AcceleratorOS

User Manual Software Version 7.0.1 Revision 4.0
Pub no. AOSUG_701_250511

This guide is delivered subject to the following conditions and restrictions: This guide contains proprietary information belonging to Expand Networks Inc. Such information is supplied solely for the purpose of assisting explicitly and properly authorized users of the Expand product series. No part of its contents may be used for any other purpose, disclosed to any person or firm or reproduced by any means, electronic, photographic or mechanical, without the express prior written permission of Expand Networks, Inc. The text and graphics are for the purpose of illustration and reference only. The specifications on which they are based are subject to change without notice. The software described in this guide is furnished under a license. The software may be used or copied only in accordance with the terms of that agreement. Information in this guide is subject to change without notice. Corporate and individual names and data used in examples herein are fictitious unless otherwise noted. Copyright© 2011 Expand Networks Inc. All rights reserved.AcceleratorOS™, Accelerator 9920/6800/6810/6920/ 6950/6850/6930/6830/6840/4800/4810/4820/4920/4830/4930/3930/3830/1610/1800/1810/1820/1920™ and ECT™ are trademarks of Expand Networks Inc. Flex 2.5™ includes software developed by the University of California, Berkeley and its contributors. Copyright© 1990, The Regents of the University of California. All rights reserved. Other company and brand product and service names are trademarks or registered trademarks of their respective holders.

Contents
Chapter 1: Introducing the Accelerator................................... 1
Features and Benefits ........................................................................................ 2 Virtual Bandwidth Management ................................................................. 2 Easy Management and Configuration ........................................................ 2 Redefining Application Traffic Management............................................... 2 Next-generation WAN Compression .......................................................... 3 Application-specific Acceleration ........................................................ 3 Layer-7 QoS and Bandwidth Management ................................................ 4 Layer-7 Monitoring and Reporting ...................................................... 5 Branch Office Features ....................................................................... 5 Rapid Deployment/Dependable Results............................................. 5 Maximum Uptime and Reliability ........................................................ 6 The Accelerator Product Line ............................................................................ 7 How the Accelerator Works................................................................................ 8 IP-Based Network ...................................................................................... 8 On-Path .............................................................................................. 8 On-LAN............................................................................................... 9 Configuration and Management......................................................................... 11

Chapter 2: Getting Started........................................................ 13
Connecting and Configuring Multi-Port Accelerators ......................................... 14 Understanding the LEDs ............................................................................ 15 Working with By-pass Mode............................................................................... 16 Reviewing the Setup Checklist .......................................................................... 17 Performing Setup via the LCD ........................................................................... 19 Performing Setup via the WebUI........................................................................ 21 Performing Setup via the Wizard ....................................................................... 22

ii

C o nt e nts

Configuring Basic Accelerator Details........................................................ 23 Setting Links via the Wizard....................................................................... 24 Setting the Time ......................................................................................... 26 Modifying the Password ............................................................................. 27 Reviewing Wizard Configuration ................................................................ 28 Accelerator Main Menu ...................................................................................... 29 Modifying the Basic Configuration ..................................................................... 30 Setting Routing Strategy ............................................................................ 31 Defining Advanced Settings ....................................................................... 32 About the AcceleratorOS License...................................................................... 34 Viewing the License Status ........................................................................ 35 Reviewing the Licensing Procedure........................................................... 36 Licensing a Physical Accelerator ............................................................... 37 Activating the I-Key in the Portal ........................................................ 37 Applying an Accelerator Feature License Key.................................... 38 Licensing a Virtual Accelerator................................................................... 38 Activating the Licensing Server Dongle via the Portal ........................ 38 Configuring the Licensing Server via the Accelerator......................... 39 Logging On and Off the Accelerator .................................................................. 41 Integrating the Accelerator into Your Network.................................................... 42 Integrating into Networks that use Dynamic Routing ................................. 42 Networks Using External QoS or Monitoring Devices................................ 43 Working in Noisy Link Environments.......................................................... 43 Installing On-LAN at a Data Center............................................................ 43 Installing in a High Latency Environment ................................................... 44 Installing in a Web-Intensive Environment ................................................. 44

Chapter 3: Monitoring the Network ......................................... 45
Introduction to Monitoring .................................................................................. 46 Working with Monitoring..................................................................................... 47 Installing the JAVA Applet .......................................................................... 47 Using Verisign Security Certificate ............................................................. 48 Studying The Monitoring Window............................................................... 48 Using Link Statistics and Graphs ....................................................................... 49 Viewing Throughput Statistics per Link ...................................................... 50 Viewing Utilization Statistics per Link ......................................................... 50 Viewing Acceleration Statistics per Link ..................................................... 51
Ac ce ler at o rOS Ve rsi on 7.0 .1 Us er Gu id e

Co n t en ts

iii

Understanding Acceleration................................................................ 51 Viewing Compression Statistics per Link.................................................... 53 Viewing Statistics per Link .......................................................................... 54 Discovering Traffic.............................................................................................. 57 Viewing Detected Applications ................................................................... 57 Viewing Detailed Traffic Discovery ............................................................. 57 Creating a New Application from Discovered Traffic .................................. 59 Viewing Monitored Applications.................................................................. 60 Discovering Layer-7 Applications ............................................................... 60 Viewing Statistics and Graphs for Specific Applications..................................... 62 Setting up Graphs ............................................................................... 63 Viewing Utilization Statistics per Application .............................................. 63 Viewing Throughput Statistics per Application............................................ 63 Viewing Acceleration Statistics per Application .......................................... 64 Viewing Compression Statistics per Application......................................... 64 Viewing Bandwidth Distribution Statistics per Application .......................... 65 Monitoring Applications .............................................................................. 65 Viewing Statistics for Applications .............................................................. 67 Viewing Summary Graphs.................................................................................. 68 Viewing Ethernet Statistics ................................................................................. 69 Configuring the Ethernet Statistics Display Fields ...................................... 69 Configuring NetFlow Support ............................................................................. 71 Identifying the Traffic .................................................................................. 72 Enabling NetFlow ....................................................................................... 72

Chapter 4: Configuring Networking......................................... 75
Optimizing the Network Topology....................................................................... 76 Taking into Account Network-Specific Considerations................................ 77 Defining WAN Setup .......................................................................................... 78 Setting the Bandwidth................................................................................. 78 Configuring the WAN.................................................................................. 78 Configuring Secondary IP Addresses ................................................................ 79 Creating and Editing Links ................................................................................. 80 Studying the Links Screen .......................................................................... 81 Adding Links ............................................................................................... 82 Advanced Link Configurations.................................................................... 84 Editing Links ............................................................................................... 89
4. 0

iv

C o nt e nts

Using Dynamic Bandwidth.................................................................. 89 Configuring Link Subnets ........................................................................... 90 Creating Link Templates............................................................................. 92 Using a Virtual IP Address ................................................................................. 93 Setting Subnet Routing ...................................................................................... 94 Configuring Subnets Manually ................................................................... 95 Editing a Subnet ................................................................................ 96 Adding Static Routes.......................................................................................... 97 Setting Dynamic Routing ................................................................................... 98 Working with OSPF.................................................................................... 98 Configuring OSPF .............................................................................. 99 Working with Router Polling ....................................................................... 101 Enabling Packet Interception ............................................................................. 102 Working with RIP........................................................................................ 102 Configuring RIP .................................................................................. 102 RIP Route Injection............................................................................. 103 Using RIP for Packet Interception ...................................................... 104 Working with WCCP................................................................................... 104 Using WCCP for Packet Interception ................................................. 105 Adding a Dynamic Service ................................................................. 107 Editing a Dynamic Service.................................................................. 108 Setting WCCP on the Router.............................................................. 108 Working with PBR ...................................................................................... 108 Setting the Date and Time on the Accelerator ................................................... 109 Configuring DHCP Servers ................................................................................ 110 Activating DHCP Relay Agent.................................................................... 110 Setting ExpandView Connectivity Parameters................................................... 111

Chapter 5: Configuring and Managing WAFS......................... 113
Introduction to WAFS ......................................................................................... 114 Expand Networks’ WAFS Solution ............................................................. 114 Supported Servers ..................................................................................... 116 File Servers ........................................................................................ 116 Authentication Servers ....................................................................... 116 Supported Clients....................................................................................... 116 Expand Hardware Device Specifications ............................................ 116 Domains ..................................................................................................... 117
Ac ce ler at o rOS Ve rsi on 7.0 .1 Us er Gu id e

Co n t en ts

v

Authentication............................................................................................. 117 Getting Started with WAFS................................................................................. 118 Overview..................................................................................................... 118 Enabling WAFS Configuration............................................................................ 119 Configuring the File Server/Domain Controller........................................... 119 Defining Shared Directories ................................................................ 119 Defining User Permissions.................................................................. 120 Defining Network Settings .......................................................................... 121 Enabling WAFS Operation Mode ............................................................... 124 Excluding Servers or Subnets from WAFS................................................. 126 Configuring the Data Center and Branch Office................................................. 127 Setting Up the File Bank Director ............................................................... 127 File Server Settings............................................................................. 128 Summary............................................................................................. 129 Confirmation and Application .............................................................. 130 Setting Up the File Bank............................................................................. 130 Overview ............................................................................................. 131 Domain Settings.................................................................................. 132 File Bank Director Settings ................................................................. 133 Summary............................................................................................. 134 Confirmation and Application .............................................................. 134 WAFS Management and Operation Modes ....................................................... 136 The WAFS Management Screen................................................................ 136 FileBank Director Categories...................................................................... 137 FileBank Director System ........................................................................... 137 File Services ............................................................................................... 137 FileBank Director Utilities ........................................................................... 138 FileBank Categories ................................................................................... 138 FileBank System ................................................................................. 138 FileBank Services ............................................................................... 139 Additional Services ............................................................................. 140 FileBank Utilities ................................................................................. 140 Managing the Data Center ................................................................................. 141 Starting the Data Center ............................................................................. 141 Managing File Services .............................................................................. 142 Defining FileBank Director Settings .................................................... 142 Managing System Users..................................................................... 144 Adding File Servers............................................................................. 145
4. 0

vi

C o nt e nts

Managing the Compression Filters List .............................................. 147 Configuring FileBank Services ................................................................... 149 FileBank Directors .............................................................................. 149 Virtual Servers .................................................................................... 150 Windows Domain................................................................................ 151 Cache Settings ................................................................................... 152 Time to Live (TTL) settings ................................................................. 152 Invalidate Cache................................................................................. 153 System Users ..................................................................................... 153 STF Filters .......................................................................................... 154 Setting Advanced FileBank Features................................................................. 155 Configuring the Fetch Mechanism ............................................................. 155 Fetch Mechanism Overview ............................................................... 155 Fetch User .......................................................................................... 156 Fetch Jobs .......................................................................................... 156 Fetch Settings..................................................................................... 157 Fetch Activation.......................................................................................... 157 Creating Fetch Jobs ........................................................................... 158 Replication Service .................................................................................... 159 Replication User ................................................................................. 160 Replication File Types ........................................................................ 160 Replication Schedule.......................................................................... 160 Replication Paths................................................................................ 161 Replication Service Activation.................................................................... 161 Service Activation on FileBank Director ............................................. 161 Service Activation on FileBank ........................................................... 162 Initial Pre-population of Large Files on FileBank ................................ 162 Configuring Replication Services ............................................................... 162 Replication User ................................................................................. 163 Kerberos Configuration .............................................................................. 165 Enabling and Disabling Kerberos on the FB....................................... 165 Enabling and Disabling Kerberos on the FBD .................................... 165 Auto Kerberos Configuration .............................................................. 166 Enabling Kerberos per Server ............................................................ 166 Printing Services for the FileBank...................................................................... 168 Configuring Additional Services ................................................................. 168 Print Services ..................................................................................... 168 Configuring Print Services (FileBank) ........................................................ 169 Adding a Network Printer to FileBank................................................. 169
Ac ce ler at o rOS Ve rsi on 7.0 .1 Us er Gu id e

Co n t en ts

vii

Assigning Printing Administrators ....................................................... 170 Point’N’Print Configuration.................................................................. 170 Uploading Printer Drivers.................................................................... 171 First Client Driver Installation .............................................................. 172 Verifying Point’N’Print Installation ....................................................... 173 Manual Client Driver Installation ......................................................... 173 Verifying Driver Installation ................................................................. 174 Connecting the Printer to the FileBank Server.................................... 176 Printing Setup Troubleshooting........................................................... 176 Using WAFS Printing Services........................................................................... 178 Adding a WAFS Printer via Windows ......................................................... 178 WAN-OUT Operation ......................................................................................... 180 About WAN-OUT ........................................................................................ 180 Detecting a WAN-OUT Event ..................................................................... 180 FileBank WAN-OUT Detection Mechanism ........................................ 181 FBD WAN-OUT Detection Mechanism ............................................... 181 Working with Files while in WAN-OUT Mode ............................................. 181 Cache.................................................................................................. 181 File Access.......................................................................................... 182 File Security ........................................................................................ 182 Replication files and Short-Term files.................................................. 183 Partially Completed Transactions ....................................................... 183 Partial Disconnection .......................................................................... 183 WAN-OUT Known Limitations .................................................................... 183 DNS Masquerading ............................................................................................ 184 DNS Masquerading Benefits ...................................................................... 184 DNS Masquerading Configuration.............................................................. 185 Monitoring WAFS Functionality .......................................................................... 189 Running System Diagnostics...................................................................... 189 Viewing Logs .............................................................................................. 189 Troubleshooting.................................................................................................. 191 Troubleshooting Tools ................................................................................ 191 Networking.................................................................................................. 191 Windows Domain Join ................................................................................ 193 Service........................................................................................................ 194 Possible Error Messages............................................................................ 195 Access denied..................................................................................... 195 Performance ............................................................................................... 197
4. 0

viii

C o nt e nts

Advanced Expand Services ....................................................................... 199 DHCP Services................................................................................... 199 DNS Services ..................................................................................... 199

Chapter 6: Applying QoS.......................................................... 201
Accelerator QoS................................................................................................. 202 About QoS.................................................................................................. 202 How to Know What is on Your Network...................................................... 203 How to Prioritize Applications..................................................................... 203 Studying the QoS Solution ......................................................................... 203 Automatic Traffic Discovery ................................................................ 204 End-to-end application performance monitoring................................. 205 Transparency to existing QoS infrastructure ...................................... 205 Priority treatment for critical applications............................................ 205 Guaranteed bandwidth for specific applications ................................. 205 Restricting rogue and greedy applications ......................................... 205 Seamless integration with compression ............................................. 205 How QoS Works ................................................................................................ 207 Prerequisites .............................................................................................. 207 Understanding QoS Rules ......................................................................... 208 How Traffic Filtering is Applied................................................................... 209 How Traffic Shaping is Applied .................................................................. 209 Studying QoS Bandwidth Allocation........................................................... 209 WAN Bandwidth.................................................................................. 210 Link Bandwidth ................................................................................... 210 Diagnostic Mode Traffic ...................................................................... 210 Bandwidth Limits................................................................................. 210 Bursts ................................................................................................. 211 Desired Bandwidth ............................................................................. 211 Priority ................................................................................................ 212 Block................................................................................................... 212 Real-time ............................................................................................ 212 The Difference Between Real-time and Desired? .............................. 213 Carrying Out Basic QoS Configuration .............................................................. 214 Working with Applications .................................................................................. 215 Viewing Defined Applications..................................................................... 216 Deleting an Application .............................................................................. 217
Ac ce ler at o rOS Ve rsi on 7.0 .1 Us er Gu id e

Co n t en ts

ix

Editing an Application ................................................................................. 217 Creating New Applications ......................................................................... 219 Layer-7 Applications ................................................................................... 222 Creating Web Applications ......................................................................... 222 Creating Citrix Applications ........................................................................ 224 Citrix Benefits...................................................................................... 226 Creating Remote Desktop Services ........................................................... 226 Setting QoS Rules.............................................................................................. 229 Setting Inbound QoS .................................................................................. 229 Viewing QoS Rules..................................................................................... 229 Creating QoS Rules.................................................................................... 230 Editing QoS Rules ...................................................................................... 234 Making Decisions for Specific Applications ........................................................ 235 Creating a New Application Decision ......................................................... 236 External QoS ...................................................................................................... 237 QoS Troubleshooting ......................................................................................... 238

Chapter 7: Optimizing Acceleration Services......................... 239
Studying TCP Acceleration ................................................................................ 240 Understanding the Shortcomings of TCP ................................................... 241 The TCP Acceleration Solution .................................................................. 243 Scaling the Transmission Windows .................................................... 243 Congestion Avoidance ........................................................................ 244 Local Network Isolation....................................................................... 244 Asymmetric Networks Optimization .................................................... 244 Computing Latency ............................................................................. 245 Configuring TCP Acceleration ............................................................................ 248 Enabling TCP Acceleration......................................................................... 249 Excluding Servers or Subnets from TCP Acceleration ............................... 251 TCP Acceleration Advanced Settings......................................................... 252 Keepalive.................................................................................................... 253 Understanding Web Acceleration....................................................................... 254 Configuring HTTP Acceleration.......................................................................... 255 Enabling and Disabling HTTP Caching ...................................................... 255 Setting the Cache Size ............................................................................... 255 Setting Cache Content ............................................................................... 256 Working with HTTP Read Ahead................................................................ 256
4. 0

x

C o nt e nts

Clearing HTTP Cache ................................................................................ 257 Returning to Default Settings ..................................................................... 257 Setting Advanced HTTP Parameters ......................................................... 258 Setting HTTP Acceleration Rules............................................................... 259 Excluding from HTTP Caching................................................................... 260 Working with Fetch Jobs ............................................................................ 261 FTP Acceleration ............................................................................................... 264 Enabling and Disabling FTP Caching ........................................................ 264 Setting the Cache Size............................................................................... 265 Setting Cache Content ............................................................................... 265 Clearing FTP Cache................................................................................... 265 Returning to Default Settings ..................................................................... 265 Setting Advanced FTP Parameters............................................................ 266 Excluding from FTP Caching ..................................................................... 267 Configuring DNS Acceleration ........................................................................... 268 Enabling Aggregation......................................................................................... 271 Enabling Traffic Encryption ................................................................................ 273 Configuring an IKE Policy .......................................................................... 273 Defining Crypto Mode ................................................................................ 274 Configuring IPsec Policies ......................................................................... 275 Applying IPsec Policies on a Link .............................................................. 276 Remote Desktop Protocol Services ................................................................... 278 Configuring Terminal Services ................................................................... 278 Collecting RDP Proxy Statistics ................................................................. 279 Excluding Terminal Services ...................................................................... 280

Chapter 8: Configuring Management Options........................ 281
Studying the ExpandView System ..................................................................... 282 Simplifying WAN Optimization.................................................................... 282 Generating Advanced Alerts for World-Class NOCs.................................. 282 Generating Proactive Reports for Network Provisioning............................ 282 Defining Scalable QoS ............................................................................... 283 Updating the IP Address of ExpandView Server........................................ 283 Using Out-of-Band Management ....................................................................... 284 Using SNMP ...................................................................................................... 285 Receiving Log Error Messages.......................................................................... 287 Sending Updates to a Syslog Server ......................................................... 287
Ac ce ler at o rOS Ve rsi on 7.0 .1 Us er Gu id e

Co n t en ts

xi

Sending Updates via Email ........................................................................ 289

Chapter 9: Setting Advanced Parameters............................... 291
Adding WANs ..................................................................................................... 292 Handling Interfaces ............................................................................................ 295 Viewing Available Interfaces....................................................................... 296 Working with VLAN..................................................................................... 297 Viewing the VLAN Interfaces .............................................................. 299 Adding a VLAN Interface .................................................................... 300 Creating Static ARP Entries ............................................................................... 301 Defining Authentication Settings ........................................................................ 302 Configuring DNS ................................................................................................ 303 Dial-on-Demand ................................................................................................. 305

Chapter 10: Resiliency and Redundancy ................................ 307
RAID................................................................................................................... 308 About RAID................................................................................................. 308 RAID Support in Accelerators' Hard Drives ................................................ 308 RAID-1 Mirrored set without parity...................................................... 309 RAID-5 Striped set with distributed parity ........................................... 309 Multi-Port Support ............................................................................................. 311 Router Redundancy Protocols ........................................................................... 315 HSRP.......................................................................................................... 316 Enabling HSRP Automatic Detection.................................................. 317 Setting Manual HSRP Configuration................................................... 318 VRRP.......................................................................................................... 320

Chapter 11: Working with Mobile Accelerators ..................... 323
Overview ............................................................................................................ 324 Configuring the Mobile Accelerator Client .......................................................... 326 Viewing the Collective Branches ................................................................ 326 Creating a Collective Branch ...................................................................... 327 Creating a Collective Branch Template ...................................................... 328 Creating Mobile Accelerator Link Templates .............................................. 329
4. 0

xii

C o nt e nts

Monitoring Collective Branch Statistics .............................................................. 330 Viewing Collective Branch Throughput Statistics ....................................... 330 Viewing Collective Branch Utilization Statistics .......................................... 330 Viewing Collective Branch Acceleration Statistics...................................... 331 Viewing Collective Branch Compression Statistics .................................... 331 Viewing Collective Branch Statistics .......................................................... 332

Chapter 12: Security ................................................................. 335
Studying the AcceleratorOS AAA....................................................................... 336 Configuring AAA ................................................................................................ 338 Configuring Users ...................................................................................... 338 Deleting Users .................................................................................... 339 Viewing the Authentication Servers ........................................................... 340 Adding a New Authentication Server.................................................. 340 Setting the Authentication Method...................................................... 341 Defining the Security Settings .................................................................... 342 Auditing Administration Activities ....................................................................... 343 Locking and Unlocking the Keypad.................................................................... 344 Setting the Keypad Lock Definitions .......................................................... 344 Defining Other LCD Settings...................................................................... 345 Turning By-pass On............................................................................ 345 Locking the Keypad ............................................................................ 345 Product ID........................................................................................... 346 Management IP .................................................................................. 346 Management Mask ............................................................................. 346

Chapter 13: Troubleshooting ................................................... 347
Carrying out the Troubleshooting Procedure ..................................................... 348 Password Issues................................................................................................ 349 Resetting the Password ............................................................................. 349 Choosing a Legal Password ...................................................................... 349 Password Strength ............................................................................ 350 Examples of Good and Bad Passwords ............................................ 350 Additional Notes About Passwords .................................................... 351 Checking the Event Log..................................................................................... 352 Checking Info Events ................................................................................. 352
Ac ce ler at o rOS Ve rsi on 7.0 .1 Us er Gu id e

Co n t en ts

xiii

Checking Warning Events .......................................................................... 352 Checking Error Events................................................................................ 352 Checking Fatal Events................................................................................ 353 Studying Log Message Formats ................................................................. 353 Displaying Information for Troubleshooting........................................................ 355 Displaying Statistics in a Compressed, Archived File................................. 355 Checking the Link Status.................................................................................... 356 Checking Ethernet Settings................................................................................ 357 Checking Lack of Acceleration ........................................................................... 360 Accessing Remote Devices........................................................................ 360 Checking Link Malfunction ................................................................................. 361 Checking for a Corrupted Terminal..................................................................... 362 Checking HSRP Malfunction .............................................................................. 363 Checking QoS Malfunction................................................................................. 364

Chapter 14: Using the Accelerator Tools ................................ 365
Upgrading the AcceleratorOS Software ............................................................. 366 Using the Configuration Tools ............................................................................ 368 Using the General Tools ..................................................................................... 370 Sending a Ping to the Remote Accelerator ................................................ 371 Sending a Traceroute Packet ..................................................................... 371 Rebooting the Accelerator .......................................................................... 372 Gathering Statistics for Technical Support.................................................. 372 Managing User Files .......................................................................................... 374 Viewing System Information............................................................................... 375 Archiving Log Files ............................................................................................. 376 Accdump ............................................................................................................ 377 Enabling Accdump...................................................................................... 378 Deleting Accdump Files.............................................................................. 380 Downloading Accdump Files ...................................................................... 380

Appendix A: Pre-Defined Applications.................................... 381 Appendix B: Accelerator Integration ....................................... 391
Acceleration and Citrix Traffic............................................................................. 392 Disabling Citrix NFuse Compression.......................................................... 392 Disabling Citrix Encryption and Compression ............................................ 393
4. 0

xiv

C o nt e nts

Defining Settings on the Server.......................................................... 394 Setting/checking ICA or RDP listener traffic ....................................... 394 Speed Screen Latency Reduction Manager ....................................... 397 Defining Settings on the Client For Citrix ................................................... 397 Turning Compression off in the PNAgent Client......................................... 398 Understanding the PNA Problem ....................................................... 398 Resolving the PNA Problem ............................................................... 398 Identifying Citrix Layer-7 Applications ........................................................ 399 Configuring NetFlow .......................................................................................... 401 Studying Traffic Measurement.................................................................... 401 Studying Traffic Monitoring......................................................................... 402 Configuring Accelerator NetFlow ............................................................... 402 Disabling Compression on SAP......................................................................... 404 Calculating Acceleration using other Applications ............................................. 406

Appendix C: MIME Types ......................................................... 409
Application ......................................................................................................... 410 Audio.................................................................................................................. 415 Image ................................................................................................................. 416 Message ............................................................................................................ 417 Model ................................................................................................................. 418 Multipart ............................................................................................................. 419 Text .................................................................................................................... 420 Video.................................................................................................................. 421

Appendix D: Contacting TAC ................................................... 423 Appendix E: TCPDump Optional Flags ................................... 425 Appendix F: Command Line Interface..................................... 439
Getting Started ................................................................................................... 440 Understanding the CLI Documentation ...................................................... 440 Accessing the CLI ..................................................................................... 441 Login and Logout Commands .................................................................... 442 Basic CLI Actions ....................................................................................... 443 Licensing Commands................................................................................. 444 Basic Setup Commands............................................................................. 447 Configuration Settings Commands ............................................................ 448 Customizing the CLI................................................................................... 450 Configuration Commands .................................................................................. 452
Ac ce ler at o rOS Ve rsi on 7.0 .1 Us er Gu id e

......................... 0 ............... 671 RDP Proxy Commands ............... 533 HTTP Acceleration Commands ............................................................................................................................................. 503 Subnet Commands......... 458 Bandwidth Adjust Commands .................................. 658 Log Archives Commands .................... 531 WEB Acceleration Commands ............... 514 RIP Commands ................... 579 FTP Acceleration Commands........... 594 RAID Commands..................... 655 Log Commands ................ 632 ARP Commands........................................................................... 617 DNS Acceleration Commands...................................................................................... 581 Studying a Subnet Configuration Network...................................................................................................................................... 667 Accdump Commands .................................................................... 640 Link Commands...................................................................... 522 SNTP Server Commands .................................. 676 Mobile Accelerator Commands ............................................................................... 665 Configuration Tool Commands ............................................................................................................ 536 Fetch Job Commands ............................................................................................................................................................................................................. 638 Additional Commands .............................................................................................. 527 DHCP Server Commands ................................................................................................................................................................ 453 Local Interface Commands........................................................................ 646 Expand View Commands .......................................................................................................................................................... 507 OSPF Commands .......................................... 587 Ethernet Statistics Display Commands ............................................................................................................................................................................... 454 Link Commands................................................ 568 TCP Acceleration Commands ...................................... 624 Traffic Encryption Commands ........................................... 593 QoS Commands ................................................................................................................................... 504 Alias Commands ...................................................................................... 680 4............................................................................................... 517 WCCP Commands ............................ 588 NetFlow Commands ........................................................................................................................................................................................................................................... 614 Aggregation Class Commands................................................. 572 Keep Alive Commands .................................................................................................................. 653 SNMP Commands............................................................................ 499 Crypto Commands...............................................................Co n t en ts xv General Commands ...................... 528 DHCP Relay Commands........... 509 Router Polling Commands........................................................................

................................................................................................................................................................................................ 742 TTCP Commands ................................................................ 747 Configuring Security.....xvi C o nt e nts Configuring WAFS ............................. 740 Transaction Monitoring Commands ................... 748 Server Configuration Commands.......................................................................................................................................................................... 734 Software Commands.............. 684 Cache Commands ........................................................................................................................ 707 WAFS Help Commands ........................................ 746 Wins Commands. 765 Ac ce ler at o rOS Ve rsi on 7.......................... 702 Additional Commands . 718 Replication User Commands .............................. 739 Stf_filter Commands............................................................................................................................................................................ 699 CIFS Commands......................................................................................... 683 Basic Operation Commands ...................................................................................... 754 Software OS Upgrade Commands........................................... 700 Compression Filter Commands...................................................................... 762 By-pass Mode Commands........................................................................... 687 Print Administration Commands. 706 FileBank Director Commands .....0 ....................................... 750 User Account Configuration Commands................................................................ 688 Printer Driver Commands.............. 693 Printer Management Commands ................................................................ 698 Excluded Server Commands .................................................... 692 Printer Port Commands.................................... 711 WAFS Licensing Commands ................... 738 Statistic Commands ........................ 725 Event Scheduling Commands............................................................................................................................. 713 Replication Service Commands ............................................................................... 701 Time and Date Commands ........................................................................ 762 show tech-support continuous ............................................1 Us er Gu id e ...................................................................................................... 690 CUPS Commands................................................................................................................ 696 WAFS Transparency Commands............................................................................................................................................................................. 703 Fetch Commands...................................................................................... 761 Technical Information and Trouble Shooting Tools .................................................... 712 WAFS Log File Commands.......... 731 Service Management Commands.......................................................................................... 745 Virtual Memory Statistic Commands ..................................................................................................................................................................................................................................................................... 748 Transport Type Commands........................................................... 743 User Commands ..............

......... 771 License Grant ................................................................................................................................................................................................. 768 Terms and Conditions of Sale .............................................................. 772 Indemnity .......................................................................................................................................................... 775 4....................................... 770 Title and Security Interest................................................................................................ 771 Product Returns..... 771 Limitation of Liability ........................................... 766 Appendix G: Specifications and Warranty....................................... 767 Standards ....................... 773 Index .............................................. 770 Risk of Loss ............................................................................................. 0 ................................................................... 768 RFC / Standard List ..................................... 772 Default ................................................................................................................Co n t en ts xvii show events........................................................................................................................................................................................... 770 Price and Payment .... 772 Open Source Provisions..................................................... 770 Acceptance................................................ 765 Configuring Core Allocation........................................................................... 771 Warranty . 772 General.................................................................................................................................................................................................................................................................................

on page 3 Layer-7 QoS and Bandwidth Management. This chapter includes the following sections: Features and Benefits. on page 2 Next-generation WAN Compression. The Accelerator is a Layer-3 WAN device that dramatically improves application response times through a combination of bandwidth compression. on page 8 Configuration and Management. Layer-7 QoS and acceleration plug-ins for specific applications. on page 7 How the Accelerator Works. on page 11 . on page 4 The Accelerator Product Line.Chapter 1: Introducing the Accelerator Expand Networks’ AcceleratorTM is the ideal Application Traffic Management System for ensuring optimal application performance over the WAN.

on page 3 Layer-7 QoS and Bandwidth Management. noisy networks. This allows the Accelerator to choose the proper parameter setting according to conditions at the given time allowing you to continually experience maximized optimization. Expand extends your budget and stretches your resources further than imagined. load balanced networks. Redefining Application Traffic Management The Accelerator takes application traffic management to the next level by reducing WAN costs and improving application performance. on page 2 Easy Management and Configuration. In addition to bandwidth compression capabilities. Features include: Virtual Bandwidth Management. QoS clouds. Include the option of using a virtual Accelerator and the possibilities are endless.1 Us er Gu id e . and networks experiencing many out-of-order errors. high BER networks. in an easy to install package that fits seamlessly into various network topologies such as MPLS. on page 2 Next-generation WAN Compression.0 . thereby closing the proximity gap created by applications that consume bandwidth and create a poor user experience on the WAN. Ac ce ler at o rOS Ve rsi on 7. the Accelerator provides a rich set of features that improve application response times and provide Layer-7 visibility and control tools. on page 2 Redefining Application Traffic Management.2 C h ap t er 1: Introducing the Accelerator Features and Benefits The Accelerator’s new and improved algorithms provide the highest WAN compression performance available. Easy Management and Configuration Many of the Settings in the User Interface contain an “Auto” setting. on page 4 Virtual Bandwidth Management Expand’s next-generation compression and caching take your limited WAN links and create four to ten times the output on the same infrastructure.

Fe at u r es a nd B en e fi ts 3 which enable network managers to align network resources with business priorities. 100% lossless. Application-specific Acceleration Application-specific acceleration is a breakthrough approach that works in combination with next-generation compression for improving application response times. peaks of 1000%+ Extensible architecture based on application acceleration plug-ins for additional application support TCP acceleration enables TCP transfer speeds in excess of WAN link speed. Unique On-LAN deployments enable rack-and-stack above 350 sites and 45 Mbps. peaks of 1000%+. Verified in over 27. even under challenging latency and packet loss . Layer-7 QoS capabilities and sophisticated monitoring and reporting. High performance. application-specific acceleration. Improves application response times by 100% to 400%. ensuring guaranteed compatibility with any kind of WAN device. RIP and other routing protocols. Acceleration of application response times is achieved through next-generation WAN compression. Next-generation WAN Compression The Accelerators’ bandwidth expansion algorithms provide an effective alternative to WAN upgrades with a 3 to 9 month ROI. low latency algorithms Packets incur a maximum of 1 millisecond latency passing through the device. packet header reduction and adaptive packet compression. Typical capacity gains of 100% to 400%+ additional capacity. Combination of byte-level caching.000 production installations. works on all applications Supports up to 350 remote sites and 45 Mbps in a single device. RTM also preserves Layer 4 for TCP & UDP traffic. Dynamic routing enables effortless installation even in complex networks that use OSPF. Network transparent RTM (Router Transparency Mode) enables 100% IP header preservation.

thereby maintaining LAN-like performance for future file transfers. Addressing ‘WAN-Outs’: In the event of a network outage. and print. Layer-7 QoS and Bandwidth Management The Accelerator’s Instant QoS functionality stops bandwidth abuse.org) that was developed by NASA and the DoD for performance optimization in high latency links. Low operational cost QoS solution. availability and management issues raised by server consolidation: LAN-like application performance: Expand Networks’ acceleration architecture replicates files and keeps them on the remote site’s cache. HTTP acceleration provides faster web application response times for chatty HTTP transactions by eliminating repetitive download of frequently accessed objects. The Accelerator's full-scale WAFS and CIFS acceleration optimizes file access over the WAN. DNS acceleration eliminates DNS wait times for applications (for example: web portals) by keeping copies of frequently accessed DNS translations cached at the edge Accelerator.4 C h ap t er 1: Introducing the Accelerator conditions.0 . Virtual-Server: Expand Networks’ enhanced WAFS offering retains critical remote branch system services such as: DNS. Layer-7 application discovery Easy to set up—instant QoS maximum flexibility for advanced users QoS can be applied to both inbound and outbound traffic. Expand Networks’ enhanced WAFS offering addresses the key performance. Server consolidation is made possible without paying the price in WAN application performance. applets. guarantees network resources for critical applications like VoIP and lets network managers prioritize network applications according to business objectives. FTP acceleration provides faster response times due to elimination of long FTP transactions by keeping local copies of frequently accessed files. and so on. solving remote server data access from the data center over the WAN. meeting the SCPS standard (www. The TCP acceleration plug-in is standards-based. Ac ce ler at o rOS Ve rsi on 7. DHCP.1 Us er Gu id e .scps. remote users can continue working because files are served from a local cache.

Dozens of historical and real-time reports for WAN and links Throughput. medium. and low attributes Discards rogue applications Packet fragmentation assures VoIP/video latency budget Integrates with existing environments Marks. application inbound and outbound user customizable Complex rules available for the advanced user. such as nested rules and order matching Export and print functions End-to-end view with ExpandView Branch Office Features The Accelerators offer much more than just a bandwidth increase. . These intelligent devices deliver a branch office platform that consolidates multiple devices. Full NetFlow compliance replaces the need for costly probes Open architecture for future enhancements Rapid Deployment/Dependable Results With minimal configuration and no network architecture changes. acceleration Applications and hosts System-wide. IP subnet. per link. honors and preserves QoS based on application or QoS markings Extensible architecture Additional application classification QoS troubleshooting/diagnostics mode Layer-7 Monitoring and Reporting The Accelerators and the ExpandView stand-alone Application Traffic Management System provide powerful monitoring and graphical reporting for full application-level visibility and cost-effective end-to-end network management. Peer. Automatic application detection with hundreds of predefined classes.Fe at u r es a nd B en e fi ts 5 Bandwidth limits can be set to a maximum amount or an optimal amount Burst-ability control Strict priority for real-time traffic Allows traffic shaping with high. performance.

0 . and Windows Directory Validated in over 1.1 Us er Gu id e . HSRP/VRRP failover External flash card for effortless device swap-out (for non-hard drivebased models: Switch-to-wire and software watchdogs) assure zero network downtime Remote access never compromised Out-of-band management Network integrity preserved with standards-based implementation IPComp tunnels Router Transparency Mode SCPS for TCP Acceleration SNMP for device management NetFlow probe Ac ce ler at o rOS Ve rsi on 7. TACACS+. Network integrity preserved with standards-based implementation. SSH.6 C h ap t er 1: Introducing the Accelerator 2 minute configuration via front panel keypad Up and running in minutes with environment auto-detection Easy-to-use WebUI and central deployment stations Familiar Cisco-like CLI minimizes staff retraining Secure management with HTTPS.000 enterprise and service provider networks Maximum Uptime and Reliability The Accelerators’ resilience features and standards-based implementation guarantee unsurpassed uptime and availability. SNMP (v2c/v3) Integrates with existing user authentication and administration systems RADIUS.

com) for new hardware releases.expand. .The Accelerator Product Line T h e A cc el er a to r P r o d uc t L in e 7 The Accelerator product line consists Accelerators that will cater to a range of facilities from the small office to the Enterprise Network. Check the corporate web site (www.

whether the WAN is a private line.0 . on page 8 or On-LAN. wireless local loop. IP-Based Network In an IP network. on page 9. The data from the LAN segment passes through the Accelerator that performs traffic optimization. Ac ce ler at o rOS Ve rsi on 7. You can connect Accelerators on the LAN side of the router. VPN. ISDN. Some of the Accelerator’s benefits can be realized with no far-end Accelerator. IP. If the Accelerator fails-to-wire. The Accelerator can be located either On-Path. you can position the Accelerator on the LAN-side of the router or directly on the LAN. ATM. or satellite. xDSL. before the data reaches the router. See the sample On-Path application in Figure 1. Figure 1: On-Path Application In this configuration. On-Path On-Path configuration places the Accelerator between the LAN and the router on both sides of the IP network. internal by-pass circuitry ensures the Accelerator fails-to-wire. but will not be accelerated (by-pass mode). frame relay. enabling invisible protection of the network in the unlikely event of failure. traffic will continue passing.1 Us er Gu id e . including compression and QoS.8 C h ap t er 1: Introducing the Accelerator How the Accelerator Works Accelerators can be deployed in any network environment.

2 involves creating two links (two Accelerators). so it will be used as the default link for the connection. one Accelerator is installed on the LAN segment. if resilience is to be enhanced. Another optional configuration is shown in Figure 3: Figure 3: An Optional Configuration In this configuration. The Accelerator becomes the next hop for traffic on the LAN destined to the WAN.000).1. Figure 2: On-LAN Application If all transparent Proxy services (such as HTTP acceleration or TCP acceleration) are disabled. Hot Standby Routing Protocol (HSRP) or Virtual Router Redundancy Protocol (VRRP) enables the Accelerator to take part in HSRP/VRRP .ranging from 11 to 10. you can assign incoming traffic through one link and outgoing traffic through the other link. Usually. one of which is assigned a higher priority (metric . you can install two or more Accelerators for redundancy purposes. traffic switches to the other link. The accelerated data is redirected to the far-end Accelerator (On-LAN or On-Path) where the data is reconstructed before reaching its destination IP address. The most common configuration up to Version 6. If this link fails. See Figure 2.H o w t h e A cc el er a t o r Wo r k s 9 On-LAN On-LAN configuration places the Accelerator directly on the LAN as a host. However.

1 Us er Gu id e . When the primary Accelerator is available again. and the Source IP of this link is defined to be the HSRP Group’s Virtual IP.1. the link switches to the next Accelerator in the rare case of primary Accelerator failure. a link can be destined to an HSRP/VRRP virtual IP.10 C h ap t er 1: Introducing the Accelerator groups. the link switches back to it.2. Ac ce ler at o rOS Ve rsi on 7. providing redundancy in cases where an active Accelerator fails. Starting from Version 6. and all of this link’s services are kept.0 . If an AcceleratorOS link is established.

Console-based administration can be accomplished using a directly connected terminal or terminal software using a serial connection. . This configuration is performed locally by using the front-panel LCD. The initial configuration also involves defining passwords. and the time and date at the Accelerator site. and includes specifying the Accelerator’s IP address. or an RS-232 console.Configuration and Management Co n fi g ur at io n an d M an ag em e nt 11 You can configure and monitor the AcceleratorOS via a user-friendly Web User Interface (WebUI). see the Accelerator Quick Installation Guide. provides a wide range of management features. The WebUI is accessible from Microsoft Internet Explorer via the HTTP protocol or the secured HTTPS protocol. For Quick Installation Instructions. The Accelerator operating system. Like most networking equipment. a Telnet session. AcceleratorOS. You can carry out initial configuration by using the front-panel LCD. Telnet console or browser-based management console. the Accelerator requires some basic initial configuration in order to function. or a secured SSH-based connection. The Accelerator’s user-friendly Installation Wizard guides you through the steps necessary to get your Accelerator up and running.

1 Us er Gu id e .12 C h ap t er 1: Introducing the Accelerator Ac ce ler at o rOS Ve rsi on 7.0 .

by using the Accelerator’s default IP address (10. on page 22 Accelerator Main Menu. you can use the CLI to perform complete setup.99. on page 17 Performing Setup via the LCD. on page 41 Integrating the Accelerator into Your Network. on page 42 . on page 29 Modifying the Basic Configuration. on page 34 Logging On and Off the Accelerator. on page 14 Working with By-pass Mode. on page 30 About the AcceleratorOS License.99). see Troubleshooting. in conjunction with the Accelerator’s Wizard.0. or via the Wizard alone. on page 21 Performing Setup via the Wizard. on page 16 Reviewing the Setup Checklist. on page 19 Performing Setup via the WebUI. The AcceleratorOS lets you set up the Accelerator either via the LCD. If you have not been able to install or turn on the Accelerator successfully. on page 423.Chapter 2: Getting Started This chapter assumes that you have successfully installed and turned on the Accelerator without any errors. on page 347 and Contacting TAC. In addition. This chapter contains the following topics: Connecting and Configuring Multi-Port Accelerators.

