status II
○
○
[5] Tests ○
○
[I] Informations
○
[X] Quit
○
○
Choose an Option:
○
○
○
○
○
○
○
○
○
○
○
○
○
IMPORTANT!
○
○
For further information about the operation via CLI, see section CLI Guide.
○
○
○
○
○
○
○
○
○
○
○
11
Instalation and Configuration
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
BOARD CONFIGURATION
In the option Board Configuration most of the parameters can not be modified through the supervisor.
These parameters provide information about the features of the modem model and enabled interfaces. The
option Load Default Configuration restores and saves the standard configurations, restarting the modem.
Choose an Option:
MODEM CONFIGURATION
In the option Modem Configuration it is possible to see and modify the programation parameters. The
configuration parameters from EEPROM can be modified by the supervisor.
The option Save Current Configuration allows the parameters: operational mode, speed, transmission
clock, remote digital loop reception, G.704 structure, timeslot16, timeslot16 in line and first timeslot. In this
menu, the Save Configuration in EEPROM option allows the user to permanently save the data.
12
Instalation and Configuration
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
○
○
○
○
SHDSL: MODEM CONFIGURATION Modem: Local NTU
○
○
Parameter Current Configuration
○
○
———————————— ————————————
○
[M] Operation Mode: NTU
○
[L] RDL Reception: Enabled
○
○
[V] Automatic Rate: Disabled
○
○
VG Mode: Enabled
○
○
[H] Enabled Interfaces: G703 e V35
○
[1] V Configuration: 2048 kbps
○
[2] G703 Configuration: 1024 kbps
○
○
○
[R] Cancel Changes
○
[S] Save Configuration in EEPROM
○
○
[X] Quit
○
○
Choose an Option:
○
○
○
○
○
○
○
○
○
○
○
IMPORTANT!
○
For the modem operates in VG mode, it is necessary to enable via CLI +-(out of the superior mode),
○
and the interface strap must be in the S5 position.
○
○
○
○
○
○
○
○
○
○
○
○
○
Interface CONFIG-1 CONFIG-4
○
○
○
G.703 * OFF: UP OFF: UP
○
○
○
V.35 ON: DOWN OFF: UP
○
○
○
V.35 and G.703 DON’T CARE ON: DOWN
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
13
Instalation and Configuration
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
If option 2 is selected (G.703 interface), it will be showed the screen for configuration of interface G.703,
that has the following parameters: rate, transmission clock, G.704 framework structure, timeslot 16, timeslot 16
in line, first timeslot and CRC4.
Choose an Option:
The option Save Current Configuration allows saving the configuration permanently.
If option 1 is selected (V.35 interface) , it will be showed the screen for configuration of interface V.35, that
allows setting communication rate, clock (when in single interface) and inversion of the transmission clock.
The option Save Current Configuration allows saving the configuration permanently.
14
Instalation and Configuration
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
○
OPERATION MODE
○
○
○
○
For operation, one of the modems (central or remote) must be set as NTU (network terminal unit) and the
○
other as LTU (line terminal unit). The LTU option is normally used in the central unit of the network, and the NTU
○
○
option is used in the user unit.
○
○
○
○
RDL RECEPTION
○
○
○
Enables or disables the reception of a remote digital loop command through the line, defining if the local
○
○
modem will accept the command sent by the remote modem.
○
○
○
○
○
AUTOMATIC RATE
○
○
○
○
When the NTU modem (normally operating as user) is working with automatic rate, who determines the
○
operation rate is the LTU modem (normally operating as central).
○
○
○
○
SHDSL: MODEM CONFIGURATION Modem: Local NTU
○
○
Parameter Current Configuration
○
○
———————————— ————————————
○
[M] Operation Mode: NTU
○
[L] RDL Reception: Enabled
○
○
[V] Automatic Rate: Disabled
○
VG Mode: Enabled
○
[H] Enabled Interfaces: G703 e V35
○
○
[1] V Configuration: 2048 kbps
○
[2] G703 Configuration: 1024 kbps
○
○
○
[R] Cancel Changes
○
[S] Save Configuration in EEPROM
○
[X] Quit
○
○
○
Choose an Option:
○
○
○
When the remote modem is set with automatic rate, the initial timeslot is always equal to 1.
○
○
○
○
IMPORTANT!
The automatic rate option is not available for VG mode and for line rate above 2.304 Kbps. ○
○
○
○
○
○
○
○
○
RATE
○
○
○
The modem transmits data in a rate between 64 and 2304 Kbps, according to the table below:
○
○
○
○
15
Instalation and Configuration
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
When the user saves a rate value, the modem goes back to the previous value, in case the rate limit is
exceeded.
IMPORTANT!
There are restrictions only for the VG operating mode on 2 wires: the sum of the rate of V35 and G.703, operating
simultanemente on 2 wires, it has to be less than 3776Kps and the rate of the V.35 can not more than 3072Kbps.
TRANSMISSION CLOCK
Selects the synchronism clock source for the transmission of data from the DTE to the modem.
Clock selection:
Options Description
Internal Used when the modem supplies clock for the DTE.
External* Used when the DTE supplies clock for data.
Recovered Recovers from the line clock received from remote DTE to synchronize
data transmitted by local DTE ( data synchronism is made by the remote
side)
* Basic Configuration
IMPORTANT!
When the modem operates in VG mode the clock configuration is not available for V.35 interface.
In this case the interface operates with recovered clock of interface G.703.
For the G.703 interface, the usual configuratoin is selecting the external clock (for the system to synchronize
from the central end clock) and configure the remote side for recovered clock, according to the following figures.
16
Instalation and Configuration
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
○
○
If the system with G.703 interface does not generate a clock, the modem can be configured as a source of
○
synchronicity, as shown in the folllowing scheme.
○
○
○
b) Modem A supplies synchronicity (usual application when the DTEs do not generate clock)
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
STATUS I
○
○
○
The G.SHDSL option indicates a series of parameters regarding the line (or lines). Such parameters are used
○
○
to inform what has happened in the link since the last time the modem was turned on, or since the last time the
○
counters were reset. In the 4-wire models, users can select the line using the L option. The following table presents
○
○
the parameters:
○
○
○
○
Monitoring Indicator Description
○
○
Line 1/2 Shows the line whose information are supplied
○
○
Number of line trainings N Informs the number of times the line has trai-
○
ned since the modem was turned on or since
○
the counters were reset
○
○
Line status Connected, training, or Informs the status of the SHDSL line
○
disconnected
○
Synchronicity Line is Synchronized Informs if the SHDSL is in sync or out of sync
○
○
or Out of Sync
○
Informs if the error rate is above the minimum
○
BIT Error rate > 10E-6 Yes/No value (10-6)
○
(ERR)
○
○
N (dB) Informs which is the current attenuation value of
Attenuation
○
the SHDSL line. The value is supplied in dB
○
○
NMR (Noise Margin N (dB) The Noise Margin on the Receiver is defined as
○
of the Receiver) the maximum tolerable increase in the power of
○
noise which permits an error rate smaller than ○
1.10-7
○
○
Line Time OK N (minutes) Informs how long the line has been in sync. The
○
CRC errors N Informs the amount of CRC errrors since the mo-
○
LOSW SHDSL N Informs how many times the modem lost the syn-
○
Data flow in line 1/2 When running in backup mode, this indicates
○
17
Instalation and Configuration
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
IMPORTANT!
The
. Clear Counters option clears the values which had been stored in the several counters regarding
modem status.
STATUS II
The option G.703 from the Status Menu offers four indicators regarding the modem G.703 interface. These
indicators display the interface status, with information on each of the options in the table below, whether enabled or
disabled.
The figure below presents an example of the G.703 Status screen.
18
Instalation and Configuration
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
○
○
TESTS
○
○
○
Through this option from the Main Menu, users can activate the following tests: LAL, LDL, LDR, BERT, and
○
○
BERT+LDR. The following table describes all the parameters used in the Main Menu Tests option:
○
○
○
○
○
○
○
Parameter Description
Indicator
○
Test Type Indicates the test types which can be activated
LAL, LDL, LDR, BERT,
○
by the supervisor
BERT+LDR
○
○
Teste Activated Indicates if any test has been activated by the
YES/NO
○
supervisor or remote modem
○
○
Teste Activated by Supervisor YES/NO Indicates if any test has been activated by the
○
supervisor only
○
○
Inject CRC Error - Injects an error in the line. This error can be
○
checked by the remote modem
○
Number of CRC Errors N Informs the number of CRC errors
○
○
Standard 223-1, 215-1, 211-1, 29- Type of standard used for the test
○
1 and 26-1
○
○
Test Interval (bits) 231, 228, 225 or 221 Indicates the number of bits transmitted in each
○
test
○
○
Test Status Off, In progress, Stabili- Informs the test status
○
zing Link, Failed, Finished
○
○
○
BER N Indicates the BERT test error rate
○
Number of CRC Errors Informs the number of CRC errors
○
N
○
○
○
○
○
The figure below presents an example of the Test Configuration screen.
○
○
○
SHDSL: TESTS CONFIGURATION Modem: Local LTU
○
○
Parameter Current Status/Configuration
○
----------------------- ----------------------
○
[L] Line: 2
○
○
[1] Test Type: LDL
○
Test in Progress: No
○
[2] Test Activated by the Supervisor: No
○
○
[3] Inject CRC Error
○
CRC Errors: 0
○
○
○
[4] Pattern: ---
○
BERT: ---
○
○
○
[X] Quit
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
19
Instalation and Configuration
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
CABINET INSTALATION
IMPORTANT!
The connection of the signal ground to the protection ground is optional. In case it’s necessary to
make it, use the S100 strap, located at the motherboard, inside the cabinet, and connect the signal
ground (CT-102/AB) to the protection ground (CT-101/AA). To have access to the S100 strap, open
the cabinet, using the screws located in the rubber supports.
.
PROTECTION GROUND
Position Operation
*FACTORY CONFIGURATION
WARNING!
Before installing the cabinet, perform a thorough visual inspection on the equipment to check for
.
damages. If any problem is found, please inform the hauler company and the closest Digitel repre-
sentative to arrange for the replacement or repair of the equipment.
Install the cabinet in a ventilated place and do not close the openings above and under the cabinet. The
place where the cabinet will be installed must allow the operation via panel and the access for maintenance.
The DTSMP20-H and DTSMP20-HT are 19", 4 U high subracks (1 U = 1.75 inches = 44.45 mm) with slots to
install up to 20 modem modules, one slot for the supply module and one for the control and management module.
The DTSMP20-H and DTSMP20-HT subracks were designed to be fastened to racks through four front bolts
that depend on the type of rack being used.
The DTSMP20-HT allows for the operation of the DT2048 SHDSL/R modems.
ATTENTION!
Fastening of the subracks must be done without the modem and supply modules. These modules
must be inserted after installation of the subrack.
Notice that the ON/OFF key on the supply module must be off when it is inserted.
Note:
All the information about technical features, operation and detailed installation of the DTSMP20-H
and DTSMP20-HT subracks is found in the specific manual for the Digitel subracks.
20
Instalation and Configuration
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
○
REQUIREMENTS FOR INSTALLATION AND INITIAL CONFIGURATION
○
○
○
○
The use of an ASCII terminal with asynchronous serial interface is also recommended, or also a terminal
○
emulation program installed in a workstation with standard V.24 (RS-232) asynchronous serial interface.
○
○
○
○
○
○
IP ADDRESS RECONFIGURATION (OPTIONAL)
○
○
○
○
The DT2048 SHDSL/R is originally configured to enable Console and LAN0 ports only. The LAN0 port is
○
initially configured with a specific IP address (192.168.1.254, network mask 255.255.255.0). There is also a default
○
○
route for this interface, with gateway address 192.168.1.1.
○
○
If the initial IP address configuration is not appropriate for the connection to the network or workstation
○
where WebConfig is installed, it can be easily modified via the Console port. To do that, follow these
○
○
steps:
○
○
1. Connect the Console port of DT2048 SHDSL/R to a terminal or workstation using a terminal emulation
○
○
program.
○
○
2. Switch on DT2048 SHDSL/R and wait until the ST LED on the front panel changes from orange to green.
○
The terminal should display information about the boot and Linux operating system. Booting lasts for
○
○
about 20 seconds.
○
○
3. The DT2048 SHDSL/R Console application will prompt you to type a username and password. The
○
equipment is originally configured with nr2g and digitel as username and password, respectively.
○
○
○
4. After login, press ENTER or type HELP in the Console prompt to get some help, type SHOW LAN LAN0
○
ALL to view the LAN0 port configuration, or type SHOW ROUTES ALL to view the routing table (including
○
the default value).
○
○
○
○
○
○
○
INITIAL CONFIGURATION VIA WEBCONFIG
○
○
○
○
For initial configuration via WebConfig, follow these steps:
○
○
1. Make sure the PC used for DT2048 SHDSL/R configuration runs TCP/IP and is properly configured.
○
○
2. Make sure a properly installed browser is available.
○
○
3. Connect the LAN port of DT2048 SHDSL/R to the local network that allows access to the workstation where
○
○
the PC to be used for configuration is located.
○
○
4. Switch DT2048 SHDSL/R on and wait until the ST LED on the front panel changes its color from orange to
○
green.
○
○
6. On the login screen, type your username and password. The equipment is originally configured with nr2g
○
7. After that, click OK. You will be logged in and the Webconfig main screen will be displayed.
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
21
Installation and Initial Configuration
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
8. Configure the equipment according to your application. The configuration must be created using the CLI
syntax, and written in the command box.
9. Click Execute to apply the configuration.
After that, DT2048 SHDSL/R will try to connect with the remote equipment, following the configurations made
in step 8.
To check the configuration, type DUMP ALL in the command box and click Execute. Another option is to
select DUMP and the desired configuration module in the module tree, located on the left-hand side of the screen.
To change this configuration, repeat steps 8 and 9.
ATTENTION!
The equipment is preconfigured for WebConfig access through http://192.168.1.254.
22
• Panels/Connectors
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
○
PANELS/CONNECTIONS
○
○
○
The front panels on the modems contain their power supply status indicator leds and for the digital interface
○
○
circuits and test control keys.
○
○
○
○
○
○
○
○
○
POWER (yellow): internal power supply providing the correct voltages for modem operation.
○
TEST (green): indicates analog of digital loop conditions, locally or remotely activated
○
RL (red): indicates the modem is in a remotely activated digital loop
○
INT CK (red): indicates operation with internal clock
○
ERR (red): lights up when the error rate surpasses 10 - 6
○
FRLOSS (red): lights up when the modem loses board alignement from G.704
○
104/RX (red): lights up when the modem sends “space” (+V) to the DTE.
○
106/G.703 (red): lights up when the modem is clear (106) or when there is data in the interface (G.703)
○
103/TX (red): lights up when the modem receives “space” (+V) from the DTE.
○
○
SYNC (red): indicates the modem is receiving data from the line
○
ALARM (red): indicates alarm conditions
○
○
○
○
normal operation – Inward: local analog loop
Outward:normal
○
○
○
Outward: normal operation – Inward: local digital loop
○
○
normal operation – Inward: Remote digital loop
Outward:normal
○
○
○
○
LAN: RJ45 for ethernet port
○
○
○
○
Console: RJ45 for ethernet port
○
○
○
○
○
○
○
○
○
○
○
○
○
○
LAN Indicator
LAN is two-colored LED that briefly show the operation of LAN interface. ○
○
○
○
○
When no link is established at the LAN interface (e.g.: the cable is not connected), the corresponding LED will
○
○
remain off. When a link is established, the LED will turn green, showing that the interface is operating in half-duplex mode
○
Activity is indicated by the quick-flashing LED (off for 30ms), when the interface is operating at 100Mbits, and by
○
○
the slow-flashing LED (off for 100ms), when the interface is operating at 10Mbits.
○
○
- 10 Mbps link: in this case, the led will be turned on in green while there’s no line activity and it’ll change to orange,
○
○
per at least 100 ms, or while the line activity last. As the LAN traffic is ussually in gusts, the LED stays only momentarily in
○
orange.
○
- 100 Mbps link: in this case, the led will be turned on in orange while there’s no line activity and it’ll change to green,
○
○
per at least 100 ms, or while the line activity last. As the LAN traffic is ussually in gusts, the LED stays only momentarily in
○
green.
○
○
○
○
○
○
○
○
○
○
○
○
○
23
Panels/Connectors
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
The Console port of DT2048 SHDSL/R is an asynchronous serial port with standard DTE V.24 (RS-232) pinout.
This port allows monitoring the operation of the router through an asynchronous ASCII or VT100 terminal, or
through a program that emulates these terminals.
To use the Console port, connect it to one of the ends of the CONSOLE cable provided with the equipment.
Connect the other end to one of the adapters provided with DT2048 SHDSL/R, depending on the type of equipment
that will be used.
Finally, configure the asynchronous terminal or terminal emulation program on the workstation using the
following parameters:
The LAN port of DT2048 SHDSL/R is initially enabled and configured with a specific IP address
(ipaddr=192.168.1.254; netmask=255.255.255.0; gatewayip=192.168.1.1), allowing for communication with the
workstation where EasyConfig was installed or SSH via the local area network.
Connect the LAN port of DT2048 SHDSL/R to a LAN equipment (hub or switch) using a straight UTP cable
(no crossover).
Alternatively, the LAN port can be connected directly to a LAN port on the workstation using the CROSS
cable provided with the equipment (CB-LAN/X-NR). The pinout of the LAN CROSS cable, which implements the
crossover function, is as follows:
24
Panels/Connectors
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
GB8000/AC/DC AND GB8000 HT/AC/DC REAR PANEL
○
○
○
○
○
○
Key DC On / Off / AC On
○
○
○
2A AC Fuse
○
○
DC Supply
○
Line connectors
Connector
○
○
○
DTE
○
connector
○
○
○
○
○
○
○
○
○
○
○
○
○
○
AC Supply Cable
○
Connector
○
DB9 for
○
management
○
○
2A DC
○
Fuse
○
○
○
○
Power Supply
○
○
○
The ON DC/ON AC key has three positions. The central position is neutral and deactivates modem power
○
supply. The ON DC position is used to activate DC power supply, and the ON AC positions to activate AC power
○
○
supply.
○
○
The cabients DO NOT have a 110/220V voltage selection key. Therefore, connect the alternate current power
○
○
supply cable directly to the local electrical network for voltages between 93.5 to 253 Vrms.
○
○
The direct current input power supply must be installed on pins -48 V, 0 V and ground, located in the rear panel.
○
Connect the power supply cable checking the -48 and 0 V polarity. The protection ground connector must be
○
○
grounded.
○
○
For supply, both AC and DC, the cabinets use 2A protection fuses located in the rear panel.
○
○
○
○
○
○
○
○
DTE connector
○
○
○
Connect the data terminal equipment cable to the DTE connector through the adapter cables described in
○
○
25
Panels/Connectors
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
Connecting to DTE
• To connect the DTE to the modem use an adapter cable that depends on the interface type.
• Always connect the male DB25 connector to the DTE connector located in the rear panel of the cabinet
or subrack.
• The modem may be connected to DTEs that have, V.35 or G.703 interfaces.
V.35 interface
When the V.35 interface is selected, data and clock signals are of balanced type and follow V.35 standard. The
control signals are non-balanced and compatible the V.28 recommendation.
Line connector
The line connector is used to connect the modems to the data transmission lines. It is an eight pin connector
that allows the connection of up to four lines. Connection of the line wires is done by connecting to the TX and RX
points.
CAUTION!
The RX, RXLP and TXLP must not be used.
The LAN crossover cable CB-LAN/X-NR (part number: 810.0343/690.1938) is used to connect the LAN/
Ethernet interface of a workstation directly to one of the LAN interface of DT2048 SHDSL/R. This cable allows
the crossover of TD +/- and RD +/- signals.
Note:
This cable is optional. To purchase it from Digitel, use part number 810.0343.
26
• Cables
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
RJ CONSOLE CABLE (CB-CONS/AUX-NR)
○
○
○
○
The pinout of the CB-CONS/AUX-NR cable and the
○
○
signals used:
○
○
Signal RJ45M RJ45M Signal
○
○
○
RTS 1 8 CTS
○
○
DTR 2 7 DSR
○
○
TD 3 6 RD
○
○
○
GND 4 5 GND
○
○
GND 5 4 GND
○
○
○
RD 6 3 TD
○
○
DSR 7 2 DTR
○
○
CTS 8 1 RTS
○
○
○
○
○
The rollover RJ45-RJ45 CB-CONS/AUX-NR cable (part number: 810.0344/690.4025) is used to connect
○
○
a terminal or modem to the Console port of DT2048 SHDSL/R. It should be used together with one of the
○
adapters described subsequently. One end of the cable should be connected to the RJ45 connector of the
○
○
Console port of the router and the other end should be connected to the female RJ45 connector of the adapter.
○
○
○
Note:
○
○
This cable is optional. To purchase it from Digitel, use part number 810.0344.
○
○
○
○
○
○
DB9 TERMINAL ADAPTER (AD-RJ/TERM/DB9-NR)
○
○
○
The pinout of the AD-RJ/TERM/DB9-NR adapter and the
○
○
signals used:
○
○
○
Signal RJ45F DB9F
○
○
RTS 1 7
DTR 2 4 ○
○
○
○
○
TD 3 3
○
○
GND 4 5
○
○
GND 5 5
○
○
○
RD 6 2
○
○
DSR 7 6
○
○
○
CTS 8 8
○
○
○
The female RJ45/female DB9 AD-RJ/TERM/DB9-NR adapter (part number: 810.0345/690.4022) is used
○
to connect the Console port of DT2048 SHDSL/R directly to an asynchronous serial port of a terminal or PC with
○
○
a male DB9 connector. It should be used together with the RJ Console cable (CB-CONS/AUX-NR).
○
○
○
○
Note:
○
○
This adapter is optional. To purchase it from Digitel, use part number 810.0345.
○
○
○
○
27
Cables
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
When the user interface follows the V.35 standard, the V35 adapter cable must be used according to the
DT2048 SHDSL/R model, according to the following table.
DT2048 SHDSL/R/4W/E V35 ISO 2110 cable Adapter cable for ISO 2110 standard connector,
DT2048 SHDSL/R/2W/E (810.0231.00) that terminates in a female, 34-pin connectior
(M34)
DT2048 SHDSL/R/4W/E V35 Telebrás cable Adapter cable for Telebrás standard connector,
DT2048 SHDSL/R/2W/E (810.0172.0) that terminates in a female, 34-pin connector
(M34)
The following table shows the CB-V35 ISO 2110 cable pinout, used for DT2048 SHDSL/R.
NOTE:
The circuits marked with asterisk ( *) are unbalanced control signals, with level V.28. The pinout
in the DB25 connector follows the ISO 2110 standard.
Note:
These adapters are optional (not included with the product).
28
Cables
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
○
G.703 Interface
○
○
○
The G.703 interface follows the ITU-TSS G.703 recommendation for the speed of 2048 kbps.
○
○
The adapter cables that connect the G.703 interface to the modem have a male DB25 connector, two
○
○
connections for TX and two connections for RX. There are two types of G.703 interface: non-balanced interface, with
○
75-ohm impedance, and balanced interface, with 120-ohm impedance. Refer to the following table about the cables
○
○
that must be used with each modem model and impedance.
○
○
○
○
○
Impedance Cable Description
○
○
75 ohms G703/COAX Male DB 25 adapter cable that terminates
○
(810.0244.01) BNC connectors for coaxial cables
○
○
○
○
120 ohms G703/TWIST Male DB 25 adapter cable that terminates
○
(810.0245.00) pin connector for twisted pair
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
Twisted pair G.703 adapter cable
○
Coaxial G.703 adapter cable
(DT2048 SHDSL SINGLE models)
○
(DT2048 SHDSL SINGLE models)
○
○
○
○
○
○
G.703 interface pins in DB25 connector for the DT2048 SHDSL/R models
○
○
G.703 DB25 Description
○
○
○
TX 2/15 Pins that refer to the G.703 interface transmission signal (DTE to
○
modem)
○
○
RX 4/17 Pins that refer to the G.703 interface reception signal (modem to
○
○
DTE)
○
○
○
○
○
○
○
○
VG Adapter
○
○
Adapter Description
○
○
○
29
Cables
Cables
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
The following table shows the pinout of the VG TELEBRAS adapter or cable, used for the DT2048 SHDSL/R
The following table shows the CB-V35 ISO 2110 cable pinout, used for DT2048 SHDSL/R.
30
• Modem Operation
Cables
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
○
MODEM OPERATION
○
○
○
○
Before operating the modem, the user must know about all the controls and indicators and have a
○
perfect understanding of each one’s function.
○
○
○
○
○
○
○
NORMAL OPERATION
○
○
○
In normal operation of the modem, the user must connect the line through the TX or RX connectors and check
○
○
through the front panel leds if the modem(s) is(are) in perfect working order.
○
○
○
○
Operation with one interface
○
○
○
The following diagram represents normal operation.
○
○
○
○
○
○
○
○
○
○
○
○
○
○
OPERATION IN VG MODE
○
○
○
○
The following diagram represents normal operation with two data interface simultaneously.
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
TYPICAL APPLICATIONS
○
○
○
○
Example 1 Ö Loop at speed of 1024 kbps, with V.35 interface and modem generated clock.
○
○
○
Example 2 Ö Framed channel using eight time slots in G703 and 256 kbps transmited in V35 (VG mode)
○
○
Example 3 Ö Loop at speed of 256 kbps through extended connection, with G.703 network generated clock.
○
○
○
Example 4 Ö DTEs Connection with V.35 interface, at speed of 1024 kbps and clock generated internally by
○
modem A.
○
○
○
○
○
○
○
○
○
○
○
○
31
Cables
Modem Operation
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
Modem B is programmed for slave clock. DTE A and DTE B must be programmed for external clock.
MODEM A MODEM B
DTE A (Exchange) (User) DTE B
LINE
V.35 V.35
Example 2
2:: Transportation of the timeslots from 5 to 12 of the G.704 frame (G.703 interface with 120 ohms
impedance) and 256 kbps through the V.35 interface with recovered clock by DTE A. The DTE A must be
programed for internal clock and the DTEs B, C and D must be programed for external clock.
DTE A DTE B
DTE C V.35
G.704 G.704 V.35 DTE D
Timeslots 5 to 12 Timeslots 5 to 12
External clock Recovered clock
External
clock External
clock
32
Cables
Modem Operation
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
○
Function Selected option
○
○
○
Interface G0.703
○
75 ohms
○
○
G.703 input ungrounded
○
G.703 output ungrounded
○
○
○
LTU/NTU Central modem as LTU
○
User modem as NTU
○
○
Transmission clocks Central modem with internal clock
○
○
User modem with external clock
○
○
○
○
G.703 speed Timeslot from 5 to 12 (512 kbps)
○
○
V.35 speed 256 kbps
○
○
VG Two interfaces (VG mode)
○
○
○
○
○
○
○
Example 3: Data with speed of 256 kbps transmitted through extended 2048 links, with clock generated by
○
the network. Modems A and D are programmed for speed of 64 kbps and slave clock. Modems B and C are
○
○
programmed to operate with G.704 board structure, transporting data from/to timeslot 1 (speed of 256 kbps). DTE A
○
and DTE D must be programmed for external clock.
○
○
○
○
○
○
DTE A MODEM A MODEM B MODEM C MODEM D
○
2048 kbps DTE D
○
LINE network LINE
○
(clock source)
V.35 G.703 G.703 V.35
○
○
External
○
External Slave External External Recovered clock
○
clock clock clock clock clock
○
○
○
○
○
○
Function Selected option
○
○
Interface Central modems in G.703
○
75 ohms
○
G.703 input ungrounded
○
○
G.703 output ungrounded
○
User modems in V.35 ○
○
○
transmission
○
○
(center)
○
○
(user)
○
○
○
33
Cables
Modem Operation
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
OPERATION IN TEST
In order to make it easier to analyse and isolate possible faults, the modem allows for the execution of
some test loops. These tests can be activated through keys in the front panel of the modem, supervision
terminal or Digitel’s Modem Management System.
DT2048 SHDSL/R also features a data standard generator in the transmitter and an error identifier at the
reception (BERT), that can be activated by the supervisor or manager. The modem in which the test has been
activated sends the test sequence and checks whether it receives the same sequence. The errors that occur in
the loop are recorded and forwarded to the manager or supervisor when requested.
BERT, when activated together with the RDL (following figure), tests the loop.
The following table shows how to activate the test loops for the modem through the keys located in the front
panel, as well as their functions in the DT2048 SHDSL/R models.
34
Cables
Modem Operation
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
Key functions
○
○
○
○
Key Function
○
○
LAL Active local analog loop Data from the local DTE go through
○
○
the interface, are encoded, forwarded to the receiver and
○
return to the local DTE without passing to the line, that is,
○
○
they put the local modem in an analog loop. The local
○
modem does not close a loop to the remote modem.
○
○
○
LDL Activates local digital loop, that is, returns to the DTE the
○
data it sends to the modem, without passing through the
○
○
transmitter and receiver. When the modem is in LDL, there
○
is a return of the data sent by the remote modem.
○
○
○
RDL Sends a signal to the remote modem putting it in a digital
○
loop, that is, having the data received sent back to the
○
○
modem that generated the test. The remote modem also
○
closes the digital loop to the remote DTE. The loop only
○
○
works once the modems are synchronized.
○
○
○
○
○
○
Operating in local digital loop
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
The local operator tests:
○
○
• Local DTE;
○
○
• local modem interface circuits.
○
○
The remote modem operator tests:
○
○
• local modem;
○
○
• line;
• remote modem; ○
○
○
• remote DTE;
○
When the modem is operating with two data interfaces simultaneously, it’s possible to set the digital loop
○
○
individually in each interface via supervisor. The LDL V loop makes the data to return to the V.35 or V.36 interfaces, and
○
the LDL G makes the data to return to the G.703 interface. In these two loops, the data, besides of returning to the DTE,
○
○
it follows to the analog interface along with the data of the digital interface that isn’t in loop.
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
35
Cables Operation
Modem
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
Note:
The modem does not close a loop to the line.
36
• Router Operation
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
ROUTER OPERATION
○
○
○
DT2048 SHDSL/R allows access to all configurable parameters via Console, Telnet or SSH, using the command
○
line interface - CLI.
○
○
In addition to previously available types of access, DT2048 SHDSL/R can be totally configured via WEB.
○
○
○
○
○
BOOTING AND RESET
○
○
○
When powered on, DT2048 SHDSL/R runs a hardware self-test. If any failure is repeatedly detected (ST
○
○
LED will be red), connect an asynchronous terminal or workstation with an equivalent program to the equipment’s
○
Console port (refer to Installation and initial configuration). Switch on the router again, observe and write down
○
○
the messages displayed on the screen and, with this information at hand, contact Digitel’s Technical Support
○
Center.
○
○
If no error is detected and the router is in automatic mode, then Linux operating system is booted (ST
○
○
LED is orange). Booting lasts for about 20 seconds, and after this period, the equipment should enter normal
○
operation (ST LED is green).
○
○
From then on, you can operate the equipment via different user interfaces: WebConfig or CLI (Telnet, SSH or
○
○
Console). Each of these interfaces has a command or option that allows resetting the operation. For instance,
○
using an asynchronous terminal connected to the Console port or a Telnet, type SET SYSTEM RESTART after
○
○
login.
○
○
○
○
DT2048 SHDSL/R BOOT AND OPERATION MODES
○
○
○
○
DT2048 SHDSL/R normal operation occurs when the equipment is booted to the automatic mode, that
○
is, when it is powered up or reset with all dip-switches on the rear panel in the UP position.
○
○
In normal operation, the equipment’s boot-up firmware (DT2048 SHDSL/R Boot) operates automatically,
○
○
immediately loading the Linux operating system and entering normal operation, using the latest configuration
○
that was saved in flash memory.
○
○
DT2048 SHDSL/R Boot allows placing the router in other modes of operation, which can be useful in
○
○
cases of configuration error correction, firmware update, or maintenance.
○
○
Configuration and firmware update errors are corrected by booting or resetting the equipment in the
○
○
safe mode (see this item further ahead).
○
○
Maintenance and test modes should be used by Digitel’s technicians or as instructed by Digitel. Operation
○
of these modes is not described in this manual.
○
○
○
○
○
SAFE MODE
○
○
○
This mode of operation should only be used when it is no longer possible to access the equipment in
○
○
automatic mode through any of the available user interfaces (WebConfig, Telnet, Console or SSH). This can
○
• the equipment received, saved and tried to operate with an incorrect configuration;
○
○
○
• the transfer of the new firmware version to the equipment was interrupted (power outage).
○
○
Before you set DT2048 SHDSL/R to operate in safe mode, connect an asynchronous terminal or workstation
○
To set the equipment to safe mode, switch the DT2048 SHDSL/R on or reset it.
○
○
The terminal screen should display a series of DT2048 SHDSL/R Boot messages, indicating the initial
○
status of the router hardware and results of the self-test. The following messages should appear on the last two
○
○
lines:
○
○
○
37
Router Operation
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
This indicates that DT2048 SHDSL/R booted to safe mode and that the automatic loading of Linux
operating system will start in 5 seconds, unless the space bar is pressed either in the terminal or on the
workstation connected to the Console port.
To enter the safe mode, type mode security.
In safe mode, Linux is loaded with the following configuration: only Console and LAN port is enabled,
and the latter is configured with a specific IP address (ipaddr=192.168.1.254, netmask=255.255.255.0 and
gatewayip=192.168.1.1 - default values).
If the error to be corrected is caused by a problem with router configuration and the current configurations
of the safe mode are appropriate for communication of WebConfig with the equipment via LAN0, you can allow
DT2048 SHDSL/R to boot automatically (see the subsequent item).
In any other case, interrupt the autobooting process by pressing the space bar in the terminal connected
to the Console port of DT2048 SHDSL/R. The DT2048 SHDSL/R command prompt should be displayed:
If automatic loading is not interrupted in time, wait until Linux loads completely, log into the Console port
(see subsequent item) and type SET SYSTEM RESTART. In the next boot, make sure you do not miss the 5-
second window.
The following table shows the commands available in DT2048 SHDSL/R and their use:
Command Description
clear Configures the safe mode using default values and reboots the
equipment to the mode determined by the dips.
setserv Displays or changes the TFTP server address used for firmware update.
The syntax of each of these commands is displayed on the terminal screen, when a command with no
parameter is typed, unless the command does not require any parameter. In this case, the command is
immediately executed.
The following items show how to use the safe mode to correct configuration or firmware update errors.
IMPORTANT!
After the problem that caused the equipment to enter safe mode has been corrected, reboot the
router.
If, after an alteration in the router’s configuration, it is not possible to operate the router via the WebConfig,
Telnet or Console port, the equipment probably wasn’t configured in the right way. In this case, the safe mode
allows the access again to the router’s configuration through any one of these interfaces, making possible the
analysis of the stored configuration and its correction or complete substitution.
38
Router Operation
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
To restore the router’s configuration, execute the following procedures:
○
○
1. Set the equipment to safe mode and go to the DT2048 SHDSL/R Boot prompt.
○
○
○
2. Check the IP address configuration for the safe mode:
○
○
setip show
○
○
3. Change the IP address configuration if this is necessary for communication with the TFTP server via
○
LAN:
○
○
○
setip <new_ip_lan> <new_mask> <new_gateway>
○
○
4. Check the equipment’s state via Telnet and perform the necessary modifications, or, preferably, check
○
the equipment’s configuration via WebConfig and perform the necessary modifications.
○
○
○
○
○
○
Restoring the firmware version
○
○
○
If after an attempt to update the firmware, it is not possible to operate the router via the WebConfig, SSH,
○
○
Telnet or Console port, the equipment firmware is probably incomplete or incompatible with the hardware
○
version. In this case, the safe mode allows updating the firmware again from the correct file, placed in a TFTP
○
○
server that can be accessed via LAN.
○
○
To restore the firmware version, follow these steps:
○
○
1. Set the equipment to safe mode and go to the NR2GBoot prompt.
○
○
2. Check the IP address configuration for the safe mode:
○
○
○
setip show
○
○
3. Change the IP address configuration if this is necessary for communication with the TFTP server
○
via LAN:
○
○
○
setip <new_ip_lan> <new_mask> <new_gateway>
○
○
4. Check and change, if necessary, the TFTP server IP address:
○
○
setserv show
○
○
setserv <new_server_ip>
○
○
5. Check the firmware version:
○
○
update show
○
○
6. If necessary, save the most stable or most recent version of the router’s firmware to the TFTP server.
○
○
○
7. Update the equipment’s firmware version:
○
○
update <filename>
○
○
8. Pay attention to the messages displayed during the update. If necessary, go back to step 2 or to
○
a subsequent step.
○
○
○
9. Make sure that the following message is displayed after the update:
○
○
restart now
○
○
○
○
○
1. Reboot the equipment. If the router is powered up, type set system restart at the
○
○
configuration interface.
○
○
○
○
○
○
39
Router Operation
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
NORMAL OPERATION
In normal operation, after DT2048 SHDSL/R has rebooted and Linux operating system has automatically
loaded, the equipment will be ready to be configured. DT2048 SHDSL/R offers two configuration options:
1. Configuration via web: using the WebConfig software;
2. Configuration via Console, Telnet or SSH: using the command line interface (CLI).
These configuration options will be described in detail on the following pages.
WebConfig is the management system used for configuration and diagnosis of DT2048 SHDSL/R series.
It allows an easy and quick configuration of all parameters available in the equipment.
WebConfig implements CLI (Command Line Interface) through its browser, not requiring the use of Telnet
or SSH.
Its major advantages include:
• access via web (from anywhere);
• same syntax as that of CLI;
• online help;
• total control over the configuration;
• internacionalization.
On the Webconfig main screen, you can choose the language to be used by the system. The available
options are Portuguese, English, and Spanish. The language can be changed at any time, from the login
screen to the configuration main window. The login screen is displayed on the next pages.
The main screen is divided into the following functional areas:
• Internacionalization: Located in the upper part of the screen.
• Global options: Located immediately below Internationalization. Includes help and the logoff button.
• Status bar: Contains the name and IP address of the connected equipment.
• Command tree: Divided into the following functional groups:
40
Router Operation
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
• Modules: Contains the configuration information of each module. Allows obtaining the statistics
○
○
(e.g.:LAN statistics) and commands (CLI commands) of a given configuration. This feature
○
allows quick access to configuration without having to type any commands.
○
○
• Other tools: Contains the tools used for diagnosis and debugging. Provides shortcuts to ping,
○
○
traceroute, netstat and tcpdump commands. When clicking ping, for instance, the
○
command box displays a partially filled command, waiting for the user to complete it with the
○
○
desired options. Available options are shown in the Command Response box.
○
○
• Other configurations: Presents the options for loading and saving configurations. To use these
○
○
features automatically, it is necessary to configure the import/export configuration mechanism
○
(see further details in the CLI Guide, in Exporting and importing configuration files ).
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
Configuration import/export mechanism (for more details, see section Importing and
○
○
exporting configuration files in the CLI Guide).