1 Us er Gu id e . Figure 1: Connecting the Cables 4.14 C h ap t er 2: Getting Started Connecting and Configuring Multi-Port Accelerators To connect the Accelerator to your network: 1.0 . 3. Connect one port to the switch (LAN). Ac ce ler at o rOS Ve rsi on 7. Connect the other port from the same pair to the router (WAN). Power on the Accelerator. Connect the Pair 0 first. ETH 0/1 for example. Connect Port ETH0 to a computer for management (optional). ETH 0/0 for example 2.

make note of the LEDs use Figure 2 for the LED location and the following table for the LEDs description: Figure 2: LED Display See this table for 6x50 LED information: Activity LED LED Color Green Off Definition Active traffic No traffic LED Color Orange Green Off Link LED Definition 1000 MB link 100 MB link 10 MB link See this table for 7930 and 7940 LED information: LED that is Illuminated Link/Act 100 1000 100 and 1000 Definition There is traffic 100MB link 1G Link By-pass is activated 5. If there is an error or the LEDs light incorrectly. see the troubleshooting information for your specific device.P o r t Ac ce ler at o r s 15 Understanding the LEDs When the Accelerator powers-up. .C on n ec t in g an d C on f ig u r in g M ul ti .

Furthermore. CAUTION! When by-pass is enabled you will lose connectivity to the CLI/WebUI. with Accelerators that have multi-port support (79xx and 6x50) you can set specific ports or all ports to by-pass mode.16 C h ap t er 2: Getting Started Working with By-pass Mode When working in On-Path mode.0 . see bypass activate. all models support invoking the by-pass mode through the CLI. via the CLI only. The move to by-pass mode is carried out automatically by the by-pass switch on the Accelerator.1 Us er Gu id e . the Accelerator can work in by-pass mode to enable transparent data transmission in the unlikely event of Accelerator failure. ! Ac ce ler at o rOS Ve rsi on 7. unless Out-of-Band management is used. To activate bypass manually on an Accelerator that has multi-port support. on page 762. In addition.

Reviewing the Setup Checklist Information Needed Speed: 10/100/1000 Duplex: Half / Full IP Address: IP Address: Subnet Secondary (up to 10): VLAN: Subnet: Acc IP Address: Subnet: Acc IP Address: Subnet: Acc IP Address: Yes: HSRP / VRRP (circle one) No Yes / No If yes. on page 316 (config-ospf) ospf-mode enable. on page 22 Yes / No Yes / No Working with VLAN. on page 512 RIP Commands. on page 25 MPLS.1q trunking? Does your network use external traffic monitoring software on the router? Do you have any ToS implementation? MPLS? Diffserv? Any kind of applications that modify the ToS field? Performing Setup via the Wizard. on page 22 Setting Subnet Routing. on page 22 Performing Setup via the Wizard. on page 517 Do you have RIP configured? IP address of the remote Accelerator? WAN bandwidth? Does your network include VLAN 802. on page 230 Yes / No Yes / No Yes / No Yes / No . on page 94 Do you have HSRP or VRRP configured? Do you have OSPF configured? HSRP. OSPF Area ID: or IP address: Yes / No Version: 1/2 If yes. on page 297 Encapsulation. RIP Authentication: IP Address: Re vie w in g t h e S et u p Ch ec kl ist 17 Follow this checklist to ensure that you have all of the information necessary to complete Accelerator setup: Network Checklist What are the port settings of the devices that will be attached to the Accelerator (switch/router)? What is the IP address of the Default Gateway? What will the IP address of the Accelerator be? Will there be secondary IP addresses or VLAN IP Addresses? Does this Accelerator have more than one subnet in its network? For more information see: Performing Setup via the Wizard. on page 77 Creating QoS Rules.

enable TCP Acceleration For more information see: Using SNMP.18 C h ap t er 2: Getting Started Network Checklist (Continued) Do you currently use SNMP? Information Needed Yes / No If Yes. on page 240 Ac ce ler at o rOS Ve rsi on 7. on page 71 Studying TCP Acceleration. on page 285 Do you currently collect SNMP traps? SNMP Commands.1 Us er Gu id e . what is the IP address of the Syslog Daemon? Yes / No Yes / No If yes. on page 655 Do you currently use a Syslog server? Sending Updates to a Syslog Server. what is the IP address of the trap receiver? Yes / No If Yes. on page 287 Do you currently use NetFlow? Does your network have high latency lines above 40 ms? Configuring NetFlow Support. what is the community name? Yes / No If Yes.0 .

xx should be displayed. To navigate between the fields: Follow these steps: Press the right/left arrows until the cursor is below the word/value you want to select or change. Setup . or various error messages).Performing Setup via the LCD P er f o r m in g S e tu p v ia t he L C D 19 Accelerator configuration is made simple with the front-panel LCD.Enter the Subnet Mask and press Enter Figure 5:Subnet Mask LCD .Verify that the Setup LCD is illuminated. and press Enter. where xx is the maintenance release number (for example 7. Press the up/down arrows to change the value of the numbers. AcceleratorOS v6.1) in addition to a status display (Ready. By-pass. Enter the Setup Menu by making sure the cursor is under Setup and pressing Enter.0. Press Enter to write the setting and to navigate to the next screen.Enter the Local IP address and press Enter Figure 4: Local IP LCD Subnet Mask . Press Enter to start configuration. Figure 3: The Setup LCD Local IP .

At this point.20 C h ap t er 2: Getting Started Default Gateway .0 . management can be performed via the Accelerator’s Web UI. select Yes or No and press Enter. on page 344. via the CLI. For other LCD settings.Centralized Management. you will need to define the ExpandView server IP address via the CLI. Telnet. SSH. or via ExpandView.1 Us er Gu id e . To work with ExpandView. see section Locking and Unlocking the Keypad.Enter the Default Gateway and press Enter Figure 6: Default Gateway LCD When asked if you want to Save the setup. Ac ce ler at o rOS Ve rsi on 7.

The default user name and password (both case sensitive) that must be used on initial login are as follows: user name: expand password: Expand The first time you access the WebUI.Performing Setup via the WebUI To access the WebUI: P er f o r m in g S e tu p v ia t he Web U I 21 The Accelerator’s Web User Interface (WebUI) provides you with a user-friendly interface for configuring the Accelerator. When prompted. the Accelerator WebUI supports access via Secure HTTP. 2. In the Address field of your web browser. The Accelerator’s WebUI opens and prompts you to log in to use the WebUI. 1.255. 3. log in to the Accelerator by entering a user name and password. If the Accelerator is connected directly to a management PC.255. by typing https:// before the Accelerator IP address. The Accelerator comes pre-configured with the IP address: 10. use this default address to access the Accelerator.99 255.0.99. . ensure that you set the PC to the same subnet as the Accelerator’s IP address. enter the Accelerator’s IP Address. the Setup Wizard automatically opens and guides you through the steps of basic Accelerator configuration. Alternatively.0 If no other IP address was assigned via the LCD.

ensure that you set the PC to the same subnet as the Accelerator’s IP address.0 . If the Accelerator is connected directly to a management PC. i Note: To carry out any modifications and additions after initial configuration. Additional Topics are as follows: Configuring Basic Accelerator Details. On subsequent uses. always use the Basic screen or the My Links screen and not the Wizard. for help with the password screen Reviewing Wizard Configuration. for help with the summary screen Ac ce ler at o rOS Ve rsi on 7.22 C h ap t er 2: Getting Started Performing Setup via the Wizard The Accelerator’s Setup Wizard guides you on the step-by-step configuration of the basic parameters (all parameters that are set via the front-panel LCD). on page 26.1 Us er Gu id e . on page 23 for help with the My Accelerator Screen Setting Links via the Wizard. 2. The first time you access the Accelerator’s WebUI. on page 27. click the Setup Wizard button. on page 24 for help with the My Links Screen Setting the Time. for help with the Time screen Modifying the Password. which are necessary to get your Accelerator up and running. on page 28. To access the Setup Wizard: 1. The Wizard resets other parameters to their default values when accessed. Read carefully the explanations that appear in the Welcome screen and click Next to move to the My Accelerator screen. the Setup Wizard opens automatically. to return to the Setup Wizard. which lets you define the local Accelerator settings.

The License Stratus is shown here. Enter the IP address of the Accelerator. In network topologies such as Mesh and Hub. Licensing Advanced Settings . Enter the Accelerator’s serial number (product ID). by typing the IP address in the field and clicking Add. Enter the Subnet Mask to identify this Accelerator’s local subnet. see About the AcceleratorOS License. You can add more than one gateway. knowing the network size is important for the Accelerator in order to know how to divide its system resources correctly among connected Accelerators. Setting an accurate network size enables the Accelerator to better optimize traffic. For more information on Licensing. In the deployment size field enter the approximate number of Accelerators to which the local Accelerator will be connected(1-500).P er fo r m in g S et up via t h e Wi z ar d 23 Configuring Basic Accelerator Details Set the following parameters on the Wizard’s My Accelerator screen: Device Name IP Address Subnet Mask Default Gateways Set a name for the Accelerator of up to 60 characters. and enter the license key or file number. without spaces and special characters. License Key or License File. The maximum number of gateways that you can add is 5. Select either Evaluation. Select a deployment Type (ON-Path or On-LAN). on page 34. Enter the network’s Default Gateway to which the Accelerator will forward the traffic it intercepts.

1 Us er Gu id e . 2. Using the parameters described in the table below. Follow these steps to set Link information and click Next to advance to the next screen: Figure 7: The Setup Wizard Links Screen To add a remote Accelerator: 1.24 C h ap t er 2: Getting Started Setting Links via the Wizard The My Links screen.0 . lets you set up the basic parameters necessary to define your network and begin working with the Accelerator. 3. Click Add to add the remote Accelerator. Click Next to advance to the next screen of the Wizard. Use the Delete button to remove added links from the Links Table. accessed via the Wizard. add the information as needed in the appropriate field. Ac ce ler at o rOS Ve rsi on 7.

However. MPLS networks and certain firewall environments. To accomplish asymmetrical bandwidth settings. ensure that the IPComp protocol is not blocked before selecting either IPComp or RTM encapsulation i . on page 215). This means that you can set one Accelerator to Router Transparency while setting the other Accelerator to IPComp in the opposite direction. the transport header and the payload are compressed and the packet traversing the network will have an IPComp header. IPComp encapsulation will not function if the IPComp protocol is blocked by a firewall. Set a name for the link that will let you identify it in the future. In this event. This is useful for setting RTM mode when one of the Accelerators is On-LAN and the other is On-Path. Encapsulation i Note: When using router transparency mode. IPComp is the default setting. (like SNMP see Working with Applications. no spaces. encryption. Router Transparency (RTM): In Router Transparency encapsulation. leaving the original IP header and the original TCP/UDP header in their original forms so that their information is available across the network. monitoring (NetFlow). it is necessary to set up a decision policy that does not tunnel specific applications. Set the speed of the link that connects the local Accelerator to the remote Accelerator. no special characters.P er fo r m in g S et up via t h e Wi z ar d 25 Parameter Destination IP Name Bandwidth Description Enter the IP Address of the remote device. or excludes specific subnets or IP addresses from being accelerated on the link (see Configuring Link Subnets. including QoS deployments. which enables the best compression rate. Router Transparency encapsulation is appropriate in an environment where header preservation is necessary. making them unreadable by the router. This means that the IP header. Therefore. on page 90). UDP: UDP encapsulation allows for more compatibility with firewalls that use encapsulated packets.whichever is lower. and so on) will be compressed. use either the advanced link parameters or the CLI. the payload of packets destined to the router (SNMP requests. by clicking on the relevant radio button: IPComp: IPComp encapsulation (tunneled encapsulation) compresses the entire packet. Up to 31 characters. This should be either the local WAN bandwidth or the remote WAN bandwidth . Note: Encapsulation settings can be asymmetric. Choose one of the following options. Telnet. only the packets’ payload is compressed. Load Balancing. Billing.

If your country is not listed. Ensure that this port is not blocked by a firewall that is installed between the Accelerators. Using the Date drop down menus. Click Next to advance to the next screen.26 C h ap t er 2: Getting Started i Note: TCP port 1928 is needed for establishing a connection between Accelerators. 4.1 Us er Gu id e . Using the Time zone drop-down menu. To set the time and time zone: 1. select the time zone that you are located in. select the one that is in your time zone.0 . 3. All Accelerators within the same network. select the current date using the following format: dd:mm:yyyy. In the Current date and Time field. Note: Deleting the non-link is impossible. enter the Time in the following format: hh:mm 2. because this link name is a logical entity that represents all un-specified traffic in the QoS and Monitoring engines i Setting the Time Verifying that the Accelerator’s time is accurately set is extremely important in order to have an accurate reading of when events occur and when statistic items are gathered and updated. Figure 8: The Setup Wizard Ac ce ler at o rOS Ve rsi on 7. must be set to the same time.

3. The password you select will not display in the field and it is casesensitive. Make sure you can remember your password as there is no retrieval system in case it is forgotten. a blank password) Expand (the default original password) Other values as specified in Choosing a Legal Password. If you are logging in for the first time. To enter a password: 1. on page 349.e. Click Next to move to the next screen. Type a new password (context sensitive) in the New Password field. i Note: The following values are not accepted as passwords: An empty field (i. Figure 9: The Setup Password window . If you cannot remember your password. you will need to reset the Accelerator to factory default settings as described in Resetting the Password. the default password is Expand. 4. Confirm this password by typing the same password you typed in step 2. 2.P er fo r m in g S et up via t h e Wi z ar d 27 Modifying the Password Security reasons necessitate changing the default password before exiting the setup Wizard. Type the current password in the Current Password field. on page 349.

28 C h ap t er 2: Getting Started Reviewing Wizard Configuration The Summary screen of the Setup Wizard lets you review the parameters set via the Wizard before saving them to the Accelerator.0 . press the Finish button to save the settings to the Accelerator. ! CAUTION! Clicking Finish saves the configuration as the Accelerator’s Startup Config. ! Figure 10: Setup Wizard Summary window Ac ce ler at o rOS Ve rsi on 7. If the configuration is correct.1 Us er Gu id e .

you will need to reset the Accelerator to factory default settings. let you carry out basic operations as follows: WebUI Menu Item Setup Wizard Write Change Password Description Click the Setup Wizard link at any time to open the Setup Wizard. Click the Write link at any time to write the current configuration. see Resetting the Password. For information on choosing a proper password. Any change not saved will be deleted. on page 349. Click the Change Password link at any time to modify your login password. The password is case sensitive. This must be done when specified. There is no confirmation to this action. Click the Logout link at any time to log out of the Accelerator. Clicking on this button at any time on any page in the interface will set that page as the default startup page “home page” each time you log into the WEB/UI. which are common to all WebUI menu screens. If you have forgotten your password. Click the Refresh button at any time to refresh the data in the WebUI. on page 349. Click the Help button at any time to open the Accelerator’s online help. Logout . This help is pop-up based so make sure your browser’s settings allow pop-ups. but the number of characters is not limited. see Choosing a Legal Password.Accelerator Main Menu A cc el era to r Mai n Me nu 29 The following buttons.

and how much time has elapsed since. on page 31). always use the Basic screen or the My Links screen and not the Wizard.30 C h ap t er 2: Getting Started Modifying the Basic Configuration To modify the basic Accelerator setup. you can make changes via the Basic screen in the Setup menu of the WebUI. For more information see Performing Setup via the Wizard. In addition. To change the basic Accelerator parameters: 1. The parameters on this screen are identical to the parameters configurable via the Setup Wizard’s Basic screen. i Note: To carry out any modifications and additions after initial configuration.0 . and is used when licensing the product Software (AcceleratorOS) version running on the Accelerator The last time the device was rebooted. The Basic screen includes specific details concerning the Accelerator device. Ac ce ler at o rOS Ve rsi on 7. Time set in the Accelerator If you need help with the AcceleratorOS interface. see Accelerator Main Menu. on page 29. on page 22. the Basic screen lets you add a description to identify the Accelerator. with the exception of Routing Strategy settings (see Setting Routing Strategy. Enter the information as described in the following table. 2. The Wizard resets other parameters to their default values when accessed.1 Us er Gu id e . Click Submit. as follows: Parameter Platform Product ID AcceleratorOS Version System Up-Time Current Time Description Accelerator type The product ID is the unique number identifying the Accelerator.

and therefore you should set Routing strategy to Routing only. the Accelerator must route all traffic. . For advanced configurations. The maximum number of gateways that you can add is 5. In environments such as router polling and dynamic routing networks.only traffic destined to an accelerated link or a virtual link. non-link traffic and inbound traffic should not be directed to the router (normally. Type a Subnet Mask to identify this Accelerator’s local subnet. on page 31. Device Name Description IP Address Subnet Mask Routing Strategy Default Gateways Set a name for the Accelerator of up to 60 characters. click Advanced Settings Configuration and see Defining Advanced Settings. See Defining Advanced Settings. i Note: Enabling TCP Acceleration requires you to use “Routing-Only” routing strategy. Routing-Only –typically used in On-LAN deployments. You can add more than one gateway. In such environments you have to set the Routing strategy to Bridge route. on page 32. on page 32 Advanced Settings Setting Routing Strategy The Basic screen lets you set the Routing Strategy.M o d if yin g t h e Ba sic C o nf ig u r a ti on 31 3. Type a description that is relevant for your use. by typing the IP address in the field and clicking Add. Routing strategy defines how to route traffic. but this can cause problems if the destination is a Layer-2 address or for incoming traffic). or in environments that require the Accelerator to route all traffic (for example: networks that use Dynamic Routing policies). 3F ACC Type a valid IP address for this Accelerator. it is directed to the router. For example. See Setting Routing Strategy. In other environments. which does not route non-link and inbound traffic . Enter the network’s Default Gateway to which the Accelerator will forward the traffic it intercepts. where traffic is not necessarily routed through the router. Bridge Route – typically used in On-Path deployments. when nonlink traffic is transmitted by the Accelerator. without spaces and special characters.

32 C h ap t er 2: Getting Started Defining Advanced Settings Lets you set advanced information about the Accelerator’s setup. Set the precise bandwidth (in Kbps) of the WAN. Web Cache only (for HTTP servers). as shown in the following table. Gbps). Used for defining the maximum number of requested links. Ensure that the WAN bandwidth is not set too low. You can set here any number between 1 and 450. Note: For the Accelerator’s application optimization to work properly. clear the check to Disable. use the default setting of 100 Mbps. You can either choose Other and enter your own value. unfragmented piece. If you are unsure of your WAN bandwidth setting. For maximum efficiency. see the Quick Installation Guide supplied with your Accelerator Enter the approximate number of Accelerators to which the local Accelerator will be connected (1-500). By default the setting is None. i Ac ce ler at o rOS Ve rsi on 7.0 . Setting an accurate network size enables the Accelerator to better optimize traffic. you are advised to set an accurate WAN bandwidth defining the physical link that the Accelerator sits on. Deployment Size Bandwidth Caching Local MSS Maximum Links Traffic Gauge CAUTION! The WAN bandwidth setting is used by the Accelerator’s QoS ! mechanism. Mbps. Kbps.1 Us er Gu id e . on page 8 On-LAN: see On-LAN. excluding the TCP and IP headers. allows the user to see statistics in the traffic gauge link’s or non-link output. This sets the Maximum Segment Size in bytes of a TCP packet that the Accelerator will accept in a single. Changes made here require you to click the Submit button in order for those changes to take effect. Enabled by default. on page 9 For additional information on both types of deployment. Select the Enable check box to Enable. In network topologies such as Mesh and Hub. MSS can be configured on a per-link basis or globally on all links. or both or None. the MTU should never be more than the MSS + the headers. otherwise the ! Accelerator’s QoS mechanism may drop packets and cause applications to disconnect. knowing the network size is important for the Accelerator in order to know how to divide its system resources correctly among connected Accelerators. Either select the WAN Bandwidth from the pull-down menu or select Other and enter a specific figure into the provided field along with its correct unit (bps. 0 is not a valid bandwidth Defines the active cache method: WAFS only (for CIFS traffic). Deployment Type On-Path: see On-Path.

M o d if yin g t h e Ba sic C o nf ig u r a ti on 33 .

The following features are subject to individual licensing requirements: Bandwidth—see note below QoS L7-QoS TCP Acceleration Web Caching WAFS (both FB and FBD) IPsec MACC Seats (for Mobile Accelerators . Once the 30-day grace period has passed. the maximum amount of traffic up to 2MB is accelerated. the remaining will pass through.) i A Note about Bandwidth Licensing: the bandwidth license specifies the maximum amount of traffic that will be accelerated. if you have a license for 2MB and the network has more than 2MB of traffic. you are notified with a warning message Ac ce ler at o rOS Ve rsi on 7. the Accelerator will continue to pass data in pass-through mode and will not optimize traffic in any way. If you are concerned about exceeding your license limit. For example.0 . If packets are exceeding the license or if the license is expired.1 Us er Gu id e . you can monitor it within the Links Statistics Data Table (see Figure 11). Once you have installed the permanent license only the features (listed below) that you have licensed will be optimized. To see if a particular link has exceeded the licensed bandwidth allowance. Any remaining traffic will pass-through. during which you must register the product and a install a permanent license. Virtual Accelerators are licensed via the Licensing Server and Dongle. look at the My Links screen and a partial icon will be displayed next to the link. Information about the Licensing Server is in the Licensing Server User Guide that is supplied with the Accessories DVD for the Virtual Accelerator.the value indicates maximum number of MACCs that can be connected to this specific Accelerator.34 C h ap t er 2: Getting Started About the AcceleratorOS License Physical Accelerators are shipped with a temporary license with a 30-day grace period.

on page 38 To configure the Licensing Server information. Should you need to change. i Note: The grace period counts only days during which the Accelerator is powered on. you should contact your local reseller. or Via the CLI see Licensing Commands. Note: In the unlikely event of Accelerator failure. If the license is a trial license. or re-new your license. upgrade. This will enable the second Accelerator to function with a an evaluation license. on page 444. i . the amount of time left to the license is indicated. see Configuring the Licensing Server via the Accelerator.Ab o u t th e A cce le r at o r O S Li ce ns e 35 Figure 11: License Exceeded Additional topics in this section include: Viewing the License Status. see Applying an Accelerator Feature License Key. on page 35 Reviewing the Licensing Procedure. on page 36 To load a new license. allowing you time to register the new Accelerator. on page 39 Viewing the License Status Viewing the license status is possible as follows: Via the Licensing tab of the My Accelerator screen. you can immediately replace the Accelerator in the field by inserting the Compact Flash from an Accelerator with a permanent license into another Accelerator. The License Table shows all applicable features that are subject to the license and also shows each license’s status. if you use a non hard drivebased Accelerator.

Ac ce ler at o rOS Ve rsi on 7.0 . on page 38 Configuring the Licensing Server via the Accelerator. on page 38—for loading a new license file Configuring the Licensing Server via the Accelerator. on page 38 Licensing a Virtual Accelerator involves two steps: Activating the Licensing Server Dongle via the Portal. on page 39—for configuring the Licensing Server information. on page 39 To renew or upgrade your license. contact Expand’s Technical Assistance Center. on page 423.36 C h ap t er 2: Getting Started See one of the following topics for more information: Applying an Accelerator Feature License Key. on page 37 Applying an Accelerator Feature License Key.1 Us er Gu id e . Reviewing the Licensing Procedure Licensing a physical Accelerator involves two steps: Activating the I-Key in the Portal. If you do not know how to do this see Contacting TAC.

Click the Add Product link. If you have not yet registered click First Time Here to do so and then log in. . Click the Submit button and a new pop-up window opens. 2. 9. In the popup window. See Applying an Accelerator Feature License Key. Click on the Accelerator Licensing tab.Ab o u t th e A cce le r at o r O S Li ce ns e 37 Licensing a Physical Accelerator Activating the I-Key in the Portal To Activate the I-Key: 1. Identify the Accelerator’s Serial number (product ID) in the upper right hand corner of the Basic screen of the AcceleratorOS WebUI.expand. Click the My Expand tab on the top of the Web page. The popup window now displays the details of the license key.Key (received via E-mail) and click the Activate button. Enter your login information and click Log In. on page 38 to continue. 4. Keep this information in a safe place. enter the Site Name. 8. Copy the information listed in the first line: LICENSE KEY IS: This is the number that you need to enter into the Accelerator to activate the license. 6. Go to www. Type or paste the Serial Number from the AcceleratorOS WebUI.com. and the Reseller. Re-enter the serial number. enter the I. 5. 7. Open your E-mail and copy the I-Key that was sent to you with your order confirmation. 3. In the I-Key field. Customers are to go to the Extranet site by clicking the Here to Login button on the right.

5.1 Us er Gu id e . click Setup followed by My Accelerator. 2. Click the Activate New License button. In the Accelerator’s WebUI. Click Activate License. make sure you write down the file name (it is case sensitive). 6. To upload a License File: 1. 3. 6. There is no browse option. and then Licensing. if not keep the checkbox deselected. select the Refresh acceleration on all links checkbox. click Setup followed by My Accelerator. 5. Click Paste to paste the License Key as copied from the clipboard. You will need the Ac ce ler at o rOS Ve rsi on 7. 4. Also. 3. To update the new license features for all established links. Click Activate License. 4. Make sure you have downloaded the license file (.0 . Make sure you have copied the License Key from the Licensing Section of the customer portal to the clipboard. 2. Click the File radio button and type the complete name of the file in the field.lic) from the Customer Portal and transfer it to the Accelerator using an appropriate transfer protocol (FTP. select the Refresh acceleration on all links checkbox. To update the new license features for all established links. Licensing a Virtual Accelerator Activating the Licensing Server Dongle via the Portal Once you have received the Licensing Server Package. you need to register the Dongle on the Expand Networks’ Channel or Extranet Portal. and then Licensing. if not keep the checkbox deselected. Click the Activate New License button and click the Key radio button. for example).38 C h ap t er 2: Getting Started Applying an Accelerator Feature License Key To activate or reactivate an Accelerator feature License Key: 1. In the Accelerator’s WebUI.

In the popup window. Enter the Dongle ID Number.lic) by clicking the underlined hyperlink. 7. Failure to do so will result in your license being invalidated. on page 39. if for any reason the connection to the licensing server is lost. Click the Submit button and a new popup window opens. 8. Download the Excel spreadsheet and save it for your records. the license state will default to a grace-period state. The individual Virtual Accelerator License Keys are also displayed. Customers are to go to the Extranet site by clicking the Here to Login button on the right. enter the Site Name. Click on the Accelerator Licensing tab. Note that. i Note: In order to use the Virtual Accelerator. Re-enter the Dongle ID Number. you will need to install the Licensing Server and Dongle. 3. Configuring the Licensing Server via the Accelerator All Virtual Accelerators require a connection to the Licensing Server in order to provide acceleration services. For additional information about the Licensing Server Installation or Licensing Server Dongle. 4. to continue.Ab o u t th e A cce le r at o r O S Li ce ns e 39 Dongle ID number in order to register the Dongle. see the documentation included on the Virtual Accelerator Accessories DVD. If you have not yet registered click First Time Here to do so and then log in. Go to www. Download the Licensing Deployment File (. Enter your login information and click Log In.com. 5. Click the My Expand Link. 2. Go to Configuring the Licensing Server via the Accelerator. 1. requiring you to fix the problem before the grace-period ends. . Click the Add Product link. This number is supplied to you within the Confirmation Letter you received when you purchased the Virtual Accelerator. and the Reseller.expand. 6.

type the name in the Host Name field. click Auto Discover. 3. Click Submit. 4.0 . If you know the Host name. click Setup followed by My Accelerator. Decide how you are going to connect to the server by selecting one of the following: If you know the licensing server’s IP address. In the Accelerator’s WebUI. Ac ce ler at o rOS Ve rsi on 7. select IP address and type it in the IP Address field.1 Us er Gu id e . and then Licensing. If you want the Virtual Accelerator to discover the licensing server by itself.40 C h ap t er 2: Getting Started To connect the Virtual Accelerator to the licensing server: 1. 2. Click the + to open the Licensing Advanced window.

Logging On and Off the Accelerator To log into the Accelerator: 1. Verify that the platform and software version shown on the screen are correct. You are immediately logged out. If your browser has pop-ups disabled. Both are case sensitive. . 4. In the User Name field. 7. 3. Click Submit. click Logout. the default user name is expand and the default password is Expand. From any screen in the WebUI. Enter the IP address of the Accelerator. 5. To logout of the Accelerator: 1. you set a password. This is case sensitive. There is no confirmation. enter the user name you used in the Setup Wizard. enter the password you used in the Setup Wizard. L o g gi n g O n an d O f f t he A cc ele r a to r 41 In the setup of the Accelerator. 2. The login screen appears. In the Password field. This is case sensitive. You will need this password to log into the software. 6. change the properties so that pop-ups are enabled. Open a web browser. If this is your first time logging in.

on page 202 Integrating into Networks that use Dynamic Routing Follow these steps to install the Accelerator on a network that already uses dynamic routing. See Setting Dynamic Routing. or point-to-multipoint configuration. The following section describes the steps needed to get the Accelerator up and running for various network topologies and technologies. Ac ce ler at o rOS Ve rsi on 7.1 Us er Gu id e . Use the Installation Wizard to set up basic Accelerator properties.42 C h ap t er 2: Getting Started I ntegrati ng the Accelerator i nto Your Network The steps involved in integrating the Accelerator in your network depend entirely on the structure of the network and the various technologies and devices already in place on your network. Use the following steps for networks that use OSPF dynamic routing. on page 43 Installing On-LAN at a Data Center. as detailed in the Quick Installation Guide. proceed with the configuration by referring to one of the following sections. with one router and one or more remote sites.0 . depending on the network environment: Integrating into Networks that use Dynamic Routing. on page 98. Your network may need one or any combination of the following settings. namely: a network that installs the Accelerators in a point-to-point. After concluding the first stage of using the wizard. on page 44 Installing in a Web-Intensive Environment. on page 42 Networks Using External QoS or Monitoring Devices. on page 43 Installing in a High Latency Environment. on page 43 Working in Noisy Link Environments. The Accelerator Installation Wizard is designed to get the Accelerator up and running on a standard network. on page 44 Accelerator QoS.

see Setting WCCP on the Router. the Accelerator needs to intercept packets from the LAN before they are handled by the router. on page 102. This is accomplished either via RIP Route Injection. For more information. or via the Web Cache Communication Protocol (WCCP). See Creating and Editing Links. you can configure the Accelerator to operate within an HSRP or a VRRP group. For information on configuring the router to support WCCP mode. Installing On-LAN at a Data Center Installing an Accelerator On-LAN at the data center requires taking extra measures in order to enable redirecting all relevant traffic to the Accelerator. When working in On-LAN mode. setting up the Accelerator is necessary for enabling the QoS device to continue having access to the traffic traversing the Accelerator. on page 44. see Enabling Packet Interception. but by using thirdparty software). the following configuration modifications may help optimize Accelerator performance. drops or collisions (for example. with a high number of BERs. See Working in Noisy Link Environments If you add the Accelerator to a particularly noisy environment. satellite links or a connection with radio transmissions). For more information see Router Redundancy Protocols.In te g r at in g t h e A cc el er a to r in t o Yo u r N et w o r k 43 Networks Using External QoS or Monitoring Devices When QoS is deployed on the network (not via the Accelerator. as described in section Installing in a High Latency Environment. In addition you may want to consider enabling TCP Acceleration if links are high-latency. . on page 108. If resilience is necessary. and HSRP or VRRP is implemented among the routers at the central site. on page 315. on page 80 for information on customizing link connections.

. does not perform well in high latency and high-packet-loss environments. on page 240. degraded web performance and unresponsive applications. The TCP limitations are expressed in the long times required for file transfers over the WAN. or a lot of Web browsing takes place between branch offices to the central office’s Internet link.1 Us er Gu id e . which was designed to ensure reliable IP transmission. see section Studying TCP Acceleration.44 C h ap t er 2: Getting Started Installing in a High Latency Environment TCP. Ac ce ler at o rOS Ve rsi on 7.0 . TCP Acceleration enables optimization and better utilization of WANs that suffer from distance-induced TCP limitations. Installing in a Web-Intensive Environment If your network runs many Web-based applications. For more information on TCP Acceleration. DNS Acceleration may decrease some of the network congestion.

on page 46 Using Link Statistics and Graphs. on page 49 Discovering Traffic. on page 57 Viewing Statistics and Graphs for Specific Applications. on page 69 Configuring NetFlow Support. on page 330. on page 71 . This chapter includes the following sections: Introduction to Monitoring. on page 62 Viewing Summary Graphs.Chapter 3: Monitoring the Network This chapter explains how to use and understand the Accelerator’s advanced graphic reporting and statistics feature that enables monitoring of Accelerator performance and throughput. on page 68 Viewing Ethernet Statistics. For statistical data for the Collective Branch. see Monitoring Collective Branch Statistics.

The graphs are automatically updated. if a local subnet is not defined as LOCAL.0 . you can easily re-access the chart or graph via the Accelerator WebUI. The monitoring feature. Ensure that all Local subnets are defined as local. The Accelerator samples the data behind-the-scenes and stores it in a compact way. lets you view statistics and graphs for the following: From WAN. which lets you view data up to the minute over a period of up to a year.46 C h ap t er 3: Monitoring the Network Introduction to Monitoring All statistics generated for these graphic reports are saved in the Accelerator history log. according to a set frequency. This sampled data represents the average over the selected period of time. the Accelerator QoS and Monitoring features do not function properly. available via the Monitor tab. To WAN. as described in the following figure: Figure 1: WAN to LAN and LAN to WAN i Note: In a non-link environment. so that if Windows closes or if an Accelerator reboots. To LAN.1 Us er Gu id e . Ac ce ler at o rOS Ve rsi on 7. Expand recommends that you open a maximum of five charts per-Accelerator simultaneously. and From LAN traffic.

follow this procedure to download and install the plugin. on page 48 i Wo r k in g w i th M on i to r i ng 47 To work with monitoring. on page 47 Using Verisign Security Certificate.4 and up. click Settings > Control Panel > Add or Remove Programs. The PC used for viewing the graphs must support Java runtime environments and a Java plug-in must be installed in order to view the Accelerator’s graphs Installing the JAVA Applet To determine whether you need to install the Java plug-in. This plug-in lets you view the Accelerator’s Graphic-Reporting feature by opening a new Internet Explorer window and entering the Accelerator’s IP address into the Address field.Working with Monitoring Installing the JAVA Applet. The Java Plug-in installation wizard opens. . recommended to use the Java-Applet provided on the Expand Networks<> Extranet). you first need to take several steps. defined in the following sections: Note: The Accelerator’s graphic reporting feature works with the Java-Applet (JRE 1. If you do have this software installed and have verified that you are using the correct version. To download and install the Java plugin: 1. Use the default settings to install the Java-Plug-in. you are ready to begin working with the Accelerator’s Graph Monitoring feature. 2. Search the list for JAVA 2 Runtime Environment. from the Start button. on page 48 Studying The Monitoring Window. If the JAVA plugin is not installed on the PC. Use the Documentation and Software CD and Click on the Java plugin link.

Description. Studying The Monitoring Window Option Direction Link Description The Accelerator’s monitoring feature lets you view statistics for inbound or outbound traffic on the Accelerator.48 C h ap t er 3: Monitoring the Network Using Verisign Security Certificate In order to work with the Monitoring feature. By default. MS Windows requests you to verify that the Accelerator is a trusted site. enabling you to see the limit of throughput that can actually traverse the link. In. Select the Show checkbox if you want to see the peak lines representing the highest statistics achieved for the reported period. for the following: • A specific link • All of the Accelerator’s links • All compressible links • The non-link • All virtual links Scroll down in the View Last drop-down menu to select the period for which the graph is displayed. Outbound Peak Compression For a description of these fields. Out. To avoid seeing this popup every subsequent time you try to access the Monitoring menu. The Accelerator’s monitoring feature lets you view statistics. the link speed is set to the bandwidth set for the link selected. the default link speed (when Auto is selected in the Link speed column) is set to either the total bandwidth set for all links or the sum of all WAN bandwidths.1 Us er Gu id e . Outbound Acceleration. viewing Peaks is necessary for understanding the Accelerator’s overall performance. View Last Link Speed Peak Data Save Export to CSV Ac ce ler at o rOS Ve rsi on 7. on page 67. Click the Export to CSV button to save the generated graphs as a CSV file.0 . Inbound Acceleration. The default period is 30 minutes. You will be directed to browse to a location in which to save the file. When Total is selected in the Link column. Period. Click the Save button to save the generated graphs as a JPG or a PDF file. Peak Out. You can set the link speed in the fields above the graph to add a line to the displayed graph. total is the lower value of the two. Effective Peak Out. Outbound Compression. you should click the Always button the first time it appears. Effective In. Effective Out. You are then directed to browse to a location in which to save the file. see section Viewing Statistics for Applications. The PDF file created displays each graph in the selected Monitoring window and a brief description of each. via a popup window that appears on your screen. Sample Time. All graphs displayed give an average of the performance for any given interval. The file created generates a table with the following fields: Name. Inbound Peak Acceleration. Effective Peak In. Peak In. Outbound Peak Acceleration. Interval. Inbound Compression. when Auto is selected in the link speed column. Therefore. Inbound Peak Compression.

Alternatively. on page 53 Statistics per Link. on page 51 Compression Statistics per Link. Topics covered include: Viewing Viewing Viewing Viewing Viewing Throughput Statistics per Link. on page 54 . you can monitor the Accelerator based on the Applications traversing its links. on page 50 Utilization Statistics per Link. on page 50 Acceleration Statistics per Link.Using Link Statistics and Graphs U sin g L in k Stat i st ics a nd G r ap h s 49 The link statistics and graphs let you monitor the performance of the Accelerator and its links.

(what actually goes over your WAN link) and the pre-accelerated throughput. Selecting the link speed is necessary in order for the Utilization graph to display accurate data. therefore you should expect to see slower rates used by their servers and hosts. while the yellow represents the amount of bandwidth that would have been used without the Accelerator. which is the throughput that would have been used without the Accelerator’s compression mechanisms. Figure 2: Link Utilization Statistics Viewing Utilization Statistics per Link The Utilization Statistics per Link graph lets you monitor how much of the link is being utilized. Ac ce ler at o rOS Ve rsi on 7. This graph lets you compare between accelerated throughput.1 Us er Gu id e . and therefore cannot exceed 100% of the link speed. i Note: If the Accelerator is not deployed the available bandwidth is reduced.0 . The traffic displayed is accelerated traffic.50 C h ap t er 3: Monitoring the Network Viewing Throughput Statistics per Link The Throughput Statistics per Link graph lets you monitor how much traffic passed through the Accelerator. The blue area represents the actual bandwidth used with the Accelerator.

2. Multiply the number of In Packets by 14. 5. Multiply the ratio by 100 to arrive at the acceleration percentage. Understanding Acceleration The Acceleration percentage describes how effectively the Accelerator is processing and compressing the traffic. 1. Divide this number by the sum of the Out Packets multiplied by 14 and subtracted from Out bytes. Subtract this number from the number of In Bytes. . Acceleration percentages are calculated as follows: Figure 3: Acceleration Process To calculate acceleration: Refer to the Monitor > Links > Statistics menu for data to be used in the following procedure.U sin g L in k Stat i st ics a nd G r ap h s 51 Viewing Acceleration Statistics per Link The Acceleration Statistics per Link graph lets you view acceleration percentages for inbound and outbound traffic on the Accelerator per interface/link or for the total for the Accelerator. This statistic does not take into account traffic that bypasses the acceleration mechanism. This accounts for the Ethernet Layer-2 header. Subtract 1 from the sum. 3. 4.

Passthrough packets OutBytes—Outgoing bytes (to the WAN) .Do not tunnel bytesRouting bytes.0 . overload traffic Keepalives and so on.System messages bytes OutPackets—Outgoing packets (to the WAN) .Passthrough bytes InPackets—Incoming packets (from LAN) .– 1 X 100 -----------------------OutBytes – 14 X OutPackets Figure 4: Calculating Acceleration InBytes—Incoming bytes (from LAN) .Do not tunnel packets Routing packets .Passthrough packets .Passthrough bytes . Passthrough System Messages Ac ce ler at o rOS Ve rsi on 7.1 Us er Gu id e .Do not tunnel bytes Routing bytes .Do not tunnel packets .Routing packets . Non-link traffic.System messages packets. Parameter Item Do Not Tunnel Routing Description Traffic set with the “Do Not Tunnel” decision. Virtual link traffic Traffic between the Accelerator and the local router to retrieve routing information for the local LAN Traffic set with the “Do Not Accelerate” decision.52 C h ap t er 3: Monitoring the Network InBytes – 14 X InPackets -----------------------.