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
41
Router Operation
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
• Command execution field: Consists of a command box (text area), where one or more commands
to be executed are inserted. Commands follow the CLI syntax (Refer to CLI Guide) and have control
buttons for their execution. The available buttons are: Execute, which executes the commands;
Execute and Save, which executes the commands and saves the configuration; and Clear,
which empties the command box (after executing a command, the command box is automatically
cleared).
• Command response: Displays each and every response to a command that has been executed.
When logging in, this field will not be available, since no command is initially executed. To make it
available, just execute a command, either from the command execution field or from the command
tree.
Commands tree
42
Router Operation
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
For online help, click Help, located in the global options bar. Besides introducing Webconfig, this link
○
○
also provides a guide for CLI commands, showing how to configure several parameters using the CLI. This is
○
quite useful, since all configuration options (Console, Telnet, SSH and Web) use the same language.
○
○
To close Help and go back to the main screen, click Help, which, after opening online help, shows the
○
○
Close Help option. See the Help option in the figure below.
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
CONFIGURATION VIA CLI (TELNET/CONSOLE/SSH)
○
○
○
○
After the Linux operating system has loaded, DT2048 SHDSL/R will present a command line interface
○
(CLI) that can be operated via the Console port, SSH or Telnet. The CLI supports the configuration, monitoring
○
○
of the firewall status, statistics and other services supported by the equipment.
○
○
To operate the equipment via the Console port (located on the rear panel), connect an asynchronous
○
terminal or an equivalent emulation program to the Console port. Refer to Console Port Connection in the
○
○
Installation and Initial Configuration section of this manual.
○
○
To operate the equipment via Telnet or SSH, run a client program (Telnet or SSH) on a workstation with
○
○
access to DT2048 SHDSL/R. For example, in a Linux terminal, type:
○
○
telnet <ip_address_netrouter2g>
○
○
After connecting the terminal, a message similar to this one should be displayed on the screen:
○
○
○
Linux 2.4.21 on Digitel NR2Ga
○
○
NR2G login:
○
○
○
Log in by typing a valid username and password. The equipment is originally configured with DT2048
○
After the login, a welcome message and the command prompt are displayed:
○
○
○
------------------------------------
○
○
------------------------------------
○
○
Loading modules: SNMP LAN NAT ZEBRA IPSEC FIREWALL ROUTES DHCP SYSTEM
○
○
○
43
Router Operation
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
For further information, see Command Line Interface Guide, which lists the commands and the respective
parameters supported by each command.
IMPORTANT!
We recommend that the password of user DT2048 SHDSL/R be changed during the first operation
of the equipment. To do that, use the SET SYSTEM USER1 command.
44
• CLI Guide - Command Line Interface
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
INTRODUCTION TO CLI
○
○
○
○
Digitel’s network equipment has a powerful configuration system known as CLI (Command Line Interface). The
○
CLI is a modular configuration system that allows configuring all the features of a certain equipment, viewing the
○
○
configurations and statistics, updating the software, in addition to offering several other options.
○
○
The CLI can be accessed via the console terminal or telnet by means of a previously registered username and
○
password. Each line of equipment leaves the factory with a default username and password for initial access.
○
○
○
The configuration is made through command lines that use a simple and objective syntax. The language is
○
hierarchical, and the available configuration options for the context are displayed at each level (subitem or parameter).
○
○
Other important resources of the CLI include:
○
○
○
○
• History of commands;
○
○
• Export and import of configuration;
○
○
○
• Levels of access.
○
○
○
○
Accessing an equipment via CLI
○
○
○
○
To log in, use a connection via console or TCP/IP network through port 23 (use a telnet client). When
○
communication with the equipment is established, a label with information about the equipment’s model and version
○
○
will be displayed, and the system will wait until you type an operator’s username and password, as shown next:
○
○
○
○
DT2048 SHDSL/R Linux version 2.4.21-rc2-p2_13 (56116c) #47 Sat Jan 31 00:07:16
○
BRST 2004
○
○
DT2048 SHDSL/R login:
○
○
○
○
○
After a valid username and password are entered, the CLI screen will be displayed:
○
○
○
------------------------------------
○
○
○
Welcome to DT2048 SHDSL/R from Digitel
○
○
------------------------------------
○
○
Digitel Configuration Shell - CORE version: 1.40.5.17
○
○
Loading modules: GRE IPX SNMP LAN NAT QOS WAN L2TP ZEBRA OSPFZ IPSEC BACKUP ○
○
BRIDGE FIREWALL ROUTES PPTP DHCP SYSTEM PROXYARP RIPZ
○
○
DT2048 SHDSL/R>
○
○
○
Commands
○
○
○
○
The CLI commands are categorized according to their actions. An action indicates to the CLI the type of
○
procedure the user wants to perform. As an example, suppose that the user wants to SHOW LAN configurations. To do
○
○
that, the user should use the SHOW command and, later, he/she should indicate that he/she wants to view LAN
○
configurations, more specifically, the LAN configurations. Thus, the command would be SHOW LAN LAN0 ALL.
○
○
• DUMP: tells the CLI to inform the commands (CLI commands) that represent the current configuration
○
○
of a given item.
○
○
45
CLI Guide - Command Line Interface
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
• CONFIG: saves or exports the equipment’s configuration. The configuration is exported as a text file,
whose content consists of a list of CLI commands that represent a given configuration.
• QUIT: exits the CLI. If the user changes the configuration and does not save it, the CLI will ask him/her to
confirm the changes in configuration before closing the session.
At each command level, press ENTER. to show the parameter options for that context. This is quite useful when
the syntax of the desired configuration is not known. This resource is shown next:
Or then:
In addition to viewing the available options, we can also use the history resource so that we do not have to write
the command again (press the up-arrow key) and include/change the configuration.
To check the configuration created at the LAN, a SHOW action is used:
Ouput of command:
Applying to interface: LAN0
IP 192.168.1.99
MASK 255.255.255.0
BROADCAST 192.168.1.255
INTERFACE: eth0
ADMINSTATUS: UP
PACKETS SENT: 349
PACKETS RECEIVED: 81424
BYTES SENT: 26700
BYTES RECEIVED: 7666320
TX ERRORS: 0
RX ERRORS: 0
TX DROPPED: 0
RX DROPPED: 0
46
CLI Guide - Command Line Interface
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
TX OVERRUN: 0
○
○
RX OVERRUN: 0
○
COLLISION: 0
○
○
CRC: 0
○
BROADCASTS RECEIVED: 80991
○
○
LAST RECEIVED PACKET TIME (s): 0.01
○
TRANSMIT QUEUE LENGHT: 0
○
○
TOTAL TRANSMIT QUEUE LENGHT: 100
○
LAST TRANSMITED PACKET TIME (s):0.01
○
○
LINK STATUS: UP
○
LAST LINK STATUS CHANGE TIME (s):65662.95
○
○
LAST ADMIN STATUS CHANGE TIME (s): 65662.95
○
○
○
To find out which commands represent a current configuration, use the DUMP command. Thus, it is possible to
○
check the command that generated the configuration of the LAN interfaces:
○
○
○
○
DUMP LAN ALL <enter>
○
○
○
Output of command:
○
○
○
○
SET LAN LAN0 PURGE
○
SET LAN LAN0 IP 192.168.1.99 MASK 255.255.255.0 BROADCAST 192.168.1.255 UP
○
○
○
There are applications that help to test and debug the equipment. These applications are activated by typing
○
○
EXEC. Available options are:
○
○
○
○
• NETSTAT: provides interface statistics, connection status (TCP, UDP, etc.), information about the routing
○
○
table, etc.
○
○
• PING: executes ping commands (ICMP ECHO_REQUEST).
○
○
• TCPDUMP: network traffic analyzer.
○
○
○
• TRACEROUTE: indicates the path (hops) until a certain host is reached.
○
○
• TELNET: runs a telnet client.
○
○
○
○
○
○
○
As an example, we can check the status of TCP connections. To do that, we will use the NETSTAT command
○
and the option “-t” (TCP connections), as shown next:
○
○
○
○
Output of command:
○
○
○
○
47
CLI Guide - Command Line Interface
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
Output of command:
Nov 6 06:45:05 NR2G-3200 kernel: eth0: Promiscuous mode enabled.
Nov 6 06:45:05 NR2G-3200 kernel: device eth0 entered Promiscuous mode tcpdump:
listening on eth0
06:45:05.828775 10.10.10.71.netbios-dgm > 10.10.10.255.netbios-dgm: NBT UDP PACKET
(138)
06:45:05.861125 10.10.10.71.netbios-dgm > 10.10.10.255.netbios-dgm: NBT UDP PACKET
(138)
06:45:06.294381 802.1d config 8000.00:01:00:f1:ea:48.8001 root 8000.00:01:00:f1:ea:48
pathcost 0 age 0 max 20
hello 2 fdelay 15
06:45:08.294571 802.1d config 8000.00:01:00:f1:ea:48.8001 root 8000.00:01:00:f1:ea:48
pathcost 0 age 0 max 20
hello 2 fdelay 15
06:45:10.294417 802.1d config 8000.00:01:00:f1:ea:48.8001 root 8000.00:01:00:f1:ea:48
pathcost 0 age 0 max 20
hello 2 fdelay 15
06:45:12.294531 802.1d config 8000.00:01:00:f1:ea:48.8001 root 8000.00:01:00:f1:ea:48
pathcost 0 age 0 max 20
hello 2 fdelay 15
06:45:14.294418 802.1d config 8000.00:01:00:f1:ea:48.8001 root 8000.00:01:00:f1:ea:48
pathcost 0 age 0 max 20
hello 2 fdelay 15
As previously shown, the CONFIG action allows saving and reading the configuration, as well as exporting and
importing it. These options are represented by the following commands:
CONFIG <enter>
Output of command:
INPUT
EXTERN
LOAD
SAVE
PURGE
EXTERN: allows importing and exporting the configuration from/to an ftp server.
LOAD: reads the last configuration saved.
SAVE: saves the current configuration.
PURGE: clears the configuration.
IMPORTANT!
By the end of a configuration, the command CONFIG SAVE must be executed for the
configurations to be saved.
48
CLI Guide - Command Line Interface
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
CHANGING USERNAME AND PASSWORD
○
○
○
○
DT2048 SHDSL/R is previously configured as the default user. There are some system users and it is possible
○
to add several other users. The following access levels are available.
○
○
○
OPERATOR Reads information on the equipment (SHOW command ).
○
○
MODERATOR Creates and modifies user permissions.
○
○
ADMINISTRATOR Manages the system. Allowed to perform any operation.
○
○
○
○
When using the SHOW SYSTEM ALL command, there are four users, two of whom are reserved (user2 and
○
○
user3):
○
○
○
○
USER0: ROOT user. Not accessed via Telnet and SSH, only via Console. Used by Digitel’s qualified personnel
○
○
for debugging only.
○
○
Applying to: USER0
○
TYPE ADMINISTRATOR
○
○
LOGIN root
○
○
○
USER1: Major user for system configuration.
○
○
Applying to: USER1
○
○
TYPE ADMINISTRATOR
○
LOGIN nr2g
○
○
○
To change username nr2g, do the following:
○
○
○
SET SYSTEM USER1 <enter>
○
Applying to: USER1
○
○
Valid SET options are:
○
TYPE Type of permission
○
○
LOGIN Username
○
PASS Password
○
○
PURGE Clears USER1 configurations
○
SET SYSTEM USER1 TYPE ADMINISTRATOR LOGIN username PASS password
○
○
○
○
To create a new user, type SET SYSTEM <enter>. Note that value x (USERx) will be incremented. Use the
○
last user to configure a new account:
SET SYSTEM USER4 TYPE OPERATOR LOGIN operator PASS operator 2003. ○
○
○
○
○
○
○
In a large network topology, it is sometimes hard to locate a certain device. The easiest way to locate the
○
○
digitel >
○
○
○
49
CLI Guide - Command Line Interface
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
DT2048 SHDSL/R routers allow exporting or importing the configurations available in the equipment. This is
done using the FTP (File Transfer Protocol). The configuration parameters are described below:
SOFTWARE UPDATE
DT2048 SHDSL/R can be updated either via TFTP or FTP. Next, we describe these two update options, and
further ahead, we also describe the BootLoader update, in case it is recommended by Digitel.
To obtain the software version and operational system file or boot, follow the steps below:
1. Access the Digitel’s FTP server //ftp.digitel.com.br/Produtos /ROTEADORES.
2. Next step, access the folder corresponding to the model and hardware version of the Router modem to be
used.
3. The model ad hardware version of the equipment (identified by the number 800.XXXX.XX-X, Digitel code)
can be verified on the router’s label, which is on the bottom of the router. See the tables that indetify the hardware
version of your equipment.
• The following hardware options are available for the models in the DT2048 SHDSL/R series:
50
CLI Guide - Command Line Interface
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
○
Download the correct file, considering the model and hardware used, where:
○
○
• the DWN extension indicates operating system file for local update via TFTP;
○
○
○
• the IMx extension (x ranging from 0 to 5) indicates files of a single version of the operating system
○
software for remote update via FTP;
○
○
○
• the BOOT extension indicates the BootLoader file for local update via TFTP (this file should only be updated
○
when indicated by Digitel).
○
○
○
Operating system update
○
○
○
○
To update the operating system version, it is necessary to have a TFTP or FTP server installed in a host that can
○
be accessed by the router, containing the file that should be downloaded from the same directory of the (DWN for
○
○
TFTP and IMx for FTP).
○
○
At the Console used to access the DT2048 SHDSL/R that is going to be updated, which can be a PC with a
○
Windows hyperterminal (refer to configuration for Console port connection in the Installation and Initial Configuration
○
○
section), type the following command:
○
○
○
○
SET SYSTEM UPDATE <enter>
○
Valid SET options for UPDATE are:
○
○
TYPE Type of update (FTP/TFTP)
○
FILE Name of the update file (FTP - *.imx | TFTP - *.dwn)
○
TFTP and/or FTP server IP address
○
SERVER
○
USER* In case of update via FTP, type username
○
In case of update via FTP, type password
○
PASS*
○
EXECUTE Starts router update
○
○
*Only when TYPE=FTP
○
○
○
○
Local update via TFTP
○
○
○
The command for the update via TFTP is:
○
○
SET SYSTEM UPDATE TYPE TFTP FILE 66101R0.dwn SERVER 10.10.10.63 EXECUTE
○
○
○
In this example, 66101R0.dwn is the update file.
○
○
○
○
○
○
IMPORTANT!
○
Update via TFTP should be used only for local load via LAN.
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
51
CLI Guide - Command Line Interface
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
The FTP can be used for local update of the operating system via LAN, or for remote update via the WAN port.
The command for the update via FTP is:
SET SYSTEM UPDATE TYPE FTP FILE 66101R0 SERVER 10.10.10.7 USER ftpuser PASS
digitel EXECUTE
In this example, 66101R0 is the version that should be updated. Update via FTP allows the use of another file
type, the IMx, where x indicates the sequential number of the file. The following files should be available in the FTP
server directory:
66101R0.im0
66101R0.im1
66101R0.im2
66101R0.im3
In special cases, Digitel provides the BOOT file to be updated in DT2048 SHDSL/R. The update is made using
the "DT2048 SHDSL/R" prompt of the router.
Follow these steps:
1. Reboot the equipment.
2. With an active Console, which can be a PC with a Windows hyperterminal (Refer to Configuration for
Console port Connection in the Installation and Initial Configuration section), switch DT2048 SHDSL/R on by
pressing the space bar several times.
3. The router will show the maintenance prompt (DT2048 SHDSL/R boot). Type the following commands after
accessing the BOOT file from any host of the local network, using the same directory of the TFTP server:
setip "Router IP address" "Network mask" "Gateway IP"
setserv "TFTP server IP"
upboot "file.boot"
Example:
setip 10.10.10.1 255.255.255.0 10.10.10.2
setserv 10.10.10.2
upboot 66101R0.boot
4. If the boot file update is successful, the following message will be displayed:
DT2048 SHDSL/R boot correctly update!
5. After that, type clear now and press <enter> so that the default values of the new BootLoader
can be used.
6. Type restart now and press <enter> to validate the load of the new BootLoader in DT2048 SHDSL/R.
7. The following message will be displayed:
DT2048 SHDSL/R Maintenance Mode
Press SPACE to stop autobooting in 5 seconds
52
CLI Guide - Command Line Interface
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
Press space bar before 5 seconds.
○
○
8. The router will show the maintenance prompt (DT2048 SHDSL/R boot>) again. Type run clconf and
○
○
press <enter>.
○
○
○
IMPORTANT!
○
○
When updating BootLoader, it is necessary to update the operating system software as well, using
○
the DT2048 SHDSL/R boot prompt, as specified in the subsequent steps.
○
○
○
○
○
○
○
9. For update of the operating system via the maintenance prompt (DT2048 SHDSL/R boot>), transfer the
○
○
DWN file to any host in the local network, to the same directory of the TFTP server, and type the following commands:
○
○
setip "Router IP address" "Network mask" "Gateway IP"
○
setserv "TFTP server IP"
○
○
update "file.dwn"
○
○
○
Example:
○
○
setip 10.10.10.1 255.255.255.0 10.10.10.2
○
setserv 10.10.10.2
○
○
update 66101R0.dwn
○
○
○
10. After that, type run clconf and press <enter>.
○
○
○
○
○
○
○
ADDING IP ADDRESS IN THE ETHERNET INTERFACES
○
○
○
○
SET LAN <enter>
○
LAN0
○
○
LAN1
○
To create new virtual interfaces use:
○
○
<Valid real interface name>:<New virtual interface number>
○
Examples:
○
○
LAN0:1
○
LAN1:1
○
○
LAN1:2
Note that, after adding the SET LAN command and pressing ENTER, it is possible to view the syntax of the ○
○
○
○
To check whether the information was properly applied, use the SHOW command.
○
○
○
○
IP
○
○
MASK
○
BROADCAST
○
○
STATS
○
ALL
○
○
○
○
○
○
○
53
CLI Guide - Command Line Interface
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
You can view the pieces of information individually, or all at once by using ALL.
The creation of a virtual IP address, that is, a virtual interface, is a very interesting feature of NetRouter 2G
routers. Note that, when typing SET LAN <enter>, the output of command will be:
To create a virtual interface, use the nomenclature recommended above. A small example of a virtual interface
is shown below:
The parameters for creation of the interface are the same ones used for the physical interface. For other
interfaces, just follow a logical sequence of values, as in the example above.
54
CLI Guide - Command Line Interface
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
FRAME RELAY PROTOCOL
○
○
○
Frame Relay is currently the most widely used encapsulation protocol, since its installation and maintenance
○
○
costs are lower. Digitel has two types of specifications for the LMI protocol, ANSI and CCITT, but NONE could also be
○
used.
○
○
The following parameters can be used to configure a Frame Relay link:
○
○
○
SET WAN WAN0 <enter>
○
○
Valid options for command SET are:
○
PROTO {NONE,HDLC,FRAMERELAY,PPPS,PPPA,DIALIN,X25}
○
○
Any other parameters depends on protocol defined to each interface
○
You must specify a protocol
○
○
Note that the protocol to be used should be defined at this point.
○
○
○
○
SET WAN WAN0 PROTO FRAMERELAY
○
○
SET WAN WAN0 <enter>
○
Valid options for command SET are:
○
○
PROTO {NONE,HDLC,FRAMERELAY,PPPS,PPPA,DIALIN,X25}
○
Any other parameters depends on protocol defined to each interface
○
○
Valid SET options for protocol FRAMERELAY:
○
PROTOCOL Configures the protocol (ANSI, CCITT, NONE)
○
○
DCE Configures the mode (DCE/DTE)
○
CLOCK Configures the clock (internal/external)
○
○
SPEED Configures the internal clock speed
○
TXINV Inverts clock
○
○
TRAFFIC-SHAPE Enables traffic shape
○
BANDWIDTH* Configures bandwidth
○
○
T391 Frame Relay Timer
○
T392 Frame Relay Timer
○
○
N391 Frame Relay Timer
○
N392 Frame Relay Timer
○
N393 Frame Relay Timer
○
○
RESETCOUNTERS Resets statistics counters
○
UP Enables the protocol
○
○
DOWN Disables the protocol
○
PURGE Clears configuratiosn
○
○
PVC0 Sets the configuration of the PVC0 interface
○
*Only when TRAFFIC-SHAPE=TRUE
○
○
SET WAN WAN0 PROTOCOL ANSI
SET WAN WAN0 PVC0 <enter> ○
○
○
SET WAN WAN0 PVC0 DLCI 16 MTU 1500 IP 10.10.10.1 MASK 255.255.255.252
○
○
55
CLI Guide - Command Line Interface
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
PPP PROTOCOL
56
CLI Guide - Command Line Interface
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
LINK STATUS: DOWN
○
○
LAST LINK STATUS CHANGE TIME (s): 0.00
○
LAST ADMIN STATUS CHANGE TIME (s): 0.00
○
CHANNEL STATUS
○
○
FECN IN: 0
○
FECN OUT: 0
○
BECN IN: 0
○
○
BECN OUT: 0
○
DE IN: 0
○
○
DE OUT: 0
○
○
Note that the link status should remain UP while the link is active.
○
○
○
○
HDLC PROTOCOL
○
○
○
The following parameters are available for HDLC configuration:
○
○
SET WAN WAN PROTO HDLC
○
○
SET WAN WAN <enter>
○
Valid options for command SET are:
○
○
PROTO {NONE,HDLC,FRAMERELAY,PPPS,PPPA,DIALIN,X25}
○
Any other parameters depend on protocol defined to each interface
○
○
Valid options for HDLC:
○
IP Configures the WAN IP address
○
○
MASK Configures the WAN network mask
○
PEER Indicates the remote WAN IP address
○
○
MTU Configures the MTU
○
INTERVAL Keep alive interval
○
○
TIMEOUT Keep alive timeout
○
CLOCK Configures the clock (internal/external)
○
○
SPEED* Configures the internal clock speed
○
TXINV Inverts the clock
○
○
RESETCOUNTERS Resets the statistics counters
○
UP Enables the interface
○
○
DOWN Disables the interface
○
PURGE Clears the WAN0 module configurations
○
○
*Only when CLOCK=INTERNAL
○
SET WAN WAN0 IP 10.10.10.1 MASK 255.255.255.252 PEER 10.10.10.2
○
○
SET WAN WAN0 UP
○
○
○
○
○
○
X25 PROTOCOL
○
○
○
Introduction
○
○
○
X.25 is a protocol for communications in WAN nets, which defines how the connections between devices will
○
○
be stabilized and maintained. It was created to operate with efficiency independently from the system type connected
○
the net. It’s typically used in PSNs (Packet-Switched Networks) of telephony companies. Its usage has decreased -
○
○
Commands List
○
○
○
Here there’s a list of all the XOT module commands for the DT2048 SHDSL/R. All commands must start with
○
○
the expression SET WAN WANn or SHOW WAN WANn (where it’s appropriated to use them, as the table shows).
○
○
○
○
○
○
○
○
○
○
57
CLI Guide - Command Line Interface
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
SET WAN WAN<number> PROTO X25 Enables interface with X.25 protocol
SET WAN WAN<number> This expression must initiate all
commands below
CLOCK INTERNAL, EXTERNAL Defines if the clock is internally
generated or by an external modem
SPEED 64, 128, 192, 256, Defines the transmission velocity
512, 768, 1024, 1536, / comunication with modem
2048, 3072, 4096,
4915.2
TXINV TRUE, FALSE Indicates if it’s necessary to invert
clock’s polarity
MODE DTE, DCE Defines if the equipment must behave
as a terminal (subscriber side -
DTE) or X.25 circuit terminatornador
(DCE)
HTC <number> Configures the highest transmission
channel
LAPB Configures LAPB level
EXTENDEDMODE TRUE, FALSE If enabled, the extended window size
alterates the maximum boards number
(level 2) for acknowledgment, from
8 to 128
WINDOWSIZE <number>
Frames quantity for acknowledgment
EXTENDED TRUE, FALSE
If enabled, the extended window
size chages the maximum number of
packets (level 3) to
acknowledgment, from 8 to 128
NEGOTIATE (Dis)Enables the negociation of:
WINDOWSIZE TRUE, FALSE - window size
PACKETSIZE TRUE, FALSE - packet size
REVERSECHARGING TRUE, FALSE - collect calls
ROUTES Adds/Erases X.25 Routes
ADD <address X121> Adds a X.25 normal or default route
with way out through the interface.
There’s the possibility of
changing the call’s recipient and/
or originator address (as the
commands below).
ADD <address X121> SUBST_SOURCE <address X121>
ADD <address X121> SUBST_DEST <address X121>
ADD DEFAULT
ADD DEFAULT SUBST_DEST <address X121>
DELETE <address X121> Removes a rote
SVC <number> Configurations of a virtual circuit
PROTOCOL IP, IPX Defines the SVC’s protocol
WINSIZEIN <number> Reception window’s size
WINSIZEOUT <number> Transmission window’s size
PACSIZEIN 16, 32, 64, 128, 256, Reception packet’s maximum size
512, 1024, 2048, 4096
PACSIZEOUT 16, 32, 64, 128, 256, Transmission packet’s maximum size
512, 1024, 2048, 4096
REVCHARG TRUE, FALSE Defines if collect calls will be
accepted
58
CLI Guide - Command Line Interface
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
○
X121BIND <address X121> Defines X121 local address
○
WAITCONNECTION Remains in listening/stand by mode
○
○
X121TO <address X121> Defines the peer’s X121 address to be
○
called
○
○
IP <address IP> Defines the tunnel’s IP local address
○
○
on the SVC
○
MASK <address IP> Defines the net mask for this address
○
○
PEER <address IP> Defines the IP address of the tunnel’s
○
remote side
○
○
MTU <number> Defines the maximum size of the
○
○
tunnel’s IP packet on the SVC
○
NET <IPX net’s number> Defines the IPX net address
○
○
NODE <IPX node’s address> Defines the IPX node’s address
○
RESETCOUNTERS Reset counters
○
○
COMMENT Inserts a comment
○
○
UP Initiates the interface option
○
DOWN Finishes the interface operation
○
○
PURGE Returns the factory configuration
○
SHOW WAN WAN<number> This expression must initiate all
○
○
commands
○
○
○
The command SHOW has an equivalent to almost every SET commands mentioned above.
○
○
The new commands are mentioned below:
○
○
○
STATS Interface’s actual state
○
○
VC Shows state information of the active
○
○
virtual circuits
○
CONNECTIONS Shows connection information between
○
○
the X.25 peers
○
ALL To show all the information available
○
○
○
○
○
The command’s content may vary according to the configuration and the firmware version used.
○
○
○
○
○
○
○
○
○
Example of X25 configuration between DT2048 SHDSL/R and CISCO routers ○
○
○
SET WAN WAN0 PROTO X25 CLOCK EXTERNAL TXINV FALSE MODE DTE LAPB EXTENDEDMODE
○
○
FALSE WINDOWSIZE 7
○
○
SET WAN WAN0 EXTENDED FALSE NEGOTIATE WINDOWSIZE FALSE PACKETSIZE FALSE
○
REVERSECHARGING FALSE
○
○
SET WAN WAN0 SVC0 PROTOCOL IP WINSIZEIN 7 WINSIZEOUT 7 PACSIZEIN 512 PACSIZEOUT
○
59
CLI Guide - Command Line Interface
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
CISCO configuration:
Serial0 interface
description Example Configuration CISCO X25
ip address 172.16.1.2 255.255.255.252
encapsulation x25
no ip mroute-cache
x25 address 724691111111
x25 htc 64
x25 win 7
x25 wout 7
x25 ips 512
x25 ops 512
x25 map ip 172.16.1.1 724601099069 broadcast
Frame Relay
Synchronous PPP
HDLC
60
CLI Guide - Command Line Interface
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
ADDING STATIC ROUTES
○
○
○
A route is configured when we want to reach a certain network. The following parameters are available for the
○
○
configuration of a static route:
○
○
○
SET ROUTES <enter>
○
○
DEFAULT Configures a default route
○
ROUTE0 Configures a numbered route
○
○
PURGE Clears the routes module configurations
○
○
○
To configure a default route, that is, a route that can reach any network (often used to route Internet traffic), use
○
the following commands:
○
○
○
○
SET ROUTES <enter>
○
Valid options for SET are:
○
○
GW1 Configures the IP address for the remote serial interface
○
COST1 Defines a route cost
○
○
GW2 Configures the IP address for the remote serial interface
○
(parameter used to configure two default routes)
○
○
COST2** Defines a route cost (parameter used to configure two default routes)
○
used to configurate two default rotes)
○
○
POLL Configures a timer for the verification of the first default
○
route
○
○
EQUALIZE (Dis)Enables equalization for multipath rotes
○
PURGE Clears DEFAULT module configurations
○
○
○
Example: SET ROUTES DEFAULT GW1 10.10.10.2
○
○
○
To verify if the conditions were applied correctly, use the command SHOW:
○
○
DT2048 SHDSL/Rt>
○
○
SHOW ROUTES <enter>
○
Valid SHOW options are:
○
○
STATS Checks static routes
○
DYNAMIC Checks dynamic routes
○
○
DEFAULT Checks the default route
○
ALL Shows all configurations
○
○
○
SHOW ROUTES ALL
○
○
Destination Gateway Mask Cost Device
○
10.10.10.0 * 255.255.255.252 0 hdlc0 ○
○
10.10.10.0 * 255.255.255.0 0 eth0
○
DEFAULT COST1 0
○
○
DEFAULT COST2 0
○
○
DEFAULT POLL 6
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
61
CLI Guide - Command Line Interface
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
By using the same configuration, but indicating a specific network to be reached, we have the following:
Exemple: SET ROUTES ROUTE0 DEVICE WAN0 NET 172.16.1.0 MASK 255.255.255.0
GATEWAY 10.10.10.2
Note that, in case of a Frame Relay link, the interface nomenclature would be WAN0-PVC0.
To check whether the configuration was properly applied, use the SHOW command:
Applying to route:
DEVICE WAN0
NET 172.16.1.0
MASK 255.255.255.0
GATEWAY 10.10.10.2
COST 0
DEFAULT GW1 PURGE DEFAULT COST1 0
DEFAULT GW2 PURGE DEFAULT COST2 0
DEFAULT POLL 6
62
CLI Guide - Command Line Interface
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
DYNAMIC ROUTING PROTOCOLS
○
○
○
○
Dynamic routing protocols are used to minimize the configuration of routing tables in large backbones.
○
○
In most large corporations, the network topology has to be constantly changed, which involves several
○
modifications to the routing tables. The protocols used for dynamic routing allow this task to be easily and quickly
○
○
performed, by dynamically updating the routing tables of the equipment connected to a certain topology.
○
○
DT2048 SHDSL/R offers the following options for implementation:
○
○
• RIP V1 and V2
○
○
• OSPF
○
○
○
Routing Information Protocol - RIP
○
○
○
○
The RIP is a distance vector routing protocol based on Bellman-Ford algorithm. This protocol regularly sends
○
routing informations to its neighbors, allowing the other network devices to know the topology.
○
○
The RIP configuration parameters are:
○
○
○
○
SET RIP <enter>
○
○
Valid SET options are:
○
DEFAULTMETRIC Changes the default metric value for route redistribution
○
○
VERSION Configures the RIP version (1/2/default)
○
REDIST-STATIC Redistributes static route information
○
○
REDIST-CONNECTED Redistributes the connected routes to an RIP table
○
REDIST-OSPF Redistributes the routes from an OSPF table to an
○
○
RIP table
○
UP Starts the RIP module
○
○
DOWN Quits the RIP module
○
PURGE Clears RIP configurations
○
LAN0 Configures LAN0 to use RIP
○
○
WAN0 Configures WAN0 to use RIP
○
LIST0 Creates an access list for networks in the RIP module
○
○
○
Interfaces will only be enabled when they are activated. The configuration parameters are:
○
○
○
○
SET RIP LAN0 <enter>
○
○
Valid SET options are:
○
○
ENABLED Enables RIP at the current interface (True/False)
○
○
TYPE Informs the type of interface (Active/Passive) ○
○
Here is an example of a configuration where LAN and WAN interfaces are enabled:
○
○
SET RIP UP
○
○
CONFIG SAVE
○
○
○
○
○
○
○
63
CLI Guide - Command Line Interface
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
The configuration above enables the LAN and WAN interfaces to allow exchange of RIP information between
several routers over the network using version (2). Finally, the SET RIP UP command is used to enable the RIP service.
OSPF is a link status protocol that requests link status advertisements (LSAs) to all routers in the same hierarchical area.
OSPF, a link status routing protocol, is different from RIP, which is a distance vector routing protocol.
OSPF is widely used for Internet backbones and large corporate networks..
The OSPF configuration parameters are:
DT2048 SHDSL/R>
SET OSPF NETWORK0 ADDRESS 10.10.10.0 MASK 255.255.255.0 AREA 0.0.0.0
SET OSPF NETWORK1 ADDRESS 172.16.1.0 MASK 255.255.255.252 AREA 0.0.0.0
SET OSPF NETWORK2 ADDRESS 172.16.1.2 MASK 255.255.255.255 AREA 0.0.0.0
SET OSPF UP
CONFIG SAVE
In the configuration above, we enable the networks configured to LAN and WAN interfaces. Note that there
was a third network, whose remote WAN (listen)interface address had a 32-bit mask. This is due to the fact that the
interface is point-to-point, which requires the inclusion of this route so that the neighbors can share their routes among
themselves. . Finally, the SET OSPF UP command is used to enable the OSPF service.
○
○
NETWORK ADDRESS TRANSLATOR - NAT
○
○
○
○
Introduction
○
○
○
DT2048 SHDSL/R routers offer five types of NAT/PAT.
○
○
• MASQUERADE
○
○
• REDIRECT
○
○
○
• NAT 1:1
○
○
• EXCLUSION
○
○
• NATPOOL
○
○
○
○
○
Configuring the NAT MASQUERADE
○
○
○
○
It is quite common to use the MASQUERADE in NAT configuration to allow a network to use an address that is
○
configured to a given interface. A common example is the Internet link, when all PCs on a certain network have to
○
○
access the Internet.
○
○
The following parameters are available:
○
○
SET NAT MASQUERADE0 <enter>
○
○
Applying to: MASQUERADE0
○
Valid SET options are:
○
○
INTERFACE Interface for NAT application
○
ADDRESS Network address
○
○
MASK Network mask
○
PURGE Clears MASQUERADE0 configurations
○
○
SET NAT MASQUERADE0 INTERFACE WAN0 ADDRESS 192.168.1.0 MASK 255.255.255.0
○
SET NAT UP
○
○
○
Note that, in case of a Frame Relay link, the interface nomenclature would be WAN0-PVC0.
○
○
○
○
Configuring the NAT REDIRECT
○
○
○
○
To reroute a certain traffic to an IP address, we may use REDIRECT. REDIRECT is based on a source IP address,
○
an interface and a TCP port that is specific to a type of service.
The following parameters are available: ○
○
○
○
In the following example, when the router receives a telnet request at 200.238.60.1, it is configured to redirect
○
SET NAT UP
○
○
○
○
○
○
○
65
CLI Guide - Command Line Interface
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
Note that, when the TCPDUMP command (interface debugging) is run at the LAN0 interface, the address in
charge of the ICMP request is 200.238.60.1, and the IP configured at the interface is 192.168.1.1. As observed, the
LAN IP address is being changed.
An interesting NAT/PAT feature is that it allows the exclusion of a given host, or even of a group of IP addresses
within the range of addresses that use a masquerade. In this case, we use EXCLUSION.
The following example shows two rules: the first one indicates which range of IP addresses will be used by
MASQUERADE; the second one excludes a given IP address.
Operation starts when the router receives the request. The NAT rules identify the origin of the packet. When the
router perceives that the source address is 192.168.1.120/32, it routes the packet using the source address,
disregarding the NAT MASQUERADE rules.
66
CLI Guide - Command Line Interface
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
Configuring the NATPOOL
○
○
○
○
NATPOOL transfers the IP range to a predefined pool of IP addresses. This allocation is dynamic. In the
○
following example, network 192.168.1.0/24 will have its pool 200.239.60.1-200.239.60.5 changed.
○
○
○
SET NAT NATPOOL0 TOINTERFACE WAN0-PVC0 FROMMASK 255.255.255.0 FROMADDRESS
○
192.168.1.0 ADDRESS0 200.239.60.1 ADDRESS1 200.239.60.5
○
○
SET NAT UP
○
○
○
○
○
○
ENABLING THE SIMPLE NETWORK MANAGEMENT PROTOCOL (SNMP)
○
○
○
SNMP is a protocol used to manage several network devices, sending messages to an NMS (Network
○
○
Management Station). NMS is the device where all messages (TRAPS) are stored.
○
○
The following configuration parameters are available:
○
○
SET SNMP <enter>
○
○
Valid SET options for SNMP are:
○
UP Establishes the SNMP service
○
○
DOWN Quits the SNMP service
○
PURGE Clears SNMP configurations
○
○
LOCATION Configures the device location
○
CONTACT Configures the contact
○
○
TRAPAUTHFAILURE Enables/disables the transmission of TRAPS
○
TRAP0 Configures the NMS address
○
○
ROCOMMUNITY0 Read community string
○
RWCOMMUNITY0 Read/write community string
○
○
○
SET SNMP LOCATION digitel CONTACT Suporte TRAPAUTHFAILURE TRUE
○
○
SET SNMP ROCOMMUNITY0 <enter>
○
Valid SET options are:
○
NAME Name of the read community string
○
○
PURGE Clears RWCOMMUNITY0 configurations
○
MANAGER0 Configures the NMS IP address
○
○
SET SNMP ROCOMMUNITY0 NAME public MANAGER0 ADDRESS 192.168.1.2
○
○
○
SET SNMP RWCOMMUNITY0 <enter>
○
Valid SET options are:
○
○
NAME Name of the read/write community string
PURGE Clears RWCOMMUNITY0 configurations ○
○
○
SET SNMP UP
○
○
○
○
IP TUNNELING
○
○
○
This item describes IP Tunneling technologies for DT2048 SHDSL/R models. The following protocols are
○
○
supported:
○
○
67
CLI Guide - Command Line Interface
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
The GRE protocol is used to create tunnels between subnetworks. This is the simplest tunnel implementation
between routers, without any security features or data encryption.
The following GRE configuration parameters are available:
SET GRE <enter>
Valid SET options for GRE are:
UP Enables GRE tunnel
DOWN Disables GRE tunnel
PURGE Clears GRE module configurations
GRE1 Tunnel configuration
SET GRE GRE1 <enter>
Valid SET options are:
INTERFACE Tunnel source interface
REMOTE Remote tunnel valid IP address
TUNNELLOCAL Local IP address for the tunnel
TUNNELREMOTE Remote IP address for the tunnel
UP Enables tunnel
DOWN Disables tunnel
PURGE Clears tunnel module configurations
ATTENTION!
In TUNNELLOCAL and TUNNELREMOTE configurations, the IP addresses should be defined at the
time of configuration. This address will be used to connect both networks.
To clarify all this information, we give an example of GRE configuration for the connection of two subnetworks.