U sin g L in k Stat i st ics a nd G r ap h s 53 For example: in a simple scenario in which the packet size is 1000 bytes: If InBytes = 300. .– 1 X 100 = 208 ------------100000 – 14 X 300 Figure 5:Calculating Acceleration Example Viewing Compression Statistics per Link The Compression Statistics per Link graph displays the amount by which traffic was reduced by the Accelerator.000 and OutBytes = 100. This graph represents in percents. how much less data is passing over the physical link because of acceleration.99% reduction.000 then: 300000 – 14 X 300 -------------. The Accelerator is capable up to 99.

or in number of packets. Since Clear—Data transferred over the link selected that was collected since the Accelerator’s counters were last cleared. Last 5 Seconds—Data transferred over the link selected that was collected over the last 5 seconds. see the following table below: All statistic items are displayed according to: Data—Lists type of statistic gathered. 2. 3. or Acceleration. Data is listed in KB. To view a statistics table: 1.54 C h ap t er 3: Monitoring the Network Viewing Statistics per Link The Accelerator’s Statistics table displays data presented in the Link graphs in table format per link or for the entire traffic. select the statistics to be displayed: All. or in number of packets.1 Us er Gu id e . Data is listed in KB. Errors. in percentages. or select Total to view statistics for all of the links. Select a link from the Link drop-down menu. Click the following menu sequence: Monitor > Links > Statistics. Parameter Item Bytes Information In Bytes Out Bytes In IPsec Bytes Out IPsec Bytes Raw In Bytes Raw Out Bytes Dropped Out IPsec Bytes Exceeded License Bytes Number of input bytes Number of outgoing bytes Number of input bytes that are sent over a secure link Number of outgoing bytes that are sent over a secure link Total incoming bytes being accelerated using this link Total outgoing bytes being accelerated using this link Number of outgoing bytes that were dropped on a secure link Number of bytes that are not optimized because the bandwidth limit as set by the AcceleratorOS license is exceeded Description Packets In Packets Out Packets Number of input packets Number of outgoing packets Ac ce ler at o rOS Ve rsi on 7. Data is listed in Kbps or in percentages. in percentages. Throughput. System up—Data transferred over the link selected that was collected since the Accelerator was powered on. From the drop-down menu.0 . For a description of the information that is displayed in the table.

such as queues and obsolete Outgoing Packets that were dropped by QoS enforcements. or combined. after transmission Number of small packets aggregated. Outgoing Packets that were aggregated as part of the user defined-2 post-acceleration aggregation policy Incoming Packets that were aggregated as part of the Thin Client post-acceleration aggregation policy Outgoing Packets that were aggregated as part of the Thin Client post-acceleration aggregation policy Number of packets sent out marked as Do not Accelerate. Number of packets that are not optimized because the bandwidth limit as set by the AcceleratorOS license is exceeded Poly In Packets Poly Out Packets Agg Default In Packets Agg Default Out Packets Agg User-Defined 1 In Packets Agg User-Defined 1 Out Packets Agg User-Defined 2 In Packets Agg User-Defined 2 Out Packets Agg Thin Client In Packets Agg Thin Client Out Packets Do Not Acc Packets Do Not Tunnel Packets Exceeded License Packets Errors CRC Errors Other Errors Number of CRC-errored packets received Unexpected errors received . Number of packets sent out marked not to be routed into the link.U sin g L in k Stat i st ics a nd G r ap h s 55 Parameter Item Packets In IPsec Packets Out IPsec Packets Discarded In Packets Discarded Out Packets Dropped In Packets Dropped Out Packets Dropped Out IPsec Packets Traffic-Gauge Packets Description Number of input packets sent over a secure link Number of outgoing packets sent over a secure link Incoming packets that were discarded by a rule with discard policy Outgoing Packets that were discarded by a rule with discard policy Incoming packets that were dropped by QoS enforcements. before transmission Incoming packets that were aggregated as part of the default postacceleration aggregation policy. Incoming Packets that were aggregated as part of the user defined-2 post-acceleration aggregation policy. Outgoing Packets that were aggregated as part of the user defined-1 post-acceleration aggregation policy. Outgoing Packets that were not optimized due to being sent through the Traffic-Gauge mechanism in order to enhance performance Number of small packets aggregated. or combined. Outgoing Packets that were aggregated as part of the default postacceleration aggregation policy Incoming Packets that were aggregated as part of the user defined-1 post-acceleration aggregation policy. such as queues and obsolete on a secure link. such as queues and obsolete Outgoing Packets that were dropped by QoS enforcements.

1. Click the Clear Counters button.1 Us er Gu id e . This is generated when a duplicate packet is received by the replay window Acceleration In Acceleration Out Acceleration In Actual Acceleration Out Actual Acceleration In Compression Out Compression Inbound Acceleration percentage Outbound Acceleration percentage Acceleration that considers all incoming throughput Acceleration that considers all outgoing throughput Inbound compression percentage Outbound compression percentage To clear all of the statistics counters: i Note: This will clear all of the statistics counters.56 C h ap t er 3: Monitoring the Network Parameter Item Errors IPsec Decrypt Errors IPsec Encrypt Errors IPsec Other In Errors IPsec Other Out Errors IPsec IPS In Auth Errors IPsec IPS In Replay Win Errors Description Errors resulting from Decryption Errors resulting from Encryption Number of errored packets received that were not caused by decryption Number of errored packets transmitted that were not caused by encryption Number of Authentication Header failures. Ac ce ler at o rOS Ve rsi on 7.0 . This occurs when there is an authentication mismatch Number of Replay Window errors. Click Yes when prompted. so make sure you want to do this before proceeding. 2.

on page 57 Creating a New Application from Discovered Traffic. on page 57 Viewing Detailed Traffic Discovery.Discovering Traffic D isc o ver in g Tra f fi c 57 The Traffic menu lets you view applications running on the network. and Layer-7 discovery (the application properties discovered on the network). on page 60 Discovering Layer-7 Applications. Click on the Details column and the Detected Applications window appears. on page 60 Viewing Detected Applications The Detected Applications menu lets you view all detected applications that traverse the network. Viewing Detailed Traffic Discovery If you want to create a new application from the discovered traffic. the throughput before and after the acceleration. Traffic is divided into the following categories: Detected traffic (all other applications detected on the network .non-classified traffic that is not part of a predefined or user-configured application type). To view detailed traffic discovery for detected applications: 1. Monitored traffic (all applications set to enable “collect statistics”). followed by the Traffic Discovery tab and then the Detected Applications tab. Click on Monitor. on page 59. on page 59 Viewing Monitored Applications. 2. This section contains the following topics: Viewing Detected Applications. see Creating a New Application from Discovered Traffic. You can view the applications coming in both directions (from LAN to WAN and conversely). . and the acceleration rate.

In Packets . In Compression . Raw In Bytes .details data regarding the outbound traffic.the amount of pre-compressed bytes that entered the link in this specific system.the amount of compressed packets that entered the link in this specific system.how effectively the Accelerator is processing and compressing the traffic. The Inbound section .the amount of packets that were discarded before passing through the link.58 C h ap t er 3: Monitoring the Network Figure 6: Detected Applications This window contains the following items: The Clear Counters button .the amount of bytes waiting to enter the system. In Acceleration .the amount of compressed bytes that entered the link in this specific system.details data regarding the inbound traffic. Queued in bytes . since the last time the counters were cleared (Since Clear) or in the last five seconds.the amount of packets that were not accelerated. The Inbound section details the following data items: In Bytes . in the outbound direction. Dropped In Packets .0 . Discarded In Packets . All data items detailed here can be seen since the system was last started (System up).1 Us er Gu id e . This is useful in case you want to start collecting new statistics without restarting the system. The Outbound section . Ac ce ler at o rOS Ve rsi on 7. since the last time the counters were cleared (Since Clear) or in the last five seconds. The Outbound section details the same data items.lets you clear all counters for the discovered application.the amount by which traffic was reduced by the Accelerator. All data items detailed here can be seen since the system was last started (System up).

it is displayed as an unrecognized port in the traffic discovery list. see Monitoring Applications. In the Detected Applications table. Once the Application is created. You can view the newly created monitored application from any of the application graph screens by selecting it from the Applications drop-down box. i Note: As soon as even one undefined packet is detected (TCP/UDP). followed by Traffic Discovery. See Viewing Statistics and Graphs for Specific Applications. and Detected Applications. on page 62. Click the Monitor tab. click on the name of the detected application for which you would like to create an application. the application appears in the list of Monitored Applications. 2. Follow the directions as in any new application.D isc o ver in g Tra f fi c 59 Creating a New Application from Discovered Traffic To create a new application from discovered traffic: 1. from within the graph screen. on page 65. on page 215. To see this list. . See Working with Applications.

The Monitored List is done on a per link basis. You can view the applications coming in both directions for the last five seconds. The monitored applications menu opens. See Monitoring Applications. Click the following menu sequence: Monitor >Traffic Discovery > Monitored Applications. See Viewing Statistics for Applications. To configure the QoS parameters of these applications. or can be done globally to all links. Ac ce ler at o rOS Ve rsi on 7. on page 65. Applications can be removed or added to this list. 2. These may be L7-applications that have been defined already or L7-applications that are not defined but have been detected. 3. To see details about a specific application click the Details link and a table opens showing statistical information on the application. Figure 7:Monitored Applications To view a monitored application: 1. on page 67 for an explanation on the fields in the table.60 C h ap t er 3: Monitoring the Network Viewing Monitored Applications The Monitored Applications menu and table lets you view all discovered and defined applications traversing the network.1 Us er Gu id e . Discovering Layer-7 Applications The L-7 table lists the application properties discovered on the network.0 . double-click the applications in the table. To configure the QoS parameters of these applications. double-click the applications in the table. Monitored Applications are added to a monitor list.

Citrix. By default this checkbox is disabled. on page 201 for more information. followed by Traffic Discovery and then L7 Discovery.D isc o ver in g Tra f fi c 61 To discover which applications are present on the network: 1. To define the application. . These may be L7-applications that have been defined already or L7-applications that are not defined but have been detected. 2. see Creating New Applications. click Monitor. The L7 table lists the application properties discovered on the network. double-click the applications in the table. URL. 4. 3. In the Accelerator WebUI. See Applying QoS. or RDP. In the Parent L7 Application field. This eases the process of defining QoS for the applications. To configure the QoS parameters of these applications. because the L7 application parameters are detected and filled-in automatically (MIME type. select one of the following: HTTP. on page 219. Citrix Application name and client and so on). Select the Enable Discovery checkbox.

the following options are available. which lets you see the limit of throughput that can actually traverse the link. on page 65 Monitoring Applications. The Accelerator’s monitoring feature lets you view data for From WAN. on page 64 Viewing Compression Statistics per Application. In addition. To LAN. Top 10 displays results for the ten applications that are most prevalent on your network. Scroll down in the View-last drop-down menu to select the period for which the graph is displayed. To WAN and From LAN traffic on the Accelerator.1 Us er Gu id e . on page 65 Viewing Statistics for Applications. viewing the peaks is necessary for getting a full picture of the Accelerator’s overall performance. Direction Link View Last Link Speed Peak Data Ac ce ler at o rOS Ve rsi on 7. The default period is 30 minutes. you can monitor the Accelerators within your system. From List displays the ten applications selected in the Monitored Applications window. as seen in the screen below: Parameter Application Description Select an application to view. or select Top 10 or From List. The Accelerator’s monitoring feature lets you view data per link or for the total for all of the Accelerator’s links. or save them in Acrobat (PDF) format. on page 63 Viewing Acceleration Statistics per Application. export them into a CSL file. The application allows you to save all statistical data in external formats such as PDF and Excel. Displaying the statistics as a graph makes the information easy to understand. Because all graphs displayed give an estimate of the performance for any given interval. For each graph. You can set the link speed in the fields above the graph to add a line to the displayed graph. on page 67 Graphs viewed per application let you view statistic data items.62 C h ap t er 3: Monitoring the Network Viewing Statistics and Graphs for Specific Applications Displaying statistics allows the ability to monitor changes in application behavior. The following operations can be performed: Viewing Utilization Statistics per Application. Select the Peak Data checkbox if you want to see the peak lines representing the best statistics achieved for the reported period. on page 64 Viewing Bandwidth Distribution Statistics per Application.0 .

You can view the graph per each application. LAN link). To enable monitoring of a discovered application: 1. followed by Utilization. The blue area represents your bandwidth gains with the Accelerator. select to or from LAN or WAN. allowing you to see just how much the Accelerator is really adding to the line. . highlight the applications to be monitored and use the arrow keys to add or remove these applications from the monitored applications table. Click on Monitor followed by Applications. In the Applications table. This graph lets you compare between accelerated throughput (what actually goes over your WAN link) and the pre-accelerated throughput. You can view the graph per each application. This graph lets you compare between inbound and outbound utilization (what actually goes over your WAN vs. The Traffic Discovery menu lets you view all applications traversing the network. for the top 10 applications or for ten selected applications. The blue area represents your bandwidth gains with the Accelerator. In the Direction field. Viewing Utilization Statistics per Application The Utilization Statistics per Application graph lets you monitor how much in percentage the link is being utilized by a single application. allowing you to see just how much the Accelerator is really adding to the line.Vie w in g Stat i st ics a nd G r ap h s fo r Spe ci fi c A p pl ic at io n s 63 Setting up Graphs Only applications defined as “monitored” applications are displayed in the application graphs. Viewing Throughput Statistics per Application The Throughput Statistics per Application graph lets you monitor how much traffic per application passed through the Accelerator. for the top 10 applications or for ten selected applications. 3. 2. which is the throughput that would have been passed without our advanced compression mechanisms.

Viewing Compression Statistics per Application Figure 8: Compression Statistics The Compression Statistics per Application graph display. 3. the amount by which data traffic over the physical link was reduced. highlight the applications to be monitored and use the arrow keys to add or remove these applications from the monitored applications table. Ac ce ler at o rOS Ve rsi on 7. In the Applications table.0 . presented in distribution per single applications.1 Us er Gu id e .64 C h ap t er 3: Monitoring the Network To enable monitoring of a discovered application: 1. 2. followed by Monitor Applications. in percents. scroll down to select the link whose traffic you want to display Viewing Acceleration Statistics per Application The Acceleration Statistics per Application graph lets you view acceleration percentages for inbound and outbound applications on the Accelerator per interface/tunnel or for the total for the Accelerator. Click on Monitor followed by Applications. In the Apply to Link field.

Monitored applications are applications for which statistics are saved in the Accelerator to be displayed in graphs and charts. the Bandwidth Distribution Graph details the percentage of bandwidth consumed by each selected class. on page 381). 50 of the predefined applications are considered Monitored applications (see Pre-Defined Applications. Figure 9: Monitored Applications window . Monitoring Applications This section explains how to use and understand the Accelerator’s advanced graphic reporting and statistics feature that enables monitoring of accelerated applications. By default. Applications are either predefined or user-defined. meaning that traffic types that benefit from a high acceleration percentage consume a relatively small percentage of the line. and up to 10 applications on each link. The distribution is for accelerated data.Vie w in g Stat i st ics a nd G r ap h s fo r Spe ci fi c A p pl ic at io n s 65 Viewing Bandwidth Distribution Statistics per Application To gain a better picture of what kind of traffic is traveling across your line. You can monitor simultaneously up to 50 applications on each Accelerator. Applications can be can be monitored on a per-link basis or globally on all links. and all user-defined applications are Monitored by default. though they constitute a higher percentage of the pre-accelerated data.

4. Ac ce ler at o rOS Ve rsi on 7. from the Apply to Link drop-down menu. 5. Select the application direction from the drop-down menu at the top of the Application table. Click Submit. Select the Application within the table and click the >> button to move the application to the Monitored Application list. Select the link upon which the application is running. 3.66 C h ap t er 3: Monitoring the Network To add an application to the monitored list: 1. Click the following menu sequence: Monitor > Applications > Monitor Applications. 2.0 .1 Us er Gu id e . Select Total for all links. select the application and click the << button. To remove an application from this list.

Vie w in g Stat i st ics a nd G r ap h s fo r Spe ci fi c A p pl ic at io n s

67

Viewing Statistics for Applications
This screen allows you to view statistical in formation on a specific defined application over a specific link or a specific defined application over all links. Defined applications are all applications that have been discovered and have had their parameters defined and created as an application. These applications appear in the Applications table (Setup > My Applications). If you want to add an application to the Applications table, see Working with Applications, on page 215.

To view statistics for a specific detected application:
1. Follow the following menu sequence: Monitor> Applications> Statistics. 2. Select the link on which the application is running from the Link drop-down menu. Select the desired Application from the drop-down menu. The statistical information for the application appears in the statistics table.
Parameter Item Inbound
In Bytes Raw In Bytes Queued In Bytes In Packets Dropped In Packets Discarded In Packets In Acceleration In Compression Number of input bytes. Total incoming bytes being accelerated using these links Number of incoming bytes that are in the queue. Number of input packets Incoming packets that were dropped by QoS enforcements, such as queues and obsolete Incoming packets that were discarded by a rule with discard policy (discard all P2P) Inbound Acceleration percentage Inbound compression percentage

Description

Outbound
Out Bytes Raw Out Bytes Queued Out Bytes Out Packets Dropped Out Packets Discarded Out Packets Out Acceleration Out Compression Number of outgoing bytes Total outgoing bytes being accelerated using this link Number of outgoing bytes that are in the queue. Number of outgoing packets Outgoing Packets that were dropped by QoS enforcements (queues, obsolete and so on.) Outgoing Packets that were discarded by a rule with discard policy (discard all P2P). Outbound Acceleration percentage Outbound compression percentage

3. To clear the statistics counters, click the Clear Counters button.

68

C h ap t er 3: Monitoring the Network

Viewing Summary Graphs
The Accelerator lets you view a selection of important performance graphs to provide you with an overview of your network performance. The Summary menu lets you view several graphs via a single screen. The data used in the graphs is based on the total traffic on all Accelerator links.

To view summary graphs:
1. In the Accelerator’s WebUI, click on the Monitor tab, followed by Summary. 2. Select the link, view last, link speed and peak data options.

Figure 10:Summary Graph

Ac ce ler at o rOS Ve rsi on 7.0 .1 Us er Gu id e

Viewing Ethernet Statistics

View i n g Et he rn et Sta ti st ic s

69

The Accelerator lets you view a statistic detailing of the data displayed on the monitoring graphs. Refer to one of the following sections for details regarding the configuration of Ethernet statistics: Configuring the Ethernet Statistics Display Fields, on page 69, for WebUI configuration. Ethernet Statistics Display Commands, on page 588 for configuration with the CLI.

Configuring the Ethernet Statistics Display Fields
Follow these steps to view, via the WebUI, a statistic detailing of the data displayed on the monitoring graphs: 1. Click on Monitor followed by Interfaces.

Figure 11: Ethernet Statistics window

2. In the Ethernet Statistics screen, select the relevant Ethernet card in the Interface field. The Interface drop-down menu shows all detected Accelerator interfaces. Additional ports are shown only for platforms which support multi-port. If optional panels are used, 4 pairs are shown, otherwise 2 pairs. In other words, the UI shows only the amount of available ports, as indicated in the following figure:.

70

C h ap t er 3: Monitoring the Network

Figure 12: Ethernet Statistics screen

The buttons near the Interface field let you clear either the counters of the currently selected interface or all counters of all interfaces. All statistic items, in both inbound and outbound directions, are displayed according to:
Data—Lists type of statistic gathered System Up—Data transferred over the selected link, which was collected since the Accelerator was powered on. Data is listed in KB, in percentages, or in number of packets. Since Clear—Data transferred over the selected link, which was collected since the Accelerator’s counters were last cleared. Data is listed in KB, in percentages, or in number of packets. Last 5 Seconds—Data transferred over the selected link, which was collected over the last 5 seconds. Data is listed in Kbps or in percentages.

Ac ce ler at o rOS Ve rsi on 7.0 .1 Us er Gu id e

Configuring NetFlow Support

Co n f ig u r in g N et Fl o w S u p p or t

71

The Accelerator supports Cisco’s NetFlow protocol (version 5), which enables collecting traffic flow statistics on routing devices. NetFlow is based on identifying packet traffic and reporting the traffic statistics to the collector. The traffic reported is traffic before acceleration, which lets you receive data regarding “real” traffic (not encrypted, tunneled or accelerated). NetFlow does not: Involve setting any connection-setup protocol either between routers or to any other networking device or end station Require any change externally either to the traffic or packets themselves or to any other networking device. NetFlow does provide various statistical data items (WAN-to-LAN or LAN-to-WAN), in addition to the items generated by the Accelerator. NetFlow uses the following SNMP names: eth 1 (for ETH 0/0) eth 2 (for ETH 0/1) By using these names, the Collector receives on-path indication even when on-LAN deployment is used. In the Collector, eth 2 is used as the Out port and eth 1 as the In port in LAN-toWAN deployment, while the opposite happens in WAN-to-LAN deployment (eth 1 is used as the Out port and eth 2 as the In port). When using the CLI to configure NetFlow, you have to indicate which port is used for connecting to the LAN. The following traffic types are not reported: WAN-to-WAN LAN-to-LAN (including bridgeless traffic). i Note: The NetFlow collector listening port is needed for establishing a connection between the Accelerator and the collector. Ensure that this port is not blocked by a firewall installed between the Accelerator and the collector.

72

C h ap t er 3: Monitoring the Network

Identifying the Traffic
NetFlow detects the local subnets’ source and destination addresses, and determines the traffic direction according to these addresses: the local address are detected as LAN, while the other address are detected as WAN. However, local subnets that were configured in the Accelerator to be excluded (namely: to be connected through a non-link) are detected as WAN. NetFlow is completely transparent to the existing network, including end stations, application software and network devices like LAN switches. In addition, NetFlow is performed independently on each internetworking device, and need not be operational on each router in the network. NetFlow exports data to a remote workstation for collection and further processing. NetFlow does consume CPU resources; therefore, you should be aware of the resources required on your Accelerator before enabling NetFlow. The Accelerator communicates data to Collector as it is set to act as any other probe on the network, forwarding its packet statistics to the NetFlow Collectors, such as Scrutinizer™ and PRTG™, which let you monitor and analyze Accelerator packets. i Note: For your convenience, an evaluation version of the NetFlow collector has been provided for you on the Documentation CD.

Enabling NetFlow
To enable NetFlow:
1. Click on the Setup tab, followed by Advanced, followed by Netflow. 2. Use the relevant fields to enter the Collector IP address, port number and interface. Alternatively, click the Set Default Values button to reset the Netflow configuration values to factory values. 3. Use the Interface drop-down menu to select one of the detected Accelerator interfaces. Additional ports are shown only for platforms which support multi-port. If optional panels are used, 4 pairs are shown, otherwise 2 pairs. In other words, the UI shows only the amount of available ports, as indicated in the following figure:

Ac ce ler at o rOS Ve rsi on 7.0 .1 Us er Gu id e

Co n f ig u r in g N et Fl o w S u p p or t

73

Figure 13: Netflow Statistics Interface Parameters window

4. Click the Submit button.

74

C h ap t er 3: Monitoring the Network

Ac ce ler at o rOS Ve rsi on 7.0 .1 Us er Gu id e

Chapter 4: Configuring Networking
This chapter describes how to perform networking configuration on the Accelerator, including: Optimizing the Network Topology, on page 76 Defining WAN Setup, on page 78 Configuring Secondary IP Addresses, on page 79 Creating and Editing Links, on page 80 Setting Subnet Routing, on page 94 Adding Static Routes, on page 97 Setting Dynamic Routing, on page 98 Enabling Packet Interception, on page 102 Setting the Date and Time on the Accelerator, on page 109 Configuring DHCP Servers, on page 110 Setting ExpandView Connectivity Parameters, on page 111

76

C h ap t er 4: Configuring Networking

Optimizing the Network Topology
The Accelerator enables support of many complex network topologies. Some of these environments have special considerations when setting up the Accelerator.
Point-to-Point The Accelerator’s default settings are designed with a basic point-topoint network in mind. For point-to-point networks as well as for branch offices connected to headquarters, the basic Wizard configuration should suffice. This is the default setting. In a mesh or hub-and-spoke topology it is recommended for the Accelerator to have a correct estimate of the size of the network and the number of Accelerators connected. To adjust the size of the deployment, see Defining Advanced Settings, on page 31.

Mesh and Hub

If the Topology-Size is set to a number that is too large, the Accelerator will not use all its resources, resulting in lower acceleration percentages than would be possible if the Topology-Size were set accurately. If the Topology-Size is set to a number that is too small, too many negotiation messages will be sent between the Accelerator and the network. In addition, the amount of time it takes for the Accelerator to reboot and to recover from a disconnected link will be longer than necessary.

Ac ce ler at o rOS Ve rsi on 7.0 .1 Us er Gu id e

O pt i mi z in g t he N et w o r k Top o lo g y

77

Taking into Account Network-Specific Considerations
The Accelerator’s advanced algorithms support multiple complex networks with no added or special configuration. The algorithms automatically optimize Accelerator benefits per network setup. The following are special configuration recommendations for particular networks:
Environment Type
Noisy environments

Customized Configuration
Noisy environments are handled automatically via the Accelerator. The Accelerator’s basic configuration settings can automatically optimize problematic networks of this type. Out-of-order environments are handled automatically via the Accelerator. The Accelerator’s basic configuration settings can automatically optimize problematic networks of this type. In load-balanced environments, you should set the Accelerator to Source IP preservation (CLI configuration only) to maintain the semblance of a session, or RTM encapsulation if necessary. You can perform load balancing per packet or per session. In a loadbalanced environment you should either enable IPcomp via the CLI, (see (link) encapsulation, on page 474) or use transparent mode to preserve session information. In MPLS networks, enable ToS bit preservation and source IP preservation. Often it is important to enable router transparency instead, to work with the network’s QoS deployment (see section (link) encapsulation, on page 474). Enable router transparency, or ToS bit preservation &/or Source IP Preservation (see section (link) encapsulation, on page 474). Depending on the fields in use, enabling one or more of the IPComp preservation modes may be necessary in order to use RTM. Enable router transparency, or ToS bit preservation &/or Source IP Preservation (see section (link) encapsulation, on page 474). Depending on the fields in use, enabling one or more of the IPComp preservation modes may be necessary in order to use RTM.

Out-of-order

Load balancing

MPLS

QoS cloud or working in conjunction with a QoS device

Monitoring device in a cloud

78

C h ap t er 4: Configuring Networking

Defining WAN Setup
Each Accelerator has a default WAN. The settings on this WAN define the physical connection of the Accelerator to the WAN. The WAN bandwidth setting is the total physical bandwidth of the link between the Accelerator and the network. The default WAN is automatically generated and will suffice for most networks. For details regarding the configuration of complex networks, on which more than one WAN is necessary, see Adding WANs, on page 292.

Setting the Bandwidth
Correct functioning of the Accelerator’s bandwidth management and flow control mechanisms requires you to configure an accurate bandwidth for the WAN. The Bandwidth setting is enforced once it is set. Ensure that you set the Outbound Bandwidth for the local Accelerator. The Accelerator applies no policy for Inbound Bandwidth unless otherwise specified. See Adding WANs, on page 292. Setting inbound QoS on a link requires setting the Bandwidth of the inbound link. For more information see Setting Inbound QoS, on page 229.

Configuring the WAN
In addition to Bandwidth, you can assign Links per WAN, and configure QoS settings to be applied on the WAN level. For more information about QoS, see Applying QoS, on page 201. To carry out basic WAN configuration, use either the Setup - Basic menu in the WebUI, or the Setup Wizard. For more information on WAN Bandwidth and Links, see Setting Advanced Parameters, on page 291.

Ac ce ler at o rOS Ve rsi on 7.0 .1 Us er Gu id e

Configuring Secondary IP Addresses

Co n f ig u r in g S e co n da r y IP Ad d r es se s

79

You can set on the Accelerator up to 20 Secondary IPs, for connection to multiple subnets on the same network. Out-of-band management is set here. If Out-of-band management is used, it is counted as one of the twenty Secondary IP addresses available. Starting from Version 6.1.2, you can set several IPs on the same subnet, whereas prior to this version, a secondary IP address belonged to a different subnet.

Figure 1:My Secondary IPs Window

To set the number of Accelerators in the network:
1. In the Accelerator’s WebUI, click on Setup > My Accelerator, followed by Secondary IP. 2. Enter the IP address and Subnet Mask to be used, select whether to advertise the IP address and click the Add button. 3. The IP address appears in the Secondary IP List table. 4. To edit or delete an address that is in the table, highlight the row in the Secondary IP List table, select the address, and click Edit to edit, or Delete to delete.

80

C h ap t er 4: Configuring Networking

Creating and Editing Links
A Link is a logical connection between the Accelerator and a connected remote site and its subnets. The Accelerator optimizes network performance to remote sites with Accelerators deployed via “Accelerated Links”, and to remote sites without Accelerators deployed via “Virtual Links”. The Accelerator’s benefits are greatest when working with another Accelerator on the other side. The Accelerator can provide QoS services to Virtual Links, when no other Accelerators are present on the remote sites. In addition, the Accelerator enables configuration of a single “Non-link”. The Nonlink is the default link for all traffic not assigned to any known subnet or remote Accelerator. Internet traffic is one example of traffic assigned to the Non-link. You can manage this Non-link like any other link, and that lets you determine traffic QoS and bandwidth restrictions for all traffic not destined for your remote networks and Accelerators.

When a link is first created or re-established, auto-negotiation occurs between the local and remote ends of the link and uses the inbound and outbound bandwidth settings to determine the resources to be allocated for each link. This section contains the following topics: Studying the Links Screen, on page 81 Adding Links, on page 82 Advanced Link Configurations, on page 84 Editing Links, on page 89 Using Dynamic Bandwidth, on page 89 Configuring Link Subnets, on page 90 Creating Link Templates, on page 92
Ac ce ler at o rOS Ve rsi on 7.0 .1 Us er Gu id e

C r ea ti n g an d E d it in g L i nk s

81

Studying the Links Screen
The Links screen lets you add, edit, and manage the Accelerator’s links. Each link that has been created is added to the Links table. The table gives link by link information about: The type of link The link’s name The IP address of the remote side of the link Bandwidth allocated to the link The link’s acceleration and compression status (see below) The type of Encapsulation that has been applied to the link (IPcomp, Router Transparency, UDP) If TCP Acceleration has been applied to the link (Advanced option) Note: The link type can either be Accelerator (either MACC to ACC or ACC to ACC) or Virtual. Both link types are depicted by different icons. The acceleration and compression status’ states are explained in the tables that follow.

i

Compression Status States
Status Trying to Connect Negotiating Accelerating Active Dropped Load Error Not Managed Inactive Description Link id establishing a connection Link parameters (cache size, and so on) are being negotiated Link is active and acceleration is on Link is active and the link is tunnelling but not accelerating traffic, or one of the nodes is missing a license (will indicate as such). A connection could not be established or communication has been lost Internal error occurred during definition of the link in the system A Virtual link (no far-end Accelerator) Remote Accelerator is not available

Acceleration Status States
Status Blue Check mark Partial Check mark Description Full Acceleration Partial Acceleration (Your license may be exceeded. See About the AcceleratorOS License, on page 32.)

82

C h ap t er 4: Configuring Networking

Acceleration Status States
— The Link is not accelerating data. This may mean you have exceeded the bandwidth limit dictated by the licensing agreement for the software. To check your License status see About the AcceleratorOS License, on page 32. If this is not the case, it may indicate a hardware problem and you should contact the customer service desk. See Contacting TAC, on page 423 for information on contacting the customer service department.

Figure 2: Links screen

i

Note: Packet Fragmentation does not work in RTM mode. The following sections detail the additional operations you can carry out via the Links screen: Adding Links, on page 82 Advanced Link Configurations, on page 84 Editing Links, on page 89 Creating Link Templates, on page 92 The CLI procedure for adding and editing links is the same as for creating the first link. For more information, see Link Commands, on page 458.

Adding Links
Add links to the Accelerator via the Setup - My Links menu. Note that TCP port 1928 is needed for establishing a connection between Accelerators. Ensure that this port is not blocked by a firewall that is installed between the Accelerators.
Ac ce ler at o rOS Ve rsi on 7.0 .1 Us er Gu id e

click on the Setup tab. The Links screen opens by default. which is the current maximum metric +10. on page 93. See Figure 3. The valid link source IPs are as follows: • Primary IP • Secondary IP • VLAN IP • HSRP IP • VRRP IP For more details see Using a Virtual IP Address. no spaces. To add a link: 1. Also note that changing the local link metrics or the metrics for redistributed routes on the router. with the exception of excluded Subnets. and also changes the source link while the link is active. If you do not set a link metric for the link. In the Accelerator WebUI. The Source IP field. You can either leave this choice or select another source IP address. Name Destination IP . 2. By default.C r ea ti n g an d E d it in g L i nk s 83 i Note: When configuring a link. unlike a link whose source is a primary IP address. lets you define a source IP for each new link you create. IP address of the remote device. starting from 11. which is the actual metric for all the link’s subnets. Set the basic link properties. will be redirected to another machine. may cause clear traffic to exit the Accelerator even if you are using IPSec enabled links with a Crypto mode configured as Strict. you may use a virtual IP address for redundancy purposes. In addition. Set a name for the link to let you identify the link in the future. the Accelerator’s primary IP is displayed. as follows: Property Source IP Figure 3:Links Screen Description IP address of the sending device. and then the My Links menu. the system automatically sets a default for the link. In this case the virtual IP will be a link which. Up to 32 characters. in the case of machine failure. it is advised to set a link metric (in the Advanced menu) for it.

Router Transparency (RTM) UDP i Note: If you leave the Source IP field empty.0(6) and higher. click the Add button. RTM support for On-LAN deployments is available in AcceleratorOS 5. If you are finished. Router Transparency encapsulation is appropriate in an environment where header preservation is necessary. as shown Advanced Link Configurations. Click the following menu sequence Setup > My Links > Links. including QoS deployments. the Accelerator enables advanced link configuration. namely: the maximum throughput allowed to traverse the link. UDP encapsulation allows for more compatibility with firewalls that use encapsulated packets. encryption. Ac ce ler at o rOS Ve rsi on 7. For particularly complex networks. on page 84. 2. Advanced Link Configurations To set additional advanced configuration settings: 1. the default value is the machine’s primary IP address. 3. Click the Advanced button. In Router Transparency encapsulation. billing. the TCP/UDP header and the payload are compressed and the packet traversing the network will have an Accelerator-proprietary IPComp header. IPComp encapsulation enables the best compression rate.0 . monitoring (NetFlow).84 C h ap t er 4: Configuring Networking Property Bandwidth IPComp Description Set the link’s bandwidth. load balancing. MPLS networks and certain firewall environments. leaving the original IP header and the original TCP/UDP header in their original forms so that their information is available across the network.1 Us er Gu id e . This means that the IP header. only the packet’s payload is compressed. IPComp encapsulation (tunnelled encapsulation) defines complete compression of the packets intercepted by the Accelerator.

the MTU should never be more than the MSS + the headers. Check the box then put celibate amount in the field. Select this check box to use fragmentation on packets larger than the amount of bytes that you enter into the field. Choose one from the scroll down menu. By default the setting is None. on page 292. as long as it is within the accepted range (68-6000). Accepted values are 68-6000 bytes. save the settings by clicking Submit and then click Back to Links to return to the My Link screen. The actual metric for all the link’s subnets. To choose the WAN. or choose Other and enter your own value. Supply a logical name for the link. You can either choose Auto (Link Specific) which lets the Accelerator decide. This is the Accelerator the source will establish a connection with. on page 640. with the exception of excluded Subnets. see Additional Commands. Bandwidth Out and MTU (Maximum Transmission Unit). Select an Inbound Bandwidth. MSS can be configured on a per-link basis or globally on all links. After you have made changes. the system automatically sets a default for the link. Source IP. may cause clear traffic to exit the Accelerator even if you are using IPSec enabled links with a Crypto mode configured as Strict. Check the box and then put the byte amount in the field. See the following table for specific parameter information: Section/Parameter Title Parameters Link Name Source IP Destination IP Bandwidth Out Bandwidth In MSS Description Use the Parameters section to edit parameters such as Link Name. This sets the Maximum Segment Size in bytes of a TCP packet that the Accelerator will accept in a single. use the scroll down menu. Maximum Transmission Unit. Choose one from the scroll down menu. as long as it is within the accepted range (68-2500). If you do not set a link metric for the link. MTU Metric WAN Fragmentation Aggregation . unfragmented piece. Select an Outbound Bandwidth. For maximum efficiency. Open the different sections by clicking on the + sign next to the section title. starting from 11. This name is used in the Links Table. Select this box to aggregate packets smaller than the amount of bytes you enter in the field. Enter the IP address of the destination Accelerator. excluding the TCP and IP headers. which is the current maximum metric +10. see Adding WANs. Link Metric. For Advanced Configuration options using the CLI. To create a WAN. Destination IP. Assigns the link to work on a specific pre-defined WAN. or select Other and supply your own. Also note that changing the local link metrics or the metrics for redistributed routes on the router. This is the largest packet size (in bytes) that will be transmitted. or select Other and supply your own.C r ea ti n g an d E d it in g L i nk s 85 3. Enter the IP address of the Accelerator that you are configuring or another source.

Choose Auto to allow the Accelerator to automatically adjust. Use the Tunneling section to define parameters such as the encapsulation type. Preserves the source information. or Transparent. the source information you entered for UDP (above) will not be used. otherwise choose Global. Type of Service . If choosing UDP.86 C h ap t er 4: Configuring Networking Section/Parameter Title Acceleration Accelerate Header Compression Description Use the Acceleration section to define whether to accelerate the link and to use header compression Select the check box to accelerate the link. The round trip time is the amount of time for one packet to travel from an Accelerator to a destination and back. If choosing UDP. choose Link Specific. UDP. Choose Auto. To have TCP Acceleration on a specific link. Check the Header Compression checkbox to compress the header. IPComp. Check to enable. Note that if you selected UDP encapsulation the port information you entered (above) for UDP will not be used. enter the destination and source port IP addresses in the relevant field. clear to disable. enter the destination and source port IP addresses in the relevant fields. clear the checkbox to not compress it.1 Us er Gu id e . clear the check box to not accelerate the link. The rate is the rate at which the TCP sender injects packets into the network. or Set to pick your own and put this value in the field. or choose Other and input a time amount in milliseconds in the field.IPComp.select either Preserve to preserve the ToS value. Note that if you selected UDP encapsulation. select whether to use the Global TCP acceleration settings or Link Specific. clear to disable. In addition. Preserves the port numbers used in the packet header. as well as choosing the type of Congestion Control you want to use. you need to input the Typical Acceleration Rate. Tunneling Encapsulation System Encapsulation ToS TTL Preservation Ports Preservation SRC Preservation Include checksum TCP Acceleration TCP Acceleration Typical Round Trip Typical Acceleration Rate Ac ce ler at o rOS Ve rsi on 7. When selected. includes checksum information within the compressed packet header. Check to enable. preservation and checksum Choose the encapsulation type . Preserves the TTL information as used in the original packet header before it was compressed. or UDP. In the TCP Acceleration settings section.0 .

select the type of acceleration you want to implement (Global. where the sender is constantly over-running buffers.C r ea ti n g an d E d it in g L i nk s 87 Section/Parameter Title Congestion Control Description Choose from one of the following: • None—no congestion avoidance is used • Standard—the congestion avoidance conforms to the standard TCP/ IP protocol (Reno) • Vegas—TCP Vegas reduces latency and increases overall throughout. you will need to fill in additional fields. such as DSL. If you choose link specific. Choose a value between 1-10000 seconds LAN. Disable to disable. TCP Acceleration Advanced Send Window Size Receive Window Size Acknowledge Packet Rate Keep Alive Keep Alive Time Keep Alive Direction Keep Alive Probes Keep Alive Interval Post Acceleration Aggregation Status . This value determines the waiting time between messages. or for high-bandwidth-delay WAN paths. In the Post Acceleration Aggregation section. or the Thin client class. Choose a value between 2-8 packets. Choose a value between 1-10000 probes.The use of timestamps In the TCP Acceleration Advanced section. or select Auto and the value will dynamically change depending on network and bandwidth conditions. Check this checkbox to enable Keep Alive. which ensures that the connection will not close until the time out interval has passed.An enhancement of the standard congestion control algorithm . which can be set on a per link basis. select whether to enable the Default class. It consists of a set of procedures which includes. a User Defined class. Each link can have aggregation acceleration enabled or disabled independently of other links. and is therefore suitable either for low-bandwidth-delay paths. Select Enable to enable. WAN or both This value determines how many times a keep alive message will be sent. The Vegas algorithm maintains shorter queues. You can either select Other and enter your own amount. • Hybla—reduces penalization of TCP connections that incorporate a high-latency terrestrial or satellite radio link. The values you set here Shows the PoA status. This value determines how long to wait before sending out the first message. Choose a value between 1-500000 seconds. Enter the number of packets that will be sent before an ACK request is sent to the destination. or none). among others: . by carefully matching the sending rate to the rate at which packets are successfully being transmitted by the network. link specific. You can either select Other and enter your own amount.The mandatory adoption of the SACK policy . or select Auto and the value will dynamically change depending on network and bandwidth conditions. Restricts the size of packets sent to X amount (if entered) before sending an ACK request. The shorter queues should also enhance the performance of other flows that traverse the same bottlenecks. Restricts the size of packets received to X amount (if entered) before sending an ACK request. due to their longer round trip times. where recovering from losses is an extremely time-consuming process for the sender.