In this example, the topology consists of two networks that will be connected with each other using a GRE tunnel. The
network address on side A (LOCAL) is 192.168.10.0, with 172.16.1.1/30 as the serial interface address . On side B
(REMOTE), the network address is 192.168.11.0/24, with 172.16.1.2/30 as the serial interface address. The
configurations are shown below:
LOCAL:
GRE1 interface configuration. Note that addresses 7.7.7.7 and 7.7.7.6 are added for local and remote
configurations, respectively, as fictitious addresses, only for the sake of tunnel identification.
SET ROUTES ROUTE0 DEVICE GRE1 NET 192.168.11.0 MASK 255.255.255.0 GATEWAY
7.7.7.6
It is necessary to create a route for the specific network using the GRE1 interface.
REMOTE:
○
○
Point-to-Point Tunneling Protocol - PPTP
○
○
○
○
PPTP stems from PPP, widely used for the connection between virtual private networks (VPNs). PPTP traditionally
○
encapsulates PPP packets into GRE packets. In addition to the IP, it also tunnels protocols such as the IPX.
○
○
For security reasons, PPTP uses some data encryption by using CHAP and PAP algorithms. It also uses MPPE
○
○
(Microsoft Point-To-Point Encryption Protocol) for data encryption in PPTP tunnels. Originally, MPPE supports session
○
keys between 40 and 128 bits.
○
○
○
○
○
The following parameters are necessary for configuration:
○
○
○
○
SET PPTP <enter>
○
Valid SET options are:
○
○
○
SERVER Defines PPTP server configurations
○
PURGE Clears PPTP module configurations
○
○
CHAP0 Configures CHAP authentication
○
CLIENT0 Defines PPTP client configurations
○
○
○
○
Two modes are used for PPTP configuration: client and server.
○
○
○
SET PPTP SERVER <enter>
○
○
Applying to: SERVER
○
Valid SET options for SERVER are:
○
○
○
LISTEN Tunnel source interface
○
○
UP Enables server
○
DOWN Disables server
○
○
PURGE Clears SERVER module configurations
○
LOCALIP0 Configures IP addresses for local tunnel
○
○
REMOTEIP0 Configures IP addresses for remote tunnel
○
SET PPTP CLIENT0 <enter>
○
○
Applying to: CLIENT0
○
Valid SET options are:
○
○
○
DOMAIN Configures authentication in a CHAP domain
○
○
SERVER Configures valid IP address for remote tunnel
○
UP Establishes connection with PPTP server
○
○
DOWN Quits connection with PPTP server
○
PURGE Clears CLIENT0 module configurations ○
○
○
○
Next, we give an example of configuration using the PPTP in a point-to-point application over a Frame Relay link.
○
○
○
○
○
○
○
○
○
69
CLI Guide - Command Line Interface
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
SERVER:
SET LAN LAN0 IP 192.168.10.1 MASK 255.255.255.0 UP
SET WAN WAN0 PROTO FRAMERELAY PROTOCOL ANSI
SET WAN WAN0 PVC0 DLCI 16 MTU 1500 IP 172.16.1.1 MASK 255.255.255.252 PEER 172.16.1.2
SET WAN WAN0 UP
SET PPTP SERVER LISTEN WAN0-PVC0
SET PPTP SERVER LOCALIP0 BEGIN 10.10.50.1 END 10.10.50.50
SET PPTP SERVER REMOTEIP0 BEGIN 10.10.200.1 END 10.10.200.50
SET PPTP CHAP0 DOMAIN digitel
SET PPTP CHAP0 USER digitel
SET PPTP CHAP0 PASS digitel
SET PPTP SERVER UP
CLIENT:
SET LAN LAN0 IP 192.168.11.1 MASK 255.255.255.0 BROADCAST 192.168.11.255 UP
SET WAN WAN0 PROTO FRAMERELAY PROTOCOL ANSI
SET WAN WAN0 PVC0 DLCI 16 MTU 1500 IP 172.16.1.2 MASK 255.255.255.252 PEER 172.16.1.1
SET WAN WAN0 UP
SET PPTP CHAP0 DOMAIN digitel
SET PPTP CHAP0 USER digitel
SET PPTP CHAP0 PASS digitel
SET PPTP CLIENT0 DOMAIN CHAP0
SET PPTP CLIENT0 SERVER 172.16.1.1 UP
70
CLI Guide - Command Line Interface
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
○
○
Next, we give na example of configuration using L2TP in a point-to-point application over a Frame Relay link.
○
○
LNS:
○
○
○
SET LAN LAN0 IP 192.168.10.1 MASK 255.255.255.0 UP
○
○
SET WAN WAN0 PROTO FRAMERELAY PROTOCOL ANSI
○
SET WAN WAN0 PVC0 DLCI 16 MTU 1500 IP 172.16.1.1 MASK 255.255.255.252 PEER 172.16.1.2
○
○
SET WAN WAN0 UP
○
SET L2TP AUTH PAP
○
○
SET L2TP USER0 USERNAME digitel
○
SET L2TP USER0 PASSWORD digitel
○
○
SET L2TP LNS LOCALIP 100.100.100.1
○
SET L2TP LNS IPPOOL0 BEGIN 100.100.100.2 END 100.100.100.254
○
○
SET L2TP LNS UP
○
SET L2TP UP
○
○
LAC:
○
○
SET LAN LAN0 IP 192.168.11.1 MASK 255.255.255.0 UP
○
○
SET WAN WAN0 PROTO FRAMERELAY PROTOCOL ANSI
○
SET WAN WAN0 PVC0 DLCI 16 MTU 1500 IP 172.16.1.2 MASK 255.255.255.252 PEER 172.16.1.1
○
○
SET WAN WAN0 UP
○
SET L2TP AUTH PAP
○
○
SET L2TP USER0 USERNAME digitel
○
SET L2TP USER0 PASSWORD digitel
○
○
SET L2TP LAC0 ID 1 LNS 172.16.1.1 REDIAL TRUE
○
SET L2TP UP
○
○
○
○
IPSec also allows for IP Tunneling. It is described in detail in the subsequent item.
○
○
○
○
IPSEC - SECURE IP OVER THE INTERNET
○
○
○
Introduction
○
○
○
○
IPSec is an Internet security protocol initially developed for Ipv6 and modified for Ipv4 implementation.
○
Provision of end-to-end security of packet traffic, using encryption, is its major feature.
○
○
○
One of the most widely known IPSec implementations, FreeS/WAN, which belongs to the Linux kernel, is also
○
used in DT2048 SHDSL/R. IPSec differs from other VPN protocols because it operates at layer 3 of the OSI model, thus
○
○
being able to provide security to any Internet protocol (TCP, UDP, ICMP, etc).
○
○
IPSec also implements several security features, such as authentication, data integrity, confidentiality and
○
IPSec protocols
○
○
○
These are some of the protocols used by IPSec for information exchange:
○
○
• AH (Authentication Header)
○
○
71
CLI Guide - Command Line Interface
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
AH is intended to guarantee connectionless integrity and data origin authentication. ESP also includes some
features offered by AH, but it also provides confidentiality and limited protection against traffic flow analysis. ISAKMP
framework is used as the basis for key encryption for both AH and ESP by the IKE protocol. The IKE protocol is used
for authentication, negotiation and key exchange.
It is important to define the type of operation to be used for AH and ESP tunnels. In tunnel mode, all packets are
encapsulated, and a new IP header is created; however, the quality of service of the original packet is preserved.
The IPSec configuration parameters are:
SET IPSEC <enter>
Valid SET options for IPSEC are:
FRAGICMP Informs the necessity for packet fragmentation
NOEROUTEPASS Action valid for packets arriving at KLIPS (Kernel Level
IP Security)
HIDETOS Copies value from the TOS field and applies it to the IPSec
packet
UNIQUEIDS Replaces all IDs of old connections by a new ID
DOWN Disable an IPSec tunnel
PURGE Clears IPSEC configurations
CHANNEL0 Configures an IPSEC channel
IPSEC0 Selects the IPSec interface
*IPSECx are only available when TYPE = INTERFACE
72
CLI Guide - Command Line Interface
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
○
Here is the configuration of the same parameters for the RIGHT configuration.
○
○
SET IPSEC CHANNEL0 RIGHT
○
Applying to: CHANNEL0
○
Valid SET options for RIGHT are:
○
○
ADDRESSTYPE [INTERFACE****]
○
ADDRESS* Source interface IP address*
○
○
SUBNET Enables subnetwork configuration
○
NET** Network address
○
○
MASK** Mask address
○
USEGATEWAY Enables gateway use
○
○
ID Defines an identification string
○
GATEWAY*** Configures the gateway
○
○
○
*Only when ADDRESSTYPE=USER
○
**Only when SUBNET=TRUE
○
○
***Only when USEGATEWAY=TRUE
○
○
○
○
○
SET IPSEC CHANNEL0 KEY
○
Applying to: CHANNEL0
○
○
Valid SET options for KEY are:
○
AUTH Type of authentication (ESP/AH)
○
○
AUTHBY Authentication method (SECRET/RSA)
○
PASS* Password (SECRET)
○
○
BITS** Number of BITS for the key (RSA)
○
PEERPUBLICKEY** Remote public key
○
○
GENERATEKEY** Public key generation
○
NEGRESTART Restarts timers(TIME/MARGIN)
○
○
LOCALSIDE** Defines left or right side for the tunnel
○
KEYLIFE Key lifetime
○
○
ISAKMP Validity of authenticated channel
○
RETRIES Number of authentication attempts
○
PERFECTFORWARD Enables or disables the PFS protocol
○
○
*Only when AUTHBY=SECRET
○
**Only when AUTHBY=RSA
○
○
○
Example of configuration between DT2048 SHDSL/Rs using a 512-bit RSA authentication key
○
○
○
○
ROUTER A:
○
○
○
SET LAN LAN0 PURGE ○
SET WAN WAN0 PVC0 DLCI 16 IP 172.16.1.1 MASK 255.255.255.252 PEER 172.16.1.2
○
○
SET IPSEC CHANNEL0 NAME canal LEFT ADDRESSTYPE BINDED IPSEC0 SUBNET TRUE NET
○
SET IPSEC CHANNEL0 RIGHT ADDRESSTYPE USER ADDRESS 172.16.1.2 SUBNET TRUE NET
○
73
CLI Guide - Command Line Interface
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
To check the status of IPSec connection in the routers, type SHOW SYSTEM LOG MESSAGES in both pieces
of equipment. Example:
Note that two levels (ISAKMP and Ipsec) are indicated as established. This means that the connection has
been correctly established with the remote router.
CISCO CONFIGURATION:
74
CLI Guide - Command Line Interface
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
!
○
○
!
○
crypto map test 1 ipsec-isakmp
○
○
set peer 200.198.105.45
○
set transform-set teste
○
○
set pfs group2
○
match address 101
○
○
!
○
!
○
○
!
○
!
○
○
interface Ethernet0
○
ip address 10.0.3.200 255.255.0.0
○
○
hold-queue 100 out
○
!
○
○
interface Ethernet1
○
ip address 200.218.187.66 255.255.255.252
○
○
crypto map test
○
!
○
○
ip classless
route 0.0.0.0 0.0.0.0 200.218.187.65
○
!
○
○
!
○
access-list 101 permit ip 10.0.0.0 0.0.255.255 192.168.10.0 0.0.0.255
○
○
○
DT2048 SHDSL/R CONFIGURATION:
○
○
○
SET LAN LAN0 PURGE
○
○
SET LAN LAN0 IP 192.168.10.1 MASK 255.255.255.0 BROADCAST 192.168.10.255 UP
○
SET LAN LAN1 PURGE
○
○
SET LAN LAN1 IP 200.198.105.45 MASK 255.255.255.240 BROADCAST 200.198.105.47 UP
○
SET ROUTES DEFAULT GW1 200.198.105.33 COST1 0
○
○
SET IPSEC PURGE
○
SET IPSEC FRAGICMP FALSE NOEROUTEPASS FALSE HIDETOS FALSE UNIQUEIDS FALSE
○
○
SET IPSEC IPSEC0 INTERFACE LAN1
○
SET IPSEC CHANNEL0 NAME canal LEFT ADDRESSTYPE BINDED IPSEC0 SUBNET TRUE NET
○
○
192.168.10.0 MASK 255.255.255.0 USEGATEWAY TRUE GATEWAY 200.198.105.33
○
SET IPSEC CHANNEL0 RIGHT ADDRESSTYPE USER ADDRESS 200.218.187.66 SUBNET TRUE
○
○
NET 10.0.0.0 MASK 255.255.0.0 USEGATEWAY TRUE GATEWAY 200.218.187.65
○
SET IPSEC CHANNEL0 KEY AUTH ESP AUTHBY SECRET PASS digitel
○
○
SET IPSEC CHANNEL0 KEY NEGRESTART TIME 9 MARGIN 100
○
SET IPSEC CHANNEL0 KEY ISAKMP 1H RETRIES 0 PERFECTFORWARD TRUE KEYLIFE 8H ○
SET IPSEC UP
○
○
○
○
○
Digitel includes three DHCP features in its routers: DHCP Server, DHCP Relay and IP reservation. DHCP Server
○
○
dynamically allows TCP/IP configuration of hosts in a subnetwork . Each host (PCs, servers, printers, etc.) receives several
○
pieces of information, including IP address, mask, gateway, etc., in a totally dynamic fashion, provided that the host allows
○
○
DHCP Relay allows a subnetwork to obtain information from a remote DHCP server. However, it is necessary to
○
enable the interfaces so that the DHCP server can route the information through the subnetworks. The RESERVATION
○
○
feature allows the allocation of an IP address to a given host using the MAC ADDRESS of its network board.
○
○
75
CLI Guide - Command Line Interface
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
Initially, it is necessary to define the type of DHCP operation: NORMAL (server) or RELAY.
DHCP Server
76
CLI Guide - Command Line Interface
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
SET DHCP SUBNET0 DNS0 ADDRESS 192.168.1.2
○
○
Configures the DNS address for the hosts
○
○
○
SET DHCP SUBNET0 WINS0 ADDRESS 192.168.1.3
○
Configures the Wins address for the hosts
○
○
○
SET DHCP UP
○
○
Initiates service of DHCP Server
○
○
○
DHCP Reservation
○
○
○
As previously described, the RESERVATION feature allows allocating specific IP addresses to a given host
○
○
(addresses not in the range of the DHCP Server). This is important when we want to make a distinction between a
○
network device (e.g.: printer server) and other components, thus organizing the addresses in the DHCP Server table.
○
○
○
○
○
SET DHCP HOST0 <enter>
○
Valid SET options are:
○
○
NAME Defines a hostname for a network device
○
MAC Defines the MAC ADDRESS for the Ethernet device
○
○
ADDRESS Defines the IP address that should be reserved
○
DNSDOMAIN Configures a Domain Name for the host
○
○
DNS0 Configures a DNS address for the host
○
ROUTER0 Configures a gateway address for the host
○
○
WINS0 Configures a WINS address for the host
○
PURGE Clears HOST0 configurations
○
○
○
○
For clarification of how the RESERVATION feature works, we present a script with the configurations above:
○
○
○
○
SET DHCP HOST0 MAC 00:00:00:00:00:00 NAME impressora1 ADDRESS 192.168.1.250
○
DNSDOMAIN digitel.com.br
○
○
Replace “00:00:00:00:00” by the MAC address of network board of the device.
○
SET DHCP HOST0 DNS0 ADDRESS 192.168.1.2
○
○
SET DHCP HOST0 ROUTER0 ADDRESS 192.168.1.1
○
SET DHCP HOST0 WINS0 ADDRESS 192.168.1.3
○
○
SET DHCP UP
○
○
○
○
DHCP Relay
○
○
○
○
Note that before applying RELAY configurations, it is necessary to first define the operation type as Relay in the
○
○
TYPE parameter.
○
○
○
○
○
○
○
○
77
CLI Guide - Command Line Interface
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
Traffic control
Traffic control in DT2048 SHDSL/R is based on three key elements: queuing discipline, class and filter. Control
is quite flexible, allowing an array of combinations, due to its recursive architecture. Next, we describe the key
elements.
Service Discipline
Queueing discipline is a way to manage data traffic, and may include algorithms (e.g.: HTB, TBF, SFQ), which
actually occurs in most cases. More complex queuing disciplines contain filters and classes. Each discipline has an
identifier, known as handle, and a variable, which indicates where the queuing discipline is installed within a hierarchical
order of classes. This variable is called classid.
Class is a node in the traffic control hierarchy. A class is not responsible for queue management. Therefore, it
requires a queuing discipline, which allows a large number of combinations. Thus, it is possible to establish a
hierarchy where a different queuing discipline is installed in each leaf node. These nodes are responsible for traffic
control.
This flexibility is more frequently noticed when HTB is used, which allows the creation of several classes, unlike
other disciplines such as TBF and SFQ.
Filter is the mechanism whereby a packet is allocated to a class. A filter is required when a packet goes through
the unit (forward) or is generated in the unit (output). Each discipline or class has a list of filters, whose differences are
concerned with the protocol (IP, ICMP, etc.) they apply to and also with their priority. The classification system of
Digitel’s equipment uses all the power of packet selection implemented by the firewall mechanism. As occurs with
queuing disciplines, filters also have a handle and classid, with the same meanings.
78
CLI Guide - Command Line Interface
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
○
Service disciplines
○
○
○
○
HTB (Hierarchy Token Bucket)
○
○
HTB is an intuitive, quick and flexible discipline, usually outperforming the CBQ features. HTB is also based on
○
○
classes, which can be subdivided into subclasses, forming a hierarchy of classes.
○
○
○
○
○
○
○
Main
○
○
Link
○
○
○
○
○
○
○
○
B
○
A/WWW
○
A/SMTP
○
○
○
○
○
○
○
○
○
Unlike CBQ, HTB uses a bandwidth control mechanism (shapes traffic based) based on the Token Bucket Filter,
○
which does not depend on the physical characteristics of the link. It does not require information about the behavior
○
○
of the output bandwidth.
○
○
It allows simulating slower links and determining which traffic class will use this slow path, thus changing the
○
○
order and priority of the current flow.
○
○
○
○
○
○
Parameter Function
○
○
Priority Defines class priority in the queuing mechanism. The round-robin algorithm, with
○
○
priorities, is used.
○
○
Rate Indicates maximum class rate. The rate sum of the children of a given class is the
○
same as that of the father
○
○
○
Ceil Maximum number of data allowed to be sent. ○
○
Burst Number of bytes allowed to be sent within a given time, respecting the speed provided
○
○
by the ceil.
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
79
CLI Guide - Command Line Interface
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
This queuing discipline uses two token buckets, one for mean rate control and one for peak rate control The
token bucket for peak rate control allows some traffic burst, controlled by the peak rate parameter, to be sent during
a traffic-free period. The token bucket for mean rate control specifies the current flow of the class. If the peak rate
parameter is not used, the second token bucket will not be activated, and no limit will be specified. Thus, the burst is
based on the number of existing tokens. This algorithm delays the packets that exceed the limit, but does not drop
them.
Parâmetro Função
Limit Number of bytes that can be queued in the main token bucket.
Latency Maximum amount of time a packet sits in the TBF.
Rate Specifies the class bandwidth.
Burst Indicates the depth of the main token bucket.
Mtu Used to calculate packet size, for the mean rate table, or for the peak rate table.
Peakrate Enables the token bucket for peak rate control and specifies its mean value.
(optional)
The limit value should be greater than or equal to that of the interface mtu, otherwise, packets with greater
values might be dropped. If the latency parameter is used, queue size will be calculated based on the formula: limit
= rate * latency + burst. If the mtu value is greater than 2040, it must be specified. Its value should include the header
of the logical link layer. If the second token bucket is activated through the peakrate parameter, the mtu will also
indicate the depth of this token bucket.
It’s an FQ variant, in which a queue is kept for the time during which packets would be dropped if the BR (bit-
by-bit Round Robin) algorithm was used. BR sends traffic in a Round Robin fashion, and its transmission unit is only 1
bit. The packet is only sent when the whole packet is “read.” Thus, smaller packets are sent first.
Since it is difficult to keep a queue organized, SFQ allocates a pretty large number of queues, using the hash
table to send traffic to one of them. A drawback of this method is that as the number of active flows gets closer to the
number of queues, there is an increased probability of collision at the hash table.
The queues with packets to be sent are serviced in a round-robin fashion. A given amount of data (quantum) is
sent in every turn.
Parameter Function
Perturb Regular perturbation calculated by the hashing algorithm for the prevention of
collisions. SECS defines the interval within which the perturbation shoud occur.
Quantum Amount of data in bytes that should be sent in each round-robin session.
Next, we present two example configurations. In the first example, we will limit the bandwidth to 5 kbps for the
FTP. In the second example, we will follow a similar procedure, but we will work with link sharing, where priorities are
established for each queue, and where the lowest priority receives bandwidth from the father class. The topology is
shown next:
80
CLI Guide - Command Line Interface
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
Note that we formed two queues (1:1 and 1:2) over root class 1:, and that we limited class 1:1 to 5 kbps. Also
○
note that QoS rules should be applied based on the output traffic of the interface.
○
○
○
○
○
SET FIREWALL QOS RULE0 PROTOCOL tcp MARK 1
○
SET FIREWALL QOS RULE0 SOURCE ADDRESS 192.168.1.0 MASK 255.255.255.0
○
○
SET FIREWALL QOS RULE0 DESTINATION ADDRESS 192.168.2.0 MASK 255.255.255.0
○
SET FIREWALL QOS RULE0 TCP DPORT 20-21
○
SET FIREWALL UP
○
○
SET QOS WAN0-PVC0 ROOT-HTB HANDLE 1:
○
SET QOS WAN0-PVC0 HTB1: DEFAULT 2
○
○
SET QOS WAN0-PVC0 HTB1: NEW-HTB HANDLE 1:1
○
SET QOS WAN0-PVC0 HTB1:1 RATE 5KBIT BURST 5KBIT CEIL 5KBIT PRIORITY 1
○
○
SET QOS WAN0-PVC0 HTB1: NEW-HTB HANDLE 1:2
○
SET QOS WAN0-PVC0 HTB1:2 RATE 59KBIT BURST 5KBIT CEIL 59KBIT PRIORITY 0
○
○
SET QOS WAN0-PVC0 HTB1: NEW-FILTER HANDLE 1 PRIORITY 0 PROTOCOL IP CLASSID 1:1
○
SET QOS UP
○
○
○
○
In the second example, queues 1:10 and 1:20 were formed over a father class, which will allocate the bandwidth
○
according to the specified priority (the lowest the priority value, the highest the priority). Note that while we are using
○
○
only the FTP, 128 kbps will be allocated to it, but when Telnet is initiated, the link will be shared:
○
○
SET FIREWALL PURGE
○
○
SET FIREWALL QOS RULE0 PROTOCOL TCP MARK 1
○
SET FIREWALL QOS RULE0 SOURCE ADDRESS 192.168.10.0 MASK 255.255.255.0
SET FIREWALL QOS RULE0 DESTINATION ADDRESS 192.168.11.0 MASK 255.255.255.0 ○
○
○
SET FIREWALL UP
○
SET QOS WAN0-PVC0 HTB1:1 RATE 128KBIT BURST 15KBIT CEIL 128KBIT NO-PRIORITY
○
○
SET QOS WAN0-PVC0 HTB1:10 RATE 10KBIT BURST 15KBIT CEIL 128KBIT PRIORITY 0
○
○
SET QOS WAN0-PVC0 HTB1:20 RATE 118KBIT BURST 15KBIT CEIL 128KBIT PRIORITY 1
○
○
SET QOS WAN0-PVC0 HTB1:1 NEW-FILTER HANDLE 1 PRIORITY 1 PROTOCOL IP CLASSID 1:10
○
SET QOS WAN0-PVC0 HTB1:1 NEW-FILTER HANDLE 2 PRIORITY 0 PROTOCOL IP CLASSID 1:20
○
○
SET QOS UP
○
○
○
○
○
○
○
○
81
CLI Guide - Command Line Interface
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
FIREWALL
Introduction
DT2048 SHDSL/R routers implement several Firewall features. Here, we are going to describe some of these
features, and we are going to provide some example configurations as well.
There are two levels of security in DT2048 SHDSL/R: one is determined by policies, and the other one, by rules.
Policies
Chain policies define packet destination. A policy is used when a packet reaches the end of a chain and does
not fit into any rules. In this case, the kernel checks the chain policy to decide what to do with the packet.
The decision can be to ACCEPT or DROP the packet. By default, INPUT/OUTPUT/FORWARD chains have their
policies configured as ACCEPT at startup.
Chains
A chain is a list of rules. Each rule tells the packet header what should be done with the packet. If the current rule
is not associated with the packet, then the next rule in the chain will be used. When there are no more rules to use, the
operating system will analyze the chain policy and decide what to do.
• INPUT: all traffic from a host (either local or remote) to the router.
•FORWARD: all traffic from any host (either local or remote) bound to any host that can be reached through the router.
82
CLI Guide - Command Line Interface
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
Packets going through the INPUT chain do not have an output interface, and packets going through the
○
○
OUTPUT chain do not have an input interface. In case of FORWARD, both can or should be specified for the
○
establishment of rules.
○
○
With the rules, we can create different ways to deal with the traffic. The main parameters are subsequently
○
○
listed.
○
○
○
○
• Action - An action determines what will happen when a packet fits into a given rule.
○
○
Possible actions include ACCEPT, DROP and REJECT.
○
○
- ACCEPT: accepts the packet being filtered;
○
○
- DROP: drops the packet being filtered;
○
○
○
- REJECT: has the same effect as DROP, except if the sender has sent an ICMP port unreachable
○
message. The ICMP message will not be sent if any of any of the following situations occurs (refer to RFC 1122):
○
○
- The packet being filtered is an ICMP error message in the beginning, or an unknown
○
○
type of ICMP;
○
○
- The packet being filtered is a fragment without a header;
○
○
- Many ICMP error messages have been sent to the same addressee.
○
○
• Protocol - The options are TCP, UDP and ICMP.
○
○
• Source and Destination - For the definition of addressing parameters and ports.
○
○
• IP addresses - Network or host IP addresses to be defined.
○
○
○
• Port - UDP/TCP port ranges.
○
○
○
○
In addition to these parameters, we can create different management options, using TCP flags, rules with
○
inverted logic, etc.
○
○
○
○
○
Specifying inverted logic
○
○
○
Several configuration options can be preceded by '!' (pronounced "no"), which means inverting the logic for a
○
○
given rule. For instance, if we define a rule that only allows transmission of a packet to a given interface and then we
○
apply the '!' option to the destination interface, the rule is inverted. Therefore, the packets will be sent to all interfaces,
○
○
except to the specified interface. We are going to see some more examples further ahead.
Specifying fragments ○
○
○
○
○
○
○
Sometimes a packet is too large to be sent all at once. If this happens, the packet is fragmented and sent as
○
○
multiple packets. On arrival, the packet is rebuilt by putting the fragments back together. The problem with
○
fragmentation is that the initial fragment contains complete header fields (IP + TCP, UDP and ICMP) to analyze, but
○
○
the subsequent packets only have the IP header (without the fields of other protocols). Then, analyzing the subsequent
○
fragments in search of headers of other protocols (such as TCP, UDP and ICMP extensions) is impossible.
○
○
If you are following up connections or NAT, all fragments will be reassembled before they reach the packet filter
○
○
code (then you do not have to worry about the fragments ). On the other hand, it is important to understand how
○
fragments are treated by filtering rules. Any rule that requests nonexistent information is not valid. This means that the
○
○
first fragment will be treated as any packet, whereas the second and the subsequent fragments will not. Then a rule
○
with the fragment (other packets) option enabled will analyze the packets of a data flow, except the first packet. It is
○
○
important to specify a rule that enables the fragment (first packet) option, but that does not apply this rule to the
○
Usually, it is safer to allow transmission of the second and subsequent fragments, as the first fragment will be
○
filtered; this will prevent the whole packet from being defragmented in the destination equipment.
○
○
○
○
○
○
○
83
CLI Guide - Command Line Interface
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
Configuration parameters
For clarification of these rules, we will show an example where we disable the traffic from any network to the
router (INPUT) and enable Telnet only from a specific host.
84
CLI Guide - Command Line Interface
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
Note that, in the example below, we take for granted that the host (PC) address is 10.10.10.63 and that the
○
○
router address is 10.10.10.66. To check whether it is working properly, just apply a continuous ping to the destination
○
address; after the firewall is enabled, the ping should respond with TIME OUT, and it will be possible to establish a
○
○
Telnet connection with address 10.10.10.66 in the equipment 10.10.10.63.
○
○
SET FIREWALL PURGE
○
○
SET FIREWALL INPUT POLICY DROP
○
SET FIREWALL INPUT RULE0 PROTOCOL TCP ACTION ACCEPT
○
○
SET FIREWALL INPUT RULE0 SOURCE INTERFACE LAN0 ADDRESS 10.10.10.63 MASK
○
255.255.255.255
○
SET FIREWALL INPUT RULE0 TCP DPORT 23-23
○
○
SET FIREWALL UP
○
CONFIG SAVE
○
○
○
○
In the following example, we will use inverted logic. When we enable the ADDRESSINVERTED option in this
○
rule, any address can establish a Telnet connection with router 10.10.10.66, except with 10.10.10.63. The rule is the
○
○
same; we only added the ADDRESSINVERTED parameter as TRUE.
○
○
○
○
SET FIREWALL PURGE
○
SET FIREWALL INPUT POLICY DROP
○
○
SET FIREWALL INPUT RULE0 PROTOCOL TCP ACTION ACCEPT
○
SET FIREWALL INPUT RULE0 SOURCE INTERFACE LAN0 ADDRESSINVERTED TRUE ADDRESS
○
○
10.10.10.63 MASK 255.255.255.255
○
SET FIREWALL INPUT RULE0 TCP DPORT 23-23
○
○
SET FIREWALL UP
○
CONFIG SAVE
○
○
○
○
For test purposes, establish a Telnet between equipment 10.10.10.63 and router 10.10.10.66 and, after that, try
○
to make this Telnet connection from any other PC. You will find out that access from the host 10.10.10.63 is not
○
○
possible, since there is an inverted logic that specifies that any PC can access this equipment, except address
○
10.10.10.63/32.
○
○
In the next example, a network makes an ICMP request to a remote network without accessing the internal
○
○
network. In this case, the address of the local network is 10.10.10.0/24, and for the remote network, it is 192.168.11.0/
○
24. Note that the ECHO-REQUEST messages are sent, but, for a reply (ECHO-REPLY) to exist, it is necessary to create
○
○
a special rule, which does not involve only the protocol, but also the type of ICMP message. The rules are the following.
○
○
SET FIREWALL PURGE
○
SET FIREWALL INPUT POLICY ACCEPT
○
○
SET FIREWALL OUTPUT POLICY ACCEPT
○
SET FIREWALL FORWARD POLICY ACCEPT
○
○
SET FIREWALL FORWARD RULE0 PROTOCOL ICMP ACTION ACCEPT ○
SET FIREWALL FORWARD RULE0 SOURCE INTERFACE LAN0 ADDRESS 10.10.10.0 MASK
○
○
255.255.255.0
○
MASK 255.255.255.0
○
SET FIREWALL FORWARD RULE1 SOURCE INTERFACE WAN0-PVC0 ADDRESS 0.0.0.0 MASK
○
0.0.0.0
○
○
SET FIREWALL FORWARD RULE1 DESTINATION INTERFACE LAN0 ADDRESS 0.0.0.0 MASK
○
0.0.0.0
○
○
SET FIREWALL FORWARD RULE1 ICMP ENABLED TRUE INVERTED TRUE TYPE ECHO-REPLY
○
SET FIREWALL UP
○
○
○
The created command uses an inverted logic for the type of message that should be filtered. This is created
○
○
SET FIREWALL FORWARD RULE1 ICMP ENABLED TRUE INVERTED TRUE TYPE ECHO-REPLY
○
○
To view the statistics of the created rule, use the SHOW FIREWALL STATS command.
○
○
○
○
○
85
CLI Guide - Command Line Interface
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
AUTHENTICATION SYSTEMS
Introduction
The authentication system of DT2048 SHDSL/R routers supports different authentication protocols and types.
Authentication can be carried out using the SHADOW, TACACS and RADIUS commands.
SHADOW is an authentication system based on MD5 encryption, offered by the equipment.
TACACS (Terminal Access Controller Access Control System) is an authentication protocol for remote users.
Originally developed by CISCO, today it has been by several manufacturers. TACACS allows autthenticating a user in
a base provided by the client’s TACACS server.
RADIUS (Remote Authentication Dial User Service) is one the most widely used remote authentication protocols.
It also allows authentication of users in a remote base provided by the client. It is defined in RFC 2058.
To configure the authentication system, do the following:
1. Define the type of authentication.
2. In case of more than one type of authentication, specify an order for them.
3. Configure the authentication method.
It is worth mentioning that if no authentication method has been configured, the CLI will select SHADOW as the
standard authentication method.
The order of authentication is defined by using the following command:
SET SYSTEM AAA AUTHENTICATION ORDER <enter>
You must provide order for UP auth types. Combination possibilities are:
TACACS SHADOW
SHADOW TACACS
RADIUS SHADOW
SHADOW RADIUS
86
CLI Guide - Command Line Interface
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
RADIUS
○
○
○
○
To define RADIUS as the only authentication method, enable the RADIUS authentication and disable the
○
SHADOW authentication.
○
○
○
SET SYSTEM AAA AUTHENTICATION RADIUS UP
○
SET SYSTEM AAA AUTHENTICATION SHADOW PURGE
○
○
○
○
The following options are available for configuration:
○
○
SET SYSTEM AAA AUTHENTICATION RADIUS <enter>
○
Valid SET options for RADIUS are:
○
○
DEBUG Allows viewing events via Syslog
○
SERVER Configures the RADIUS server IP address
○
○
SECRET Password used for negotiation between the equipment’s RADIUS
○
and the server.
○
○
TIMEOUT Timeout for remote authentication
○
ONERROR** Defines what should be done when RADIUS is the first
○
○
authentication method(the order is RADIUS SHADOW)
○
UP Enables the RADIUS
○
○
PURGE Clears RADIUS configurations
○
○
○
As an example, we have the following configuration:
○
○
○
SET SYSTEM AAA AUTHENTICATION RADIUS UP
○
SET SYSTEM AAA AUTHENTICATION RADIUS SERVER 20.20.20.20
○
SET SYSTEM AAA AUTHENTICATION RADIUS SECRET digitel
○
○
SET SYSTEM AAA AUTHENTICATION RADIUS ONERROR
○
○
○
ONERROR defines what should be done when RADIUS is the first authentication method (the order is
○
○
RADIUS SHADOW). Valid options are FAIL or CONTINUE. FAIL specifies that when the first authentication method
○
fails, login should be denied; CONTINUE specifies that authentication should be attempted by using the next
○
○
method.
○
○
○
○
TACACS
○
○
○
○
To define TACACS as the only authentication method, enable TACACS authentication and disable SHADOW
○
authentication.
○
○
○
SET SYSTEM AAA AUTHENTICATION TACACS UP
○
SET SYSTEM AAA AUTHENTICATION SHADOW PURGE ○
○
○
○
87
CLI Guide - Command Line Interface
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
ONERROR defines what should be done when TACACS is the first authentication method (the order is
TACACS SHADOW). Valid options are FAIL or CONTINUE. FAIL specifies that when the first authentication
method fails, login should be denied; CONTINUE specifies that authentication should be attempted by using the
next method.
INTERFACE STATISTICS
DT2048 SHDSL/R routers include several troubleshooting features. Checking for interface errors is one of the
most widely used ones. Next, we describe the counters for different encapsulation protocols:
TX ERRORS:
• Frame eliminated due to interface timeout (due to physical problems, failure, or transmit clock problems)
• Physical transmission errors (loss of CTS or underrun - should not normally occur)
RX ERRORS:
• Frame eliminated due to limited processing capacity at reception (should not normally occur)
• Frame received with CRC error
• Frame received with addressing error (should not normally occur)
• Frame received with synchronization error
• Frame received with size violation
• Frame received with incomplete octet numbers
• Abort sequence received
• Frame received with data carrier loss
TX DROPPED:
• Frame eliminated due to interface resetting
• Frame eliminated due to insufficient memory (should not normally occur)
RX DROPPED:
• Frame eliminated due to limited processing capacity at reception (should not normally occur)
• Frame eliminated due to CRC error
• Frame eliminated due to addressing error (should not normally occur)
• Frame eliminated due to insufficient memory at reception (should not normally occur)
TX OVERRUN:
• Not used
RX OVERRUN:
• Frame received with overrun error
COLLISION:
• Not used
88
CLI Guide - Command Line Interface
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
CRC ERRORS:
○
• Frame received with CRC error
○
○
○
TX ABORTED:
○
○
• Frame eliminated due to interface timeout (due to physical problems, failure, or transmit clock problems)
○
○
○
TX FIFO ERROR:
○
○
• Underrun at transmission (should not normally occur)
○
○
○
TX CARRIER ERROR:
○
• Loss of CTS at transmission (should not normally occur)
○
○
○
○
RX LENGTH ERROR:
○
• Frame received with size violation
○
○
○
RX FRAME ERROR:
○
○
• Frame received with incomplete octet numbers
○
○
○
RX MISSED ERROR:
○
○
• Frame received with data carrier loss
○
○
○
WAN (HDLC-Cisco protocol)
○
○
○
RX ERRORS:
○
○
• Frame received with protocol error (short frame, addressing error, size error)
○
○
○
○
○
WAN (FRAME RELAY protocol - HDLC interface)
○
○
○
○
RX ERRORS:
○
• Frame received invalid (short frame or in wrong format)
○
○
• LMI frame received when LMI=NONE
○
• LMI protocol errors
○
○
• Non-LMI frame received through the control channel
○
○
• Frame received with unknown DLCI
○
○
• Frame received for disabled PVC (interface DOWN)
○
○
○
○
WAN (FRAME RELAY protocol - PVC interface) ○
○
○
TX DROPPED:
○
○
TX COMPRESSED:
○
○
RX COMPRESSED:
○
○
RX ERRORS:
○
89
CLI Guide - Command Line Interface
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
TX ERRORS:
• Frame eliminated due to interface timeout (due to physical problems, failure, or transmit clock problems)
• Frame retransmitted by collision up to the limit and eliminated
• Frame transmitted with underrun
• Frame transmitted with data carrier loss
• Frame transmitted without heartbeat
• Frame transmitted with late collision
RX ERRORS:
• Frame received with size violation
• Frame received with incomplete octet numbers or with late collision
• Frame received with CRC error or FIFO overrun
TX DROPPED:
• Not used
RX OVERRUN:
• Not used
RX DROPPED:
• Frame eliminated due to limited processing capacity or insufficient memory at reception (should not normally
occur)
TX OVERRUN:
• Not used
RX OVERRUN:
• Not used
COLLISION:
• Collision during frame transmission
CRC ERRORS:
• Frame received with CRC error or FIFO overrun
TX ABORTED:
• Frame retransmitted by collision up to the limit and eliminated
TX FIFO ERROR:
• Frame transmitted with underrun
TX CARRIER ERROR:
• Frame transmitted with data carrier loss
TX HEARTBEAT ERROR:
• Frame transmitted without heartbeat
TX WINDOW ERROR:
• Frame transmitted with late collision
RX LENGTH ERROR:
• Frame received with size violation
RX FRAME ERROR:
• Frame received with incomplete octet numbers or with late collision
RX MISSED ERROR:
• Not used
90
CLI Guide - Command Line Interface
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
○
○
SYSLOG
○
○
○
Another way to check for errors is by using Syslog, a powerful troubleshooting tool, which can be viewed on the
○
○
console (buffer) or in the remote server, where messages can also be stored.