Type a time interval (1-20 seconds) which will be used to base the increase rate. To detect a congestion state more accurately.e.e. on page 275. To enable IPSec. For additional details. reaches the threshold size). Select Auto to have the Accelerator automatically select the threshold or select Other to input your own value in the field as long as it is within the acceptable range 40-3000 bytes. Limit Window Size Bandwidth Adjustment Enable Bandwidth Adjustment Minimal Bandwidth First Decrease Rate Increase Rate Increase Interval Decrease Rate Decrease Interval IPsec Encryption Enable IPsec Policy Name Ac ce ler at o rOS Ve rsi on 7. In the IPsec section. It will queue the packets until the threshold is reached or the window size has been reached. select the checkbox. select the Enable IP Sec checkbox and select a policy name and enter a local and remote IP address. Any packet greater than this amount is not aggregated. set longer decrease and increase intervals. PoA will not output packets that are not at least the threshold byte size. Default: 50%. Select Auto to have the Accelerator automatically select the limit or select Other to input your own value in the field as long as it is within the acceptable range 40-3000 bytes This dictates how long the PoA will hold the packets in the queue (in 10 millisec units). For details see Using Dynamic Bandwidth.88 C h ap t er 4: Configuring Networking Section/Parameter Title Threshold Description Sets the targeted size of the aggregated packet. or too much time elapses (window size * 10 ms). You will also have to include a Public IP address for the local and remote machines. This value is calculated as percentage of the userdefined outgoing bandwidth size. select the Enable Bandwidth Adjustment check box and fill in the percentage and interval rates. Select Auto to have the Accelerator automatically select the size or select Other to input your own value in the field as long as it is within the acceptable range (between 10 and 1500 msecs). and therefore the default set of the increase is 2%. clear to disable. Small packets enter PoA queues and wait there until either the aggregate packet becomes large enough (i. clear the checkbox. When either of these limits is reached. Defines the maximal size a packet can be (in bytes) and still be eligible for PoA. (i. Defines the minimum value to which the bandwidth will be reduced as a result of congestion. X% every Y seconds). To disable.1 Us er Gu id e . Defines the rate by which the link’s bandwidth will be gradually restored to its former size. X% every Y seconds). Increasing the bandwidth is much less critical than decreasing it in case of congestion. Note that IPsec cannot be set if you do not enable IPsec and make sure that IPsec is also enabled on the other end of the link. Select the IPSec policy you want to assign to this link.0 . In the Bandwidth Adjustment section.e. (i. Choose from the drop-down box Other to enter a percentage of reduction. on page 89 Select the checkbox to enable. see Configuring IPsec Policies. In addition you can also select which IPsec policy to apply. out of the policies you configured earlier. the packet is released. Type a time interval (1-20 seconds) which will be used to base the decrease rate. or select None.

tunneling and TCP Acceleration parameters for the link. Click Submit. In the Links table. acceleration. 2. For assistance on Parameter information. The feature should be used on low to medium bandwidth links. . on page 84. To edit an existing link: 1. and is usually used as an internal IP address or an intranet address. This screen lets you set basic link parameters. and click the Edit button. which can suffer from changing outgoing bandwidth. A menu identical to the Advanced Links menu opens. 3. This IP address is local to the network. This feature is disabled by default and should be used judiciously. This IP address is the published. the Remote IP address (see below) is used. and adjust the outgoing bandwidth accordingly. Using Dynamic Bandwidth The Bandwidth Adjustment section lets you define settings to detect traffic congestion on a link. see Configuring Link Subnets. see Advanced Link Configurations. For configuration details. Use the Link Subnets screen to set the link’s subnets. When packets are sent out of the network to the WAN. either click the name of the link to be edited. 4. on page 90. Remote NAT IP Address Editing Links You can use the Edit Links screen to fine-tune and modify existing links. known IP address. or click the row of the link to be edited.C r ea ti n g an d E d it in g L i nk s 89 Section/Parameter Title Local NAT IP Address Description Enter the local NAT IP address. When packets are sent out of the network to the WAN the local IP address (see above) is replaced with the Remote NAT IP address. If the connection to this link was lost because the license on the remote Accelerator expired. Enter the Remote NAT IP address. you can refresh the link once the license on the remote Accelerator has been re-established by clicking the Refresh Acceleration License button.

90 C h ap t er 4: Configuring Networking i Note: Bandwidth adjustment is possible only on an accelerating link The bandwidth adjustment mechanism samples internal messages (of the link’s internal protocol). This value is calculated as percentage of the user-defined outgoing bandwidth size. Based on these messages. and therefore the default set of the increase is 2% Decrease Rate—To detect a congestion state more accurately. edit and delete subnets to be excluded from the link. Increasing the bandwidth is much less critical than decreasing it in case of congestion. set longer decrease and increase intervals After setting all required parameters.1 Us er Gu id e . When adding a subnet. The Link Subnets screen lets you display all subnets applied to a specific link. edit and delete remote subnets to be advertised by the Accelerator. To add a remote subnet to the Accelerator: 1. Ac ce ler at o rOS Ve rsi on 7. The bandwidth adjustment parameters are as follows: Minimal Bandwidth—Defines the minimum value to which the bandwidth will be reduced as a result of congestion. you have to manually add. you have to apply it to a specific link of your choice. Once the mechanism detects that the state of congestion no longer exists. the bandwidth adjustment algorithm detects a state of congestion and decreases the user-defined outgoing bandwidth. Click on the following menu sequence: Setup > My Links > Link Subnets. Default: 50% Increase Rate—Defines the rate by which the link’s bandwidth will be gradually restored to its former size. Configuring Link Subnets If the Accelerator network does not work with dynamic routing. the bandwidth is gradually restored to its user-defined size. You can also use this screen to add.0 . or if a remote subnet was not detected via OSPF or RIP. click Submit.

and click Add to set the parameters: Parameter Item IP Address Subnet Mask Exclude Description Set the IP address of the Subnet you want to connect to the Accelerator. Ensure that the local subnets appear in the Remote Subnets Table. and specific IP address(es) are to be excluded. ! If more than one remote subnet exists. Set the parameters as follows. Set the Subnet Mask of the subnet. Otherwise. To edit a remote subnet: Select a remote subnet from the table and click Edit. ! CAUTION! The Accelerator’s remote subnet is automatically detected and added. in a non-link environment. the Accelerator QoS and Monitoring features will not function properly. To delete a remote subnet: Select a remote subnet from the table and click Delete. . The parameters you can edit are the same described in the table above. If a subnet has already been added.C r ea ti n g an d E d it in g L i nk s 91 Figure 4: Link Subnets screen 2. you have to add all additional remote subnets. enter the IP address and mask and select the Exclude checkbox.

clicking the + to open the additional parameter sections. 3. For help. To create an Accelerator link template: 1. on page 329. clicking the + to open the additional parameter sections. Collective Branch—sets the link parameter settings between an Associated set and a Collective Branch.92 C h ap t er 4: Configuring Networking Creating Link Templates There are three templates that you can create: ACC (Accelerator)—sets the link parameter settings between a local and remote Accelerator. clicking the + to open the additional parameter sections. To create a Collective Branch Template: 1. To create a Mobile Accelerator link template: 1. see Advanced Link Configurations. Fill in the parameters in the fields.1 Us er Gu id e .0 . For help. on page 84. Fill in the parameters in the fields. 2. In the Template Type drop-down menu select Collective Branch. 3. Click the following menu sequence: Setup > My Links > Link Templates. MACC (Mobile Accelerator Client)—sets the link parameter settings between an Associated Set and the Mobile Accelerator Client. Click the following menu sequence: Setup > My Links > Link Templates. Fill in the parameters in the fields. on page 328. 3. Ac ce ler at o rOS Ve rsi on 7. 2. 2. see Creating a Collective Branch Template. In the Template Type drop-down menu select ACC. see Creating Mobile Accelerator Link Templates. In the Template Type drop-down menu select MACC. For help. Click the following menu sequence: Setup > My Links > Link Templates.

the link switches back to it. . and the Source IP of this link is defined to be the HSRP Group’s Virtual IP. If an AcceleratorOS link is established. When the primary Accelerator is available again. a link that uses a Virtual IP can be redirected to another machine.Using a Virtual IP Address Us in g a Vi rtua l IP Ad d res s 93 As mentioned earlier (see On-LAN. An example of such a case is provided in the figure below. on page 9). Figure 5: On-LAN Deployment The source IP (virtual IP) in the sending machine is the destination IP in the receiving machine. and all of this link’s services are kept. the link switches to the next Accelerator in the rare case of primary Accelerator failure. in the case of machine failure.

In this way. S2 and S3 to Accelerator 2 via Link 1. In other words. the Accelerator will be able to forward the packets it receives to the correct destination. it must understand where the Accelerator resides as well as all other subnets on both sides of the link that the Accelerator should serve. In order for Accelerator 1 to do this.0 . Then.94 C h ap t er 4: Configuring Networking Setting Subnet Routing To function properly. the Accelerator can poll routers to learn their routing tables. it must detect S1. the Accelerator must correctly detect the layout of the network to which it is connected. while S2 and S3 are also subnets of Accelerator 2. or use routing protocols to add them dynamically. i Note: The Accelerator supports up to 2500 local subnets and up to 2500 remote subnets per link. Ac ce ler at o rOS Ve rsi on 7. Accelerator 2 automatically detects S1 and adds it as its local subnet.1 Us er Gu id e . You can manually add S2 and S3 to Accelerator 2’s Subnets list. enabling Accelerator 1 to properly route packets destined to S1. as seen in the figure below. If other dynamic protocols are in use. If the network supports OSPF or RIP the Accelerator can function as an OSPF or RIP device to receive routing information. S1 is Accelerator 2’s direct subnet. Accelerator 1 must forward traffic destined for devices that are part of S2 and S3 to Accelerator 2 via Link1. S2 and S3 as subnets of Accelerator 2. Accelerator 2 must advertise its subnet list to Accelerator 1. Figure 6: Subnet Routing In Figure 6 above.

Set a lower number for more desirable routes. Figure 7: My Subnets screen 2. This may be done for manually added subnets as well as dynamically learned subnets. Any change made in the one will not affect the other. The metric setting defines the priority of the route or the subnet. When adding a subnet. To add a subnet to the Accelerator: 1. subnets that are manually added are advertised. Click on the following menu sequence: Setup > My Accelerator > My Subnets. which displays access to the subnet via the next hop. When subnets that are set to be advertised are deleted. For example. the Add route rule checkbox lets you create a static route rule to define how to reach the subnet. The Edit button lets you modify already added subnets by selecting them in the table and clicking this button. This will add an entry in the My Routes table. select them in the table and click this button. whereas on a long-haul 128 Kbps link with 8 hops you should set a high number.S e tt i ng S ub n et R o u ti ng 95 Configuring Subnets Manually If the network in which Accelerator resides does not work with dynamic routing or if a subnet was not detected via OSPF or RIP. no connection exists between the routerule added and the subnet. set a low metric value. Advertised subnets are the Accelerator’s subnets that the Accelerator broadcasts to other Accelerators when link negotiations occur. By default. you will have to add and edit subnets manually. on a T3 link with 1 hop. Set the Subnet Mask of the subnet. Set the parameters as follows: Parameter Item IP Address Subnet Mask Metric Description Set the IP address of the Subnet that is connected to the Accelerator. To delete subnets. they are removed from all connected Accelerators. Select whether to advertise this subnet. Add a next hop via which the subnet will be accessed. Advertise Add route rule Next hop Edit Delete . Note: Once the static route is created.

in a non-link environment. the Accelerator QoS and Monitoring features will not function properly. Otherwise. If more than one local subnet exists. the change is broadcasted to all connected Accelerators: Figure 8: Edit Subnet Details Ac ce ler at o rOS Ve rsi on 7.0 . In the My Subnets screen. Ensure that the local subnets appear in the Local Subnets Table. Editing a Subnet Once a subnet has been added to the Accelerator. you can use the following steps to edit it. Subnet mask. Edit the IP address. Metric and Advertise status as necessary and click the Submit button. When subnets that are set to be advertised are edited. 2. and click the Edit button. To edit a subnet: 1.96 C h ap t er 4: Configuring Networking ! ! CAUTION! The Accelerator’s local subnet is automatically detected and added. you have to add all additional local subnets. highlight one subnet in the Local Subnet table.1 Us er Gu id e .

To add additional Next hops. To remove a route from the table. 2. see Setting Dynamic Routing. . To delete a hop. To add another route. repeat from step 2. 3. The maximum is 1500. Click the Add Routes button. select the route in the table and click Delete. select the hop in the table and click Remove.Adding Static Routes Ad d in g Sta ti c Ro u te s 97 Use the following procedure to add static routes to the Accelerator. 5. You can add up to 5 Next hops entries. The static route now appears in the Route Rules table. and the next hop to be used for accessing the subnet. In the Dynamic Routing section. To add a static route: 1. 4. To add a dynamic route. on page 98. You can add multiple static routes. enter the IP address in the Next Hop table and click Add. Click on the following menu sequence: Setup > My Accelerator > My Routes. enter the subnet IP and Mask.

Working with OSPF Once the Accelerator is set to work with OSPF. Ac ce ler at o rOS Ve rsi on 7. on page 102 i Note: Once Subnets are located by using OSPF or RIP. but maintains the manually altered Advertising status. A subnet whose Advertised status is manually manipulated continues to function dynamically within the routing protocol.1 Us er Gu id e . see Configuring Subnets Manually. For Manual Subnet configuration information. however. it updates its routing and subnets tables according to dynamic information coming from OSPF updates. on page 95. the Accelerator learns the cost and length of each route (per bandwidth in the case of OSPF and per hop in the case of RIP). you can modify them to be Advertised subnets. which are broadcasted to other Accelerators when link negotiations occur. Supporting dynamic routing protocols enables the Accelerator to use alternate routes in the event of router failure.98 C h ap t er 4: Configuring Networking Setting Dynamic Routing i Note: Static routes created via the My Subnets menu also appears in the Route Rules table. and can forward accelerated packets to the best router. see Configuring Subnets Manually. The Accelerator can also load-balance best routes. on page 95. For more information. In addition. In addition to allowing manual routing configuration. you can perform manual modifications. on page 101 Working with RIP. subnets located via RIP are set by default as Not Advertised. many advanced networks use dynamic routing protocols to enable routers to exchange routing data automatically. For example. Due to the continuous changes in routing and the vast complexity of collecting necessary routing parameters. All local subnets detected via OSPF are automatically set to be “advertised” by default if their metric value is between the high and the low values. Advertised subnets are the Accelerator’s subnets. including OSPF and RIP v1 and v2 and Router Polling. on page 98 Working with Router Polling. Any change made in one of them will not affect the other. Once the static route is created. no connection exists between the route-rule added and the subnet. the Accelerator supports dynamic routing protocols. The following topics are discussed in this section: Working with OSPF.0 .

Determines a range of subnets to be advertised. you must set the Accelerator with its OSPF area identification number. To configure OSPF: 1.0. it should be advertised.0.S e tt in g D yn am i c R o u ti ng 99 Figure 9: My OSPF screen Configuring OSPF Configuring OSPF is accomplished via the Setup . which lets the Accelerator identify itself to local routers. The default is 0. If a subnet is between the high value and the low value. Area ID Low/High Locality Metric . Therefore. but disables OSPF capabilities.My Routes Menu.My Accelerator . OSPF divides its networks into areas. Set the parameters as follows: Parameter Item OSPF Model Description Enable or Disabled OSPF Mode. Disabling OSPF Mode saves any previously configured OSPF settings. Enabling OSPF Mode lets you configure OSPF parameters. use its number or its IP Address format number. 2. To set the Area of the Accelerator within the OSPF group. Click on the OSPF button.0.

1 Us er Gu id e . If a router was not auto-detected. This must be the password that is set across all devices on the network using OSPF. you can manually add up to 20 routers to the Neighbors Table. This is particularly important when connecting to nonbroadcast networks. The Accelerator automatically detects neighboring OSPF routers.100 C h ap t er 4: Configuring Networking Parameter Item Authentication Description Authentication on the Accelerator must match the OSPF authentication set across the network. Set the ID number according to this authentication password’s ID number across the OSPF network. This key is a common string (non-encrypted) that must be set according to what is set across all devices on the network using OSPF. insert the encrypted key used. Set the Authentication to None. MD5: When an MD5 authentication password is needed to communicate with other OSPF devices. such as an Accelerator on a subnet that does not use OSPF. insert the key used. This enables the Accelerator to receive OSPF routing information from a neighboring router on a subnet that uses OSPF Neighbor IP Ac ce ler at o rOS Ve rsi on 7.0 . or MD5: None: When no authentication is necessary to communicate with other OSPF devices. Key: When a non-encrypted authentication password is needed to communicate with other devices in the OSPF network. Key.

or click the checkbox next to status. Sets the SNMP community to be used for polling the router. click Submit. 4. The Accelerator uses SNMP to collect the router’s routing table and add it to the Accelerator’s list of routes. Check the checkbox of the route rule you want to apply. Sets the SNMP version to be used for polling the router. 2. Sets the frequency with which the router is polled (in seconds). Selects whether to use the local default gateway or to set an IP address manually. Set the parameters as follows: Parameter Item Router Polling Description Enable or Disable Router Polling. After making any change.S e tt in g D yn am i c R o u ti ng 101 Working with Router Polling The Accelerator’s Router Polling feature enables the Accelerator to retrieve route rules from the router’s routing table. when asked to confirm. Click the following menu sequence: Setup > Networking > Router Polling. You can filter the list by collecting only routes learned by specific protocols. To configure router polling: 1. Selects whether not to use a secondary router IP address (default) or to set an IP address manually. to select all. Lists the polling protocols used for retrieving the route rules from the router’s routing table. The following protocols are supported: • BBNSPFIGP • BGP • CISCO-IGRP • EGP • ES IS • GGP • HELLO • ICMP • IS IS • Local • OSPF • Other • RIP • Static Polling Interval Primary Router IP Address Secondary Router IP Address SNMP Version SNMP Community Name Polling Protocols Table 3. click Set Default Values and then click Yes. To reset the parameters back to the default value. . Enables the Accelerator to retrieve route rules from the router’s routing table. Default is 180 seconds.

Passive mode enables RIP in a listening mode without sending updates. which are broadcasted to other Accelerators when link negotiations occur. on page 104 Working with PBR. Advertised subnets are the Accelerator’s subnets. the RIP version should be set to version 2. Set the parameters as follows: Parameter Item RIP Mode Description Set RIP Mode to Enable or Disabled. one of the following methods can be used: Working with RIP. WAN traffic must be redirected through the Accelerator in order for it to work. all subnets detected via RIP are set to “Not Advertised”. Passive Mode Version Ac ce ler at o rOS Ve rsi on 7. Select the RIP version in use on the network: either RIP version 1 or RIP version 2. Set Passive mode to Enable or Disable. Click the following menu sequence Setup > My Accelerators > My Routes. To configure RIP: 1. 2. but disables RIP capabilities. 3. To do that. Click on the RIP button. it detects all subnets (including the Accelerator’s local network) connected to all routers on all connected networks and adds these to the Accelerator’s subnet and route tables. Enabled Mode allows configuration of RIP parameters. By default. Configuring RIP Configuring RIP is accomplished via the My Routes menu.102 C h ap t er 4: Configuring Networking Enabling Packet Interception When the Accelerator is deployed in On-LAN mode. Disabled RIP Mode saves any previously configured RIP settings. on page 108 Working with RIP Once the Accelerator is set to work with RIP. on page 102 Working with WCCP.0 .1 Us er Gu id e . Note that in cases where RIP route injection is used.

When working with RIP version 1. 2 subnets for 10. This is particularly important if the Accelerator is on a subnet that does not use RIP. This must be the password that is set across all devices on the network that use RIP. The Accelerator then returns the packets to the router after they have been processed by the Accelerator. Set the ID number according to this authentication password’s ID number across the RIP network. 25 subnets i . insert the key used. set on the Accelerator. When working with RIP version 2. Enable: When a non-encrypted authentication password is needed to communicate with other devices in the RIP network.0/8. then the formula is: the number of injected subnets = 32 – Mask_Len + 1 For example: for 10. For more information.0. The Accelerator automatically detects neighboring RIP routers.0/30. Key. If a router was not auto-detected.0. i Note: RIP must be in Active mode and set to version 2 for RIP Route Injection to operate. which forwards all traffic from the Accelerator’s subnets to the Accelerator.0. MD5: When an MD5 authentication password is needed to communicate with other RIP devices. or MD5: Disable: When no authentication is necessary to communicate with other RIP devices.En ab li ng P ac ket I n te rce p ti on 103 Parameter Item (Continued) Authentication Description Authentication on the Accelerator must match the RIP authentication set across the network. you can manually add up to 20 routers to the Neighbors Table.0. the number of injected routes is as follows: The number of injected subnets = 32 – Mask_Len or if If Mask_Len <= 8. Neighbor IP RIP Route Injection RIP Route Injection adds a route rule to the router’s routing table. on page 102. Authentication is automatically disabled. This authentication key is a common string (non-encrypted) that must be set according to what is set across all devices on the network using RIP. The Accelerator can receive its RIP routing information from a neighboring router on a subnet that uses RIP. Note: For packet-interception with RIP injection. set the Authentication to None. insert the encrypted key used. The routes to these subnets. are learned by the router during RIP negotiation. see section Working with RIP.

104 C h ap t er 4: Configuring Networking Using RIP for Packet Interception RIP (Route Injection Protocol) is the other method used by the AcceleratorOS to enable Accelerators in On-LAN deployment to intercept packets from the LAN. you should disable Passive mode in order to enable RIP mode. Starting from Version 6. see Configuring RIP. For details. as follows: The Accelerator is set as a WCCP device.1. CIFS and TCPPromiscuous. a protocol usually used for directing Web traffic to a local Web Cache Server before forwarding requests across the WAN. the types of traffic WCCP enables the Accelerator to receive are not only TCP and UDP (service groups 77 and 78). is another way in which the router can learn to forward all traffic from the Accelerator’s subnets to the On-LAN Accelerator. 2. The Accelerator returns accelerated traffic to the router in a GRE tunnel. Select the maximal number of subnets that would use packet interception via RIP (any number between 1 and 2500. Data is removed from the GRE tunnel. on page 108. select Enable to enable RIP mode. see Setting WCCP on the Router. and sent to its destination. on page 102.1 Us er Gu id e . 4. For details. The router directs traffic to the Accelerator. Ac ce ler at o rOS Ve rsi on 7. but also other types such as ICMP. Click the following menu sequence: Setup > Networking > Packet Interception > RIP. Click Submit. Working with WCCP WCCP. the Accelerator is able to receive and process all relevant traffic and return it to the router before the traffic traverses the WAN. i Note: If Router RIP mode is configured as Passive. the default is 1000). In the RIP Mode drop-down menu. enables the Accelerator to receive traffic from the router.0 . By creating an IP GRE tunnel between the Accelerator and the router. The WebUI lets you intercept packets by using either WCCP or RIP. WCCP. To use RIP for Packet Interception: 1. the Web Cache Communication Protocol. 3.2.

i Note: Enabling WCCP is relevant only with On-LAN deployment. an error will result. Figure 10: WCCP screen 2. If your currently selected deployment is On-Path. In the WCCP drop-down menu select Enable to enable WCCP. Click the following menu sequence: Setup > Networking > Packet Interception > WCCP.En ab li ng P ac ket I n te rce p ti on 105 Using WCCP for Packet Interception The AcceleratorOS lets Accelerators in On-LAN deployment intercept packets from the LAN by using either WCCP or RIP. as well as the router status (Connected/Disconnected . and do not set a router IP address. If you enable the WCCP Service. . please change it by going to Setup > My Accelerator > Basic > Advanced Settings. Use the Routers Table to add or delete routers to the list of routers to be used for packet interception. To use WCCP for Packet Interception: 1. you have to indicate its router ID (the IP address used for connecting him to out network.indicating a connection to the network). usually the highest value number). When adding a router.

0 . It displays by default all of the pre-defined services. services such as ping. Additional services can be added or deleted from the Services Table. To add a service. on page 107. which are as follows: Web—all TCP traffic that is sent on port 80 (http traffic) ICMP—Internet Conreol Management Protocol. on page 108.1 Us er Gu id e . To delete a service select the table row and click Delete. except for Web and CIFS. and trace-route use this protocol UDP—all UDP traffic TCP-Promiscuous—all TCP traffic (not port dependent) both inbound (towards the LAN) and outbound (towards the WAN) CIFS . To enable or disable a service. Use the Services Table to manage the list of services to be used for packet interception.106 C h ap t er 4: Configuring Networking 3. all pre-defined services are enabled by default. click the ID of the service and Parameters for the specified service opens. if you have multiple Accelerators deployed on your network. Ac ce ler at o rOS Ve rsi on 7. To change other parameters see Editing a Dynamic Service. In addition. the same WCCP services should be enabled on each appliance. i Note: When you enable the WCCP feature. see Adding a Dynamic Service. Change the Service Mode to Enable or Disable.WAFS—Common Internet File System all TCP traffic that is sent on port 445. The same services must be configured on the router that is connected to the Accelerator. 4.

This box lets you only enable the Hash-assisted load balancing. This load balancing is configured in the router.En ab li ng P ac ket I n te rce p ti on 107 Adding a Dynamic Service To add a WCCP Dynamic Service: 1. If you have one or more Accelerators that share the router to which your Accelerator is connected.lets you set the port direction used for carrying out load balancing through Hash.any number between 0 and 255 (default: 100).any number between 0 and 254 (configurable only on dynamic services.any number between 1 and 255 (again. according to either subnets (IPs) or ports. Weight . Protocol ID . click the Add button. Port or both. In the Services Table header. through the Destination/Source IP. Figure 11: WCCP Services screen The Parameters box lets you configure the following parameters: Service ID . The next time your Accelerator synchronizes with the router. you can use this field to instruct the router what percentage of the traffic that uses this service is to be directed to the current Accelerator (default: 100).lets you enter a password for using the service. this number is not editable on pre-defined services). Password . Port Direction . the router . configurable only on dynamic services).used for load balancing. Priority .

In the Services Table. Click Submit. See WCCP Commands. Use the Ports Table to add a port (optional).0 . edit the service’s various parameters. the Service ID and Protocol ID parameters can be edited only in dynamic services. Ac ce ler at o rOS Ve rsi on 7. 3. on page 108.108 C h ap t er 4: Configuring Networking reads this password and prevents unauthorized access to this service’s traffic. ID 52 in the UDP row).1 Us er Gu id e . In the Edit WCCP Service screen that appears now. click the number (ID) of the service you want to edit. You can use CLI commands to configure WCCP on the Accelerator. on page 107. For more information. 2. Once the new dynamic service is added. Working with PBR Policy Based Routing. in the ID column of the row of this service (for example. Editing a Dynamic Service To edit a WCCP service: 1. Setting WCCP on the Router Using WCCP requires you to configure WCCP to work on the network’s router using the same service settings (the port numbers in the Accelerator must be identical to the Router on a per service basis). Check your router’s documentation for further assistance. Click Submit. on page 522. For explanation of the Parameters see Adding a Dynamic Service. or PBR is used for intercepting traffic in an On-LAN deployment scenario. You can use CLI commands to configure WCCP on Cisco routers. make sure that the WCCP services on each Accelerator is identical. As mentioned earlier. It is defined on the router and not on the Accelerator. you can add it like any other WCCP service. See Editing a Dynamic Service. 2. 3. see the Configuration Guide supplied with your router. When configuring WCCP on multiple appliances.

3. Click on the Setup tab. Select from one of the following radio buttons: Date and Time—to enter the setting manually.worldtimezone. Use SNTP—to have the server update the Accelerator automatically. Select a time zone that matches the location of the Accelerator using the Time zone drop-down box. or set it to receive time synchronization from a Simple Network Time Protocol server (SNTP). Click the Submit button. . 2.Setting the Date and Time on the Accelerator To set the Accelerator’s date and time: S et ti ng th e Da t e a n d Tim e o n t he A cc ele ra to r 109 You can alter the time setting manually. Select how you want to enter the time and date. followed by the Date and Time menu. If you need help locating the time zone in which your Accelerator resides. go to http://www. or For manual time settings. 1. Enter the server IP address and the frequency with which the server is to be polled for time updates. 4. fill in the local time and date fields. and then the My Accelerators tab.com/ and there is a map that can help you. If you decide to enter the time and date settings manually and there are either date or time changes (as in Daylight savings time) you will have to return to this menu and update accordingly.

followed by the DHCP menu. enter an IP address of your choice and click the Show Lease button. Click on the Setup tab. To enable it. without using the costly solution of placing a DHCP server on each network segment. the Agent’s requests can be routed to a server on a remote network. Therefore. By default. makes appropriate changes to it. the DHCP Relay Agent is configured with addresses of DHCP servers to which they should relay the DHCP message. you can either use the current file or customize the file and then upload the customized file. Activating DHCP Relay Agent The DHCP relay agent allows placing DHCP clients and DHCP servers on different networks. To display the lease data of a selected IP address: 1. set the status to Enable. but actually examines the packet. a process known as BOOTP relay. 3. and only then relays the packet to a DHCP server. The DHCP Agent communicates with the DHCP server by using unicast communications instead of broadcast messages. The host name. Choosing the DHCP relay agent solution lets you use fewer DHCP servers and place these machines in central locations. In the Accelerator WebUI.0 . cross the router interfaces. In the Lease section. by default. When you have a configuration file. the DHCP server is disabled. regardless of segment boundaries. Like the routerbased BOOTP Relay Agent. To solve the problem of DHCP broadcast messages. and then the Networking tab.110 C h ap t er 4: Configuring Networking Configuring DHCP Servers Managing the DHCP servers on your system requires a configuration file. The relay agent communicates with a DHCP server and acts as a proxy for DHCP broadcast messages that need to be routed to remote segments. IP address and expiry date are displayed on the screen.1 Us er Gu id e . The DHCP server to which the packet is relayed is configured by adding a Helper Address on the router or an IP address under the local interface of the Accelerator. thus solving the problem that arises because DHCP broadcast messages do not. you have to download the sample DHCP configuration file and save it on your system. A router or Accelerator that carries out DHCP relay does not just forward BOOTP broadcast messages. In the DHCP Server field. you can configure the routers to pass DHCP/BOOTP messages selectively. Ac ce ler at o rOS Ve rsi on 7. 2.

2. However. you have to update the ExpandView agent’s parameters accordingly. 3. Enter the ExpandView Server’s IP address and port number. or if the auto-discovery fails. . Figure 12: ExpandView Parameters screen To define ExpandView Connectivity parameters: 1. select the Enable ExpandView Agent box. if the default settings of ExpandView are changed (for example. In the ExpandView menu. 4.Setting ExpandView Connectivity Parameters S et t in g E x pan d View Co n n ec ti vit y P a r am et e r s 111 Registered users of ExpandView enjoy the benefit of having ExpandView automatically discover a new registered Accelerator as soon as a link to that Accelerator is established. Click the following menu sequence: Setup > My Accelerator > ExpandView. If all parameters were entered appropriately. the Status line now displays the current status (Enabled / Disabled). Click the Submit button to submit the registration request. port).

1 Us er Gu id e .112 C h ap t er 4: Configuring Networking Ac ce ler at o rOS Ve rsi on 7.0 .

on page 168 Using WAFS Printing Services. on page 155 Replication Service. on page 184 Monitoring WAFS Functionality. on page 114 Getting Started with WAFS. on page 189 Troubleshooting. on page 159 Printing Services for the FileBank. on page 127 WAFS Management and Operation Modes. on page 136 Managing the Data Center. on page 178 WAN-OUT Operation. on page 119 Configuring the Data Center and Branch Office. on page 141 Setting Advanced FileBank Features.Chapter 5: Configuring and Managing WAFS This chapter introduces you to the Wide Area File Service feature and shows you how to use it and manage it to streamline your business while maintaining control over important company documents. on page 191 . on page 180 DNS Masquerading. on page 118 Enabling WAFS Configuration. Topics covered in this chapter include: Introduction to WAFS.

such as branch office or mobile users accessing centralized storage. as if they were at the same site as the files. Such users often experience poor performance when trying to access files that are stored in a central location. dynamic caching. Figure 1:WAFS Solution diagram Ac ce ler at o rOS Ve rsi on 7.114 C h ap t er 5: Configuring and Managing WAFS Introduction to WAFS WAFS stands for Wide Area File Service. IT managers regain total control of enterprise-wide storage. backup and maintenance. By consolidating corporate resources. replication. If your Accelerator does not have a hard drive and you want to have WAFS functionality. Expand Networks’ WAFS solution allows users fast and efficient access to centralized storage by using intelligent. i Note: This feature is only supported on Accelerators with a hard drive. namely: remote users who access files over a WAN. eliminating the need for local file servers and unreliable backup procedures. dynamic caching solution allows users fast and efficient access to centralized storage. eliminating the cost and complexity associated with remote system administration. Expand Networks’ WAFS Solution Designed specially for distributed organizations. Expand's intelligent.0 . contact your supplier. Expand enables global and fully secure direct file access to users at multiple sites.1 Us er Gu id e .

I nt r o d u ct io n t o WAF S 115 The corporate Data Center is equipped with an Expand FileBank Director. Configuration is simple. Expand devices use regular LAN and power connections. with the same speed level and efficiency as if they were working on their local file server. branch office users can immediately work with files located in the Data Center. and each remote site (requiring access to the center) is equipped with an Expand FileBank. reliable file operations LAN-like performance WAN Consumption optimization Ease of installation and management Seamless integration Native security support Many-to-many architecture Integrated Branch IT Services High resilience Expand's pass-through authentication technology seamlessly ensures enforcement of enterprise policies such as user authentication. Network architecture can be deployed as a private network of leased lines. Expand provides the following features and benefits: Centralization of storage and backup resources Synchronous. . No client software is installed on the Data Center file servers or on any of the remote office workstations. access rights verification and quota management support. Once these hardware devices are installed. Expand uses a patent-pending file system technology that allows direct access to files located in distributed file storage architectures throughout the enterprise. or a virtual private network (VPN) that utilizes the public Internet in a secure way. and no infrastructure changes are required.

Most of the device disk capacity is allocated for maintaining the cache optimization state.1 Us er Gu id e .0 Primary Domain Controller (PDC) Windows NT Server 4.0 Backup Domain Controller (BDC) Windows 2000 Server Active Directory Domain Controller Windows 2003 Server Active Directory Domain Controller Supported Clients Microsoft Windows® NT Workstation 4.116 C h ap t er 5: Configuring and Managing WAFS Supported Servers File Servers Microsoft Windows® NT Server 4. especially in consolidation environments. because the cache is merely an optimization layer (meaning. disk capacity is an important consideration. However.x & 7) Authentication Servers Windows NT Server 4. the files are always available on the file server). its size does not have Ac ce ler at o rOS Ve rsi on 7.0 Microsoft Windows® 2000 Microsoft Windows® XP Professional Expand Hardware Device Specifications The Expand solution is available as an installed device (FileBank Director and FileBank). the chances that a file is available on a FileBank cache improve with cache partition size.0 .0 SP3 and above Microsoft Windows® 2000 Server Microsoft Windows® 2003 Server Microsoft Windows® 2008 Server Network Device Filer series (ONTAP 6. When planning the hardware specification for the FileBank and FileBank Director. In general.

and therefore its cache state is less critical than that of the remote branch FileBank. Domains The FileBank acts as a server in the Windows Domain hierarchy. the most common of which are as follows: Complete data set size (migrated from the legacy file server) Working set size (for example: 30% of complete data set) Per number of branch users (for example: 0. high-latency WAN. when applicable. Authentication Identify the name of the authentication server. a user with sufficient access rights is required. Various approaches exist for estimating optimum FileBank disk capacity. namely: a user that is part of the domain administrators’ group. Both FileBank and FileBank Director employ LRU (Least Recently Used) cache management. and a size estimation of the working set. you are asked which domain to join. so obtain the domain name in advance. . When configuring the FileBank for the first time. i Note: You are advised to utilize the domain controller of the local remote branch office. the level of inter-branch collaboration). working-set cache is always maintained. so a dynamic. The authentication server must be a Windows NT/2000/2003 server that can authenticate users accessing the domain (Windows NT v4.I nt r o d u ct io n t o WAF S 117 to be equal to the size of the total data set. Windows Clients at the remote office will see the FileBank as part of this domain when connecting to the network. and after appropriate mapping. which is connected over the narrow-bandwidth.5GB x number of branch users) The FileBank Director is connected On-LAN to the file servers.0 Primary/Backup Domain Controller or Windows 2000/2003 Active Directory Server). In order to perform the join operation. As a rule of thumb 10-20% of the accumulated branch FileBank cache is sufficient. FileBank Director disk capacity planning should take into account the percentage of data that is shared between branches (that is.

Configuring the Data Center and Branch Office.1 Us er Gu id e .to verify you have a WAFS license. Make sure that you finish a step before proceeding to the next one.118 C h ap t er 5: Configuring and Managing WAFS Getting Started with WAFS Overview The main steps for configuring the Data Center are as follows: 1. FileBank Categories. 4. Viewing the License Status. on page 119 .0 . on page 138.to prepare the Accelerator for WAFS Services. on page 33 . Ac ce ler at o rOS Ve rsi on 7. on page 127 .to start the WAFS service Note that the order that these steps are taken does matter and performing these steps out of sequence may result in the WAFS services not running. 2.to specify the file bank and file bank director 3. Enabling WAFS Configuration.

or any other Windows convention) and select Properties and the New Share Properties dialog box opens. Right-click the folder you want to share (using Windows Explorer. on page 124 Configuring the File Server/Domain Controller Configuration of the File Server/Domain Controller consists of the following steps: Defining the shared directories on the File Server. on page 119 Defining Network Settings. My Computer. from which remote and local users can access files Changing the Login scripts (if any are used within your organization) Defining Shared Directories To let users access a specific shared directory: 1. on page 121 Enabling WAFS Operation Mode. .Enabling WAFS Configuration E n ab li ng WA F S C o nf ig u r a ti on 119 There are three steps that need to be done in order to enable WAFS configuration: Configuring the File Server/Domain Controller.

Ac ce ler at o rOS Ve rsi on 7.1 Us er Gu id e .0 . 3. Repeat this procedure for all directories you want to share.120 C h ap t er 5: Configuring and Managing WAFS Figure 2: New Share Properties dialog box 2. Click the Sharing tab and define share properties. Click the Permissions button on the Share Properties dialog and the Permissions for New Share dialog box opens. Defining User Permissions To define which users can access the shared directory: 1.

00) in addition to a status display (Ready. Bypass. Click OK and proceed to the next step. where xx is the maintenance release number (for example 6. i Note: AcceleratorOS v6. Log in to the AcceleratorOS WebUI.xx should be displayed. or various error messages. Add the users who are allowed to access the shared directory and define permissions for each user. The AcceleratorOS setup wizard appears: . Enter the setup wizard. 3. Defining Network Settings To define the network settings. 2. To prepare the Accelerator to work in WAFS mode: Follow these steps to establish the WAFS services: 1.E n ab li ng WA F S C o nf ig u r a ti on 121 Figure 3:Permissions for New Share 2. Defining Network Settings. on page 121. use either the Accelerator 6940 front-panel LCD or the CLI command line.).

fill-in the device name as shown below and click Submit. click OK to confirm the closure operation. 5. If you do not intend to define a link on this device (namely. In the Basic tab of the My Accelerator screen. Move to the Time tab to enter your local time settings. to use the device as an Accelerator). press Cancel and continue with the FBD configuration. 4. You are advised to set the Accelerator’s time and date manually (default).122 C h ap t er 5: Configuring and Managing WAFS Figure 4: Setup Wizard 3.0 . In the dialog box that appears.1 Us er Gu id e . Figure 5:My Accelerator screen 6. Ac ce ler at o rOS Ve rsi on 7.

click Add to add the domain name. 9. and then go to the DNS tab. This tab lets you configure the domain name server. Select Setup > Networking. . In the Domain Name Table pane. Fill-in the domain name in the Domain Name field. Figure 7: DNS Configuration 8.E n ab li ng WA F S C o nf ig u r a ti on 123 Figure 6: Accelerator Time 7.

Click Submit. Type the domain name server IP address in the field and click Apply. Enabling WAFS Operation Mode To enable the WAFS Operation Mode: 1. 10. Select File-Bank Director as WAFS operation mode. Use the dialog box that appears now to confirm the creation of the WAFS service.0 . 4. enter the domain name(s) for the servers in the order of preferential usage and click Submit. 11. Select the IP Domain Lookup type as Enable. Click OK and then click the Write command at the top of the screen (encircled below): Ac ce ler at o rOS Ve rsi on 7. 6. The next dialog box prompts you to execute write configuration and perform reboot to enable creation of WAFS service. Select Services > WAFS. as shown below: Figure 8: WAFS Services menu 3.1 Us er Gu id e .124 C h ap t er 5: Configuring and Managing WAFS In the dialog box that opens now. 5. 2.

8. In the dialog box that appears now. 9. Click Close. Figure 10: Confirm Reboot .E n ab li ng WA F S C o nf ig u r a ti on 125 Figure 9:Web Page dialog box 7. click OK to confirm the reboot operation. Select Tools > General Tools and click the Reboot button to apply your new settings.

126 C h ap t er 5: Configuring and Managing WAFS Excluding Servers or Subnets from WAFS It is possible to exclude specific servers or subnets from receiving the benefit of WAFS services. 2. 4. click WAFS. In the Exclude by field select: IP address. Click Delete. To exclude servers or subnets: 1. then click Exclusion 2. or Host name. Select either client or server side. Ac ce ler at o rOS Ve rsi on 7.0 . To delete an entry in the exclude table: 1. From the Services Menu. Select the row of the entry. 3. Enter a valid IP address and click Add.1 Us er Gu id e . Subnet.

(In the last step. 4. . the FB will poll the FBD for all file servers it recognizes. In order for the data center to function. the following steps need to be done: Setting Up the File Bank Director. Click this button to enter the WAFS Management screen. choose File-Bank Director from the dropdown menu. In the WAFS Operation Mode field. on page 127 Setting Up the File Bank. they work together to create a virtual file server system. and the File Bank. Make sure you are logged into the machine you want to set as file bank director. and therefore you need to allow blocked content (pop-up) to be able to display it. All IP addresses of these file servers are resolved. this screen lets you select whether to enable WAFS transparency. i Note: WAFS Management is a pop-up window. In addition.Configuring the Data Center and Branch Office C on f ig u r in g t h e D ata C en t er an d B r an ch O f f ic e 127 There are two components to the Data Center: the File Bank Director. 2. You can later use the FileBank Director Administration GUI for modifying any of the installation parameters. in order to accelerate company file sharing as shown in the diagram below. 3. When put on the network. The Setup Wizard lets you set up FileBank Director in several simple steps. You will notice that the WAFS Configuration button is now enabled. as part of the initial FileBank Director installation. and all traffic destined to the servers is redirected to the Accelerator. If you enable this feature. select Services > WAFS. you have the option of modifying parameters before accepting them.) To run the setup wizard for the File Bank Director: 1. From the AcceleratorOS Home Page. as well as each server that is added or removed. on page 130 Setting Up the File Bank Director You should run the Setup Wizard prior to activating the FileBank Director. The WAFS screen lets you view the current WAFS operation mode: either FB (FileBank) or FBD (FileBank Director).

on page 130 6.128 C h ap t er 5: Configuring and Managing WAFS Figure 11: WAFS Setup Wizard 5.0 . Click Setup Wizard in the Left Window Pane to invoke the Setup Wizard. File Server Name Here Alias Here Figure 12: Setup Wizard’s File Server Settings screen Ac ce ler at o rOS Ve rsi on 7.1 Us er Gu id e . The wizard has the following screens: File Server Settings. on page 129 Confirmation and Application. Proceed to the next section. on page 128 . File Server Settings. File Server Settings In this section you will set the Domain Settings. on page 128.the one that is open now Summary.