○
○
To configure output of messages, we can create several entries (ENTRYx), where we specify, for instance, a
○
remote Syslog server or the terminal itself. The configuration parameters are the following:
○
○
○
SET SYSTEM LOG <enter>
○
Valid SET options for LOG:
○
○
UP Starts the Syslog daemon
○
DOWN Disables the Syslog daemon
○
○
PURGE Clears the Log module
○
ENTRY0 Generates an entry configuration
○
○
○
SET SYSTEM LOG ENTRY0 <enter>
○
○
Applying to: ENTRY0
○
Valid SET options are:
○
○
FACILITY Type of facility
○
PRIORITY Type of priority
○
OUTPUTTYPE Type of output
○
○
HOST* Identifies the remote Syslog server IP
○
PURGE Clears the ENTRY0 configurations
○
○
*Only when OUTPUTTYPE=REMOTE
○
○
○
○
○
○
Facility
○
○
○
The FACILITY parameter is used to specify the type of program that will generate log messages, as described
○
○
below:
○
○
○
○
SET SYSTEM LOG ENTRY0 FACILITY <enter>
○
○
Applying to: ENTRY0
○
You must provide one of these:
○
ALL All messages
○
○
AUTH Securtiy/authentication messages
○
SECURITY Security messages
○
○
AUTHPRIV Security/authentication messages (private)
CRON Cron and at daemon ○
○
○
91
CLI Guide - Command Line Interface
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
Priority (Level)
Determines the importance of the messages. The following levels are allowed, in order of importance:
SET SYSTEM LOG ENTRY0 PRIORITY <enter>
Applying to: ENTRY0
You must provide one of these:
ALL All levels
DEBUG Debugging messages
INFO Information messages
NOTICE Normal system conditions
WARNING Warning conditions
WARN Synonymous with warning level
ERR Error conditions
ERROR Synonymous with err level
CRIT Critical conditions
ALERT Some action must be taken immediately
EMERG The system is unusable
PANIC Synonymous with emerg level
By default, the Syslog is enabled. To enable all Syslog features, type the following command:
SET SYSTEM LOG ENTRY0 FACILITY ALL PRIORITY ALL OUTPUTTYPE TERMINAL
To view the messages at the Console (TERMINAL), type the following command:
SHOW SYSTEM LOG MESSAGES <enter>
If you have a Syslog server on the network, only change the type of output (REMOTE) and configure the host IP
address:
SET SYSTEM LOG ENTRY0 FACILITY ALL PRIORITY ALL OUTPUTTYPE REMOTE HOST
192.168.100.23
When a router is configured with a default gateway, without any dynamic routing protocol (e.g.: RIP), it can
become a vulnerable spot on the network. This scenario is characterized by a single flaw (the gateway). To solve the
problem, use a dynamic routing protocol; however, this may slow down the network, due to the complexity of these
protocols. So,b a better alternative is to have a router operating as backup for the network gateway; then, when the
gateway fails, the backup will start operating.
The Virtual Router Redundancy Protocol (VRRP) implements this feature. It is defined in RFC 2338 and offers
automatic backup, taking on the IP of the main router (Master).
The VRRP has the same function as the Hot Standby Router Protocol (HSRP) by CISCO and as the IP Standby
Protocol (IPSTB) by Digital Equipment Corporation.
92
CLI Guide - Command Line Interface
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
○
○
Definitions
○
○
○
○
• VRRP Router: Router running Virtual Router Redundancy Protocol.
○
○
• Virtual Router ID: ID associated with the LAN IP. Both Master and Backup routers must have the same ID.
○
○
• IP Address Owner or IP: IP that represents the VRRP Router address.
○
○
• Virtual Router Master: VRRP router that routes packets using the IP associated with the Virtual Router (also
○
○
replying to the ARP request of this IP). Only the Master router sends VRRP packets over the network.
○
○
• Virtual Router Backup: VRRP router that takes over the Virtual Router in case of a failure.
○
○
○
Configuration
○
○
○
○
The VRRP configuration in DT2048 SHDSL/R is available via the command line interface (CLI). To view
○
configuration options, use the SET VRRP command. The configuration options are:
○
○
○
○
SET VRRP <enter>
○
○
Valid options for this command are:
○
VRID Virtual Router ID (router running VRRP).
○
○
INTERFACE LAN interface.
○
IP Virtual IP used by VRRP.
○
○
PRIORITY Defines priority between Master and Backup equipment.
○
That with the highest priority is the Master.
○
○
When priority is not informed, the value is 255.
○
ADVERT Interval for message transmission (VRRP packets).
○
○
AUTH Type of authentication (NONE, PW or AH).
○
PREEMPT Prevents a backup VRRP router with higher priority from
○
○
taking over the Master. The default value is preemptive.
○
PASSWORD Password for pw or ah authentications.
○
○
NO-PASSWORD Clears the password.
○
UP Runs the VRRP.
○
○
DOWN Disables the VRRP.
○
PURGE Clears configuration.
○
○
○
○
○
As an example, we can configure a router to be the Master. VRRP router. Minimum configuration in this case
○
includes VRID, the interface and the IP address:
SET VRRP STATE MASTER VRID 10 INTERFACE LAN0 PRIORITY 200 IP 20.20.20.20 UP ○
○
○
○
○
In our example, the configuration of the backup VRRP router would be as follows:
○
○
Master
○
○
○
VRRP
○
Internet
○
Router
○
○
○
Backup
○
○
○
○
○
○
○
○
○
93
CLI Complete
Guide - Command Line Interface
list of Commands
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
94
CLI Guide - Command
Complete list Line Interface
of Commands
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
System configuration - SYSTEM
○
○
○
○
SET SYSTEM
○
○
TIMETYPE {SERVER,LOCAL}
○
TIMESERVER <IP address>
○
DATE <Date>
○
○
TIME <Time>
○
USER <User identifier number>
○
TYPE OPERATOR,MODERATOR,ADMINISTRATOR}
○
○
LOGIN
○
PASS
○
PURGE
○
○
AAA
○
AUTHENTICATION
○
TACAC
○
○
ENCRYPT {TRUE,FALSE}
○
DEBUG {TRUE,FALSE}
○
SERVER <IP address>
○
○
SECRET <String>
○
TIMEOUT <Numeric>
○
ONERROR {FAIL,CONTINUE}
○
○
UP
○
PURGE
○
RADIUS
○
○
DEBUG {TRUE,FALSE}
○
SERVER <IP address>
○
SECRET <String>
○
○
TIMEOUT <Numeric>
○
ONERROR {FAIL,CONTINUE}
○
UP
○
○
PURGE
○
SHADOW
○
UP
○
○
DOWN
○
ORDER
○
AUTHORIZATION
○
○
N TACACS
○
SHADOW
○
ACCOUNTING
○
○
TACACS
○
SHADOW
○
LOG
○
○
ENTRY <Entry identifier number>
○
FACILITY {ALL,AUTH,SECURITY,AUTHPRIV,CRON,DAEMON, KERN,LPR,
MAIL,MARK,NEWS,SYSLOG,USER,UUCP,LOCAL0,LOCAL1,LOCAL2, ○
○
○
LOCAL3,LOCAL4,LOCAL5, LOCAL6,LOCAL7}
○
PRIORITY {ALL,DEBUG,INFO,NOTICE,WARNING,WARN,ERR,ERROR,
○
CRIT,ALERT,EMERG,PANIC}
○
○
OUTPUTTYPE {TERMINAL,REMOTE}
○
UP
○
DOWN
○
PURGE
○
○
UPDATE
○
TYPE {TFTP,FTP}
○
○
USER <Username>
○
○
PASS <Password>
○
EXECUTE
○
RESTART
○
○
○
○
○
○
○
○
95
CLIComplete
Guide - Command Line Interface
list of Commands
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
MODEM configuration
SET MODEM
VGMODE {OFF,ON}
V35FROM {CONECTOR|WAN}
SUPERVISOR
LOOP {LAL|LDL|RDL|NONE}
UPDATE
FTPSERVER <IP address>
USER <Username>
PASS <Password>
TYPE {FLASH,PROCESSOR}
FILE <File name>
EXECUTE
UP
DOWN
PURGE
Ethernet/LAN configuration
SET LAN
LAN <interface identifier number>
IP
MASK
BROADCAST
RESETCOUNTERS
UP
DOWN
PURGE
LAN <interface identifier number>:<virtual device number>
IP
MASK
BROADCAST
RESETCOUNTERS
UP
DOWN
PURGE
IP <IP address>
MASK <Network address>
PEER <Peer address>
CLOCK {INTERNAL,EXTERNAL}
SPEED {64,128,192,256,512,768,1024,1536,2048,3072,4096,4915.2}
TXINV {TRUE,FALSE}
INTERVAL <numeric value>
TIMEOUT <numeric value>
RESETCOUNTERS
Frame Relay Protocol
PROTOCOL {ANSI,CCITT,NONE}
CLOCK {INTERNAL,EXTERNAL}
SPEED {64,128,192,256,512,768,1024,1536,2048,3072,4096,4915.2}
TXINV {TRUE,FALSE}
WAITING {TRUE,FALSE}
96
CLI Guide - Command
Complete Line
list of Interface
Commands
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
BANDWIDTH <numeric value>
○
○
DLCI <numeric value>DLCI <numeric value>
○
IP <IP address>
○
○
MASK <Network address>
○
PEER <Peer address>
○
○
CIR <numeric value>
○
PEAK <numeric value>
○
○
RESETCOUNTERS
○
PURGE
○
○
RESETCOUNTERS
○
○
X25 Protocol
○
○
○
CLOCK {INTERNAL,EXTERNAL}
○
○
SPEED {64,128,192,256,512,768,1024,1536,2048,3072,
○
4096,4915.2}
○
○
TXINV {TRUE,FALSE}
○
MODE {DTE,DCE}
○
○
LAPB
○
EXTENDEDMODE {TRUE,FALSE}
○
WINDOWSIZE <numeric value>
○
○
EXTENDED {TRUE,FALSE}
○
NEGOTIATE
○
○
WINDOWSIZE {TRUE,FALSE}
○
PACKETSIZE {TRUE,FALSE}
○
○
REVERSECHARGING {TRUE,FALSE}
○
ROUTES (DEFAULT, SUBST_SOURCE and SUBST_DEST are used
○
○
within ADD)
○
ADD {X121_address}
○
○
REMOVE {X121_address}
○
PROTOCOL {IP, IPX}
○
○
SVC <number>
○
X121BIND <X121 address>
○
○
WAITCONNECTION
○
X121TO <X121 address>
○
○
IP <IP address>
○
MASK <IP address>
○
○
PEER <IP address>
○
MTU <numeric value>
○
○
NET {IPX net number}
○
NODE {IPX node address}
RESETCOUNTERS ○
○
○
○
○
○
SET ROUTES
○
○
PURGE
○
DEFAULT
○
PURGE
○
○
PURGE
○
97
CLI Guide list
Complete - Command Line Interface
of Commands
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
SET BACKUP
BACKUP <number>
FROM <Interface>
TO <Interface>
IDLELIMIT <1...65000>
PROBE {TRUE,FALSE}
MINRATE {25,50,75,100}
REMOTEIP <IP address>
PURGE
UP
DOWN
PURGE
SET RIPZ
DEFAULTMETRIC <numeric value>
VERSION {1,2}
<INTERFACE>
ENABLED {TRUE,FALSE}
TYPE {ACTIVE,PASSIVE}
RECEIVEVERSION {1,2,12,DEFAULT}
SENDVERSION {1,2,12,DEFAULT}
AUTH
TYPE {NONE,SIMPLE,MD5}
PASS <password>
IN <In identifier number>
LIST <LIST>
PURGE
OUT <Out identifier number>
LIST <LIST>
PURGE
LIST <List identifier number>
ENTRY <Entry identifier number>
ADDRESS <Address>
MASK <Network mask>
TYPE {PERMIT,DENY}
PURGE
PURGE
UP
DOWN
PURGE
SET OSPFZ
ROUTERID <Router id number (x.y.z.w)> Router id number (
REDIST-CONNECTED {TRUE,FALSE}
REDIST-STATIC {TRUE,FALSE}
REDIST-RIP {TRUE,FALSE}
RFC1583 {TRUE,FALSE}TRUE,FALSE}
DEBUG
EVENT {TRUE,FALSE}
INTERFACE {TRUE,FALSE}
98
CLI Guide - Command
Complete list Line Interface
of Commands
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
REDISTRIBUTE {TRUE,FALSE}
○
○
PACKET {TRUE,FALSE}
○
LOG
○
○
STDOUT {TRUE,FALSE}
○
SYSLOG {TRUE,FALSE}
○
○
TRAP {NONE,EMERGENCIES,ALERTS,CRITICAL,ERRORS,
○
WARNINGS, NOTIFICATIONS,INFORMATIONAL, DEBUGGING}
○
○
AREA <area identifier number>
○
ID <Area ID number (x.y.z.w)>
○
○
AUTH {NONE,SIMPLE,MD5}
○
STUB {TRUE,FALSE}
○
○
COST <numeric value>
○
VIRTUAL
○
○
ENABLED {TRUE,FALSE}
○
TRANSIT <IP address>
○
○
RANGE <range identifier number>
○
ADDRESS <IP address>
○
○
MASK <IP address>
○
PURGE
○
○
EXPORT <Export identifier number>
○
LIST <LIST>
○
○
PURGE
○
IMPORT <Import identifier number>
○
○
LIST <LIST>
○
PURGE
○
PURGE
○
○
LIST <List identifier number>
○
ENTRY <Entry identifier number>
○
○
ADDRESS <Address>
○
MASK <Network mask>
○
○
TYPE {PERMIT,DENY}
○
PURGE
○
○
PURGE
○
NETWORK <Network identifier number>
○
○
ADDRESS <Address>
○
MASK <Network mask>
○
○
AREA <Area identifier>
○
PURGE
○
○
<INTERFACE>
○
DIGEST <Digest identifier number>
○
○
KEYID <numeric value>
○
PASS <Password>
○
○
PURGE
○
PASS <Password>
○
○
NOPASS
○
UP
○
○
DOWN
○
PURGE
○
○
○
PURGE
○
○
○
SET ZEBRA
○
○
ROUTES OSPF
○
UP
○
○
DOWN
○
99
CLI Guide -list
Complete Command Line Interface
of Commands
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
NAT configuration
SET NAT
MASQUERADE <Masquerad identifier number>
INTERFACE <Interface>
ADDRESS <IP address>
MASK <Network mask>
REDIRECT <Redirect identifier number>
FROMINTERFACE <Interface>
FROMADDRESS <IP address>
FROMPORT <numeric value>
TOADDRESS <IP address>
TOPORT <numeric value>
PROTOCOL <ICMP | UDP | TCP | protocol number>
PURGE
EXCLUSION <Exclusion identifier number>
ADDRESS <IP address>
MASK <Network address>
TOADDRESS <IP address>
TOMASK <Network address>
TOINTERFACE <Interface>
PURGE
NAT <NAT 1:1 identifier number>
SOURCEADDRESS <IP address>
SOURCEMASK <Network address>
DESTINATIONADDRESS <IP address>
DESTINATIONMASK <Network address>
PURGE
SET GRE
GRE <channel identifier number>
INTERFACE <Interface name>
REMOTE <IP address>
TUNNELLOCAL <IP address>
TUNNELREMOTE <IP address>
KEEPALIVETIME <1...300>
KEEPALIVE {TRUE,FALSE}
UP
DOWN
PURGE
UP
DOWN
PURGE
SET PPTP
CHAP <CHAP identifier number>
DOMAIN <Domain name>
USER
PASS
PURGE
CLIENT <Client identifier number>
DOMAIN <CHAP identifier>
SERVER <IP of remote server>
100
CLI Guide - Command
Complete list Line Interface
of Commands
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
UP
○
○
DOWN
○
PURGE
○
○
SERVER
○
LISTEN <Interface name>
○
○
LOCALIP <local ip identifier number>
○
BEGIN <IP address>
○
○
END <IP address>
○
PURGE
○
○
REMOTEIP <remote ip identifier number>
○
BEGIN <IP address>
○
○
END <IP address>
○
PURGE
○
UP
○
○
DOWN
○
PURGE
○
○
PURGE
○
○
○
○
VPN L2TP configuration
○
○
○
○
SET L2TP
○
LAC <LAC identifier number>
○
○
ID <numeric value>
○
LNS <IP address>
○
○
REDIAL {TRUE,FALSE}
○
PURGE
○
○
LNS
○
IPPOOL <Ippool identifier number>
○
○
BEGIN <IP address>
○
END <IP address>
○
○
PURGE
○
LACRANGE <Range identifier number>
○
○
BEGIN <numeric value>
○
END <numeric value>
○
PURGE
○
○
LOCALIP <IP address>
○
UP
○
○
PURGE
○
AUTH {NONE,PAP,CHAP}
○
○
USER <User identifier number> ○
USERNAME
○
○
PASS
○
PURGE
○
○
UP
○
DOWN
○
○
PURGE
○
○
○
○
SET IPSEC
○
○
PURGE
○
LEFT
○
○
ADDRESSTYPE {BINDED,ANY,DEFAULTROUTE,OPPORTUNISTIC}
○
SUBNET {TRUE,FALSE}
○
○
101
CLI Guide list
Complete - Command Line Interface
of Commands
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
SET DHCP
TYPE {NORMAL,RELAY}
(when TYPE=NORMAL)
UNKNOWNCLIENTS {TRUE,FALSE}
SHAREDNETWORK {TRUE,FALSE}
SERVERNAME <Server name>
SUBNET <Subnet identifier number>
ADDRESS <IP network address>
MASK <Network mask address>
RANGEIP {TRUE,FALSE}
RANGEBEGIN <IP address>
RANGEEND <IP address>
LEASE <numeric value>
AUTHORITATIVE {TRUE,FALSE}
DNSDOMAIN <DNS domain name>
DNS <DNS identifier number>
102
CLI Guide - Command
Complete list Line Interface
of Commands
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
○
ADDRESS <IP address>
○
PURGE
○
○
ROUTER <Router identifier number>
○
ADDRESS <IP address>
○
○
PURGE
○
WINS <Wins identifier number>
○
○
ADDRESS <IP address>
○
PURGE
○
○
PURGE
○
HOST <Host identifier number>
○
○
NAME <Hostname string>
○
MAC <Hardware address>
○
ADDRESS <IP address>
○
○
DNSDOMAIN <DNS domain name>
○
DNS <DNS identifier number> <DNS identifier number>
○
○
ADDRESS <IP address>
○
PURGE
○
○
ROUTER <Router identifier number>
○
ADDRESS <IP address>
○
○
PURGE
○
WINS <Wins identifier number>
○
○
ADDRESS <IP address>
○
PURGE
○
○
PURGE
○
UP
○
○
DOWN
○
PURGE
○
○
(when TYPE=RELAY)
○
SERVER <IP address of the server>
○
ALLINTERFACES {TRUE,FALSE}
○
○
LISTEN <Listen identifier number>
○
INTERFACE <Interface name>
○
○
PURGE
○
UP
○
○
DOWN
○
PURGE
○
○
○
○
SNMP Protocol configuration
○
○
○
SET SNMP
LOCATION ○
○
○
AGENTADDRESS
○
○
PORT
○
PURGE
○
○
○
SET IPX
○
FRAMETYPE {802.2,802.2TR,802.3,SNAP,ETHERII}
○
UP
○
PURGE
○
○
TYPE {CLIENT,SERVER}
○
○
UP
○
PURGE
○
○
TYPE {CLIENT,SERVER}
○
○
103
CLI Guide - Command
Complete Line Interface
list of Commands
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
SET BRIDGE
BRIDGE <Bridge identifier number>
NAME <Interface name>
AGEING <numeric value>
ADDRESS <IP address>
GARBAGEINTERVAL <numeric value>
SPANNINGTREE {TRUE,FALSE}
PURGE <INTERFACE>
ENABLED {TRUE,FALSE}
Firewall configuration
SET FIREWALL
INPUT
POLICY {ACCEPT,DROP}
RULE <Rule identifier number>
PROTOCOL {TCP,UDP,ICMP,ALL}
PROTOCOLINVERTED {TRUE,FALSE}
ACTION {ACCEPT,REJECT,DROP,RETURN,LOG}
FRAGMENT
ENABLED {TRUE,FALSE}
WHICH {FIRST,REMAIN}
SOURCE
INTERFACE <Interface name>
INTERFACEINVERTED {TRUE,FALSE}
ADDRESS <IP address>
MASK <IP address>
ADDRESSINVERTED {TRUE,FALSE}
DESTINATION
INTERFACE <Interface name>
INTERFACEINVERTED {TRUE,FALSE}
ADDRESS <IP address>
MASK <IP address>
ADDRESSINVERTED {TRUE,FALSE}
PACKETTYPE
ENABLED {TRUE,FALSE}
UNICAST
BROADCAST
MULTCAST
MAC
ENABLED {TRUE,FALSE}
SOURCE <MAC address>
LIMIT
ENABLED {TRUE,FALSE}
RATE <numeric value>{D,H,M,S}
BURST <numeric value>
CONNECTIONSTATE
ENABLED {TRUE,FALSE}
INVERTEDLOGIC {TRUE,FALSE}
INVALID {TRUE,FALSE}
104
Complete
CLI Guide list of
- Command Commands
Line Interface
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
ESTABLISHED {TRUE,FALSE}
○
○
NEW {TRUE,FALSE}
○
RELATED {TRUE,FALSE}
○
○
TOS
○
ENABLED {TRUE,FALSE}
○
INVERTED {TRUE,FALSE}
○
○
VALUE {MINIMIZEDELAY, MAXIMIZETHROUGHTPUT,
○
MAXIMIZERELIABILITY, MINIMIZECOST, NORMALSERVICE}
○
○
TIME
○
ENABLED {TRUE,FALSE}
○
○
START <Time>
○
END <Time>
○
○
SUNDAY {TRUE,FALSE}
○
MONDAY {TRUE,FALSE}
○
○
TUESDAY {TRUE,FALSE}
○
WEDNESDAY {TRUE,FALSE}
○
○
THURSDAY {TRUE,FALSE}
○
FRIDAY {TRUE,FALSE}
○
○
SATURDAY {TRUE,FALSE}
○
UDP
○
○
SPORT <numeric value>[-<numeric value>]
○
DPORT <numeric value>[-<numeric value>]
○
○
TCP
○
SPORT <numeric value>[-<numeric value>]
○
○
DPORT <numeric value>[-<numeric value>]
○
SYNENABLED {TRUE,FALSE}
○
○
SYNINVERTED {TRUE,FALSE}
○
TCPOPTION <numeric value>=1 and <= 65536>
○
○
TCPOPTIONINVERTED {TRUE,FALSE}
○
FLAGS
○
○
INVERTED {TRUE,FALSE}
○
LIST
○
○
SYN {TRUE,FALSE}
○
ACK {TRUE,FALSE}
○
FIN {TRUE,FALSE}
○
○
RST {TRUE,FALSE}
○
URG {TRUE,FALSE}
○
○
PSH {TRUE,FALSE}
○
ALL {TRUE,FALSE}
○
○
NONE {TRUE,FALSE}
○
ENABLED
○
○
SYN {TRUE,FALSE} ○
ACK {TRUE,FALSE}
○
○
FIN {TRUE,FALSE}
○
RST {TRUE,FALSE}
○
○
URG {TRUE,FALSE}
○
PSH {TRUE,FALSE}
○
○
ALL {TRUE,FALSE}
○
NONE {TRUE,FALSE}
○
○
ICMP
○
ENABLED {TRUE,FALSE}
○
○
INVERTED {TRUE,FALSE}
○
NETWORK-UNREACHABLE, HOST-UNREACHABLE,
○
PROTOCOL-UNREACHABLE, PORT-UNREACHABLE,
○
○
FRAGMENTATION-NEDEED, SOURCE-ROUTE-FAILED,
○
HOST-PROHIBITED, TOS-NETWORK-UNREACHABLE,
○
TOS-HOST-UNREACHABLE,COMMUNICATION-PROHIBITED,
○
○
HOST-PRECEDENCE-VIOLATION, PRECEDENCE-CUT-OFF,SOURCE-QUENCH,
○
105
CLI Guide - Command Line Interface Complete list of Commands
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
106
CLI Guide - Command
Complete list Line Interface
of Commands
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
○
NEW-FILTER <Commands for filter>
○
SFQ <numeric value>:[< numeric value >]
○
HANDLE <numeric value>:[< numeric value >]
○
PERTURBATION <numeric value>{S,MS,US}
○
○
QUANTUM <numeric value>{B,KB,MB,KBIT,MBIT}
○
PURGE
○
FILTER <Filter handle value> <Commands for filter>
○
○
NEW-FILTER <Commands for filter>
○
TBF <numeric value>:[< numeric value >]
○
HANDLE <numeric value>:[< numeric value >]
○
○
RATE <numeric value>{BPS,KBPS,MBPS,KBIT,MBIT}
○
BURST <numeric value>{B,KB,MB,KBIT,MBIT}
○
MPU <numeric value>{BPS,KBPS,MBPS,KBIT,MBIT}
○
○
PEAKRATE <numeric value>{BPS,KBPS,MBPS,KBIT,MBIT}
○
MTU <numeric value>{B,KB,MB,KBIT,MBIT}
○
TYPE {LIMIT,LATENCY}
○
○
LATENCY <numeric value>{S,MS,US}
○
LIMIT <numeric value>{B,KB,MB,KBIT,MBIT}
○
○
PURGE
○
NEW-FILTER <Comm ands for filter>
○
○
FILTER <Filter handle value> <Commands for filter>
○
○
VRRP Protocol Configuration
○
○
○
○
SET VRRP
○
STATE <MASTER, BACKUP>
○
○
VRID <integer number>
○
INTERFACE <interface name>
○
○
IP <IP address>
○
PRIORITY <integer number>
○
○
ADVERT <integer number>
○
AUTH <NONE, PASS, AH>
○
○
PREEMPT <TRUE, FALSE>
○
PASSWORD <password in hexadecimal format>
○
○
NO-PASSWORD
○
UP
○
○
DOWN
○
PURGE
○
○
○
PIM Configuration - Multicast
○
○
○
○
SET PIM
○
MODE { SPARSE | DENSE } ○
○
RPCANDIDATE
○
TRUE
○
○
FALSE
○
GROUP<n>
○
MASKLEN <integer>
○
PURGE
○
○
BSRCANDIDATE
○
TRUE
○
○
FALSE
○
107
CLI Guide -list
Complete Command Line Interface
of Commands
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
UP
DOWN
PURGE
SHOW PIM
ALL
STATS
SET IPACCT
STATUS <UP|DOWN>
ADD
AGGREGATE <SOCKET FROM socket TO socket INTO socket>
AGGREGATE <IP ADDR ip/masklen STRIP maskbits>
USER user MODE <ADMIN|IBACKUP|DEFAULT|VIEWONLY|DENY>
MEM <amount of memory in kylobytes, valid values are 0-
1000>
TTE <time to live value>
PURGE <Interface name>
ENABLE <TRUE|FALSE> PROMISC
INPUTONLY
BPF <Berkeley Packet Filter according tcpdump man page>
SET
ARP
DEL <index arp table>
FLUSH
SET PPPOE
TYPE {CLIENT,RELAY}
INTERFACE <interface name>
DEBUG {TRUE|FALSE}
TIMEOUT <numeric value>
NAME <service name>
CONCENTRATOR <concentrator name>
108
CLI Guide - Command
Complete list Line Interface
of Commands
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
USER <username>
○
○
PASS <password>
○
MAXCO
○
○
DESIZE
○
SENT <numeric value>
○
○
RECEIVED <numeric value>
○
MRU <numeric value>
○
○
MTU <numeric value>
○
AUTH {PAP,CHAP}
○
○
PAP
○
AUTHREQ <numeric value>
○
○
TIMEOUT <numeric value>
○
RESTART <numeric value>
○
○
CHAP
○
MAXCHALLENGE <numeric value>
○
○
RESTART <numeric value>
○
DIALOUT
○
○
DEMAND {TRUE,FALSE}
○
PERSIST {TRUE,FALSE}
○
○
PPDEFROUTE {TRUE,FALSE}
○
LCP
○
○
ECHOFAILURE <numeric value>
○
ECHOINTERVAL <numeric value>
○
○
MAXCONFIGURE <numeric value>
○
MAXFAILURE <numeric value>
○
MAXTERMINATE <numeric value>
○
○
RESTART <numeric value>
○
DOWN
○
○
UP
○
PURGE
○
○
○
LoopBack interface configuration
○
○
○
SET LOOPBACK
○
○
LO: <interface number>interface number>
○
IP <IP address>
○
○
MASK <network mask>
○
RESETCOUNTERS
○
○
UP
○
DOWN
○
○
PURGE
○
○
SET XOT
○
DEBUG_LEVEL {0,1,2,3}
○
ROUTES
○
○
DELETE
○
○
UP
○
DOWN
○
○
PURGE
○
○
○
○
○
○
○
○
○
○
○
○
○
109
• Update
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
SOFTWARE UPDATE
To update the firmware of the operational system of the DT2048 SHDSL/R, execute the following
procedures:
1. Place the file with the firmware version to be installed in the directory of a TFTP server accessible by
the router (if necessary, see the chapter about installation and initial configuration). The file of the operational
system must have a .dwm extension.
2. Execute the CLI.
3. Type de command SET SYSTEM UPDATE TYPE TFTP SERVER <ip_of_tftp_server> USER <user>
PASS <password> EXECUTE. The equipment will start the firmware update process.
The update also can be performed via WebConfig, as follows:
1. Place the file with the firmware version to be installed in the directory of a TFTP server accessible by
the router (if necessary, see the chapter about installation and initial configuration). The file of the operational
system must have a .dwm extension.
2. Open a browser and type the equipment’s IP.
3. In the commands box, execute the step 3 of the system update via CLI.
The file with the latest firmware version of the product is at the Digitel’s website (http://www.digitel.com.br),
in the support section.
IMPORTANT!
In case there’s in an interruption in the power supply of the DT2048 SHDSL/R during the update
proccess of the firmware, it’s possible that the equipment doesn’t work properrly. If this happens,
proceed according to the description of chapter Operation.
In special cases and only with Digitel’s indication, it might be necessary to update the Bootloader’s
firmware of the DT2048 SHDSL/R. For this, it’s necessary to connect one terminal to the Console port of the
DT2048 SHDSL/R and execute the following procedures:
1. Turn on the DT2048 SHDSL/R and, in the DT2048 SHDSL/RBoot prompt, enter the mode test command.
If the DT2048 SHDSL/R is already turned on, execute the SET SYSTEM RESTART command in the CLI
configuration interface.
2. The following message will appear:
DT2048 SHDSL/R Test Mode
Press SPACE to stop autobooting in 5 seconds
3. Verify the IP address configuration of the Bootloader’s TFTP server and place the file containing the
new firmware in the TFTP server, that must be reachable by the DT2048 SHDSL/R through its LAN interface. The
Bootloader’s update file must have a .boot extension
4. In the Bootloader prompt (SHDSLBoot>), type the command upboot <file name> and press enter.
5. After the update proccess (if successful), the following message will be displayed:
SHDSL2R boot correctly updated!
6. Execute the clear now command for the default values of the new bootloader to be used.
7. Execute the restart now command to validate the load of the new bootloader in the DT2048 SHDSL/R.
8. The following message will be displayed:
DT2048 SHDSL/R Test mode
Press SPACE to stop autobooting in 5 seconds
110
Specifications
Update
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
○
9. In case it’s recommended by Digitel, the update of the system’s firmware must be also performed (see
○
items Restoring firmware version and Cleaning router’s configuration, in the Operation section). Otherwise,
○
○
press the dip-switches in the automatic mode and execute the restart now command.
○
○
○
○
○
Modem’s Firmware Update
○
○
○
○
For the update of the DT2048 SHDSL/R modem it’s necessary to execute the following procedures:
○
○
1. Place the file with the firmware version to be installed in the directory of a TFTP server accessible by
○
○
the equipment (the FTP server doesn’t need to be connected to the local net, being possible the usage of its
○
loop for the operation). The file of the modem must have a .bin extension.
○
○
2. Execute the CLI.
○
○
3. Type de command SET SYSTEM MODEM UPDATE TYPE FLASH TFTPSERVER <ip_of_tftp_server>
○
○
USER <user> PASS <password> EXECUTE. The equipment will start the firmware update process of the
○
supervisor.
○
○
4. Type de command SET SYSTEM MODEM UPDATE TYPE PROCES SOR TF TPSERVER
○
○
<ip_of_tftp_server> USER <user> PASS <password> EXECUTE. The equipment will start the firmware update
○
process of the modem.
○
○
○
The file with the latest firmware version of the product is at the Digitel’s website (http://www.digitel.com.br),
○
in the router support section.
○
○
○
○
○
IMPORTANT!
○
○
In case there’s in an interruption in the power supply of the DT2048 SHDSL/R during execution of
○
the item 5, it’s possible that the equipment doesn’t work properrly. If this happens, contact the
○
○
Digitel support.
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
111
Update
Specifications
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
112
Specifications
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
○
○
○
○
Power Supply Cabinets GB8000 H AC/DC: Full-range 93,5 to 253 VRMS, 47 to Hz
○
63 and -48 VDC (±25%). 0 to 45°C
○
○
GB8000 HT AC/DC: Full-range 93,5 to 253 VRMS, 47 to
○
○
63 Hz and -48 VDC (±25%). 0 to 65°C
○
○
Sub-racks DTSMP20H and DTSMP20HT • DTF512-20/CA = 110-127/220
○
○
VAC (±15%)
○
○
• DT512-20/CC = -48 VDC
○
(±25%)
○
○
Range Speed 2W 4W Speed 2W 4W
○
○
○
(with 0.4 mm wire, 64 kbps 6500 m - 1472 kbps 4150 m 4600 m
○
○
26 AWG) 128 kbps 6500 m - 1536 kbps 4100 m 4600 m
○
○
192 kbps 6500 m - 1600 kbps 4050 m 4550 m
○
○
256 kbps 6100 m 6500 m 1664 kbps 4000 m 4550 m
○
○
320 kbps 5750 m 6500 m 1728 kbps 3950 m 4550 m
○
○
○
384 kbps 5450 m 6500 m 1792 kbps 3950 m 4550 m
○
○
448 kbps 5250 m 6100 m 1856 kbps 3950 m 4500 m
○
○
512 kbps 5100 m 6100 m 1920 kbps 3900 m 4500 m
○
○
576 kbps 4950 m 5750 m 1984 kbps 3900 m 4500 m
○
○
640 kbps 4800 m 5750 m 2048 kbps 3900 m 4500 m
○
○
704 kbps 4650 m 5450 m 2112 kbps 3800 m 4450 m
○
○
○
768 kbps 4600 m 5450 m 2560 kbps - 4300 m
○
○
832 kbps 4550 m 5250 m 2816 kbps - 4200 m
○
○
896 kbps 4550 m 5250 m 3072 kbps - 4100 m
○
○
960 kbps 4500 m 5100 m 3328 kbps - 4000 m
○
○
1024 kbps 4500 m 5100 m 3584 kbps - 3950 m
○
○
○
1216 kbps 4350 m 4800 m 3840 kbps - 3900 m
○
○
1280 kbps 4300 m 4800 m 4096 kbps - 3900 m
○
○
1344 kbps 4250 m 4650 m 4352 kbps - 3800 m ○
○
DTF512-20/CA-CC supply
○
○
• The DTSMP20-HT allows for the operation of the DT2048 SHDSL/S/H and
○
○
T G.703 G.703
○
○
○
Q.922, Annex A Core Aspects of Q.922 for Use with Frame Relaying
○
○
113
Update
Specifications
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
114
Specifications
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
○
1356 Multiprotocol Interconnect over X.25 and
○
○
ISDN in the Packet Mode
○
○
1490 Multiprotocol Interconnect over Frame Relay, IETF
○
○
1492 Access Control Protocol
○
○
1613 X.25 over TCP
○
○
○
1631 The IP Network Address Translator
○
○
1634 Novel IPX over Various WAN Media (IPX WAN)
○
○
1638 PPP Bridging Control Protocol
○
○
1643 Definitions of Managed Object for the Ethernet - Like Interfaces Type
○
○
1661 Point-to-Point (PPP)
○
○
○
1662 PPP in HDLC Framing
○
○
1700 Assigned Numbers
○
○
1902 SNMPv2
○
○
1918 Address Allocation for Private Internets
○
○
1994 PPP Challenge Handshake
○
○
2082 RIP-2 MD5 Authentication
○
○
○
2119 Key words for use in RFCs to Indicate Requirement Levels
○
○
2131 Dynamic Host Configuration Protocol
○
○
2139 Radius Accounting
○
○
2328 Open Shortest Path First
○
○
2338 Virtual Routing Redundancy Protocol
○
○
○
2367 PF_KEY Key Management API, Version 2
○
○
2370 The OSPF Opaque LSA Option
○
○
2390 Inverse Address Resolution Protocol
○
○
2393 IP Payload Compression Protocol (IPComp)
○
○
2401 Security Architecture for the Internet Protocol
○
○
2402 IP Authentication Header
○
○
○
2403 The Use of HMAC-MD5-96 within ESP and AH
○
○
115
Update
Specifications
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
116
• Warranty and Technical Support
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
○
○
During the period covered by this warranty (specified in your invoice), Digitel bears responsibility for the
○
○
proper functioning of your equipment, in accordance with the characteristics and specifications described
○
in the product installation and operation manual. If you detect a problem, contact our Technical Support
○
○
Center and describe the defect you have detected.
○
○
○
This warranty covers repair and substitution of parts and components at no cost for the customer when
○
carried out by Digitel Technical Support Centers. This warranty does not cover defects resulting from other
○
○
equipment connections to this product or improper use of the equipment inasmuch as the instructions in this
○
manual are not properly followed or the repairs performed at shops other than those accredited by Digitel.
○
○
○
This warranty is “Factory Warranty” and does not cover field repairs. Digitel will NOT pay charges incurred for
○
receiving or returning the equipment to the customer.
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
○
Porto Alegre
○
○
○
Navegantes
○
Tel.: 55 51 3337-1999
○
○
Fax: 55 51 3337-1923
○
CNPJ: 89.547.269/0001-04
○
○
http://www.digitel.com.br
○
E-mail: info@digitel.com.br
○
○
○
117
2009 - DIGITEL S.A. INDÚSTRIA ELETRÔNICA
Rua Dr. João Inácio, 1165
Bairro: Navegantes
CEP 90230-181 Porto Alegre/RS Brasil
Tel.: 55 51 3337.1999
Fax: 55 51 3337.1923
http://www.digitel.com.br
E-mail: info@digitel.com.br