3. To accept all parameters and configure the FileBank Director device. the default alias will be the FileBank Director’s host name. on page 130. on page 128. Review the list for any possible errors. prior to applying them to the FileBank Director. .C on f ig u r in g t h e D ata C en t er an d B r an ch O f f ic e 129 To set the File Server settings: 1. 2. If you see an error. File Server Settings. Figure 13: Summary section At this stage the wizard displays a summary of all parameters entered during setup. Confirmation and Application. Click Next >> to proceed to the next section. When an alias is not defined for a file server. on page 129. click Setup Wizard and make necessary changes. In the fields indicated in the window above. To confirm the settings: 1. click Apply. Proceed to the next section. Summary In this section you see the settings that you made from the previous section. Summary. 2. The alias field is optional. Type in the names of the servers and their aliases. as shown here in the diagram.

click Restart. To apply the settings. on page 33. Ac ce ler at o rOS Ve rsi on 7.0 . Make sure you have a valid WAFS FB license as explained in Viewing the License Status. as part of the initial FileBank configuration. Setting Up the File Bank You should run the Setup Wizard prior to activating the FileBank. Figure 15: Confirmation screen 2. 3. on page 130. Figure 14:Wizard Summary screen To apply the settings: 1. You can later use the FileBank Administration GUI for modifying any of the installation parameters. To confirm all changes have been made successfully.1 Us er Gu id e . a confirmation screen appears. Once the license is installed go to the machine that will be the File Bank and follow the directions as described in Setting Up the File Bank.130 C h ap t er 5: Configuring and Managing WAFS Confirmation and Application The following screen appears to allow you to restart the Accelerator and apply the settings.

Overview To configure the branch office: 1. select Services > WAFS.C on f ig u r in g t h e D ata C en t er an d B r an ch O f f ic e 131 The Setup Wizard lets you set up a FileBank in several simple steps. see Viewing the License Status. From the AcceleratorOS Home Page. 3. you have the option of modifying parameters before accepting them. 3. and therefore you need to allow blocked content (pop-up) to be able to display it. choose File-Bank from the drop-down menu. Make sure you are logged into the machine you want to set as file bank.) Once Setup is complete. on page 33. make sure you have a valid FB license. To check if the license is valid. For details. 4. Setting up the FileBank device. To run the setup wizard for the File Bank: 1. In the WAFS Operation Mode field. You will notice that the WAFS Configuration button is now enabled. see Setting Up the File Bank. i Note: WAFS Management is a pop-up window. 2. Configure the client computers. 2. Connecting the FileBank device to the branch office LAN. (In the last step. Figure 16: Setup Wizard . on page 130. Click this button to enter the WAFS Management screen.

on page 128 File Bank Director Settings. Virtual Server Prefix—If you are not using WAFS transparency. on page 134) in order to set this parameter.1 Us er Gu id e .0 . You will need to have administrator’s username and password in the screen that follows (see Summary. fill in the fields with the correct information as shown below: Windows Domain—this is the domain that you will use to connect to the File Bank. Click Setup Wizard in the Left Window Pane to invoke the Setup Wizard. on page 130 2. Proceed to the next section. The wizard has four main screens: File Server Settings. Authentication Server—supply the name of the domain controller. on page 129 Confirmation and Application. File Server Settings. Domain Settings In this section you will set the Domain Settings. After the screen appears. You may also add a suffix. you should add a prefix to the server’s name so that all requests to the file bank (FB) are directed to the VFS and not to the actual server. Note that this prefix is added to all servers. Figure 17: Domain Settings To set the domain settings: 1. on page 133 Summary.132 C h ap t er 5: Configuring and Managing WAFS 1. on page 128. Make sure the name you use is known to the DNS. Ac ce ler at o rOS Ve rsi on 7.

Type in the names of the file bank director you indicated in File Server Settings. on page 133. Summary. Figure 18: FileBank Director Settings screen To indicate the File Bank Director: 1. This step is critical because it will indicate to the File Bank which server or servers are to be the File Bank Director. Once you have filled in these fields. Note that this suffix is added to all servers. on page 128 and in the order indicated. . you define the file servers to be exported by the FileBank Director. Click Next >> to proceed to the next section. you should add a suffix to the server’s name so that all requests to the file bank (FB) are directed to the VFS and not to the actual server. click Next >> and proceed to the next section. File Bank Director Settings In this step. on page 134.C on f ig u r in g t h e D ata C en t er an d B r an ch O f f ic e 133 Virtual Server Suffix—If you are not using WAFS transparency. If you mismatch these settings it may have an effect on user performance. File Bank Director Settings. You may also add a prefix. 2. 2.

on page 134. click Apply. prior to applying them to the FileBank Director.1 Us er Gu id e . To accept all parameters and configure the FileBank Director device. Review the list for any possible errors. Confirmation and Application.134 C h ap t er 5: Configuring and Managing WAFS Summary Figure 19:Summary At this stage the wizard displays a summary of all parameters entered during setup.0 . To confirm your settings: 1. Figure 20:Confirmation Ac ce ler at o rOS Ve rsi on 7. Proceed to the next section. 2. Confirmation and Application The following screen appears to allow you to restart the Accelerator and apply the settings. 3.

WAFS Management and Operation Modes. In order to assure that the File Bank is joined properly to the Windows domain that you set in Domain Settings. click Restart. To apply the settings.C on f ig u r in g t h e D ata C en t er an d B r an ch O f f ic e 135 To apply your settings: 1. on page 132. Go to the next section. a confirmation screen appears. Figure 21: Successful Installation 3. 2. . To confirm all changes have been made successfully. the user that has administrative rights to the Windows domain should enter his/her username and password and click Join. on page 136.

on page 142 Additional Services—(FileBank Operation mode only) for a detailed description. see Setting Up the File Bank Director. the features described within will be for both modes. see Configuring Additional Services. The WAFS Management screen is divided into the following sections: Status Bar—along the top Navigation Pane—on the left Workspace—the main area. on page 138 FileBank Director Categories. The navigation pane is divided into the following main categories: System—for detailed description. see section Managing File Services. on page 140 Ac ce ler at o rOS Ve rsi on 7. on page 127 and Setting Up the File Bank. on page 168 Utilities—for detailed description. on the right Clicking a selection from the navigation pane opens the relevant page in the workspace. see section FileBank Utilities. on page 137 The WAFS Management Screen In general the WAFS Management screen will look the same from both WAFS operation modes (FileBank or FileBank director).136 C h ap t er 5: Configuring and Managing WAFS WAFS Management and Operation Modes This section describes the management and configuration of the WAFS service under FileBank and FileBank Director operation modes. Unless indicated. The following topics are discussed: The WAFS Management Screen. on page 136 FileBank Categories. on page 130. File Services—for detailed description.1 Us er Gu id e .0 .

on page 137 FileBank Director Utilities. the FileBank Director can function. File Services This section describes the following functions offered by FileBank Director: . For more information. Controlling the service status lets you start. on page 138 FileBank Director System The System category includes the following subsections: Setup Wizard—lets you set up FileBank Director in several simple steps. Boot services—lets you control FileBank Director service and device status. All parameters set via the Setup Wizard can be modified within the GUI. Controlling the device status lets you reboot or shut down the FileBank Director device. on page 137 File Services. on page 127. as viewed when the WAFS operation mode is FBD (FileBank Director): FileBank Director System.WA FS M a n ag em en t a n d O pe r at i on M o de s 137 Figure 22: WAFS Management screen FileBank Director Categories The following sections describe the WAFS management screen work categories. stop or restart FileBank Director service. You should run the Setup Wizard prior to activating FileBank Director. Once Setup is complete. see Setting Up the File Bank Director. For more information see Managing the Data Center. on page 141.

FileBank Director Utilities This section describes the FileBank Director utilities. on page 140 FileBank System The System category includes the following subsections: Ac ce ler at o rOS Ve rsi on 7. enter the file server name. Logs—lets you generate FileBank Director activity logs for monitoring. and optionally an alias. The TCP (data transfer) and UDP (“keep alive”) ports are set to 4049 by default. on page 137 Additional Services. File Servers—to add file severs to be exported through the Expand WAFS solution and the FileBank Director. on page 138 File Services. System Users—used for managing internal users that are used by specific Expand services (for example: Replication Service). which are as follows: System Diagnostics—lets you run a diagnostic test on the FileBank Director device to ensure that the device is working properly. in this screen. optimization. Filters—allow Expand to avoid unnecessary compression attempts on files that are already compressed. on page 140 FileBank Utilities.138 C h ap t er 5: Configuring and Managing WAFS FileBank Director Settings—lets you define the Listen Port Assignments settings and set the FileBank Director ID. The results of the test will be displayed in the Results area of this screen. FileBank Categories The following sections describe the WAFS management screen work categories. and troubleshooting purposes.0 . but can be changed if necessary. Replication Services—the method by which the system can be set to optimize the handling of very large files over the bandwidth-limited WAN link.1 Us er Gu id e . as viewed when the WAFS operation mode is FB (FileBank): FileBank System. thereby improving overall system performance.

and lets you add or delete FileBank Directors as necessary. Boot services—lets you control FileBank service and device status. Once fetched. which are as follows: FileBank Directors—displays the current FileBank Director(s) for the FileBank. stop. Cache Settings—gives you cache statistics. Once Setup is complete. this data resides in the Cache and can be accessed immediately. or restart FileBank service. Controlling the service status lets you start. Controlling the device status lets you reboot or shut down the FileBank device. Windows Domain—lets you join the FileBank to the domain. FileBank Services This section describes FileBank File Services functions. use domain administrator credentials (Username and Password). Kerberos Configuration—allows nodes communicating in a nonsecure network the ability to identify each other in a secure manner.WA FS M a n ag em en t a n d O pe r at i on M o de s 139 Setup Wizard—lets you set up FileBank in several simple steps. and manual cache invalidation. Thus prepopulation optimizes first-time access to this data. System Users—lets you add and delete FileBank system users. Filters—provides smart filters to enhance performance and bandwidth optimization over the WAN. . set the domain name. You should run the Setup Wizard prior to activating FileBank. the FileBank can function. This helps distinguishing the local virtual server name from the Central File Server name. Replication Services—the method by which the system can be set to optimize the handling of very large files over the bandwidth-limited WAN link. Fetch Settings—lets you define which data will be fetched from the Data Center for pre-population of the Cache. and add or delete authentication servers. to represent the local virtual server. All parameters set via the Setup Wizard can be modified within the GUI. and lets you control basic cache functionality: cache validation frequency. Virtual Servers—lets you configure FileBank to automatically add a prefix and/or suffix to the original file server name defined at the FileBank Director site.

Ac ce ler at o rOS Ve rsi on 7. System Statistics—displays a list of connected users. Username. Group and Machine. This screen lets you add network printers. as required.140 C h ap t er 5: Configuring and Managing WAFS Additional Services This section describes the FileBank Additional Services. with their Session ID. use the Refresh button. and delete printers. which are as follows: System Diagnostics—lets you run a diagnostic test on the FileBank device to ensure that the device is working properly. which are: Print Services—you can configure FileBank to serve as the local branch print server.1 Us er Gu id e . view a list of already existing printers. FileBank Utilities This section describes the FileBank utilities.0 . optimization. and troubleshooting purposes. The results of the test will be displayed in the Results area of this screen. Logs—lets you generate FileBank activity logs for monitoring. To update the list.

In addition to starting the WAFS service. in order to start the WAFS services. starting. Access the Boot Services screen by clicking Boot Services (circled) under the System Menu lets you to control FileBank Director service and device status. restart. the following options can be performed: Start or Stop the File Bank Director Service Restart or Reboot the File Bank Director Service Shutdown the File Bank Director Device Note that. reboot. or restarting the WAFS service as this may interfere with other users who have work in progress. Figure 23: Boot Services . you must follow this step. Caution should be made when stopping. on page 142 Configuring FileBank Services. stop. To start. on page 141 Managing File Services. or shutdown: 1.Managing the Data Center The following topics are discussed: Starting the Data Center. on page 149 M a n ag in g t h e D ata C en t er 141 Starting the Data Center If you have configured the File Bank and File Bank Director and have installed the AOS license file on each machine you will need to start the WAFS service on each.

on page 142—for FileBank Director mode only Managing System Users. FileBank Director Settings is also used for changing the FileBank Director ID in a multi FileBank Director environment—where each FileBank Director is automatically assigned its own. on page 144. unique.0 . Managing File Services This section describes File Services options. on page 145—for FileBank Director mode only Managing the Compression Filters List. on page 147. The TCP (data transfer) and UDP (“keep alive”) ports are set to 4049 by default. Adding File Servers. but can be changed if necessary. on page 159.1 Us er Gu id e .142 C h ap t er 5: Configuring and Managing WAFS 2. there is no confirmation dialog so ! the operation is carried out immediately. Defining FileBank Director Settings The FileBank Director Settings screen lets you set the Listen Port Assignments and the FileBank Director ID. integer ID. Replication Service. ! CAUTION! If you click Reboot or Shutdown. Make sure you want to do this before clicking! Note too that if you reboot or shutdown while users are connected their work progress will be affected. because such a change will result in resetting the Ac ce ler at o rOS Ve rsi on 7. which are as follows: Defining FileBank Director Settings. Perform one of the following actions: Start the File Bank Director Service—Click Start Stop the File Bank Director Service—Click Stop (See warning!) Restart the File Bank Director Service—Click Restart (See warning!) Reboot the File Bank Director Device—Click Reboot (See warning!) Shutdown the File Bank Director Device—Click Shutdown (See warning!) ! ! CAUTION! Stopping or Restarting the device while users are connected will interfere with their work in progress. FileBank Director ID should not be changed once the system is running.

the cache associated with the initial ID will become obsolete). 2. From the WAFS left menu pane. . 4. To change FileBank Director ID: 1. Type in the new TCP value. Click Apply. From the WAFS left menu pane. Type in the UDP value. 5. Make sure you are using the FileBank Director WAFS operation mode. Type in the new unique ID. It is best to write this ID down for future reference. Also. Click Apply. under File Services select FileBank Director > Settings 3. 3. if the ID is changed and matches the ID of another machine.M a n ag in g t h e D ata C en t er 143 cache optimization state (namely. 4. Make sure you entered the WAFS menu using FileBank Director Operation Mode. under File Services select FileBank Director > Settings. 2. Figure 24: FileBank Director Settings screen To change Listen Port Assignments: 1. errors will result.

Verify the password by typing in the same password you entered in the Password field. 2. Ac ce ler at o rOS Ve rsi on 7. Select the checkbox for the user. Click Add and the User’s information is added to the list at the bottom. Figure 25: System Users To add a user: 1. under File Services select System Users.0 . From the WAFS left menu pane. 3. or users. to be deleted 3. To delete users from the current list: 1. From the WAFS left menu pane.144 C h ap t er 5: Configuring and Managing WAFS Managing System Users The System Users screen (File Services > System Users) is used for managing internal users that are used by specific Expand services (for example: Replication Service).1 Us er Gu id e . under File Services select System Users. Click Delete. Fill in the new user's Domain Name. 2. Username and Password.

. it is necessary to export all the participating DFS file servers on the FileBank Director side. i Note: When the FileBank Director is configured to export a DFS root. type in the file server name—and optionally an alias—in the File Servers screen (File Services > File Servers).M a n ag in g t h e D ata C en t er 145 Figure 26: Delete Users Adding File Servers To add more file severs to be exported through the Expand WAFS solution and the FileBank Director.

0 . select one or more checkboxes. Fill in File Server Name. 2. and optionally an Alias 3. To delete servers: 1. Make sure that you entered the WAFS menu using FileBank Director operation mode. Make sure that you entered the WAFS menu using FileBank Director Operation Mode. From the Exported File Servers section.1 Us er Gu id e .146 C h ap t er 5: Configuring and Managing WAFS Figure 27: File Servers To add a user: 1. 3. Ac ce ler at o rOS Ve rsi on 7. 2. Click Delete. Click Add.

2. In the Set a CIFS User section. 3. thus improve overall system performance. You can also delete extensions from the list. to optimize performance. Make sure that you entered the WAFS menu using FileBank Director operation mode. Managing the Compression Filters List The Expand WAFS solution compresses data that travels across the WAN. To delete a CIFS User: 1. The Compression Filters list (File Services > Filters) shows you all file extensions that the system will not attempt to compress. The compression filters allow Expand to avoid unnecessary compression attempts on files that are already compressed. There is no confirmation and action will take place immediately. . Click Clear. However. if you are sure that they are not compressed and were added by mistake. 3. 2. Make sure that you entered the WAFS menu using FileBank Director operation mode. you can add it. fill in the following information: Domain Name User Name Password Verify Password—make sure the password you enter here matches the password you enter in the Password field. This will clear all of the listed CIFS users. If you are using compressed files of a type that is not currently included on the Compression Filters list. several file types are already compressed and cannot be compressed further. Click Set.M a n ag in g t h e D ata C en t er 147 To Set a CIFS User: 1.

3. From the WAFS left menu pane. You should only delete a filter if was added by mistake. under File Services select Filters. Scroll down to the bottom of the Compression Filters list. 2. Files of these types are known to be compressed and do not require further compression.1 Us er Gu id e . Type in the file extension in the form *. To delete filters: 1.148 C h ap t er 5: Configuring and Managing WAFS Figure 28: Filters screen To add a filter: 1. Click Delete . 3.xxx (where xxx is a three or four-letter fileextension). under File Services select Filters. ! ! CAUTION! Do not delete filters that were included in the list provided by Expand. 2. Select one or more filter checkboxes. Ac ce ler at o rOS Ve rsi on 7. Click Add. From the WAFS left menu pane. 4.0 .

on page 150 Windows Domain. Figure 29: FileBank Director settings . which are as follows: FileBank Directors. on page 151 Cache Settings. click File Services > FileBank Directors in the Navigation Pane (see figure below). on page 149 Virtual Servers. This screen displays the current FileBank Director(s) for the FileBank. on page 157 FileBank Directors To access the FileBank Directors screen. and lets you add or delete FileBank Directors as necessary. on page 152 Fetch Settings.M a n ag in g t h e D ata C en t er 149 Configuring FileBank Services This section describes FileBank File Services functions that are only accessible through the FileBank Operation mode.

Click Delete. 2. The lower half of the screen lists Exported Virtual Servers and their connection status (“Connected”/”Disconnected”). DNS Masquerading or WAFS ! Transparency must be activated. 2. Also ! if you need to use an Alias name. 4. 5. on page 184. 3. in which case the default value . To delete a FileBank Director: 1. Select one or more checkboxes of hostnames in the current FileBank Directors list 3.0 . For details regarding DNS Masquerading. used for representing the local virtual server (File Services > Virtual Servers). CAUTION! If you plan to use WAFS transparency. If neither a prefix nor a suffix is defined. do not use an Alias name.1 Us er Gu id e . For details regarding WAFS Transparency. Make sure that you entered the WAFS menu using FileBank operation mode.port 4049 . Note: You may leave the TCP and UDP fields blank. ii Enter the hostname. Virtual Servers You can configure FileBank to automatically add a prefix and/or suffix to the original file server name defined at the FileBank Director site. Enter the TCP port number Enter the UDP port number Click Add. Make sure that you entered the WAFS menu using FileBank operation mode. on page 698.is applied to both. see section WAFS Transparency Commands. CAUTION! Virtual Server Name = File Server Alias + any prefix/suffix added here. to avoid name resolution conflicts. ! ! Ac ce ler at o rOS Ve rsi on 7. see DNS Masquerading. This helps distinguishing the local virtual server name from the Central File Server name.150 C h ap t er 5: Configuring and Managing WAFS To add a FileBank Director: 1. you must block WAFS transparency.

Using domain administrator credentials (Username and Password) Setting the domain name Adding or deleting authentication servers. Type in a prefix and/or a suffix. 3.M a n ag in g t h e D ata C en t er 151 d Figure 30: Virtual Servers To create the virtual server name: 1. . Click Apply. 2. Make sure that you entered the WAFS menu using FileBank operation mode. Windows Domain The Windows Domain screen (File Services > Windows Domain) is used for carrying out the following tasks: Joining the FileBank to the domain.

Higher values mean better cache performance.0 .1 Us er Gu id e . whereas lower values mean that read-only data is more accurate. and lets you control basic cache functionality: cache validation frequency. and manual cache invalidation. Time to Live (TTL) settings These settings determine how often the FileBank verifies directories or file data with the FileBank Director.152 C h ap t er 5: Configuring and Managing WAFS Figure 31: Windows Domain Cache Settings The Cache Management screen (File Services > Cache Settings) provides you with cache statistics. Ac ce ler at o rOS Ve rsi on 7. Cache coherency is maintained regardless of these settings. Time to Live applies only to directory listing and readonly files.

thereby forcing the FB to validate the updated information with the EFS. System Users The System Users screen (File Services > System Users) lets you add and delete FileBank system users. . ii Note: Access to Data Center versions of cached files is verified prior to the invalidation. Cache files are not invalidated if Data Center versions are not available.M a n ag in g t h e D ata C en t er 153 Figure 32: Cache Settings Invalidate Cache The Invalidate button resets the TTL for the cached information.

Ac ce ler at o rOS Ve rsi on 7. Two types of filters are listed on the Filters screen (File Services > Filters): Short Term File (STF) filters Compression filters STF Filters Short Term Files (STFs) are files that are saved locally on the FileBank and not sent to the central server. The STF Filter list displays all file extensions that the system is currently configured not to back up. Select the checkbox for the users to be deleted.1 Us er Gu id e . Use the STF Filter for files that exist for a short term and for any other files you do not want to be backed up on the central file server (for example: photos and media files). Click Delete.154 C h ap t er 5: Configuring and Managing WAFS Figure 33: System Users To delete users from the current list: 1. ii Note: All Files that match the STF filter extensions selected are not backed up.0 . 2. You can add to or delete from this list as necessary. The Expand WAFS solution uses smart filters to provide additional performance and bandwidth optimization over the WAN.

on page 168 Configuring the Fetch Mechanism This section covers topics related to the Cache. on page 156 Fetch Settings. and acquires file locks on the Server. Topics covered include: Configuring the Fetch Mechanism. on page 161 Configuring Replication Services. on page 157 Creating Fetch Jobs. on page 162 Configuring Additional Services. future requests for files from that set will require the transfer of minimal amounts of data over the WAN. on page 159 Replication Service Activation. FileBank synchronously validates that the cached data is updated. speeding up service. on page 156 Fetch Jobs. for performance reasons it is strongly recommended that in file server consolidation scenarios you pre-populate the branch files working set as a minimum (for example: user home drives). on page 155 Replication Service. on page 155 Fetch User. . Although cache pre-population is not essential. ii Note: File types that have been configured as Short Term Files (STF) or Replication files.S e t ti ng Ad va n ced Fi leB an k F ea tu r e s 155 S e t t i n g A d va n c e d F i l e B a n k Fe a t u r e s This section covers advanced features that you can configure to the FileBank for added functionality. Cache pre-population optimizes “first-time” data access to files and directories by utilizing the Expand advantage: once a particular data set is saved in the local FileBank cache. are not pre-populated by the Fetch mechanism. Topics discussed in this section include: Fetch Mechanism Overview. on page 158 Fetch Mechanism Overview The Fetch mechanism lets you pre-populate the FileBank cache with specific data sets from the data-center file server. Depending on the mode in which files are opened by Clients.

You can configure the fetch user on the FileBank using the user CLI command.1 Us er Gu id e .156 C h ap t er 5: Configuring and Managing WAFS Fetch User The fetch user is the internal user that performs the data pre-population on the cache. The fetch user must have sufficient security permissions to traverse the file system and read permissions for the files being transferred. The path is expressed in UNC format (starting with virtual server name). A fetch job is defined by the path and the fetch user that will be used for fetching that path. Activating a multiple path job effectively creates a fetch instance for each specific path. and the user command argument is entered in {domain\user} format. or the System Users option in the management web interface. A fetch job can aggregate multiple paths under one entity (see the fetch jobs paths option).0 . Figure 34: Fetch Settings Ac ce ler at o rOS Ve rsi on 7. Fetch Jobs The term Fetch jobs describes the entities that will be pre-populated onto the FileBank cache.

a specific directory on a file server). as described below. you can activate the Fetch mechanism by running fetch jobs. Once fetched.S e t ti ng Ad va n ced Fi leB an k F ea tu r e s 157 Fetch Settings The Fetch Settings screen (File Services > Fetch Settings) controls the prepopulation of the Cache with specific data from the Data Center. Fetch Activation Once configuration is complete. and subsequently manage it by running fetch instances. see section Creating Fetch Jobs. For details. see section Creating Fetch Jobs. You can add paths as necessary. The Fetch Settings screen lets you define which data will be fetched for pre-population. For details. on page 158. This screen lists Fetch Jobs and their current status. Figure 35: Fetch Settings Fetch Jobs describe the entity that should be fetched (namely. Thus pre-population optimizes first-time access to this data. on page 158. this data resides in the Cache and can be accessed immediately. Fetch Instances represent Job runs. Fetch Jobs are created with a single path. .

2. 3. Domain/Username .as described in System Users. Add one or more paths to this Fetch Job. 3. Select the checkbox for the job. To delete a Fetch job: 1. Each time a job is started a new Fetch instance is created. Make sure that you entered the WAFS menu using FileBank operation mode.a specific folder on a file server. The paths are added to the Fetching Paths list. To create a Fetch job: 1. Ac ce ler at o rOS Ve rsi on 7. 2. on page 153 and as described in Virtual Servers. and then clicking Add. by typing the requested UNC path and priority. 5. as required. Click Add. Click Delete.1 Us er Gu id e . Figure 36:Fetch Jobs 4. and are now part of this Job. for all Fetch Jobs. on page 150. fill-in the following parameters: UNC Path .0 . click the Back to Fetch Settings link at the bottom of the screen. In the Add Job area of the Fetch Settings screen (File Services > Fetch Settings). This link takes you back to the general Fetch Settings screen. The new job is added to the list of Fetch Jobs. When you have added all necessary paths.158 C h ap t er 5: Configuring and Managing WAFS Creating Fetch Jobs Choose and start the fetch job you want to run. Make sure that you entered the WAFS menu using FileBank operation mode.

S e t ti ng Ad va n ced Fi leB an k F ea tu r e s 159 To start a Fetch instance: 1. Click Stop. In the Fetch Jobs list of the Fetch Settings screen. Click Start.PST. *. Replication Service One of the main challenges resulting from the consolidation of file services in a data center. Make sure that you entered the WAFS menu using FileBank operation mode. despite limited bandwidth and high latency. Make sure that you entered the WAFS menu using FileBank operation mode. while a recurring replication process handles daily synchronization with the data center file server (at times of low WAN bandwidth consumption). The Expand replication service addresses this challenge. is how to grant users efficient access to very large files over the WAN. by reducing bandwidth consumption at peak hours. Click Delete. and is added to the Fetch Instances list. . Click Delete. Fill-in the following parameters for the new user: Domain name Username Password 3. 2. select the checkbox for the Job. 3. Select the checkbox for the instance. administrator-defined file types (such as. 3. *. To stop a Fetch instance: 1. To add Fetch instances: 1. 3. 2. An instance of the Fetch Job is started. Select the instance in the Fetch Instance list. 2. With this feature.GHO) are served locally at the branch by the FileBank virtual server. Make sure that you entered the WAFS menu using FileBank operation mode. Make sure that you entered the WAFS menu using FileBank operation mode. To delete Fetch instances: 1. 2.

The file data is then updated asynchronously by the recurring replication process. on page 160 File Types. regardless of their size.mdb for Microsoft Access files). You define the time of day Ac ce ler at o rOS Ve rsi on 7. The replication user is set both on the FileBank and on the FileBank Director. Replication Schedule Replication is programmed to run once a day to synchronize changes between the FileBank and the Data Center file server. this file is synchronously created on the central file server with its security metadata (namely ACLs). not file size. Replication service configuration includes the following parameters: Replication Replication Replication Replication User. on page 161(optional) Replication User The Replication User is an internal user that performs file replication for the system. You are advised to run replication at offpeak hours. on page 160 Schedule. ii Note: In a nested shares environment. when WAN bandwidth is least utilized. All files whose extension is on the list of Replication File Types are handled by the replication mechanism. The replication user must have sufficient security permissions for traversing the file system and writing permissions to replicate to the file server. The same principle applies to changes made to existing files. Sharing replication files between branches can result in data loss. but without the actual file data. Replication File Types The Replication service handles replication on the basis of file extension (for example: *. the replication files should be prepopulated to the FileBank using the same path to which the users are mapped.1 Us er Gu id e .160 C h ap t er 5: Configuring and Managing WAFS When you create a new file (of a type that is replicated). on page 160 Paths. When changes are made to the list of Replication File Types. you must reboot the FileBank for the changes to take effect. should be activated only for files used exclusively by the branch. ! ! CAUTION! Replication is an asynchronous process.0 . and as such.

Service Activation on FileBank Director On the FileBank Director side. . Note: Replication Start and End times are defined as UTC values. the Replication Service searches the entire file system for files that correlate to the Replication File Types list.S e t ti ng Ad va n ced Fi leB an k F ea tu r e s 161 (UTC value) that replication starts. the feature searches only on the defined paths. Once the service is activated. Defining replication paths results in a faster replication process. by using either the FileBank Director web management or the replication setup command (CLI). need to have DNS servers as well to let us support them. The replication path can point either to a share or to a directory within a share. Initial service configuration and activation are easily performed. When using this option. you may define specific paths to be searched (instead of the entire file system). FileBank may be populated with the initial set of files. once one or more replication paths are defined. the replication feature searches the entire file system for files to be replicated. and you can also force a stop time (namely: stop the process even if replication is not complete). However. ii Replication Paths By default.0 or earlier systems. ii Note: When no replication paths are defined. you need only to define the replication user and start the replication server that runs on the FileBank Director. all clients who have NT 4. Alternatively. files outside the specified paths are not replicated. either over the web or through the CLI. You can also run a non-scheduled replication at any time by using the Replication Start and Stop options. Replication Service Activation General system configuration must be complete before you activate replication. ii Note: AcceleratorOS supports only DNS masquerading and not WINS masquerading. which use WINS servers. Therefore.

Once pre-population is complete. Ac ce ler at o rOS Ve rsi on 7. before starting to work with the FileBank in the field. Pre-populating involves copying an initial. You can perform the initial pre-population by either running the Replication Start initial CLI command or using data migration tools (such as Robocopy. and the daily Start time (the definition of replication paths. but are empty if opened. Initial service configuration and activation are easily performed. and of a Stop time. service configuration includes defining: replication user. up-to-date “snapshot” of all qualifying replication files. Note: Replication files that are on the file server but have not been pre-populated onto the FileBank cache are visible in directory listings. and allows you to Start and Stop it. Once configuration is complete. the replication service must be enabled on the FileBank. see section Managing the Compression Filters List. replication file types. on page 147. For details of what the Replication Service does. as described above).1 Us er Gu id e .162 C h ap t er 5: Configuring and Managing WAFS Service Activation on FileBank On the FileBank side. users can start working on the files. It also gives you access to the Replication User screen (see section Replication User.0 . on page 163). by using either the FileBank Director web management or the replication setup command (CLI). are optional. Configuring Replication Services The Replication Services screen (File Services > Replication Services) displays the current status of the Replication Service. This “snapshot” consists of file data and metadata (for example: timestamps and security attributes). from the file server that holds them. Initial Pre-population of Large Files on FileBank Working with replication services on large files requires pre-populating the files located in the paths we want to replicate. or Secure copy) to copy the files from the legacy branch file server to the FileBank virtual server. ii ii Note: File pre-population onto the FileBank is a prerequisite for working on the replication files.

see section Replication User. and lets you clear (in other words. and/or set a different user. delete) the current user. . Figure 37: Replication Services Replication User The Replication User is an internal user that performs file replication for the system. on page 163. you must define a valid Replication User. For more details.S e t ti ng Ad va n ced Fi leB an k F ea tu r e s 163 ii Note: Before you can start the Replication Service for the first time. The Replication User Screen (Replication Services > Replication User) displays the currently defined user.

and then click Set. Select the checkbox for the required user. click the Replication User link. Figure 38: Replication User To set the replication user: 1.164 C h ap t er 5: Configuring and Managing WAFS ii Note: The Replication Service cannot function unless a valid Replication User is set. Click Clear. ! ii To clear the current Replication User (without setting another): 1. showing the current user. 2. ! CAUTION! You should configure the same replication user on the FileBank and the matching FileBank Director. In the Replication Services screen (File Services > Replication Services). In the Replication Services screen (File Services > Replication Services). This user must have sufficient security permissions for traversing the file system and writing permissions to replicate to the file server. This user must have sufficient security permissions for traversing the file system and writing permissions to replicate to the file server. ! CAUTION! You should configure the same replication user on the FileBank and the matching FileBank Director. The Replication User screen opens. click the Replication User link. Note: The Replication Service cannot function unless a valid Replication User is set.1 Us er Gu id e . ! Ac ce ler at o rOS Ve rsi on 7. 2. The user is no longer the Replication User.0 .

The Kerberos status is shown. The following configurations are possible: Enabling or Disabling Kerberos . click Disable. If the time is not synchronous. select Kerberos Configuration. .S e t ti ng Ad va n ced Fi leB an k F ea tu r e s 165 ii NOTE: Using the replication services requires creating a new user.FBD only ii Note: It is important to make sure that the time of the Accelerator is synchronized with all other points on the network. Enabling and Disabling Kerberos on the FB To enable or disable kerberos on the FB: 1.FBD only Auto Configuration . under File Services. see Setting the Date and Time on the Accelerator. Enabling and Disabling Kerberos on the FBD This will enable or disable Kerberos on the File Bank Director and all servers that are associated with the File Bank Director. From the WAFS Configuration menu. When used in a client-server model. whereby both the user and the server verify each other's identity. it may result in Kerberos failure. on page 109. To enable kerberos. Kerberos Protocol messages are protected against eavesdropping and replay attacks. Kerberos Configuration Kerberos is a computer network configuration protocol which allows nodes communicating over a non-secure network to prove their identity in a secure manner. to disable kerberos. click Enable.available on the FB and FBD Enabling Kerberos on a Specific Server . To check the Accelerator’s time. Kerberos provides mutual authentication. 2.

0 . 2. under File Services. your kerberos realm might be MYDOMAIN.if there are more than one. put the name of the DNC here or else leave the field empty. 3. Click the AutoConfig button. select Kerberos Configuration.if there is more than one domain name controller. Admin Server . KDCs . 2. From the WAFS Configuration menu.166 C h ap t er 5: Configuring and Managing WAFS To enable or disable Kerberos on the FBD: 1. put the name of the Key Distribution Center . select Kerberos Configuration.COM.supply a Realm name (this is similar to a Domain Name controller) Although the realm can be any name you want it is common practice to create the realm by uppercasing the DNS domain name that is associated with the hosts in the to be defined realm. The Kerberos menu opens. the Accelerator chooses the settings. Fill in the fields as follows: Realm . From the WAFS Configuration menu. Default Domain .1 Us er Gu id e . if your hosts are all in the mydomain. under File Services. The Kerberos menu opens. For example. Enabling Kerberos per Server This is not available on the FB Ac ce ler at o rOS Ve rsi on 7.in this field.com realm.if the Domain Name Controller is different from the kerberos name. To choose the auto-configuration Setting: 1. Click Apply to submit. separate each name by a comma. Auto Kerberos Configuration When selecting this setting. put the name of the default one in the field.

. From the WAFS Configuration menu. 5. 2. click Enable. Click Apply. select Kerberos Configuration. under File Services. The Kerberos menu opens. A list of servers opens Choose the servers by clicking on them. Under Kerberos per EFS. 3.S e t ti ng Ad va n ced Fi leB an k F ea tu r e s 167 To choose the auto-configuration Setting: 1. 4.

and delete printers. as required.1 Us er Gu id e . see section Setting Advanced FileBank Features. For additional information about print functions. on page 155.0 . view a list of already existing printers.168 C h ap t er 5: Configuring and Managing WAFS Printing Services for the FileBank Configuring Additional Services This section describes the FileBank Additional Services. which currently include the Print Services. Figure 39: Print Services Ac ce ler at o rOS Ve rsi on 7. The Print Services screen (Additional Services > Print Services) lets you add network printers. Print Services You can configure FileBank to serve as the local branch print server.

168.21:9100/. Enter a brief description to help other users identify the printer. Select the checkbox near the name of the printer you want to delete. or install printer drivers locally Supports standard network printing protocols Can be connected directly to the printer Adding a Network Printer to FileBank The first stage when installing a new printer to the FileBank. Click Add. “frontdesk” or “floor5”). 4. The printer is added to the list of printers available to branch users (this list displays Name. is to set the printer entry and URI. Type the printer URI (an identifying string such as socket://192. Click Delete. .Pri nt i ng S erv ice s fo r th e F il eB an k 169 To add a printer: 1. Description. FileBank includes the following features: Lets administrators manage network printers and upload end-user drivers through the Windows “Add Printer Wizard” Lets clients download and install drivers and printers via “Point'n'Print”. and URI). To delete a printer: 1.1. 2. you can configure it to replace the existing local print server (or servers). Configuring Print Services (FileBank) Once FileBank is installed at the branch office.) 3. 2. Type in the printer name (preferably a descriptive name such as “Konica 7022”.

which automatically installs the associated printer driver the first time they access a particular printer.1 Us er Gu id e . Printing administrators must be users with full access and write credentials on the central fileserver PRINT$share. NOTE: Printing administrators must posses full access and write credentials on the central file server Prints share. printing mode and printing administrators on FileBank. The default printing administrator values are: Administrator (individual) and @Administrators (group name).170 C h ap t er 5: Configuring and Managing WAFS Figure 40: Print Services Assigning Printing Administrators Only assigned printing administrators can upload printer drivers. you can upload printer drivers to the print server. In many cases the default setting is not sufficient and you need to create additional user(s) and groups. ii ii NOTE: Group names must be prefixed with @. This Enables clients to use the “Point'n'Print” feature. Uploaded drivers are stored on the central file server and cached on the local FileBank (a valid network connection between the FileBank and the FileBank Director is required).0 . Point’N’Print Configuration Once you have defined printers. Ac ce ler at o rOS Ve rsi on 7.

follow the Windows Add Printer Driver Wizard. OR If one or more drivers have already been installed. and therefore the dialog box shown below appears. Figure 41: Printer Properties ! ! CAUTION! Do not click Yes. The standard Windows Add Printer Wizard (APW). 5. (If no drivers have been installed this list will be empty. accessed from a Client. you can select one of these drivers from the drop-down list. has no real printer driver assigned to it. You are trying to view the printer’s properties before a driver has been assigned to it. and type in the UNC path of the virtual server: \{virtual server name} 3. Click No. right-click on the printer icon. 2.) 6. 4. Open the Printers and Faxes folder. Log in to a workstation as a user who is also defined as a printing administrator. ii Uploading Printer Drivers 1. If installing a new driver.P ri nt i ng S erv ice s fo r th e F il eB an k 171 The initial listing of printers in the FileBank Printers and Faxes folder. Note: The existence of PRINT$share on the central file server is a prerequisite for uploading/downloading printers drivers (“Point’N’Print”). Do one of the following: Install a new printer driver (thereby activating the Add Printer Wizard. run from NT/2000/XP clients. OR Click Start > Run. Browse to the FileBank’s virtual server name. is used for printer driver upload. by doing one of the following: Open Network Neighborhood and browse to the virtual server name. and select Properties (from the menu). . see next step). locate the printer you have added to FileBank.

2. click Printing Defaults. Change the current page orientation (Portrait/Landscape) and click Apply. as described in the next section. use the following procedure to trigger the printer driver startup. Return to step 3 above. First Client Driver Installation After uploading a printer driver or drivers. Right-click on the relevant printer. 3. perform the first client driver installation. After driver upload is complete.172 C h ap t er 5: Configuring and Managing WAFS 7. On the Advanced tab.1 Us er Gu id e . The printer is added to the local Printer folder (you can verify this by clicking Start > Settings > Control Panel > Printers and Faxes). Ac ce ler at o rOS Ve rsi on 7. the driver is not yet installed. you must perform the First Client Driver Installation.0 . Log in to any workstation as a user who is also defined as a printing administrator and has administrator rights on the workstation. ii Note: If Connect still appears on the right-click menu. 5. 1. Once this initiation step is concluded. further clients are easily set up and should not require further attention. 4. and select Connect from the menu. Restore original page orientation and click Apply. Right-click on the printer and select Properties. Browse to the FileBank’s virtual server name.

the following message appears: . 1. Log in to any other workstation (with permission to install drivers locally). a dialog box may appear at this stage. right-click on the printer icon. any client wanting to install this printer can just “Point'N'Print”. 6. Browse to the FileBank’s virtual server name. Open the Printers and Faxes folder (Start > Printers and Faxes). Locate the printer (Start > Printers and Faxes) and double-click it. From now on. 3. 2. 4. Verify that printer properties are visible (see the driver-specific fields) Manual Client Driver Installation Once you have defined your printers on the FileBank. 7. ii Note: If you are running Windows 2000. and type in the UNC path of the virtual server: \{virtual server name} 3. Therefore. 1. and select Properties (from the right-click menu). OR Click Start > Run. Print a test page. by doing one of the following: Open Network Neighborhood and browse to the virtual server name. Verify that the print job is added to the print queue and prints out correctly. Open the print queue for the printer. 5. Verifying Point’N’Print Installation After completing the above two stages. Log in to a workstation as a user who has administrator rights on the workstation.P ri nt i ng S erv ice s fo r th e F il eB an k 173 At this stage you may also want to set other printing defaults that will apply to all future clients wanting to carry out “Point’N’Print” driver installation. you are advised to verify that “Point’N’Print” is functioning correctly. You are trying to view the printer’s properties before a driver has been assigned to it. locate the printer you have added to FileBank. you can optionally install printer drivers locally on workstations (without relying on “Point’N’Print”). 2. Verify that drivers are installed.

On the File menu. Verify that the print job is added to the print queue and prints out correctly. Open the Printers and Faxes folder (Start > Printers and Faxes). install it and connect. Click Yes.174 C h ap t er 5: Configuring and Managing WAFS Figure 42: Printer Properties 4. Open the print queue for the printer.1 Us er Gu id e . To verify driver installation for each Client: 1. 4. Print a test page. 2. Browse to the Client’s Control Panel. Ac ce ler at o rOS Ve rsi on 7. 2. 5. Log in to the workstation to which you to install a printer as the workstation’s administrator. The Add Printer Wizard (APW) opens. 3. 5. Add a printer to the FileBank.0 . The Add Printer wizard opens. 3. Verifying Driver Installation To enable a client to use the FileBank as the print spooler. Select the driver to associate with the printer. click Add Printer. communicating by using IPP (Internet Printing Protocol): 1.

Pri nt i ng S erv ice s fo r th e F il eB an k 175 Figure 43: Add Printer Wizard 6.” ii . When done. In the URL field. Select the radio-button Connect to a printer on the Internet or on a home or office network. ii Note: Installing the IPP printer drivers to a workstation does not require additional settings on the FileBank other than adding the IPP printer URL to the FileBank. and use the wizard for completing the installation. Click Next. 7. Select the appropriate driver to install. enter the URL for the printer in the following format: http://<FileBank's hostname>:631/printers/<printer’s name> 8. print out a test page. 9. 10. Note: Client side IP configuration does not support “Point’N’Print.

To connect a printer to the FileBank server: 1. 2. the FB will automatically mount the printer.176 C h ap t er 5: Configuring and Managing WAFS Connecting the Printer to the FileBank Server Although both Parallel and USB connections are supported. Ac ce ler at o rOS Ve rsi on 7. the option is disabled. Use the WebUI to add a printer. you achieve the following functionality with a USB connected printer: Installing the printer using a USB driver Migration of the remote driver for USB Ability to use all of the printer’s functionality via the USB driver Ability to create Users and Groups as well as permission settings If the printer is connected to the FB with a USB cable.0 . Printing Setup Troubleshooting Issue: I cannot select a new driver to upload. Connect the printer to the FileBank server via USB (or parallel port if no USB is available).1 Us er Gu id e .

8. Verify that PRINT$share exists on the target's central file server. on page 172). on page 171). Verify that you have set the printing driver to server at the FileBank: > printing drivers set server and then repeat the driver upload procedure (see Uploading Printer Drivers. 6.) I get an Access Denied message when trying to upload drivers 1. When I try to print out a test page I get one of the following errors: “Operation could not be completed” “Could not add a print job” “Print test page failed” 4. Verify that the printer is connected and operational (look for errors such as network connection problems. on page 170. port. and that the printer supports the protocol given and is configured to acknowledge on the specific protocol (IP. before trying to print (see First Client Driver Installation. Ensure that you have initialized the printer by performing the first Client driver installation. Verify that you are logged in as a printing administrator. Verify that you are logged in as a printing administrator with full read/write access on the PRINT$share. If the printer driver is not yet installed on the workstation. 2. paper jam and out of paper). Print jobs are not cleared from the queue (even after refreshing the queue) and are not printed 7. 3. protocol). 3. with full read and write access to the PRINT$share. Verify that the printer is connected and operational ((look for errors such as network connection problems.Pri nt i ng S erv ice s fo r th e F il eB an k 177 1. Ensure that you are logged in as an administrator for this workstation. . 2. paper jam and out of paper). 5. Ensure that this user is defined as a printing administrator (see section Assigning Printing Administrators. Verify that the printer’s URI is defined correctly on the FileBank. Ensure that a PRINT$share is defined on the central file server.

click the Add a Printer button. The Add Printer Wizard dialog box appears: Figure 44:Add Printer Wizard 3. In the Printer Tasks pane.178 C h ap t er 5: Configuring and Managing WAFS Using WAFS Printing Services Adding a WAFS Printer via Windows WAFS now lets you use the Windows Add Printer Wizard to add a Server printer on a remote computer.0 . To add a Server printer: 1. 2. Go to the Printers and Faxes section on the server from which you want to add the printer.1 Us er Gu id e . The next screen lets you either select the port you want your printer to use or create a new port: Ac ce ler at o rOS Ve rsi on 7.

Us in g WAF S P r in t in g S e r vi ce s 179 Figure 45: Select Printer Port 4. . Figure 46: Add Port 6. Select the option of creating a standard TCP/IP port. 5. Use the standard Windows wizard to continue with the installation. Use the following dialog box to add a printer name or IP address and a port name.

a WAN-OUT event is detected on the FileBank installed at the RBO. on page 180 Working with Files while in WAN-OUT Mode. and a FileBank Director (FBD) installed at the Data Center. The FBD's WAFS services are down. When a WAN-OUT event is identified. Expand’s WAFS solution includes support for WAN-OUT mode. Expand's WAFS solution lets users at the RBO optimize their use of shared contents on a File Server installed at the Data Center. the FBD installed at the Data Center. with READ-ONLY permissions.1 Us er Gu id e . i Note: If the File Server goes down prior to the communication being cut between the FB and FBD. allowing users at the RBO to open. has its own WAN-OUT detection mechanism in order to allow it to identify a WAN-OUT event independently. Ac ce ler at o rOS Ve rsi on 7. The FBD is frequently inaccessible (some network disconnections).180 C h ap t er 5: Configuring and Managing WAFS WAN-OUT Operation This section presents the following topics: About WAN-OUT. However. a WAN-OUT event will not be triggered Detecting a WAN-OUT Event Generally. or when the FileBank Director is temporarily unavailable. on page 181 WAN-OUT Known Limitations. on page 180 Detecting a WAN-OUT Event. cached share content stored on the FileBank. The FBD is inaccessible to the FileBank:. on page 183 About WAN-OUT Expand's WAFS solution comprises of two parts that communicate with one another: a FileBank (FB) installed at the Remote Branch Office (RBO). A WAN-OUT event can be triggered by any of the following scenarios: The RBO's WAN link is down.0 . the system automatically switches to WAN-OUT Mode. The FBD is totally inaccessible (disconnected from the network). thus providing necessary business continuity for cases of temporary WAN outage.

. The FBD Keep-Alive mechanism uses UDP port 4049 datagrams sent from the FB to the FBD. This means that when consulting the FB's cache. The FB WAN-OUT mechanism inspects all of the above connections for failure. Some of these connections are created as a result of end-users work with the File Server (such as opening a file). it will assume that it is no longer communicating with the respective FB. while other connections are created as a result of system internal communications between FB and FBD (for example: a periodical GNS Refresh operation). The entire cache content on the FB is treated as valid. and will detect a WAN-OUT event if any of these connections fail. and therefore. on its part. which allows end-users to access cached share content stored on the FB with READONLY permission. Keep-Alive UDP datagram messages are sent periodically from the FB to the FBD. The FBD. end-users at the RBO can work only with cached share content stored on the FB. releases all file locks on the File Server (originating/initiated from the respective FB). The Keep-Alive mechanism sends one UDP keep-alive message every 30 seconds. If the FBD has not received any keep-alive message within 180 seconds.O U T O p e r a ti on 181 FileBank WAN-OUT Detection Mechanism The FB communication with the FBD comprises many connections between the two devices. FBD WAN-OUT Detection Mechanism The FBD Keep-Alive mechanism's purpose is to notify the FBD that it is maintaining a healthy communication with the respective FB. Cache When working in WAN-OUT mode. and are not replied by the FBD. These messages are unidirectional. This allows the FB to maintain end-user security permissions. the FB maintains its existing/open WAFS connections. detect a WAN-OUT event. Working with Files while in WAN-OUT Mode When a WAN-OUT event has occurred. all cache TTL timers are ignored.WA N .

This means that any files that were not opened by a specific user within 10 minutes prior to the WAN-OUT event initiation.1 Us er Gu id e . Any other access flags . Two possibilities are available: For a remote site with a local Domain Controller (the Domain Controller is still reachable by the accelerator while the site is in WAN-OUT mode): Users will be able to continue to work on the files opened at the time the link is lost. CREATE are denied. TRUNCATE. Ac ce ler at o rOS Ve rsi on 7.0 . so if one user has the file open. Only those files will only be accessible and will be limited to READ-ONLY permission.182 C h ap t er 5: Configuring and Managing WAFS File Access When an user tries to open a file. only the user who opened the file will be able to access it. For a remote site without a local Domain Controller (the Domain Controller is not reachable by the Accelerator while the site is in WAN-OUT mode): Users will be able to continue to work on the files opened at the time the WAN link is lost. READ ONLY (RO) access is granted (provided applicable security). DELETE. Copying a file to the Client’s harddrive is possible. File Security The way end-users at the RBO work when the FB is in WAN-OUT mode. or data are immediately responded with “Access Denied” by the FileBank. The file access is granted on a per-user basis. are blocked and the user will not be able to open them during the WAN-OUT period. Users that will need to save their work while the link is down would not be able to do it on Expand cache. but they will be requested to use an alternative local storage. Users opening files receive a notification as if they have a read-only permission to the file. the time frame granted to the users to access the cached share content stored on the remote accelerator is limited to the 10 minutes prior to the WAN-OUT mode initiation.such as WRITE. changes with respect to whether a Domain Controller is accessible to the FB. In WAN-OUT mode all operations that attempt to change a file. Users will be able to open files or folders that were previously accessed during the time frame defined in the AcceleratorOS (10 minutes). but another user does not. after a WAN-OUT. For security reasons. a file system structure. provided that the user has the applicable security to do so. along with all security and permission data.

WA N . . Replication files and Short-Term files When working in WAN-OUT mode. Replication (OSF) files and Short-Term (STF) files are treated as regular files. resulting in a situation where only a part of the files accessed by the RBO are now under ‘disconnection’. In this case. meaning they can be opened with RO permissions only. Partially Completed Transactions A disconnection event may occur in the middle of a transaction. but will need to use an alternative local storage. Partial Disconnection In some cases. following the necessary security checks on the file/user. Unless the FB receives an affirmative response from the FBD regarding the completion of the operation.O U T O p e r a ti on 183 Users that will need to save their work while in WAN link is down would not be able to do it on the Accelerator’s cache. WAN-OUT Known Limitations Printing is not supported while in WAN-OUT mode. it assumes the operation has not been successful and will switch to the WAN-OUT mode. A failure in one or several of these FileBank Directors is possible. the FB responds to the user as if the request was received in WAN-OUT mode. the system selectively enters the WAN-OUT mode for files from FileBank Directors that are disconnected and operates normally with files from FileBank Directors that have valid connection. No other files or folders can be opened from the shared cache on the Accelerator. As the FileBank has the notion of the origin of each file (namely: the specific FileBank Director that manages the file). a single FileBank is connected to multiple FileBank Directors at different physical locations.

using this name. even in cases of planned or unplanned downtime of the FileBank. Roaming Users Support—Further complicating the already challenging management of distributed organizations are roaming users who travel between locations. Expand becomes part of the DNS scheme in the organization.1 Us er Gu id e . and uses DNS to overcome challenges associated with the above requirements. Some key requirements of a global file system include: Common name space – the solution must be fully coherent with the existing naming convention used across different branch offices. DNS Masquerading Benefits Common Name Space—To ensure that users across the organization can seamlessly access directories at the Data Center. Expand uses DNS masquerading to ensure that roaming users have access to centralized data even when they move from one office to another. to branch offices with or without Expand FileBank. To ensure that remote office users continue to access the file server at the datacenter.184 C h ap t er 5: Configuring and Managing WAFS DNS Masquerading One primary objective of the Expand solution is to provide a truly dynamic global file system. Using DNS Masquerading. To meet these requirements. Direct Access on Failure—One of the most important features of any network device is that of fail over and high availability. The system should automatically redirect users to the nearest FileBank according to the user's current location. Expand must anticipate and overcome challenges introduced by common network issues and user usage patterns. regardless if their individual office uses FileBank. Expand supports DNS Masquerading. Each time the user Ac ce ler at o rOS Ve rsi on 7. Expand uses DNS masquerading to redirect users directly to the file server over the WAN. To ensure that data is always accessible across the distributed organization. Roaming user support – supports mobile users travelling between different branch offices. For example.0 . Expand supports common name space conventions with and without the device. a file server named “efs” should be accessible. Direct access on failure – users in branch offices should be able to access the file server at the data center should the FileBank at their location become unavailable.

6. 4. Domain name table and Static host table ii NOTE: Configuring the NetBios domain name should be carried out via WAFS CLI. the DHCP server pushes a new DNS server list. DNS Masquerading Configuration To configure DNS Masquerading: 1. Select the DNS option. If the office uses FileBank.D NS Ma sq ue rad i ng 185 reboots or wakes the computer from hibernation. 2. In the Setup screen. In the Services screen go to the DNS Acceleration tab. Set the DNS Masquerade status to Enabled. Fill-in the relevant details in the Servers table. Set the IP domain lookup table status to Enable. Figure 47: DNS Configuration 5. the FileBank will be listed as the primary DNS as described above. Fill-in the relevant IP Address (the FileBank IP Address) and Host Name (Fully qualified domain name) . go to the Networking tab. 3.

In the Services screen go to WAFS.186 C h ap t er 5: Configuring and Managing WAFS Figure 48: DNS Acceleration 7. Ensure that the virtual server name includes no prefix. the WAFS details should be similar to the following: Ac ce ler at o rOS Ve rsi on 7. suffix or alias. 8.1 Us er Gu id e . In the WAFS Management screen select System>Setup wizard. and is identical to the file server name.0 . Click on WAFS Configuration. At the end of the process.

Do not define any additional DNS servers. (for example: www.D NS Ma sq ue rad i ng 187 9. the client continues to be connected to the original Fileserver. consider defining a DNS alias to be used for accessing the file server at the datacenter and the virtual file server at the branch office. Open the command prompt window. DNS masquerading is automatically turned off when there are no active virtual servers to initiate switching to a secondary DNS server. The proper IP address should be returned.com). Do not use the DNS Masquerading option from the Additional Services menu. 4. Use the WAFS CLI to verify that spnego option is on. 2. The nslookup should report the FileBank as the primary DNS server. Testing —DNS masquerading can only be tested when there is an active virtual server. Add an alias to the DNS server called efs1. When the FileBank is up. The IP address of the FileBank should be returned. At the command prompt. General—If you use the domain controller as the file server. the client is immediately connected to the Fileserver. 3. On the FileBank Director add the file server efs1 (use the command cifs export efs1). (using the _auth spnego on command). When the FileBank reboots.cnn. You are advised to reboot the client after the configuration To use a local client for testing DNS masquerading: 1. For example. This setting is essential in order for DNS Masquerading to function correctly. There is no need to change the primary DNS server. perform an nslookup.demo. Update the list of DNS servers configured on the client so that the FileBank is configured as the primary DNS server. 5. Issue an nslookup request for an existing virtual server (for example: dsefs. which points to the same IP address as dc1.com). you have a domain controller called dc1 that is also used as the file server. Ensure that no prefix or suffix is defined on the FileBank (see above). Do not change any settings on the client. Switching to and from FileBank Changing the TTL of the file server DNS record—The time is takes for the client to switch between the primary DNS and the secondary DNS servers depends on the TTL of the file server DNS . Issue a request to any other name recognized by the central DNS server.

aspx?scid=kb.microsoft. Refer to Microsoft Knowledge Base for more information http:// support.com/default. The DNS client service does not revert to using the primary DNS server—The Windows 2000 Domain Name System (DNS) Client service (DNSCache) follows an algorithm when it decides the order of the DNS servers configured in the TCP/IP properties.286834 CIFS session time out—In some cases. You should set the TTL of the file server record to the minimum in order to shorten the fail-over time.1 Us er Gu id e . The time this takes is influenced by the session time out on the EFS. and can be configured by using the following command on the Windows file server: net config server /autodisconnect:<minutes> Ac ce ler at o rOS Ve rsi on 7.0 .EN-US.188 C h ap t er 5: Configuring and Managing WAFS record. the client will fall back from the EFS to the FileBank only after its CIFS session with the EFS terminates.

and describe any problems with the FileBank Director device. which are as follows: Running System Diagnostics.Monitoring WAFS Functionality This section describes the Utilities options. and troubleshooting purposes. the log file is saved in a default system location. . The results of the test are displayed in the Results area of this screen. To start the test. on page 189 M o ni t or in g WAF S Fu n ct io n al it y 189 Running System Diagnostics The System Diagnostics screen lets you run a diagnostic test on the FileBank Director device to ensure that the device is working properly. Generating a log archive may take several minutes. optimization. click Run Diagnostics. Figure 49: System Diagnostics Viewing Logs The Logs screen lets you generate activity logs of the FileBank Director for monitoring. on page 189 Viewing Logs. and a link to the log archive appears in the Log Archives section of the screen (newest on top). When finished.

190

C h ap t er 5: Configuring and Managing WAFS

Figure 50: Logs screen

Ac ce ler at o rOS Ve rsi on 7.0 .1 Us er Gu id e

Troubleshooting
In this troubleshooting section it is assumed that: configured

Tro ub le sh o o ti ng

191

1. A complete end-to-end Expand WAFS installation has been set up and 2. Devices are connected to the network (L1, L2) correctly and the right network (L3) settings have been applied

Troubleshooting Tools
Internal Diagnostics: An automated internal utility that provides an immediate indication of the Expand device performance and issues. This is the first tool that should be used when troubleshooting is necessary. You should run this tool at both branch and data center ends. For details, see Running System Diagnostics, on page 189 (FileBank), and Running System Diagnostics, on page 189 (FileBank Director). Logs: The internal system logs that can be viewed, archived and uploaded. For details, see Viewing Logs, on page 189 (FileBank) and (FileBank Director). Statistics: An internal tool that provides FileBank service statistics (see DNS Masquerading, on page 184). Status: The status CLI command reports on the current system running status. General Network Utilities: Ping, traceroute, ttcp, ifconfig, route, and netstat.

Networking
No route/connection to the Expand devices Check that the device is operational and is connected correctly to the network (both Ethernet cable ends should be firmly in place). Verify that the green light at the cable socket of each side is on. Verify that network settings are correct, by examining the output of the ifconfig CLI command. Pay particular attention to IP address and netmask.

192

C h ap t er 5: Configuring and Managing WAFS

Use the route CLI command to verify that routing tables are correct. Try to ping a machine in the same subnet (typically the gateway, depending on your network topology). No route/connection to the Domain Controller (authentication server) Use the domain controller's IP address to check connectivity. If this fails, refer to the previous section and correct networking/routing problems. Verify the name set for the authentication server. Use the CLI authsrv command, or the relevant Web Interface page. Try to ping the domain controller by its name. Failure to do so indicates a name resolution issue. To resolve this issue, either add the domain controller to the static hosts list (using the hosts add CLI command), or verify correct DNS settings. Ensure that you have applied valid DNS servers. Use the CLI prompt command dns, or the relevant web interface page, to assign/delete/list DNS servers. Ensure that you have added the DNS suffix required to complete the FQDN of the authentication server. Use either the CLI prompt command dns search, or the relevant web page, to apply the required suffix. If the FileBank has not been configured with DNS servers, add the authentication server name under the static hosts. Use the hosts CLI prompt command, or the relevant web interface page, and repeat a connectivity check to the authentication server. No route/connection to Fileserver(s) Ensure that you have correctly defined the server(s) that needs to be exported by FileBank Director. Verify that the file servers’ NetBIOS names are the names you have defined to be exported by FileBank Director. Try to ping the file server's NetBIOS names. Failure to do so indicates a name resolution issue. Verify correct DNS settings, including DNS search path. Alternatively, use 'hosts' static entry to add them to the list, as described in the previous section. FileBank Director cannot access the file server on port 139 or 445 FileBank Director requires active ports 139 or 445 on the fileserver. If port 139 (SMB over NetBIOS) is disabled, enable the NetBIOS port as follows: browse the

Ac ce ler at o rOS Ve rsi on 7.0 .1 Us er Gu id e

Tro ub le sh o o ti ng

193

file servers TCP/IP network properties, select the Enable NetBIOS over TCP/IP checkbox and apply changes. If NetBIOS is to remain disabled on the fileserver, please consult the Expand support team support@expand.com for additional configuration settings. No route/connection from FileBank to the FileBank Director Expand utilizes TCP connection to transfer the data between FileBank and FileBank Director. The UDP port is set to keep alive acknowledgements between the two. Connection ports between FileBank and FileBank Director are set by default to 80. Ensure that the connection ports between the FileBank Director and the FileBank match each other. Use the FileBank Director CLI listenport command, or the relevant web interface page, to verify/alter listen ports. Use FileBank CLI fport command, or the relevant web interface page, to verify/alter connection ports. Ensure that the designated ports (UDP and TCP) are opened on the firewall (if applicable), and that corresponding settings are applied. Check MTU (Maximum Transfer Units) consistency along the network path. This check is especially needed with DSL connections. Inconsistency may result in lack of communication. Test different values for MTU using ifconfig CLI command. Try to reduce the MTU gradually, and find the largest MTU value that works for you (ping to verify). If the problem persists, contact Expand support at support@expand.com for additional information.

Windows Domain Join
Failed to join FileBank to the domain FileBank must be joined to the domain just like any other domain resource. When joined correctly, it appears as a resource object in the active directory. Verify that the correct domain name is set, and a route to the authentication server (DC) is assigned. Use CLI commands authsrv and domain, or the relevant web interface page, to apply settings correctly.

194

C h ap t er 5: Configuring and Managing WAFS

The user that is entered upon joining the domain must have adequate permissions on the domain to join computer objects. Ensure that the hostname of the FileBank is a valid NetBIOS name, and does not exceed 15 characters. If necessary, redefine the hostname and rejoin the FileBank to the domain. If the problem persists, contact Expand support at: support@expand.com.

Service
System status: “Not Running” Verify the system was started, and try to start it again using restart CLI command. Run the status CLI command, and check reported errors in command output. Run the diagnostics CLI command, and check reported errors in command output. Ensure that the AcceleratorOS license is installed and valid. If the problem persists, contact Expand support at: support@expand.com System is running, no virtual servers appear on FileBank Run the diagnostics CLI command on the FileBank Director to verify connectivity to the file server/s, and that FileBank Director is able to read file server shares. If FileBank Director cannot read shares, verify the existence of shares by accessing the file server directly from a workstation (namely, not via Expand), and define a share listing user (when necessary) using the FileBank Director cifs user CLI command. Run the diagnostics CLI command on FileBank to verify connectivity to FileBank Director. Run the gns refresh CLI command on FileBank. Verify that the defined connection ports associated with the various FileBank Directors match the FileBank Directors’ listen ports (the listen port can be explored at the FileBank Director end, by issuing the listenport CLI command or the relevant Web Interface page). Verify that no firewall is blocking the FileBank Director/FileBank connection ports. Workstations cannot connect to FileBank virtual server(s)
Ac ce ler at o rOS Ve rsi on 7.0 .1 Us er Gu id e

Tro ub le sh o o ti ng

195

1)Name Resolution Issues

Possible Error Messages
Network name no longer exists The network path was not found Start troubleshooting by verifying virtual server name resolution. Clients connecting to FileBank virtual server/s require NetBIOS name resolution. Ensure that the client can resolve the virtual server NetBIOS name by using at least one of the following options: Broadcast on the same LAN segment WINS entry Local workstations settings (LMHOST/HOST files) DNS entry (a reverse entry is also needed) ii NOTE: A DNS entry can be used when the FileBank exports only one virtual server, If the FileBank exports more than one virtual server, the Expand DNS masquerading feature can be utilized to support a DNS resolution (see also section must be in Active mode and set to version 2 for RIP Route Injection to operate. For more information, see section DNS Masquerading, on page 184. Permissions and domain trust issues

Access denied
Continue troubleshooting by verifying user permission to access the central server resource, and the existence of necessary domain trust when applicable. Try to connect directly to the central file server (meaning, not via Expand) by using the same domain user. Run the diagnostic command via CLI or the web interface, to validate that FileBank is joined to the domain. Verify that FileBank is joined to the correct domain. If the FileBank is joined to a different domain than the centralized file server, ensure that a trust exists from the central domain to the FileBank domain. Cache pre-population failure Examine the errors in the fetch log. Validate the correctness of the path given to the fetch job. From a workstation browse directly to the FileBank giving the same fetch job path.

196

C h ap t er 5: Configuring and Managing WAFS

i i

Note: Fetch paths are case-sensitive. Ensure that a valid domain user is assigned to all fetch jobs. From a workstation, log in as the same user defined in the fetch job, and browse directly to FileBank. Verify that this user has read credentials by trying to read a file whose fetch has failed, according to the logs. If DFS is in use, ensure that the fetch job path is not a DFS path (namely, //<virtual server name>/<DFS root>/<path>), but instead points to the linked virtual server (namely, //<virtual server name>/<share name>/<path>). To view the FileBank virtual server names, use the CLI status command or the relevant web interface page. Replication failure The replication service requires the definition of a replication user. The replication user must have read and write permissions on the paths where files are to be replicated. The same replication user should be used for both FileBank Director and FileBank. Ensure that you set a valid domain user as the replication user. From a workstation, log in as the replication user, and browse directly to the FileBank. Verify that this user has read and write credentials by copying files to a replication folder. Validate the defined replication paths. From a workstation, browse directly to the FileBank, using the defined replication UNC path(s). If DFS is in use, ensure that the replication paths are not DFS paths (i.e. //<virtual server name>/<DFS root>/<path>), but instead point to the linked virtual server (namely, //<virtual server name>/<share name>/<path>). To view the FileBank virtual server names, use the CLI status command or the relevant web interface page. Some of the DFS shares/folders are inaccessible Find the physical server name that contains the inaccessible shares/folders. Ensure that it appears in the exported file server list (using FileBank Director cifs show CLI command or via FileBank Director web interface).

Ac ce ler at o rOS Ve rsi on 7.0 .1 Us er Gu id e

Tro ub le sh o o ti ng

197

Performance
If the Expand network environment has not been deployed/configured correctly, users may experience the following problems: Long delays while opening and saving cached files (WAN like) Mapped network drive disconnections Network Interfaces View the NIC settings (use the CLI command ifconfig). Verify that no errors have accumulated on the interface. Errors may indicate a duplex/speed mismatch. Check the Switch/Hub port settings to which the Expand device is connected. The port settings must match the NIC settings of the Expand device. In the case of a mismatch, use the CLI command ifconfig to force settings on the NIC, such as the auto-negotiation mode, speed and duplex settings. For optimum performance, ensure that the Link supports 100Mbps FD settings. Quality of Service (QoS) Branch offices that utilize QoS should prioritize the DSFS protocol between FileBank and FileBank Director. This will generally result in an immediate and marked improvement in user experience. The protocol uses by default port 4049, but for QoS you are advised to use a different, distinguishable port. You can change protocol port by using listenport/fport commands on the FileBank Director/ FileBank respectively. Ensure that you change all communicating devices at the same time. Route Investigate the route legs along the communication path from a workstation to the FileBank to the FileBank Director, terminating at the file server. Network location Ensure that there is no significant latency (latency greater than 1ms) between the FileBank Director and its associated file servers. Improved performance may be achieved if the file servers and the FileBank Directors reside on the same LAN segment. Ensure that there is no significant latency (latency greater than 1ms), or any link mismatch, between the FileBank and the workstations. Improved performance may be achieved if the workstations and the FileBank reside on the same LAN segment Bandwidth issues

198

C h ap t er 5: Configuring and Managing WAFS

Use the ttcp command (for more details, refer to the Expand CLI Reference Guide) to check the available bandwidth between the FileBank and the FileBank Director. Ensure that you compare both directions (the FileBank should be the Client at the first check, the Server at the second). This check can reveal bottlenecks and bad settings along the network path. Name resolution: Failover (WAN) issues Several name resolution techniques, such as DNS masquerading and DFS, can add seamless failover capabilities to the Expand solution. For more details see section DNS Masquerading, on page 184. With DNS masquerading in place, in the case of a failure, workstations are automatically switched to resolve the virtual server name as the centralized file server name. Failover lets the user continue to work without interruption, though there may be a deterioration in user experience. Ensure that workstations resolve the correct virtual server name. You are advised to execute the nslookup command from the workstations command prompt, giving the virtual server name as a parameter. Verify that the IP returned is the same as the IP of the FileBank. Ensure that FileBank is defined as the workstation's primary DNS (use ipconfig /all at the workstation command prompt).

To regain the correct name resolution of the virtual server, execute the following steps from all workstation involved in the failover:
1. From each workstation's command prompt execute the following commands (you may want to aggregate the scenario in a batch process during workstations boot): ipconfig /flushdns nbtstat –R nbtstat –RR 2. Validate that the IP of the FileBank is returned upon querying the virtual server name (use the nslookup command). 3. If the problem persists, contact Expand support at: support@expand.com.

Ac ce ler at o rOS Ve rsi on 7.0 .1 Us er Gu id e

Tro ub le sh o o ti ng

199

Advanced Expand Services
DHCP Services
When FileBank acts as a branch level DHCP, FileBank’s network settings must all be static (DNS, NTP, IP, routes, DNS search path and so on). DNS lookup failed after defining a DHCP service Define a valid FQDN extension for the DHCP server.

DNS Services
Workstations cannot browse the Internet or network mapping when using the FileBank as a DNS proxy Verify that DNS masquerading is running (for more details see DNS Masquerading, on page 184). Ensure that the FileBank is defined as the workstation's primary DNS (use ipconfig /all at the workstation command prompt). Use the CLI dns command (or the relevant web interface page) to verify that the primary corporate DNS server is properly set on the FileBank. DNS lookup failed for branch workstations Ensure that the FileBank is defined as the primary DNS for that client, and that a secondary DNS points to an corporate DNS. Use the CLI prompt dns command (or the relevant Web Interface page) to verify that DNS servers are set onto the FileBank. Ensure that a search path (DNS suffix) is configured for the workstations. Duplicate IP error appeared when connecting in file server Error message: System error 52 has occurred: A duplicate name exists on the network. Global Name-Space support (exported virtual servers equals file server alias name): DNS masquerading might generate this error. To resolve, see Microsoft Knowledge Base 281308 http://support.microsoft.com/default.aspx?scid=kb;enus;281308.

200

C h ap t er 5: Configuring and Managing WAFS

Ac ce ler at o rOS Ve rsi on 7.0 .1 Us er Gu id e

Chapter 6: Applying QoS
This chapter describes the procedures necessary for configuring the Accelerator’s QoS plug-in. The QoS plug-in lets you prioritize traffic traversing the Accelerator network. The chapter is divided into the following basic sections: Accelerator QoS, on page 202 Carrying Out Basic QoS Configuration, on page 214 Working with Applications, on page 215 Viewing QoS Rules, on page 229 Setting QoS Rules, on page 229 Making Decisions for Specific Applications, on page 235 External QoS, on page 237 QoS Troubleshooting, on page 238 i Note: QoS settings take effect when there is congestion. Any minimum bandwidth guaranteed to a traffic type is set aside for this type of traffic only if enough of this type of traffic traverses the line.

202

C h ap t er 6: Applying QoS

Accelerator QoS
QoS, or Quality of Service, is designed to help manage traffic across the network in order to combat the congestion, latency and greedy and rogue applications that all contribute to poor application and network performance. Organizations need to be able to allocate bandwidth to mission-critical applications, slow down non-critical applications, and stop bandwidth abuse in order to efficiently deliver networked applications to the branch office. This section contains the following topics: About QoS, on page 202 How to Know What is on Your Network, on page 203 How to Prioritize Applications, on page 203 Studying the QoS Solution, on page 203

About QoS
QoS (Quality of Service) is a general term for the control mechanisms that can assign different priorities to different users, applications, or data flows. These control mechanisms or priority levels guarantee a certain level (or quality) of performance of the data flow (service) and simultaneously addresses the requests from the application. Quality of Service guarantees are important if the network capacity is limited, especially for real-time multimedia streaming applications, such as VoIP and IPTV. Such applications often require a fixed bit rate, are delaysensitive, and cannot tolerate packets dropping or being delivered in the wrong order. You can use the QoS feature to prevent such factors and to accelerate packets passing through the Accelerator based on your policy and reservation criteria. QoS allows you to maximize the bandwidth you pay for more effectively. The key to managing the traffic and achieving bandwidth effectiveness, is closely tied to your knowledge of the type of traffic that is on your network and to the demands of your users.

Ac ce ler at o rOS Ve rsi on 7.0 .1 Us er Gu id e

Ac ce le rator QoS

203

How to Know What is on Your Network
The Accelerator’s traffic detection, or sniffing, feature lets you obtain a complete picture of your bandwidth use. Traffic is classified according to hundreds of predefined applications, and statistics are gathered as to how much of each traffic type is traversing (or clogging) your network. Often you may find that the applications that should be receiving the most bandwidth are in fact being slowed down by bandwidth-greedy applications that are secondary, or even unwanted and potentially harmful.

How to Prioritize Applications
Once you know which applications are on your network and how they affect your traffic flow, understanding the building blocks of QoS is essential in order to prioritize applications correctly. Traffic shaping is accomplished primarily by guaranteeing or limiting the amount of bandwidth an application can receive, and by prioritizing applications. Setting a Minimum Bandwidth desired allocates a certain amount of bandwidth for a specific application during periods of congestion. You should set desired bandwidth for mission-critical, time-sensitive applications such as VoIP, which needs 8 to 16 Kb allocated throughput to function. Setting Maximum Bandwidth limit puts a ceiling on the amount of bandwidth that an application can consume. This is useful for bandwidth-greedy applications such as FTP or P2P, to limit the amount of bandwidth they consume. Additionally, you can allocate bandwidth proportionately among applications by setting the priority to Low, Medium or High. You can give critical traffic a higher priority than all these by setting it to RealTime. To prevent the flow of undesired traffic on the network, set it to Blocked. Applications that you may want to prioritize include VoIP, Citrix and video conferencing.

Studying the QoS Solution
The powerful QoS solution was designed with simplicity of management in mind. Traffic is automatically categorized into application classes - the Accelerator arrives with hundreds of applications predefined in the system. This makes it easier to generate a picture of exactly what is traversing the network, in order to then decide

204

C h ap t er 6: Applying QoS

what should be traversing the network. Once a clear picture of the current network and the ideal network is attained, easy to understand shaping policies like “realtime” or “block” govern the flow of traffic. The Accelerator’s QoS mechanism is single-sided, in that it can also work across a Virtual Link, in which the Local Accelerator does not work opposite a Remote Accelerator. For a complete explanation as to how the QoS mechanism functions and is implemented, see Setting QoS Rules, on page 229. For additional QoS Benefits see the following: Automatic Traffic Discovery, on page 204 End-to-end application performance monitoring, on page 205 Transparency to existing QoS infrastructure, on page 205 Priority treatment for critical applications, on page 205 Guaranteed bandwidth for specific applications, on page 205 Restricting rogue and greedy applications, on page 205 Seamless integration with compression, on page 205

Automatic Traffic Discovery
Accelerators automatically discover and classify hundreds of enterprise applications based on Layer-3 (IP), Layer-4 (TCP, UDP, and so on) and even Layer-7 parameters including web URLs, MIME types (for example: streaming audio) or Citrix (published applications over ICA). The default list of applications that can be discovered include:
• • • • • • • • • • • • • • cups discovery h225 discovery h245 discovery im-aol-icq discovery im-jabber discovery im-msn-messenger discovery im-qq discovery im-skype discovery im-yahoo discovery lotus-notes discovery mapi discovery mms discovery msn-messenger-video discovery p2p-bittorent discovery • • • • • • • • • • • • • • p2p-directconnect discovery p2p-edonkey discoveryp2p-gnutella discovery p2p-kazaa discovery p2p-soulseek discovery p2p-winmx discoveryq931 discovery rtcp discovery rtcp-h323 discovery rtcp-sip discovery rtp discovery rtp-h323 discovery rtp-sip discovery rtsp discovery sip discovery skinny discovery

Ac ce ler at o rOS Ve rsi on 7.0 .1 Us er Gu id e

Ac ce le rator QoS

205

End-to-end application performance monitoring
Accelerators provide complete network visibility and enable speedy response to application performance changes on an enterprise-wide scale with end-to-end monitoring and dozens of reports.

Transparency to existing QoS infrastructure
Accelerators are transparent to router-based QoS implementations by honoring and preserving priorities set on traffic flowing through them. Advanced networking features such as router-based QoS rely on IP packet header information to be effective. The Accelerators preserve packet header information and compress only the payload that integrates seamlessly with advanced networking features such as router-based QoS, load-balancing, WAN monitoring and MPLS tagging.

Priority treatment for critical applications
Accelerators enable important and urgent application traffic to get priority treatment with advanced traffic shaping for both inbound and outbound traffic. Packet fragmentation assures that VoIP/video latency budgets are not violated by large data packets, while packet aggregation ensures higher WAN capacity and stabilizes jitter.

Guaranteed bandwidth for specific applications
Accelerators can reserve bandwidth for specific applications. This guarantees that you can allocate delay-sensitive traffic such as VoIP a minimum amount of bandwidth to ensure optimal voice quality even when WAN links are congested or oversubscribed.

Restricting rogue and greedy applications
Accelerators restrict greedy applications like file sharing and Internet audio streaming to a maximum bandwidth budget in order to guarantee that other important applications are not bandwidth-starved. Traffic bursts allow applications to take advantage of free capacity if available.

Seamless integration with compression
When compression is enabled, the QoS mechanism automatically adjusts to account for the extra available bandwidth created when traffic is compressed. In the Accelerator, rule limit and desired shaping are applied to traffic before it is compressed. However, link shaping (bandwidth for the link and the WAN) is applied

1 Us er Gu id e .206 C h ap t er 6: Applying QoS to traffic after the traffic has been compressed. decision trees and other advanced features. Ac ce ler at o rOS Ve rsi on 7. not the physical link usage. because the important result is enduser experience.0 . While basic traffic management is simple via the My Applications menu. you can program complex QoS with nested rules.

on page 209 i Prerequisites Follow these steps before working with QoS: 1. on page 209 How Traffic Shaping is Applied. on page 207 Understanding QoS Rules. and passes them to the Accelerator’s compression mechanism. This section contains the following topics: Prerequisites. and instances in which limiting or blocking incoming traffic is desired. i Note: While the Accelerator enables the same QoS capabilities on inbound and outbound traffic. to get an accurate QoS shaping you are advised to modify the bandwidth setting to its actual rate. on page 209 Studying QoS Bandwidth Allocation. Note: Using inbound traffic shaping when the remote Accelerator uses outbound traffic shaping is not recommended. the inbound shaping may have only a partial effect on the traffic. The default bandwidth set for the default WAN is 100 Mbps (fast Ethernet). in such a case. Incoming traffic shaping is useful for non-links and virtual links. for example blocking P2P traffic or limiting incoming Internet traffic. on page 208 How Traffic Filtering is Applied. However. For . The QoS mechanism automatically adjusts the throughput it transmits to account for the extra available bandwidth created when traffic is compressed. This bandwidth setting assumes the largest possible bandwidth so that the Accelerator does not limit its throughput over the WAN due to a WAN bandwidth setting lower than the actual bandwidth.How QoS Works H o w Q o S Wo r k s 207 The Accelerator’s QoS mechanism receives packets from the LAN. 2. most QoS is accomplished on outgoing bandwidth only. Set an accurate Bandwidth for the WAN. This setting ensures that all traffic shaping applied is relative to the actual physical bandwidth on the WAN pipe.

and ensures that the Accelerator does not waste resources attempting to process these packets. You must set the bandwidth of each link on the WAN. Shaping is crucial for ensuring application integrity . and how the application is treated by the Accelerator. Understanding QoS Rules The Accelerator’s QoS works on the basis of rules. and that other important applications are not starved completely. it is useful to understand the hierarchy that determines the order in which the QoS mechanism implements traffic shaping rules.that critical traffic applications get the bandwidth they need. The number of rules you can create is unlimited. and setting the CoS (Class of Service priority) and ToS (Type of Service) values for the application. either the original ToS value or a newly defined ToS value. For example. protocol number. Filters are generally Layer-4 definitions such as port number. To fine-tune traffic management. see Performing Setup via the Wizard. setting a limit on how much bandwidth an application can consume (to avoid starvation of other applications). The traffic shaper defines how to handle the traffic filtered into this application: what priority the application receives. While these rules are transparent to the typical user and are not mentioned in the My Applications screen. and can contain a marker.0 .208 C h ap t er 6: Applying QoS more information on setting WAN bandwidth see Performing Setup via the Wizard.QoS Menu in the Rules Table. 3. You can modify and add traffic type and port number for applications that already exist by default in the Accelerator. and traffic type. you can create a rule that you can view and modify via the Services . Shaper Marking Ac ce ler at o rOS Ve rsi on 7. An application in the Accelerator can include a marker per application. Rule Filter Description The Filter defines what kind of traffic qualifies as part of an application. on page 22.1 Us er Gu id e . a shaper. This also means that you can set each application type to be Not-Accelerated or NotTunnelled. This is particularly useful for applications like HTTPS or Encrypted Citrix. whose packets do not compress. You can save the ToS marking on the rules. as well as defining new applications. Shaping the traffic enables setting a desired (or guaranteed) amount of bandwidth to be preserved for a specific application. the application FTP is defined by the traffic type TCP and the port number 20. for each application defined in the My Applications screen. Rules define how QoS controls applications (streams or sessions). Rules are built out of a filter. For more information on setting the Link Bandwidth. on page 22.

the application is handled. another application cannot be created on port 20 (or including port 20). the 2062 traffic will be handled first. it is often important to understand which shaping carries the greatest weight and is related to first by the QoS mechanism. Another example of higher specificity is when one application defines Layer-7 values and another application with the same priority order defines values only up to Layer-4 values. for example: a TCP application could exist and be set to include traffic over-IP protocol 6. In a complex QoS setup. In the above example. Studying QoS Bandwidth Allocation The QoS mechanism allocates bandwidth as follows: . despite the fact that it may match other applications as well (this is called overlapping traffic). However. are filtered according to application type. In this case. until a match is found. For example. if the FTP traffic is set to 200 (the default) and TCP is given an order number of 100. the Priority Order number given to an application (or rule) determines which application rule governs overlapping traffic. as well as new traffic applications created (see Working with Applications. If the two applications are set with the same order priority. the Layer-7 application shaping will be applied to the traffic. if two applications have a priority of 210. applications can overlap at the Layer-3 level. on page 215). Incoming traffic is matched against the applications one at a time.H o w Q o S Wo r k s 209 How Traffic Filtering is Applied The QoS mechanism contains dozens of preconfigured traffic applications (that can be modified and shaped as needed). but one application is created for all traffic in ports ranging from 2020 to 2060 and the other application is created for traffic on port number 2062. How Traffic Shaping is Applied The QoS mechanism works in a hierarchical fashion. Once a match is found. All preconfigured traffic applications. starting with the application with the highest “Priority Order” number. Applications cannot overlap at the Layer-4 level. all FTP traffic is treated according to the definition of TCP. This means that because Application FTP is set on TCP port 20. applications are matched according to the highest level of specificity first.

the bandwidth set for a link can never be exceeded. i Note: Peer oversubscribing is allowed. Diagnostic Mode Traffic Traffic set with a priority setting of Diagnostic Mode overrides the QoS mechanism. All further application QoS decisions are based on the WAN bandwidth. and bandwidth is left over for other links. Diagnostic Mode traffic is forced to override the QoS mechanism. the lower priority traffic on the other link could be starved. then the link does not exceed this portion. you can set 10 links at 256 Kbps each. limiting the amount of the total throughput of the WAN available to a particular link. if one link has high priority traffic. All Application decisions based on a particular link are bound by this bandwidth. Bandwidth Limits Maximum bandwidth limits set for applications are honored and the traffic throughput is limited according to this setting. the bandwidth set for the WAN is honored. However. Like the WAN bandwidth setting. The Diagnostic Mode Traffic setting should be used only in emergency cases. Link Bandwidth You can set the bandwidth of the Link with a maximum value. and the bandwidth will be distributed relatively to all links according to the QoS mechanism. if the WAN bandwidth is T1 (1. Ac ce ler at o rOS Ve rsi on 7.210 C h ap t er 6: Applying QoS WAN Bandwidth First. This means that if the WAN bandwidth is 128 Kbps. For example.0 . where an application is not responding to the QoS mechanism. and Link 1 is set to 128 Kbps and Link 2 is set to 128 Kbps.5 Mbps). The bandwidth set for the links is divided by the WAN according to the priority of the traffic coming across the links.1 Us er Gu id e . if the Link bandwidth is set to a portion of the WAN bandwidth. Diagnostic Mode traffic has all the bandwidth of the WAN at its disposal and supersedes all other traffic and all other QoS settings.

H o w Q o S Wo r k s 211 Bursts In addition to the hierarchy. the limit of 16 Kbps is enforced on FTP. and when there is traffic. all applications set to Desired receive their guaranteed bandwidth. with the desired bandwidth applications reserving the first piece. rule limit and desired shaping are applied to traffic before it is compressed. meaning that if the WAN bandwidth is 1 MB. i Desired Bandwidth Minimum bandwidth Desired set for applications is allocated to all applications on which a desired minimum bandwidth was set. after all bandwidth is allocated. is kept. you have to ensure that the default setting on the WAN. like a cake. If there is not enough bandwidth for numerous high priority applications that were guaranteed a desired bandwidth. in a 64 Kbps link. while link shaping (bandwidth for the link and the WAN) is applied to traffic after the traffic has been compressed. if. if on a 64 Kbps link FTP is limited to 16 Kbps. The WAN Burst parameter also lets you set a maximum burst bandwidth. they will receive it before low priority applications that were guaranteed bandwidth. there is spare bandwidth. the desired bandwidth will be divided proportionately between those applications. this application uses all spare bandwidth even if it is set to ordinarily have a maximum bandwidth limit. By default the WAN bursts are allowed to use the entire WAN bandwidth. which allows bursts. i Note: QoS settings take effect when the WAN link is full. with burst allowed FTP will be able to use the entire 64 Kbps if no other traffic traverses the link. To allow bursts on applications. and an application is set to allow bursts. the applications will divide up the 64 Kbps plus the Acceleration percentage. Note: In the Accelerator. When there is congestion. if high priority applications are guaranteed bandwidth. In certain environments. As long as no congestion exists. For example. Any limitations and guarantees placed on traffic apply only if not enough bandwidth exists for all traffic to flow freely. For example. . This is true even for low priority applications. lowering the WAN burst by up to 10% may be useful in order to protect the line from congestion caused by bursts. you can set the WAN burst to limit burst traffic to 900 Kbps in order to avoid maximum utilization situations because of burst traffic.

All lower priority traffic types wait until there is free bandwidth. then to high. While the Minimum bandwidth desired is allocated hierarchically according to the application priority (first to real-time. rather high traffic transmits at a faster rate. If a chatty/ bandwidth-greedy application constantly transmits traffic.0 . average priority traffic waits longer than the high priority and low priority traffic waits longer than the average traffic to be sent. thus starving all lower priority applications (unless a Minimum bandwidth (desired) was set for them). High priority traffic waits the shortest amount of time before waiting to be sent. then to average. these 800 Kbps will be allocated to HTTP traffic and the remaining 200 Kbps is divided proportionally between the VoIP application and the HTTP traffic. For this reason it is important to use the Minimum bandwidth desired setting carefully. Priority The relative QoS priority set to the application is considered and bandwidth is divided proportionally among the applications as follows: Block Blocked traffic is discarded. and HTTP traffic receives low priority. but a minimum desired bandwidth setting of 800 Kbps. Setting a desired bandwidth for a low priority application ensures that the application receives some small amount of bandwidth even when the high priority applications are consuming the bulk of the bandwidth. Real-time Traffic set to real time receives “strict priority”. and so on). it is possible that no other application will receive bandwidth (except those set with a Minimum bandwidth (desired)).1 Us er Gu id e . For this reason it is important to use the Real-time setting with great care. This means that as long as real-time traffic is traversing the network it will receive the entire bandwidth. High/Average/Low: High. the desired bandwidth setting is handled before relative spare bandwidth distribution among prioritized applications. This does not mean that high priority traffic transmits completely before average traffic starts transmitting. average and low traffic priorities divide the bandwidth that is still available (after desired and real-time traffic) in a proportional method based on time. For example: If VoIP is prioritized as high priority traffic on a 1 Mbps connection. Ac ce ler at o rOS Ve rsi on 7.212 C h ap t er 6: Applying QoS Desired bandwidth is useful especially to prevent starvation of lower priority applications.

i Note: Traffic that waits too long to be transmitted is discarded as obsolete so as not to cause application problems by transferring stale packets. average priority traffic receives bandwidth only if no high priority traffic exists. it can cause starvation up to the bandwidth allocated using the “desired” setting. The Difference Between Real-time and Desired? Realtime gets the highest priority. setting the relative importance between the applications without causing starvation. you can set the WAN to handle QoS according to “strict-priority. If there is constant high-priority traffic.H o w Q o S Wo r k s 213 Setting the priority to high/average/low is appropriate for most traffic types. Guaranteed bandwidth is not touched by applications because of their real-time priority setting. .” This would set the priorities to act deterministically rather than proportionally: high priority traffic receives all the available bandwidth (after desired and real-time traffic). the default desired setting allocates a minimal amount of bandwidth (1 Kbps) by default. In advanced configuration. Because “desired” is useful to protect lower priority applications from being starved. and so on. average and low priority traffic are starved completely.

on page 222 Creating Web Applications. on page 224 Creating Remote Desktop Services.0 . ssh. smtps. on page 226 ! ! Ac ce ler at o rOS Ve rsi on 7. ircs. which is populated by all traffic types detected on your network. nntps. i Note: In a non-link environment.214 C h ap t er 6: Applying QoS C arrying O u t B a s i c Qo S Con f igu ra tio n Basic QoS configuration is accomplished via the My Applications menu. and to set basic traffic shaping parameters for predefined and user-defined applications . ftps-data. ftps.how should the network prioritize and handle each application. CAUTION! By default. ldaps. on page 222 Creating Citrix Applications. sshell. imaps. This menu lets you create new. on page 216 Editing an Application. on page 217 Layer-7 Applications. user-defined applications for traffic not categorized automatically as a predefined application. the following encrypted applications are not accelerated: pop3s. The following topics contain more information: Viewing Defined Applications. https. if a local subnet is not defined as LOCAL. telnets.1 Us er Gu id e . the Accelerator QoS and Monitoring features do not function properly.

or as subsets of these applications to further filter the traffic type selected. Applications should be created for all traffic types that do not already exist in the list of predefined (classified) traffic applications. on page 217 Or Create one of the applications listed above. on page 226 The applications table shows the applications that were created. on page 216 Edit a defined application. see Editing an Application. see Viewing Defined Applications. on page 217 Delete an application. see Creating New Applications. . To see a list of the pre-defined applications (XYZ). on page 222 Citrix applications. see Creating Remote Desktop Services. see Creating Citrix Applications. Applications are created with either inbound or outbound traffic as follows: Figure 1: Inbound and Outbound Traffic The following applications can be created: General Applications.Working with Applications Work in g wi th A p pl ic atio n s 215 In order to create a QoS Rule. on page 224 Remote Desktop services. From the Applications table you can: View the defined applications. an application must be defined. see Creating Web Applications. on page 219 HTTP or Web applications. see Deleting an Application.

0 . see Editing an Application.216 C h ap t er 6: Applying QoS Viewing Defined Applications The My Applications Menu in the Accelerator WebUI lets you view traffic per application. The From-LAN statistics pull-down menu lets you customize the statistics type to be viewed for the applications. including Application Name. To add an application to the My Applications Table: Follow the instructions for the application type: General Applications. Minimum bandwidth set (if assigned). choose From WAN to LAN. Choose from the following: All—for all traffic Defined Applications—for the applications you have defined Monitored Applications—the applications you have selected to be monitored Discovered Traffic—the applications that have been discovered Defined L7 Applications—pre-defined L7 applications 3.1 Us er Gu id e . select the traffic type you want to view. LAN to WAN (outbound traffic) or WAN to LAN (inbound traffic). filtered by a certain criteria. In the header of the table there is a drop-down that is used to select the Direction for which you want to view applications. Click on Setup followed by My Applications. 4. Basic data about the settings for each traffic type is provided. For outbound traffic. To view traffic per application: 1. see Creating New Applications. In the View drop-down menu. on page 217 Delete an application. To select all links. only classified traffic is displayed). see Deleting an Application. on page 219 Ac ce ler at o rOS Ve rsi on 7. In the For Link drop-down menu. and acceleration status. The table displayed on the My Applications Menu details the Outbound Traffic (by default. choose From LAN to WAN. 2. select Total. Priority assigned. For inbound traffic. From this screen the following additional actions are possible: Edit a defined application. on page 217 Or Create one of the applications listed below. select the link for which you are gathering information. Maximum bandwidth set (if assigned).

click the application name (alternatively. also known as the traffic rule. on page 219 HTTP or Web applications—Creating Web Applications. In addition. 3. on page 222 Citrix applications. 2. The Edit Application menu lets you modify all application parameters as listed in Creating New Applications. Click the application name and then click Delete. or filter) and set up the way the traffic is treated (or prioritized.Work in g wi th A p pl ic atio n s 217 HTTP or Web applications. on page 226 Deleting an Application To remove an application from the Applications Table: 1. on page 222 Citrix applications—Creating Citrix Applications. on page 217 to edit an application. see Creating Citrix Applications. To edit an application: 1. To create a new application. on page 226 Editing an Application Selecting an application lets you modify the application definition (the type of traffic. There is no confirmation for this action. on page 219. The Edit Application menu opens. see Creating Remote Desktop Services. see the information according to the application you want to create: General Applications—Creating New Applications. you can select one or more of the following check boxes: . highlight the application line and click the Edit button). The application is immediately deleted as well as all of the statistics that were collected for the application. In the My Applications menu. 2. also known as shaping). on page 224 Remote Desktop services—Creating Remote Desktop Services. see Creating Web Applications. See Editing an Application. To edit an application click the application name in the table and then click Edit. on page 224 Remote Desktop services.

To Delete an application. Figure 2: New Applications Menu i Note: When creating an Application Name. on page 60. my_application.218 C h ap t er 6: Applying QoS Collect Statistics .1 Us er Gu id e . and allows a pre-defined delay (window) before sending the packets. spaces are not allowed. Checking this check box allows the L7 Discovery to report this application on the Discovered Applications List in the Monitored Applications report. Discover . For example. Click Submit. Applications that are discovered can also be defined so that their QoS criteria is enabled. 4. see Deleting an Application. The compressed packets are aggregated in the link per class.Collects statistics on the specified application for up to one year.0 . on page 219 Ac ce ler at o rOS Ve rsi on 7. on page 217. The classes are defined via the CLI and set the aggregation packet limit.enabled with L7 Applications. For aggregation class configuration details via the CLI. You may use an underscore to create a visual space. A list of discovered applications is found in Discovering Layer-7 Applications. To create a new application. see Aggregation Class Commands. see the information according to the application you want to create: General Applications—Creating New Applications. on page 617.

• In the From field enter the first port to be considered. Enabling statistics history saves statistics for this application for up to one year. in the To field enter the last port to be considered. The Create Application menu opens. 2. spaces are not allowed. You may use an underscore to create a visual space. clear to disable. on page 222 Citrix applications—Creating Citrix Applications. The Application Criteria box lets you set the type of traffic to be considered in an application. For example. click the Create Application button. enter 8080 into the From field. Collect statistics Application criteria TCP Port . These fields define a rule for identifying traffic as part of this application To set the application to be defined on the basis of a TCP port or a span of TCP ports: • Select TCP port from the drop-down menu. Special characters are allowed. • Click the Add button. To define a single port. on page 226 Creating New Applications To create an application: 1. The Criteria created appears in the Criteria Table. to change HTTP application 80 to HTTP application 8080. In the My Applications menu. You have to modify the name of the application to a name indicating the type of traffic considered in this application. Update the following parameters to define the Application and how it is handled: Parameter Item Application name Description The default name for a new application is new_application. Click the checkbox to enable. no spaces. i Note: When creating an Application Name. on page 224 Remote Desktop services—Creating Remote Desktop Services. Maximum of 31 characters.Work in g wi th A p pl ic atio n s 219 HTTP or Web applications—Creating Web Applications. enter the port number into the From field and leave the To field empty. my_application. For example.

For example. to change the TFTP application from port 69 to port 4444. The Maximum bandwidth limit setting puts a ceiling on the amount of bandwidth that an application can consume. time-sensitive applications. Most QoS settings do not necessitate setting the Order field. applications are matched according to the highest level of specificity first. Another example of higher specificity is when one application defines Layer-7 values and another application with the same priority order defines values only up to Layer-4 values. enter the port number into the From field and leave the To field empty. Traffic that matches the Application criteria set in order number 100 is handled according to the setting for this application type. even if it may match the criteria of other Applications with other. This is useful for bandwidth-greedy applications such as FTP or P2P. highlight them and click the Delete button The Prioritize box lets you set the shaping or prioritization to be applied to the traffic type. less important priority order numbers. The Minimum bandwidth desired setting should be used carefully. If the two applications are set with the same order priority.0 . You can set the order from 100 to 65534. For example. to limit the amount of bandwidth they consume. The criteria table lists all the criteria that must be met in order for traffic to be considered part of this application.220 C h ap t er 6: Applying QoS Parameter Item UDP Port Description To set the application to be defined on the basis of a UDP port or a span of UDP ports: • Select UDP Port from the drop-down menu. You should set desired bandwidth only for mission-critical. the Layer-7 application shaping will be applied to the traffic. To delete entries in the Criteria Table. • In the From field enter the first protocol number to be considered. enter 69 into the From field and 4444 into the To field. in the To field enter the last port to be considered. enter the number into the From field and leave the To field empty. The order parameter sets the importance of this rule.1 Us er Gu id e . To define an application based on a specific protocol: • Select Over IP from the drop-down menu. the 2062 traffic is handled first. • Click the Add button. To define a single port. but one application is created for all traffic in ports ranging from 2020 to 2060 and the other application is created for traffic on port number 2062. • In the From field enter the first port to be considered. if two applications have a priority of 210. Traffic that enters the Accelerator is dealt with by the QoS mechanism based on Prioritization order number. which need 8 to 16 Kbps allocated throughput to function. The Criteria created appears in the Criteria Table. • Click the Add button. This parameter allocates a certain amount of bandwidth to be saved for a specific application type during periods of congestion. The Criteria created appears in the Criteria Table. Over-IP Criteria Table Prioritize Order Minimum bandwidth (desired) Maximum bandwidth (limited) Ac ce ler at o rOS Ve rsi on 7. To define a single protocol. in the To field enter the last protocol number to be considered. such as VoIP.

• Real Time: Real-time traffic always receives bandwidth allocation according to strict priority. namely: 63) different values. • Average receives a medium proportion of the bandwidth. thereby giving 26 (= 64.Work in g wi th A p pl ic atio n s 221 Parameter Item ToS Description You can either preserve the original ToS setting of the packets or set a new ToS value for this application. This means that as long as real-time traffic is traversing the network.uses the first 6 bits of the ToS field. set the class to Pass-thru/Diagnostic mode. • To preserve the original ToS value. Average and High: Traffic set to Low. • Low. This is because Diagnostic Mode traffic overrides all other QoS settings and starves all other applications (including real-time and Desired bandwidth allocated). thereby disabling the QoS from the traffic type. This is disabled by default. ToS preservation is enabled. clear the checkbox. Clicking this button will disable the Priority section. To allow applications to have a burst of additional bandwidth. • CoS ToS . If a class is not transmitting at all and seems not to be working.combines the values of the IP precedence field (otherwise known as CoS. all lower priority traffic types waits until there is free bandwidth. click the Set radio button and select one of the following options: • ToS value . • To set a new ToS value for this traffic. Burst Priority Diagnostic Mode ! ! CAUTION! Ensure that you click the Submit button to save configuration changes before exiting the Create Application menu. which stands for Class of Service) and the ToS (type of service field). . By default. click the Enable checkbox. • High receives the greatest proportion of the bandwidth. thus starving all lower priority applications with the exception of applications that received a Minimum bandwidth (desired) setting.lets you select a ToS value (0-254) for the Accelerator. • Diagnostic Mode: You should set traffic to Diagnostic Mode only if the Application is not responding at all to QoS settings. Set the Priority of the application to: • Blocked: Traffic set to Blocked is dropped. • Code point . click the Preserve radio button. Average and High are assigned bandwidth on a proportional scale: • Low receives the lowest proportion of the bandwidth. To disable. You can either preserve the original ToS setting of the packets or set a new ToS value for this application.

and Remote Desktop Services at the application layer (Layer-7). For more information on creating/defining specific Layer7 applications. on page 60. on page 222. see Deleting an Application. see one of the following topics: Creating Web Applications.0(6). on page 226 Creating Web Applications You can create and prioritize HTTP web applications per Layer-7 application. Citrix applications. Then change the policy rules to match this application as well. This higher level of specification enables specific applications to receive tailored traffic prioritization within the Accelerator. If an application exists for a list of ports or range of ports that include the specified port numbers (1928 and 2598). and create applications expand-internal with port 1928. To edit an application see Editing an Application. on page 217 to delete an application. Note that traffic is no longer limited to only port 80. For information on discovering Layer-7 applications. CAUTION! Ensure that you click the Submit button to save configuration changes before exiting the Edit Application menu. New web applications are created much in the same way as new Layer-4 applications. Other ports are now used. with the addition of Layer-7 (application specific) information. note that two new preconfigured applications were added in this version that may affect user-defined applications on the same ports.0 . rename these applications exactly as in the preconfigured application before performing an upgrade. Ac ce ler at o rOS Ve rsi on 7. Creating a Layer-7 or L7 application is the same procedure as described in Creating Web Applications. If applications have been configured for port of 1928 (saved for the expand-internal application) or 2598 (citrix-ica-sr).222 C h ap t er 6: Applying QoS i Note: If you are running a version of AcceleratorOS previous to 5. and citrix-ica-sr with port 2598.1 Us er Gu id e . on page 222 Creating Citrix Applications. on page 224 Creating Remote Desktop Services. remove these ports from the list or range. on page 217. see Discovering Layer-7 Applications. ! ! Layer-7 Applications The Accelerator lets you filter HTTP web applications.

To modify the Layer-4 criteria. click the Create Web Application button. The Create Web Application menu opens. return to the My Applications menu and click on HTTP to edit the web application.Work in g wi th A p pl ic atio n s 223 Figure 3: Create Web Application menu To create a web application: 1. on page 215) are identical to the parameters set for all applications. This is also disabled for L7 Applications. spaces are not allowed. i Note: When creating an Application Name. The Web application parameters (see Working with Applications. Parameter Item Application Criteria Description You cannot modify the Application Criteria box from within the Create Web Application box. The Layer-4 information for this web-based application is taken from the web definition. with the following additions. For example. my_application. 2. . You may use an underscore to create a visual space. In the My Applications menu.

on page 215. Mozilla. my_application. The Host Name is the internet address up until the first “/”. for example. MIME Type: enter the content type. For example. the Host Name is 172. Creating Citrix Applications You can create and prioritize Citrix applications per Layer-7 application.expand. Prioritizing the traffic based on rules is accomplished by setting the same parameters available when creating an application.expand. Prioritize ! ! CAUTION! Ensure that you click the Submit button to save configuration changes before exiting the Create Web Application menu. spaces are not allowed.10/loginindex. if the Host Name is www. In the example above.com URL Name: the URL name is the internet address after the first “/”. For the Internet site http://www. with the following additions.0 . “extranet” can be used as the URL name.com.10. i Ac ce ler at o rOS Ve rsi on 7. on page 222).224 C h ap t er 6: Applying QoS Parameter Item Layer-7 Information Description Host Name: the host name of the web application. For more information on available settings. To create a Citrix application: 1.10. In the My Applications menu. The Create Citrix Application menu opens. 2. for the address http:// 172. meaning that. New Citrix applications are created much in the same way as new Layer-4 applications. Note: When creating an Application Name.10. User Agent: enter the name of the HTTP client (Netscape. You may use an underscore to create a visual space. The Citrix application parameters are identical to the parameters set for all applications (see Creating Web Applications. click the Create Citrix Application button. and so on) All Layer-7 information criteria use pattern matching. for example.expand.1 Us er Gu id e .asp. see Working with Applications.com/extranet/support the Host Name is www. with the addition of Citrix Layer-7 specific information.10. using expand as the host name is sufficient (up to 128 character string for all HTTP Layer-7 parameters).10.

enter the name of the CEO’s PC into the Client field • Layer-7 information for Citrix is not pattern matching. meaning that the published application listed must be the full name of the application traffic that is intended (these parameters can use strings up to 20 characters) • Service: choose either Browsing. see Calculating Acceleration using other Applications. Prioritizing the traffic based on rules is accomplished by setting the same parameters available when creating an application. For more information on available settings. on page 406. The Layer-7 information box lets you set the application-specific details necessary for filtering this web application. . This means that all traffic considered as part of this Citrix application has to meet all the criteria listed in this box. Enter any or all data to be treated as criteria for matching this web application type. The Layer-4 information for this Citrix-based application is taken from the Citrix definition. • Client: List the user name of the device you want to set as part of this traffic type. • Priority: choose a priority from 0-3. to set the priority of the CEO’s Citrix Client to Real-time for Excel. as follows • Published application: List the Citrix application type. or Published Application. To modify the Layer-4 criteria. Layer-7 Information Prioritize For more information on working with Citrix. on page 215. return to the My Applications menu and click on Citrix to edit the Citrix application. see Working with Applications. such as Word. Calc and Notepad.Work in g wi th A p pl ic atio n s 225 Parameter Item Application Criteria Description You cannot modify the Application Criteria box from within the Create Citrix Application box. For example.

The Citrix Acceleration plug-in eliminates all redundant data transmissions across the WAN. Ac ce ler at o rOS Ve rsi on 7. through the use of statistical multiplexing. especially over slow WAN links that are commonly used for Citrix Metaframe deployments. The Aggregation class sets the class to which this application is related. New remote desktop services are created much in the same way as new Layer-4 applications. and sends packets optimized for specific WAN conditions. Consolidating Citrix payload in all environments .IP header represents significant overhead in small packets generated by Citrix. and support of up to four times more Citrix users on the existing infrastructure. The end-result is better.0 . the Citrix Acceleration plug-in allows more Metaframe data to traverse the WAN.1 Us er Gu id e . The Accelerator achieves this increase in throughput by: Consolidating Citrix header data in pure IP implementations . Aggregation is performed at the link-level and improves acceleration for traffic with small to medium packets (like Citrix/ICA traffic or Telnet traffic). It constitutes almost 30% of the Citrix packet.the Citrix Acceleration plug-in extracts data from small packets originating from different Citrix MetaFrame users.the Citrix Acceleration plug-in reduces latency and jitter. Aggregation reduces the size of the traffic by aggregating compressed packets. The Accelerators’ Citrix Acceleration Plug-in feature enhances support for Citrix MetaFrame applications because. more consistent Citrix performance.226 C h ap t er 6: Applying QoS Citrix Benefits The Citrix Acceleration Plug-in feature has the following benefits: It utilizes network resources more efficiently in LAN-based Accelerator deployments and delivers improved acceleration results for Citrixhosted applications. Citrix MetaFrame users repeatedly access the same content from the network. Creating Remote Desktop Services You can create and prioritize remote desktop services per Layer-7 application. Controlling latency and jitter . before sending them over the WAN. with the addition of RDP Layer-7 specific information. and aggregates compressed packets. The Citrix Acceleration plug-in removes repeat header information and sends this data only once across the network.

Choose a value from the drop-down box. This amount should be greater than the Minimum Bandwidth amount. thereby giving 26 (= 64. remembering to select the bit speed from the second drop-down box. By default. If not. type your own (100-65534) Choose a value from the drop-down box. . which stands for Class of Service) and the ToS (type of service field). • CoS ToS . Use the table to set the parameters. In the My Applications menu. • To set a new ToS value for this traffic. This section is disabled Discover Application Criteria Layer-7 Information Window Client Name Channel Name Type a name for the client Type a name for the channel Prioritize Window Order Minimum Desired Bandwidth Maximum Bandwidth Limit TOS Either select the default value (200) or select the open radio button. • To preserve the original ToS value. clear the checkbox. Maximum of 31 characters. You have to modify the name of the application to a name indicating the type of traffic considered in this application. click the Set radio button and select one of the following options: • ToS value . • Code point . click the Preserve radio button. Note: When creating an Application Name. spaces are not allowed. You may use an underscore to create a visual space. remembering to select the bit speed from the second drop-down box. If you want this application to be included when a discovery of applications is run. select this checkbox (selected by default). my_application. This amount should be less than the Maximum Bandwidth. namely: 63) different values. 2. and in the field.combines the values of the IP precedence field (otherwise known as CoS. or other and enter your own value. click Submit to save the application Parameter Item Application Name i Description The default name for a new application is new_application. You can either preserve the original ToS setting of the packets or set a new ToS value for this application.uses the first 6 bits of the ToS field. Special characters are allowed.lets you select a ToS value (0-254) for the Accelerator. no spaces. For example. click the Create Remote Desktop Service button. or other and enter your own value. ToS preservation is enabled.Work in g wi th A p pl ic atio n s 227 To create a Remote Desktop Service: 1. The Remote Desktop Application menu opens.

• Real Time: Real-time traffic always receives bandwidth allocation according to strict priority.1 Us er Gu id e . all lower priority traffic types waits until there is free bandwidth. You can either preserve the original ToS setting of the packets or set a new ToS value for this application. This is because Diagnostic Mode traffic overrides all other QoS settings and starves all other applications (including real-time and Desired bandwidth allocated). thereby disabling the QoS from the traffic type. click the Enable checkbox. Average and High: Traffic set to Low. Average and High are assigned bandwidth on a proportional scale: • Low receives the lowest proportion of the bandwidth. If a class is not transmitting at all and seems not to be working. This is enabled by default. To disable. • Low. Set the Priority of the application to: • Blocked: Traffic set to Blocked is dropped. set the class to Pass-thru/Diagnostic mode. Ac ce ler at o rOS Ve rsi on 7. • Average receives a medium proportion of the bandwidth.0 . • Diagnostic Mode: You should set traffic to Diagnostic Mode only if the Application is not responding at all to QoS settings. thus starving all lower priority applications with the exception of applications that received a Minimum bandwidth (desired) setting.228 C h ap t er 6: Applying QoS Parameter Item Burst Priority Description To allow applications to have a burst of additional bandwidth. This means that as long as real-time traffic is traversing the network. clear the checkbox. • High receives the greatest proportion of the bandwidth.

on page 229 Viewing QoS Rules. on page 234 Making Decisions for Specific Applications. you can set a bandwidth limitation for the WAN or per link. The following sections provide an in-depth knowledge regarding the way QoS operates: Setting Inbound QoS. To delete a rule. on page 235 Setting Inbound QoS For Inbound QoS. Click on the QoS tab. and networks that are particularly complex. Understanding how QoS works is necessary in order to properly apply advanced QoS settings. select the rule in the table and click Delete. on page 229 Creating QoS Rules. To make a new Rule see. Editing QoS Rules. To view a rule for a specific application: 1. Open the View Rules for Application drop-down menu and scroll down until you have found the application you want to select. . limiting outbound traffic to the link. and then select QoS Rules. 4. You can set inbound policy rules globally or per link. Viewing QoS Rules The Rules table displays the rules on a per application basis. on page 230. Creating QoS Rules. If a link was created with a bandwidth limitation set for inbound traffic.Setting QoS Rules Setting QoS Rules 229 Advanced configuration of the Accelerator’s QoS mechanism is intended for expert users. a rule is automatically created on the sending side. select Any. To view all rules for all applications. To edit a rule see. on page 234. 3. on page 230 Editing QoS Rules. The rules associated with the application appear in the Rules Table. 2.

see Working with Applications. You can define additional applications via the My Applications menu only. The Create Rule menu opens. and then select QoS Rules.0 . Click the Create New Rule button. Use the Define and Prioritize sections to enter the necessary information per your networking requirements Parameters Define Section Application Select the Application onto which to apply this rule from the drop-down menu. Click on the QoS tab. For information.1 Us er Gu id e . Description Ac ce ler at o rOS Ve rsi on 7. on page 215. To create a rule: 1. 2. Figure 4: Create QoS Rule Menu 3.230 C h ap t er 6: Applying QoS Creating QoS Rules Advanced QoS configuration is accomplished by creating and editing rules as they appear in the QoS menu.

which is more complex than the WebUI display • Any—To set the rule to apply to the application’s traffic. • List—Select List and enter up to four destination IP addresses to receive the treatment defined in this rule. which is more complex than the WebUI display. • Single IP—Select single IP if only traffic headed to a single device should receive the treatment defined in this rule. • Single IP—Select this option if only traffic coming from a single device should receive the treatment defined in this rule. Subnet. • Value—To set a ToS value. Range.Setting QoS Rules 231 Parameters Source IP Description If you want to filter the application by its source IP address: Choose from Other. which is more complex than the WebUI display • Any—Set the Source IP to Any if the application should consider traffic coming from any device (this is the default). if it has any ToS value set (this is the default). or select Non-link. • Any—Set the Source IP to Any if the application should consider traffic coming from any device (this is the default). a specific link to determine how traffic is categorized and prioritized over a specific link. Enter the first and last IP address to be considered. • Range—Select Range if a particular range of source IP addresses should receive the treatment defined in this rule. If a link is selected as a filter for this rule. • Other—Displayed if advanced configuration was made via the CLI. in the drop-down menu select from Other. Single IP. To filter traffic based on its ToS setting. Select Global to apply to all links. you can select the direction of the traffic: • Inbound—towards the LAN • Outbound—towards the WAN Destination IP ToS Bits Links Direction . • Range—Select range if a particular range of destination IP addresses should receive the treatment defined in this rule. Any. Enter the IP address • Subnet Mask—Select Subnet if only traffic from a particular subnet should receive the treatment defined in this rule. • List—Select List and enter up to four IP addresses to receive the treatment defined in this rule. Enter the IP address. • Subnet—Select Subnet if only traffic toward a particular subnet should receive the treatment defined in this rule. thereby limiting traffic on which this rule is applied to the application’s traffic that has a particular ToS value (0 . • Other—Displayed if advanced configuration was made via the CLI. or List. • Other—Displayed if advanced configuration was made via the CLI. Traffic rules and shaping are applied per link. and Value. Single IP. Enter the subnet address and the subnet mask. Enter the subnet address and the subnet mask. Range. Subnet. If you want to filter the application by its destination IP address: Choose from Other. Enter the first and last IP address to be considered. or List. Any.255). Any.

1 Us er Gu id e . For example. Traffic that enters the Accelerator is dealt with by the QoS mechanism based on Prioritization order number. to create a new Collective Branch. This is useful for bandwidth-greedy applications such as FTP or P2P. on page 327. as a specific port is more specific than a port range. Prioritize Section Order The order parameter sets the importance of this rule. Acceptable values are from 100 to 65534. 200 is the default value. the 2062 traffic is handled first. most QoS settings do not require setting the Order parameter. Minimum bandwidth (desired) The Minimum bandwidth desired setting should be used carefully. if two applications have a priority of 210. Another example of higher specificity is when one application defines Layer-7 values and another application with the same priority order defines values only up to Layer-4 values. See Creating a Collective Branch. If the two applications are set with the same order. Make sure the link you want to set the rule for has already been defined. using the drop-down menu. Choose the Collective Branch from the drop-down menu.232 C h ap t er 6: Applying QoS Parameters Scope Description This allows you to create a rule on all links. See Adding Links. Select one of the following radio buttons: • Global—for all links • Link—for a specific link.0 . Note that. The Maximum bandwidth limit setting puts a ceiling on the amount of bandwidth that an application can consume. applications are matched according to the highest level of specificity first. You should set desired bandwidth only for missioncritical. Make sure the Collective Branch has already been defined. on page 82 to add a new link. specific links or if you have Mobile Accelerators. rules on a Collective Branch. Select the link. to limit the amount of bandwidth they consume. such as VoIP. This parameter allocates a certain amount of bandwidth to be saved for a specific application type during periods of congestion. • Collective Branch—for a specific Collective Branch. which need 8 to 16 Kbps allocated throughput to function. time-sensitive applications. Maximum bandwidth (limited) Ac ce ler at o rOS Ve rsi on 7. but one application is created for all traffic in ports ranging from 2020 to 2060 and the other application is created for traffic on port number 2062. the Layer-7 application shaping will be applied to the traffic. as layer 7 is higher on the OSI model than layer 4.

thereby disabling the QoS from the traffic type. If a class is not transmitting at all and seems not to be working. click the checkbox to enable or clear the checkbox to disable. To set a new ToS value for this traffic. • Low. thus starving all lower priority applications with the exception of applications that received a Minimum bandwidth (desired) setting. To preserve the original ToS value. You can either preserve the original ToS setting of the packets or set a new ToS value for this application. ToS preservation is enabled. this feature is enabled. thereby giving 26 (= 64. click the Preserve radio button. Average and High are assigned bandwidth on a proportional scale: • Low receives the lowest proportion of the bandwidth. click the Set radio button and select one of the following options: • ToS value . and High: Traffic set to Low. • Real Time: Real-time traffic always receives bandwidth allocation according to strict priority. • CoS ToS .lets you select a ToS value (0-254) and a ToS Mask (0-254). By default. You can use the TOS Mask for comparing specific bits (Precedence/Type of Service) from the TOS field in the packet’s IP header against the TOS value entered for this rule.uses the first 6 bits of the ToS field. • Diagnostic Mode: You should set traffic to Diagnostic Mode only if the Application is not responding at all to QoS settings.Setting QoS Rules 233 Parameters ToS Description You can either preserve the original ToS setting of the packets or set a new ToS value for this application. Burst Priority . • High receives the greatest proportion of the bandwidth. Medium. all lower priority traffic types waits until there is free bandwidth. set the class to Pass-thru/Diagnostic mode. This means that as long as real-time traffic is traversing the network. this value is ANDed to the value entered in the TOS field in the packet’s header and compared against the TOS entered for this rule. To temporarily allow this application to have bursts of bandwidth. This is because Diagnostic Mode traffic overrides all other QoS settings and starves all other applications (including real-time and Desired bandwidth allocated). which stands for Class of Service) and the ToS (type of service field).combines the values of the IP precedence field (otherwise known as CoS. • Code point . When entering a number in the ToS Mask field. • Medium receives a medium proportion of the bandwidth. namely: 63) different values. By default. Set the Priority of the application to any of the following options: • Blocked: Traffic set to Blocked is dropped.

For any necessary explanation. see section Creating QoS Rules. Highlight the Rule to be edited in the Rules Table and click .1 Us er Gu id e .0 . 2. on page 230. To edit a rule: 1.234 C h ap t er 6: Applying QoS Editing QoS Rules Any changes made to Applications via the My Applications menu appear as rules in the QoS menu. and any other rules created. Make the necessary changes. Ac ce ler at o rOS Ve rsi on 7. You can use the QoS menu to edit these changes.

see Creating a New Application Decision. click the decision in the table to select it and click Edit. The Field names and values are identical to those specified in Creating a New Application Decision. To delete a decision.Making Decisions for Specific Applications M aki ng De cis io n s fo r Spe ci fi c A p pl ic at io n s 235 The Decision screen lets you set various aggregation and acceleration parameters for a specific application. on page 236. To edit a decision. To create a new decision for a specific application. click the decision in the table to select it and click Delete. on page 236. such as how many small packets to accumulate for one big packet (aggregation class). Remember to click Submit to implement the changes. Figure 5: Decision Screen . and whether the application is accelerated and tunneled.

3. highlight the application name in the table and click the Delete button. encrypted applications such as pop3s. followed by Decisions.enables acceleration on small-packet.enables acceleration on a specific. 8. Thin Client . 5.enables Citrix acceleration on Citrix.236 C h ap t er 6: Applying QoS Creating a New Application Decision To create a new decision for a specific application: 1.0 . user-defined link. To delete a specific application from the list. Disable to disable. Select from the following ToS parameters: Auto ToS Values—check this checkbox if you want the Accelerator to decide ToS Value—place a ToS value (0-254) in this field if you didn’t check the auto checkbox ToS Mask—place a ToS mask (0-254) in this field if you didn’t check the auto checkbox.1 Us er Gu id e . or Auto to allow the Accelerator to decide). or Auto to allow the Accelerator to decide). Select the Tunnel mode from the drop-down menu (Enable to enable. 2. Click OK to confirm. a message appears. or Auto to allow the Accelerator to decide). Select the TCP-Acceleration mode (Enable to enable. Click Add to add a decision for the application to the Decisions Table. requesting your confirmation to modify the existing settings. Your choices are as follows: Default . Disable to disable. Disable to disable. user-defined link. Select the Aggregation Class. 6. 9. User-Defined 2 . If a decision already exists for this application. Ac ce ler at o rOS Ve rsi on 7. Select the Acceleration mode (Enable to enable. Click QoS.enables acceleration on a specific. https and ftps. 7. Select an application from the Application Name drop-down menu. 4. User-Defined 1 . telnet and msterminal-server applications.

d. Click the Save to template link button. Set the default link parameters as needed. see Adding Links. For more information on Router Transparency mode and Link configuration. To use Router Transparency Mode as the default setting: a. in the Setup menu. Figure 6: Links Screen 3. 2. you may find it useful to modify the default Link parameters. c. In the WebUI. Click the Advanced button.External QoS To set the Accelerator to enable external QoS: 1. in order to make all newly created links use Router Transparency Mode as the default setting. Select the My links command from the Setup menu. . If all links from the Accelerator are to be affected by the QoS device. on page 82. b. External QoS 237 Select the link to be affected by a QoS device and set it to work in Router Transparency mode. click My Links.

check to see if it is because of the Burst status.0 . or because the packets are waiting too long and are therefore being considered obsolete packets. limits will appear not to be enforced properly. By default the packets are considered obsolete after 500 ms. When Burst is enabled during periods of no congestion.1 Us er Gu id e . it could be a result of the Maximum Queue Length. try setting the class to Diagnostic mode. see Troubleshooting.238 C h ap t er 6: Applying QoS QoS Tro u b l e s h o o t i n g If the QoS mechanism does not seem to be functioning properly. thereby disabling QoS for this traffic type. the packet drops may be the result of the queue buffer size. Ac ce ler at o rOS Ve rsi on 7. on page 347 or Contacting TAC. For additional troubleshooting. If there is much latency on the line. which is normally set per link rate. If limits do not seem to be enforced on traffic. on page 423. If a class is not transmitting properly and problems are encountered after QoS has been applied.

the Accelerator provides Domain Name Server caching capabilities to shorten the round-trip-time and save bandwidth over the WAN. . This chapter contains information about the following topics: Studying TCP Acceleration. on page 113. on page 255 FTP Acceleration. on page 264 Configuring DNS Acceleration.Chapter 7: Optimizing Acceleration Services Expand’s Accelerator lets you reduce the impact of the TCP protocol shortcomings by applying TCP Acceleration. on page 254 Configuring HTTP Acceleration. on page 240 Configuring TCP Acceleration. on page 271 Enabling Traffic Encryption. on page 278 For information regarding WAFS service. on page 248 Understanding Web Acceleration. on page 273 Remote Desktop Protocol Services. see Configuring and Managing WAFS. on page 268 Enabling Aggregation. In addition. a standards-based plugin that modifies TCP settings to optimize throughput in certain environments.

degraded web performance and unresponsive applications. SCPS. on page 241 The TCP Acceleration Solution. Use the following table to determine whether your network suffers from high-latency and would benefit from enabling TCP Acceleration: Window Size 8 KB 5 0 1 0 0 1 5 0 2 0 0 5 0 0 1 0 0 0 160 Kbps 80 Kbps 16 KB 320 Kbps 160 Kbps 32 KB 640 Kbps 320 Kbps 212 Kbps 160 Kbps 64 Kbps 64 KB 1280 Kbps 640 Kbps 424 Kbps 320 Kbps 128 Kbps 64 Kbps 53 Kbps 106 Kbps 40 Kbps 80 Kbps Round Trip Time 16 Kbps 32 Kbps 8 Kbps 16 Kbps 32 Kbps Topics in this section include: Understanding the Shortcomings of TCP. on page 243 Ac ce ler at o rOS Ve rsi on 7. which was designed to ensure reliable IP transmission.1 Us er Gu id e .0 . the Space Communication Protocol Standards developed by NASA and the US is a collection of standards-based TCP enhancements designed to reduce the impact of TCP limitations in Long-Haul WANs. SCPS is implemented by using the TCP Acceleration feature. designed to optimize and better utilize WANs that suffer from distance-induced TCP limitations. These limitations are expressed in the long times required for file transfers over the WAN. performs well on LANs but does not deal well with the high latency and high-packet-loss found on many WANs.240 C h ap t er 7: Optimizing Acceleration Services Studying TCP Acceleration TCP.

St u d yin g T C P A cc el er a ti on 241 Understanding the Shortcomings of TCP To understand how TCP Acceleration works. TCP sends only part of the data to the receiver in small amounts called a window. as described in the following figure: . and then waits to hear an acknowledgement back from the receiver if the window was received properly. the sender resends the packet. the sender transmits more data until all necessary data is sent. After an acknowledgment is sent from the receiver. and is measured in bytes. the sender receives an ACK (Acknowledgement packet) for each successful packet transmission. Often. the packet is retransmitted before the ACK has time to arrive. on long distance lines. The size of the window is specified by the receiver during the setup of a TCP session.each time the window threshold is met. The following figure explains the handshake process involved in establishing a TCP connection: Figure 1: TCP Connection Once the connection is established. it is important to understand the shortcomings of TCP: Frequent packet retransmissions: In TCP transmissions. the receiver responds with an acknowledge packet. If the ACK is not received. Transmission Window: To ensure that the receiver gets all data items sent from the sender. TCP data packets are sent in accordance with the TCP window set . The sender transmits a window.

transmission is being slowed down unnecessarily. On long-distance lines over which packet drops are often the result of factors other than congestion. Ac ce ler at o rOS Ve rsi on 7. slowly increasing it until the maximum rate at which no drops are experienced.1 Us er Gu id e . On high-bandwidth long-distance lines. The more latency present. the slower the session will start. Congestion Avoidance—TCP assumes that any packet lost is due to congestion.0 . this slow start wastes much expensive bandwidth. Any time a packet is dropped. each transmission begins slowly. TCP reduces transmission rate by half.242 C h ap t er 7: Optimizing Acceleration Services Figure 2:Acknowledge Packet Transmission The time wasted waiting for ACK packets to be sent in a TCP connection dramatically increases latency. gradually increasing speed until a packet is dropped .at which point TCP assumes that it has reached the maximum bandwidth. Slow Start—Because TCP transmissions have no way to know the size of the bandwidth over which they are being transmitted.

the TCP packet transfer process causes less latency. Once TCP Acceleration is enabled. as seen in the following figure: Figure 3:TCP Acceleration Packet Transfer A larger window enables sending more packets before an acknowledge packet is sent. The TCP Acceleration Solution TCP Acceleration uses the SCPS protocol package to reduce the impact of these well-known TCP limitations according to the standard developed by NASA (http:// www.org): Scaling the Transmission Windows Increases the maximum transmission window to enable ACKs to arrive across long distance links. minimizing the number of acknowledge packets sent and lowering latency. they cause expensive long-distance links to appear slow. .St u d yin g T C P A cc el er a ti on 243 While these TCP functions are useful in controlling and managing congestion over the LAN.scps. thereby reducing the amount of unnecessary packet retransmissions.

which is not necessary in networks where drops are not the result of congestion. Ac ce ler at o rOS Ve rsi on 7. or Hybla). thereby guaranteeing optimized throughput across WAN links. thereby enabling the transmission of data without waiting for the TCP slow-start.0 . Asymmetric Networks Optimization In asymmetric environments. Vegas. TCP automatically uses congestion avoidance. If there is congestion on the line. if in one direction the bandwidth is significantly lower than the other. You can configure SCPS in such a way that congestion avoidance is not used when it is unnecessary. Local Network Isolation The SCPS protocol uses TCP Spoofing to reduce the time required for establishing a TCP session. TCP Acceleration enables scaling of ACK packets (for example sending an ACK for only every other packet) to better match uplink/ downlink rates. you can select the method of congestion avoidance and control (standard TCP. this direction can become congested with ACK packets being sent in the other direction.244 C h ap t er 7: Optimizing Acceleration Services Congestion Avoidance SCPS enhances flexibility of Congestion avoidance mechanisms.1 Us er Gu id e . SCPS-based TCP Acceleration enables the Accelerator to maximize capacity over Long-Haul links. SCPS also enables congestion avoidance by preventing slow traffic build-up before achieving maximum capacity.

St u d yin g T C P A cc el er a ti on 245 TCP throughput . Figure 5: TCP Acceleration Computation elements .Kbps 540msec round-trip-time 4608 4096 3584 3072 2560 2048 1536 1024 512 0 1 2 3 4 5 6 7 8 9 10 Time Throughput Link Speed 11 12 13 14 15 16 17 18 19 Unutilized bandwidth With TCP Acceleration and compression No TCP Acceleration With TCP Acceleration Newly created bandwidth Kbps Figure 4:TCP Throughput Computing Latency The Accelerator automatically configures TCP Acceleration settings according to the computation that follows.

This value is in bytes. and -n is the amount of pings) You can use the following formula to calculate the theoretical limitation: Bandwidth equals the window size divided by the round trip time WindowSize -------------.0 . The default window size for Microsoft XP is 8 KBytes. An example of this ping command used on Windows is: ping x. report it in milliseconds. –l is the payload size.x.15.x.1 Us er Gu id e . For additional window size values please consult your operating system vendor.246 C h ap t er 7: Optimizing Acceleration Services The network in the diagram above will be used for example purposes.x = the server’s IP address. In this case the latency will be represented as. then the latency of this network can be represented in a fraction as 150/1000 msec.x –l 750 –n 100 (x.x. The math used for calculating the theoretical maximum throughput is based on this drawing. In the network example shown above. the latency was 150 msec. The network poses 150 milliseconds (msec) of latency between the Client (C) and the Server (S). Always convert this fraction into decimal format when calculating the values.x. Round Trip Time (Rtt though this value is in seconds. Substitute the values from your specific network in order to learn the TCP theoretical limitation for a single session in your network. The bandwidth of a link is normally represented in bits per second. This payload size ensures some stress on the network. Ac ce ler at o rOS Ve rsi on 7. ensure that any values in bytes are converted to bits. and because 1000 msec equals a full second. You can use a ping for determining the end-to-end latency between a Client and Server by sending a ping 100 times from the client to the server during business hours with a 750 byte payload. This example assumes that the client is running Windows XP. such as ping. Window Size (WS the amount of data TCP can send before waiting for an acknowledgement. most network tools.= Bandwidth -------------RoundTripTime Figure 6: Bandwidth Calculation Bandwidth (BW the maximum theoretical throughput. and should provide a better measurement for latency than simply sending a 64 or 32 byte ping as some operating systems do.

the link is a 6 Mb link. BW = 64000 /. the maximum throughput was greatly reduced as the latency increased.328 bps. Remember that because this value is in bytes. The following Throughput table lists some common Round Trip Times and the effects on TCP: Window Size 8 KB 16 KB 32 KB 64 KB Round Trip Time 50 100 150 200 500 1000 160 Kbps 80 Kbps 53 Kbps 40 Kbps 16 Kbps 8 Kbps 320 Kbps 160 Kbps 106 Kbps 80 Kbps 32 Kbps 16 Kbps 640 Kbps 320 Kbps 212 Kbps 160 Kbps 64 Kbps 32 Kbps 1280 Kbps 640 Kbps 424 Kbps 320 Kbps 128 Kbps 64 Kbps As these calculations demonstrate.666 Bytes. the BW equals 426. 150 msec of latency has limited a session to about half of the link speed. it should be multiplied by 8 in order to get the bits per second (bps). The product shows that the theoretical maximum bandwidth is 3.413. As seen in the example network shown above. some of the values needed for this formula are known and can therefore be plugged into the formula in order to determine the maximum theoretical bandwidth for a single TCP session.St u d yin g T C P A cc el er a ti on 247 Using the example network provided above.15 After calculating the values. . The actual maximum throughput that a single TCP session can have in your network may be even lower.

on page 253 Ac ce ler at o rOS Ve rsi on 7. you can set the Send and Receive windows’ sizes. on page 252 Keepalive. such as typical RTT and typical acceleration rate.248 C h ap t er 7: Optimizing Acceleration Services Configuring TCP Acceleration You can use the WebUI to configure basic TCP Acceleration. using the advanced option.1 Us er Gu id e . on page 249 TCP Acceleration Advanced Settings. acknowledge rate and Keepalive. In addition. on page 252.0 . Additional information is available in the following topics: Enabling TCP Acceleration. For these settings see TCP Acceleration Advanced Settings.

2. Alternatively. on page 252. For CLI instructions see TCP Acceleration Commands.C o nf ig u r in g T C P A cc el er a ti on 249 Enabling TCP Acceleration TCP Acceleration should be enabled only over long. where the sender is constantly over-running buffers. and is therefore suitable either for low-bandwidth-delay paths. click on Services and then TCP Acceleration. where recovering from losses is an extremely timeconsuming process for the sender.An enhancement of the standard congestion control algorithm . you can allow the Accelerator to decide by selecting Auto from the drop down menu. on page 253 . Expand recommends configuring TCP Acceleration via the CLI.The mandatory adoption of the SACK policy .The implementation and mandatory use of packet spacing techniques See TCP Acceleration Advanced Settings. among others: . on page 572. by carefully matching the sending rate to the rate at which packets are successfully being transmitted by the network. Select the Enable TCP Acceleration on All Links check box and change or set the parameters as shown in the following table: Parameter/Section Typical RTT Description Enter the typical RTT in miliseconds by choosing Other in the drop down menu and enter an amount in the field. It consists of a set of procedures which includes. the system’s default values will be used for activating TCP Acceleration. due to their longer round trip times. or for high-bandwidth-delay WAN paths. Enter a percentage by selecting Other in the drop-down menu and enter a value in the field. To enable TCP acceleration on all Links: 1.The use of timestamps . In the Accelerator’s WebUI. such as DSL. you can allow the Accelerator to decide by selecting Auto from the drop down menu Select from one of the following: • None—no congestion avoidance is used • Standard—the congestion avoidance conforms to the standard TCP/ IP protocol (Reno) • Vegas—TCP Vegas reduces latency and increases overall throughout. Typical Acceleration Rate Congestion Control TCP Acceleration Advanced Keep Alive See Keepalive. Alternatively. The shorter queues should also enhance the performance of other flows that traverse the same bottlenecks.The adoption of channel bandwidth estimates . If you enable TCP Acceleration via the WebUI. high latency links. • Hybla—reduces penalization of TCP connections that incorporate a high-latency terrestrial or satellite radio link. The Vegas algorithm maintains shorter queues.

Note: When TCP acceleration is enabled. If after enabling TCP Acceleration the Accelerator does not perform as expected. Click the Submit button. navigate to the following location: HKEY_local_machine\system\CurrentControlSet\Services\Tcpip\par ameters. Microsoft does not guarantee that problems resulting from the incorrect use of Registry Editor can be solved. For additional information see Setting Routing Strategy.250 C h ap t er 7: Optimizing Acceleration Services 3.0 .1 Us er Gu id e . Back up your registry first and use Registry Editor at your own risk. all traffic is transferred through the Accelerator in routing-only mode and is not bridged. double-click on the registry entry to view the value set. In the Registry Editor. Click the Start button on the main menu bar. system-wide problems that may require you to reinstall Windows to correct them. Search the listed parameters. Ac ce ler at o rOS Ve rsi on 7. the window size is set to the Windows’ default of 8 KB. followed by Run. If TcpWindowSize is listed. ! WARNING! Editing the registry or using a Registry Editor incorrectly can cause serious. 3. In the Open field. type regedit. If TcpWindowSize is not listed. 2. you should check the size of the window set by Windows: i To check the size of the window set by Windows: 1. on page 30.

. 350% acceleration = 4. 2.65 seconds) For example. To exclude a client or a server: 1.6*3 = 1146420 Excluding Servers or Subnets from TCP Acceleration This allows you to exclude either a client or server from TCP acceleration. Client—excludes traffic to the proxy from the Client. In addition you can exclude the client or server by IP address. Choose Client or Server by clicking the relevant radio button. or subnet group.5 seconds.193000 Compression ratio – 3. a T1 line with 600 ms round trip time with outbound acceleration of 230%: Bandwidth in bytes/sec .000 Bytes per second) Compression Ratio—expected acceleration in a compression ratio format (200% acceleration = 3.× CompressionRatio × RTT ( mSec ) × 2 × 1000 -------------------------------8 1000 Figure 7: Calculating Required Window Size Outbound Bandwidth in Bytes/Sec—convert the outgoing bandwidth to Bytes per second. 650ms round-trip is 0. Click Services > TCP Acceleration>Exclusion.544 Kbps (193.3 193000*3.5) Round trip time—in seconds (for example 500 ms round trip is 0. host name.3*0.C o nf ig u r in g T C P A cc el er a ti on 251 To calculate the necessary send window size and receive window size: Use the following formula to calculate the required window size as set by the Accelerator: OutboundBW ( Kbps ) ---------------------------------------------------------. for example T1 = 1.

and therefore a warning message notifying you about such a possibility appears when you select a value that exceeds 10MB. Choose Auto for the 10MByte default setting or choose Other and enter a different value (from 4Kb-50Mb) and select the byte value (Kbytes or Mbytes) from the drop down list accordingly.252 C h ap t er 7: Optimizing Acceleration Services Server—excludes traffic to the Server from the proxy. 2. followed by Links. 5. Using the drop-down menu choose one of the methods to exclude by: IP Address—put a valid IP address in the field. By default the rate is set to two packets. Click the + next to the TCP Acceleration Advanced title bar. To delete an entry from the Exclusion table click Delete. 4. on page 253. 3. Click Add and the entry is added to the Exclusion table. Click Setup. 3. See Keepalive. and the preferred range is between two and eight packets. In the window that opens fill in the following parameters: Parameter Send Window Size Value/Description Choose Auto for the 10MByte default setting or choose Other and enter a different value (from 4Kb-50Mb) and select the byte value (Kbytes or Mbytes) from the drop down list accordingly. setting the size to a value greater than 10MB may adversely affect the system performance. Subnet—put a valid IP address and subnet in the fields.0 . TCP Acceleration Advanced Settings Additional settings may be configured to make the TCP Acceleration even smoother. followed by My Links. Ac ce ler at o rOS Ve rsi on 7.1 Us er Gu id e . Receive Window Size Acknowledge Packet Rate Keep Alive i Note: Even though the upper limit for the sizes of the receive and send windows is 50MB. To set additional TCP Acceleration Settings: 1. Host name—put a valid host name in the field. Enter the number of packets that the Accelerator will receive from a source before sending the source a confirmation message (called an Acknowledge Packet) that the packet was received successfully.

Click Submit. 6. 5. Decide what kind of waiting time you want in between messages and put this value in the Keepalive Interval field (1-50000 seconds). 7. Decide the amount of time you want the appliance to wait before sending the first keep alive message and put this value in the Keepalive Time field (1-10000 seconds). To set the time out settings: 1. Click Setup. 3. WAN. 2. 4. Both) Decide how many times you want to send the Keep alive message and put this value in the Keepalive Probes field (1-10000 probes). 9.C o nf ig u r in g T C P A cc el er a ti on 253 Keepalive If for any reason there is a disconnect between an appliance and a network device (LAN) or between an appliance and another appliance. followed by My Links. . the keepalive setting ensures that the connection will not close until the time out interval has passed. followed by Links. Pick a direction (LAN. 8. Check the Keepalive checkbox. Click the + next to the TCP Acceleration Advanced title bar. Click the Advanced icon.

it affects the number of tunnels configurable on the Accelerator. FTP caching—the Web Acceleration cache guarantees that objects sent to the client from the cache are always fresh (only supported if the FTP server supports MDTM ex. Note: Because the Web Acceleration plugin consumes RAM. Both Passive and Active FTP caching modes are supported. Web Acceleration supports both FTP and HTTP caching. Ac ce ler at o rOS Ve rsi on 7. HTTP caching—the object will have an aging time in the cache until it is retrieved again from the server. If the object is not in the cache. This later is necessary to guarantee that replies will travel via the Accelerator’s Web Cache engine and not be delivered directly to the client. Web Acceleration can cache objects up to 1 GB in size. HTTP packets will be seen to contain the client and server IP addresses. the plug-in retrieves the object on behalf of the client from the original server. When the Accelerator is deployed on the network.0 . there is no need for any configuration modification of connected LAN clients. FTP traffic will be transparent only on the client side.254 C h ap t er 7: Optimizing Acceleration Services Understanding Web Acceleration The Web Acceleration plug-in improves response times for HTTP/FTP-based applications. i Note: Web Acceleration is supported in hard-drive versions of the Accelerator. On all other Accelerator platforms. Web Acceleration guarantees network transparency. In On-LAN deployments—transparency applies only to the Client side. meaning that if a sniffer is used between an Accelerator and the default gateway.1 Us er Gu id e i . caches it (when relevant) and serves the client's request. In On-Path deployments—HTTP transparency also applies to the Server side. The Web Acceleration plug-in serves requested objects from its cache. A sniffer placed between an Accelerator and the default gateway will see packets containing the Accelerator and server IP addresses. vsftpd as well as SIZE headers). HTTP traffic will continue to be accelerated by using Expand Networks’ patented caching and compression algorithms.

. Click the following menu sequence: Services > Web Acceleration > HTTP Acceleration > Configuration. In the Cache Size field. HTTP Caching is disabled. Click the following menu sequence: Services > Web Acceleration > HTTP Acceleration > Configuration. on page 257 Returning to Default Settings. on page 257 Setting Advanced HTTP Parameters. select Enable from the drop-down menu to enable HTTP Caching. on page 259 Excluding from HTTP Caching. on page 260 Working with Fetch Jobs. on page 258 Setting HTTP Acceleration Rules. on page 255 Setting Cache Content. Setting the Cache Size To set the Cache Size: 1. In the HTTP Acceleration field. on page 256 Clearing HTTP Cache. on page 261 Co n fi gu r i ng HT T P A cc el er a ti on 255 Enabling and Disabling HTTP Caching By default. To Enable or Disable HTTP Caching: 1.Configuring HTTP Acceleration This section contains the following information: Enabling and Disabling HTTP Caching. on page 256 Working with HTTP Read Ahead. enter a number to represent the size allotment for the cache (between 1 and 60 MB). select Disable. To disable. 2. 2. on page 255 Setting the Cache Size.

256 C h ap t er 7: Optimizing Acceleration Services Setting Cache Content To set the type of content to be cached: 1. be it link. HTTP Acceleration must be enabled in order to use this feature. Aggressive. The higher the setting. You must also configure DNS and it is recommended that DNS Acceleration is enabled as well. the accessible links that are present on the open web page will be processed in the background and the resulting cachable pages are saved. Internet caches all traffic on the non-link. Click the following menu sequence: Services > Web Acceleration > HTTP Acceleration > Configuration. All caches all traffic. By Default.0 . virtual link or non-link. Enterprise caches all traffic from links and virtual links. Read Ahead is disabled. Ac ce ler at o rOS Ve rsi on 7. HTTP Acceleration is available on HD based Accelerators (physical and virtual) and on the 4GB compact flash version. To enable. click Enable and then decide the level of operation. In the Cache content field. thereby cutting down on web page loading time for the subsequent web pages. Working with HTTP Read Ahead When the user accesses a web page. Normal. the more memory you will be using and consequently more links will be fetched and more pages will be cached by the Accelerator.1 Us er Gu id e . Low. Keep in mind that this option is a memory and bandwidth consuming feature. 2. scroll down to select one of the following types of content to be cached. and Read Ahead is enabled.

Click Submit. Clearing HTTP Cache To clear the HTTP acceleration cache: 1. . To fetch the entire page including graphics. Click the Clear Cache button. 2. 2. Normal or Aggressive. 4. In the Read Ahead drop-down menu. Returning to Default Settings To return HTTP Acceleration settings to factory default: 1. Click the following menu sequence: Services > Web Acceleration > HTTP Acceleration > Configuration. select one of the three operation modes: Low. In the Read Ahead Operation Mode drop-down menu.Co n fi gu r i ng HT T P A cc el er a ti on 257 To enable Read Ahead: 1. 3. 2. 5. select Enable to enable. Click the following menu sequence: Services > Web Acceleration > HTTP Acceleration > Configuration. Disable to disable. Click the following menu sequence: Services > Web Acceleration > HTTP Acceleration > Configuration. select the Read Ahead Fetch Full Page. Click the Set Default Values button and click Yes when prompted.

258 C h ap t er 7: Optimizing Acceleration Services Setting Advanced HTTP Parameters To open the Advanced HTTP Parameters menu: 1. the size is 102. It is set in seconds with acceptable values between 1 and 10. or 1 day. The default for this option is 1440 minutes. Acceptable values are between 1 and 5. It is designed to prevent a large number of sockets from being tied up in a CLOSE_WAIT state.000 minutes. The Advanced HTTP Acceleration Configuration opens. In the Advanced HTTP Parameters menu.0 .000. To set the Maximum Client Connect time.000 KB. This is merely a safeguard against clients that disappear without properly shutting down. Sets the Minimum size an object can be in order to be held in the cache. Sets the amount of time the client (browser) can be connected to the cache process before a timeout is initiated. By default. enter a number between 1 and 10. To set the Minimum Cache Object Size. This parameter is set in KB. click the + in the menu bar.400 KB.400 KB. fill in a number (between 1 and 600 seconds) in the field Sets the Maximum size an object can be in order to be held in the cache. or after the last request was finished. Object larger than this number are not held. Note that the Maximum Cache object size must be larger than the Minimum Cache object size.000.1 Us er Gu id e . the size is 102. 3. 2.000 KB. By default. enter a number in the field between 1 and 5. Click the following menu sequence: Services > Web Acceleration > HTTP Acceleration > Configuration. Note that the Minimum Cache object size must be smaller than the Maximum Cache object size. enter a number between 1 and 1. To set the Maximum Cache Object Size. This parameter is set in KB. To set the Connect time out. enter a number between 1 and 1. To set the Persistent Time out value. Object smaller than this number are not held.000 seconds.000 minutes Sets the amount of time to wait for an HTTP request from the client after the connection was established. Minimum Cache Object Size Maximum Client Connect Time Persistent Time out Ac ce ler at o rOS Ve rsi on 7.000. letting you set the following parameters as shown in the following table: Parameter Item Connect Time out Maximum Cache Object Size Description The time period (in seconds) that should pass before disconnection (default: 60).

but to enable TCP Acceleration. By default. it is not recommended to set this feature to enable. the data from such servers is cached even if no Public indication was set in the authenticated server. scroll down to select either Direct Rule or No Cache Rule. You should enter regular expressions in the edit fields of both rules. this is disabled. When TCP Acceleration is configured in the TCP Acceleration menu.Co n fi gu r i ng HT T P A cc el er a ti on 259 Parameter Item Transparency Description This command configures the status of the interception proxy. select Enable from the drop-down menu. Using this table. you can add additional non-standard HTTP ports. By default. you must also enable this parameter in order for the acceleration to work correctly. • Full—applying transparency on both the Client and the server sides. • Auto—setting the transparency status automatically according to deployment. Three statuses are possible: • Semi—applying transparency only on the Client side. Lets you start or stop the statistics collection. but it is still accelerated. which prevents the data from being cached (for example: a Private flag). the data is not be cached. Lets you define whether to cache data that arrives from authenticated servers. If you set this option to Enable. In the Type field. When Transparency (above) is set to either Semi or Auto in an On-Lan deployment scenario. The list in this table represents the port numbers that will be intercepted by HTTP Acceleration. namely: Semi in On-LAN deployment and Full in On-Path deployment. By default Port 80 is used for HTTP traffic. To set the transparency mode. select one of the options from the drop-down menu When enabled. preserves the original client’s source port information. If any other condition exists. If this box is selected. Click the following menu sequence: Services > Web Acceleration > HTTP Acceleration > Rules. Port Transparency TCP Acceleration Cache Authenticated Requests Collect Statistics Cache Range Server Ports Table Enable Proxy Server Setting HTTP Acceleration Rules The HTTP Acceleration Rules screen lets you configure Direct and No Cache rules supported by HTTP acceleration. you can set manually the proxy IP address and the proxy port number. . such as authentication requests. The interception proxy can be configured as transparent (namely. Select this box to enable the proxy server. the proxy server’s IP address will not be detected by sniffing). TCP Acceleration is disabled. 2. Make sure the port number you add is not used for other types of traffic. To set HTTP Acceleration rules: 1.

Ac ce ler at o rOS Ve rsi on 7. see Enabling and Disabling FTP Caching. Figure 8: HTTP Acceleration Rules Excluding from HTTP Caching You can exclude certain components of the traffic from either HTTP caching To exclude from FTP Caching. on page 264.260 C h ap t er 7: Optimizing Acceleration Services The expression entered in Direct Rule should be valid on a URL. In both cases (Direct and No Cache rules) you can define multiple rules.0 . without using the proxy server. For example: if you apply rule direct avaya. The expression entered in No Cache rule determines that traffic directed to a specific URL. which matches this specific expression (for example: no cache avaya) is neither cached nor retrieved from the cache. and after the traffic is retrieved from the server it will not be cached. all requests that match the avaya regular expression are forwarded directly to the origin server. and determines that all requests that match this expression are always forwarded directly to the origin server.1 Us er Gu id e .

Enter the IP address you want to exclude. by selecting the All option. To exclude by Hostname.Co n fi gu r i ng HT T P A cc el er a ti on 261 To exclude from HTTP caching: 1. on page 303. you first have to configure a DNS that resolves the hostname. or enter a specific port number (preferably 80). 3. HTTP Acceleration is available on HD based Accelerators (physical and virtual) and on the 4GB compact flash version. select now whether to let AcceleratorOS assign a port number for you. 6. repeat steps 3. to 6. If you previously selected the Server option. For details. 8. To enable excluding by Hostname. See Enabling and Disabling HTTP Caching. HTTP Acceleration needs to be enabled. 2. to 6. check the appropriate button to indicate whether this IP Address comes from the Client or from the Server. 5. 7. The only difference is that you have to enter the subnet mask as well. Click the Add button. This is extremely useful in cases where multiple users will be accessing a specific URL at the same time. This option also requires you to enter a Hostname. on page 34). Subnet or Hostname. Working with Fetch Jobs Fetch allows users to cache data from a pre-determined destination thereby giving the user faster loading time for web pages. Note that the following parameters/licenses are required to be set in order for a Fetch Job to work: A license for Web Cache is required (see About the AcceleratorOS License. see Configuring DNS. If you select to exclude by IP address. In the Exclude by drop-down list choose whether to exclude by IP address. Click the following menu sequence: Services > Web Acceleration > HTTP Acceleration > Exclusion. . on page 255 for information on how to enable HTTP Acceleration. To exclude by Subnet. 4. repeat steps 3. The Pre-fetch option will cache the information from the URL and store it locally on the Accelerator.

if your URL requires it. but does not run • Once immediately—occurs one time.262 C h ap t er 7: Optimizing Acceleration Services DNS needs to be configured (see Configuring DNS Acceleration. Click Add Job. Note that the higher the number is. decide when the job is to occur. To choose a depth select the level from the drop-down menu. the more resources you will consume. Fill in the fields as directed in the table below and click Save to save. Some Web sites have User/Password requirements. For example. as not every month has 31 days). Type the complete URL in the field Dictates the level to go down to for caching the web pages. a depth of 1 would cache 3 pages and a depth of 2 would cache 9 pages. 3. Select from one of the following options: • None—the job is created. The job name can only contain alphanumeric characters. Allows you to add additional URLs to the same fetch job. enter the information in the appropriate field. Click the following menu sequence: Services > Web Acceleration > HTTP Acceleration > Fetch Jobs 2. Schedule URL Depth User / Password Add URL Ac ce ler at o rOS Ve rsi on 7. Special characters and spaces are not permitted You can use an underscore. if your main web site has 3 links that open 3 pages and each of those links has 2 links to open 2 separate pages. immediately • Once at—occurs one time on a specific date at a specific hour • Once in—occurs one time at a specific hour in X amount of days • Recur daily—occurs every day at a specific hour • Recur weekly—occurs once very week on a specific day and a specific hour • Recur monthly —occurs once a month on a specific date and hour (not recommended to set this to 31. Parameter Job Name Description Type a name for this job. Using the drop-down menu.0 . but other non-alphanumeric characters are not allowed. on page 268) To create a new fetch job: 1. Depth values from 1-16 are permitted.1 Us er Gu id e .

the recurrences will not be eliminated. 3. The window shows the history of the last 10 times that the job ran. Click the following menu sequence: Services > Web Acceleration > HTTP Acceleration > Fetch Jobs. To see the history of the job: 1. Click Edit. 3. 4. Click Edit. 5. Click the following menu sequence: Services > Web Acceleration > HTTP Acceleration > Fetch Jobs. the history is deleted. To delete a fetch job: 1. Select a fetch job from the table. Select a fetch job from the table. To stop all future jobs.Co n fi gu r i ng HT T P A cc el er a ti on 263 To edit a fetch job: 1. 3. 3. Change the fields you want to change. 2. 2. Click Stop Job. Select a fetch job from the table. Select a fetch job from the table. Note that if you edit the job itself. Note that changing the parameters of the job will delete the history of the job under the old parameters. 4. 2. Click Save. Click Delete. Click the following menu sequence: Services > Web Acceleration > HTTP Acceleration > Fetch Jobs. you should delete the job (see below). . Note that if this job is set to recur. Click the following menu sequence: Services > Web Acceleration > HTTP Acceleration > Fetch Jobs. The history is also deleted. To stop a fetch job already in progress: 1. 2. Note that any job currently running is immediately stopped and then deleted.

on page 264 Setting the Cache Size. on page 265 Setting Advanced FTP Parameters. To disable. on page 266 Excluding from FTP Caching.0 .264 C h ap t er 7: Optimizing Acceleration Services FTP Acceleration Figure 9: FTP Acceleration screen This section contains the following topics: Enabling and Disabling FTP Caching. on page 267 Enabling and Disabling FTP Caching By default. on page 265 Returning to Default Settings. Ac ce ler at o rOS Ve rsi on 7. select Disable.1 Us er Gu id e . Click the following menu sequence: Services > Web Acceleration > FTP Acceleration > Configuration. on page 265 Setting Cache Content. 2. To Enable or Disable FTP Caching: 1. FTP Caching is disabled. on page 265 Clearing FTP Cache. In the FTP Acceleration field. select Enable from the drop-down menu to enable FTP Caching.

Clearing FTP Cache To clear the FTP acceleration cache: 1. All caches all traffic. virtual link or non-link. Click the following menu sequence: Services > Web Acceleration > FTP Acceleration > Configuration.F T P A cc el er a ti on 265 Setting the Cache Size To set the Cache Size: 1. Setting Cache Content To set the type of content to be cached: 1. Click the Set Default Values button and click OK when prompted. 2. 2. be it link. In the Cache Size field. Internet caches all traffic on the non-link. Click the following menu sequence: Services > Web Acceleration > FTP Acceleration > Configuration. scroll down to select one of the following types of content to be cached: Enterprise caches all traffic from links and virtual links. 2. enter a number to represent the size allotment for the cache (between 1 and 60 MB). In the Cache content field. . Click the following menu sequence: Services > Web Acceleration > FTP Acceleration > Configuration. 2. Click the Clear Cache button. Click the following menu sequence: Services > Web Acceleration > FTP Acceleration > Configuration. Returning to Default Settings To return FTP Acceleration settings to factory default: 1.

In the Advanced FTP Parameters menu. However. the proxy server’s IP address will not be detected by sniffing).1 Us er Gu id e . when a specific user accesses a file from the server. Click the following menu sequence: Services > Web Acceleration > FTP Acceleration > Configuration. for anyone who logs in with a different user name. it is served from the cache. letting you set the following parameters as shown in the following table: Parameter Item Connect Time out Localization Minimum Cache Object size Cache per User Description The time period (in seconds) that should pass before disconnection (default: 600).266 C h ap t er 7: Optimizing Acceleration Services Setting Advanced FTP Parameters To open the Advanced HTTP Parameters menu: 1. Lets you enable or disable the option to view files in languages that require Unicode characters. such as Chinese. on both the Client and the Server sides. 2. default: 1024). and the next time a user with the same user accesses the file. Sets the interception proxy as transparent (namely. Transparency Ac ce ler at o rOS Ve rsi on 7.0 . Lets you set a default for the minimum size of the cache object (05000KB. click the + in the menu bar. the file is fetched directly from the origin server and not from the cache. Ascribes a cache object to a single user. The Advanced FTP Acceleration Configuration opens. the file is cached per this user. Namely.

7. or enter a specific port number (preferably 80). repeat steps 3. To exclude by Hostname. The only difference is that you have to enter the subnet mask as well. on page 303. Subnet or Hostname. Enter the IP address you want to exclude. repeat steps 3. To enable excluding by Hostname. If you previously selected the Server option. by selecting the All option. 2. To exclude by Subnet. check the appropriate button to indicate whether this IP Address comes from the Client or from the Server. 5. select now whether to let AcceleratorOS assign a port number for you. 3.F T P A cc el er a ti on 267 Excluding from FTP Caching To Exclude from FTP Caching: 1. Click the Add button. to 6. In the Exclude by drop-down list choose whether to exclude by IP address. If you select to exclude by IP address. to 6. see Configuring DNS. 6. . This option also requires you to enter a Hostname. 4. Click the following menu sequence: Services > Web Acceleration > FTP Acceleration > Exclusion. you first have to configure a DNS that resolves the hostname. For details.

You can use the WebUI to set all parameters relevant for DNS acceleration and DNS masquerading.268 C h ap t er 7: Optimizing Acceleration Services Configuring DNS Acceleration The Accelerator’s Domain Name Server (DNS) Acceleration plugin enables the Accelerator to act as a DNS caching device.1 Us er Gu id e .0 . By intercepting DNS requests and saving them on the local Accelerator. the DNS caching feature shortens the amount of time an end user waits for Web pages to appear and lessens unnecessary requests from your network to the Domain Name Server asking for Domain Name translations into IP addresses. Figure 10: DNS Acceleration screen Ac ce ler at o rOS Ve rsi on 7. DNS Caching is extremely useful when the DNS server that the clients are accessing is across the WAN over a high-latency link.

You can either select Auto to keep the system-defined default.the Static Hosts table. Select Enable to enable. Select the appropriate transparency method: • Semi—the traffic is transparent to the Client. If you enable this option. 20 minutes) the Accelerator does not use the DNS Server’s address and takes the address from its own cache. or Disable to disable. • Auto—the transparency is determined automatically according to the deployment level: either Semi (in On-LAN deployment) or Full (in On-Path deployment). and click Yes when asked to confirm the action. Enabling allows the Accelerator to cache the DNS addresses. click DNS Acceleration. Disable to disable. or select your own value. defining the Accelerator as a DNS client. see Configuring DNS. but the server sees it as coming from the Accelerator. Determines whether to keep the Time-to-leave settings defined by the DNS server (Preserve TTL) or set your own settings (1-1440 minutes). • Full—the traffic is transparent to both the Client and the Server. To view the statistics for the queries since the last time the DNS Acceleration feature was enabled. the translation of host names into the Accelerator’s user-defined addresses is defined in the next section of this screen . and masquerade the DNS response’s address. Note that. For details. respectively). Caches DNS queries that were unresolved and will therefore not attempt to resolve them in the future. Disable to disable. for any period between these two values (as. Select Enable to enable. DNS Acceleration Use Accelerator DNS Cache Unresolved Transparency Min TTL Cache Size To clear the cache: Click the Clear Cache button. If the TTL settings you defined here are longer than those set by the DNS Server (for example: 60 minutes compared with 10 minutes. you have to configure a domain name server under Setup > Networking > DNS.C o n fi gu r i ng DN S A cc el er a ti on 269 To set the DNS parameters: 1. in this example. By so doing. even if that traffic was sent to another DNS server. Under Services. thereby eliminating repetitive queries over the WAN. the Accelerator will always intercept traffic and use its setting to process it. on page 303. To show the current cache: . Adjust the parameters as follows. 2. use the Statistics (lower most) section of the DNS Acceleration screen Defines the maximum number of records that are to be kept in the cache. Select Enable to enable. and click Submit when done: Parameter DNS Masquerade Description DNS masquerading enables the Accelerator to intercept traffic sent from the Client to the DNS server and back.

click anywhere on the host’s row to select it and then click the Delete button. To delete a static host from the table. click on the host’s IP address. Click DNS Acceleration. To edit the Static Hosts table: 1.0 . and edit the details in the Edit Static Host dialog box. 5. 4. click Yes. Ac ce ler at o rOS Ve rsi on 7. In the IP Address field. 6. 2.expand.270 C h ap t er 7: Optimizing Acceleration Services Click the Show Cache button. and click Yes when prompted. enter a user-defined masquerading IP address the Accelerator will use for the host name you had just entered. 3.1 Us er Gu id e . To edit the static host details. and click the + to open the Static Hosts Table. In the Host Name field. Click Submit and the information is added to the Static Hosts table. enter the requested host name (for example: www. Click the Add button and the Add New Static Host dialog box opens. if it isn’t already open.com). To reset all parameters back to the default value: Click the Set Default Values button. within the Static Hosts table. When asked to confirm the action.

click Aggregation. To apply Citrix aggregation on a specific link. userdefined link. 3. and telnet. use the Post Acceleration Aggregation section of the My Links table under Setup tab. For details. 3. see Editing Links. Select an Aggregation Class from the Select Class drop-down list. i Note: The Citrix Acceleration screen lets you apply Citrix aggregation only on all links. User Defined 2—enables Citrix acceleration on a specific. Select the application you want to change from the Application Name column in the Matching Application to Class table. To add a new application. To edit the match between an application name and an application class: 1. From the Services tab. Choose an Application from the drop-down menu. To add a new application: 1. . 2. 2. The parameters are updated and the change is reflected in the table. userdefined link. match applications to classes and enable the class on all links.Enabling Aggregation E n ab li n g Ag g r eg a ti on 271 Aggregation optimizes applications by using small packets such as Citrix. The application names are predefined in the system. Choose an Aggregation class from the drop-down menu. This menu allows you to configure aggregation. on page 89. on page 215. rdp. telnet and msterminal-server applications. Click Submit. see Working with Applications. The aggregation classes are as follows: User Defined 1—enables Citrix acceleration on a specific. Thin Client—enables Citrix acceleration on Citrix.

When prompted whether you want to configure Citrix acceleration on all links. 2. 3. Click the Apply to All Links button.0 . Select the Enable option for the relevant class. Ac ce ler at o rOS Ve rsi on 7. click OK.1 Us er Gu id e .272 C h ap t er 7: Optimizing Acceleration Services To apply a specific Citrix aggregation class on all links: 1.

To connect cables to both ETH 0/0 and ETH 0/1 ports. Therefore. as well as determine the crypto mode and IPsec policies. and still prevent any option of by-pass mode. 3. on page 275 Applying IPsec Policies on a Link. . i Note: The pre-shared key must be identical on both sides of the link. on page 276 i i Note: When IPsec is enabled on a link.Enabling Traffic Encryption E na bl in g Traf f ic En cry p ti on 273 The IPsec Encryption menu on the Services screen lets you encrypt the Accelerator’s outgoing traffic. Click the Services tab. by-pass mode cannot be enabled. Configuring an IKE Policy IKE (Internet Key Exchange) is a pre-shared key. on page 273 Defining Crypto Mode. To configure an IKE policy: 1. allowing each Accelerator to verify the identity of its peer. you may want to use ETH 0 port for Management. This menu comprises the following options: Configuring an IKE Policy. and that none of the devices connected to the ETH 0/0 and ETH 0/1 ports has an MDIX. In the Pre-shared Key field. no clear traffic is allowed to pass. followed by IPSec Encryption. otherwise the link will not be established. However. Note: To prevent any option for by-pass mode. 2. enter a password. on page 274 Configuring IPsec Policies. ensure that both cables are of the same type (either Cross or Straight). entered manually into both Accelerators that exchange IPsec traffic. Re-enter the password in the Re-enter field. connect one cable to ETH 0 port and the other cable to either ETH 0/0 or ETH 0/1 port. and a by-pass mode may be enabled. in which case both ETH 0/0 and ETH 0/1 ports will be connected to cables.

encryption method (AES-128. For details. see Configuring an IKE Policy. 5. Strict—allows only encrypted traffic to pass the box at all times. Click Submit.1 Us er Gu id e .274 C h ap t er 7: Optimizing Acceleration Services 4.1. the IPSec guards only the traffic exiting its subnet. Set up the parameters of ESP Algorithms 1. by selecting the requested authentication method (either SHA1 or MD5). This is because in Strict mode. However. any traffic whose destination is a local subnet is not accelerated. Enter the policy name in the Description field. This means if a packet comes through the non-link to a local subnet. 6. Split-Tunneling—allows clear traffic to pass only after all IPSec links have been established. as well as determine the crypto modes by selecting one of the following options: i Note: Defining crypto mode requires entering first a pre-shared key (password). Defining Crypto Mode The Crypto Mode screen lets you control whether the Accelerator’s outgoing traffic is encrypted. on page 273.0 . Set up the requested SA lifetime (the time period after which the encryption key will be replaced) You can set this time either by hours or by seconds. Ac ce ler at o rOS Ve rsi on 7. 2 and 3. the Accelerator will let it pass even if the packet contains clear text and the traffic will not be blocked. 7. 2 or 5. traffic that is sent to an unknown subnet or a remote subnet to which no link is present will be dropped. AES-256 or 3DES) and Key group (PFS) . None—disables the configuration of IPSec links. AES-192. i Note: If you choose strict mode. (See Note) Lenient—allows clear links to pass traffic regardless of IPSec links status.

to select one of the options mentioned above. followed by IPSec Encryption >Crypto Mode. 3. You will need to change this license into a permanent license to prevent loss of IPSec services. Note: IPSec uses the primary IP address of the Accelerator to create the IPSec tunnel. Use the Crypto Mode drop-down box. which lets you define only one IKE policy. Click the Services tab. see Applying IPsec Policies on a Link. You are supplied with a temporary license when you install the software that is valid for 30 days. Unlike the IKE Policy screen. IPSec services are license dependent. click the Show Security Information button. If you use a protocol that uses an IP address other than the primary (as is done in virtual IP addresses) the traffic sent out will be dropped. 2. if you want to show the security information on the specific Accelerator. Configuring IPsec Policies Use the IPsec Policies screen to define the parameters to be applied to traffic that passes through the links. and which IPsec policy to apply. the IPsec link will be down. Note: When you edit existing links.E na bl in g Traf f ic En cry p ti on 275 To define Crypto mode: 1. In addition. In addition. on page 276. For details. you choose whether to enable IPsec on the link. Click Submit (at bottom of screen). Each IPsec policy lets you define three ESP algorithms. i Note: Should your license expire. 4. i Note: The ESP algorithm you define here as ESP algorithm 1 is the default algorithm that will be activated when enabling the IPsec on a link. This prevents the local Accelerator from informing the remote Accelerator that the license is dropped. i i . will not be able to list in its log that its remote IPsec license is dropped. The remote Accelerator therefore. Therefore it is not recommended to use IPsec in conjunction with features that use virtual IP addresses (as in HSRP and VRRP). you can define several IPsec policies and apply different policies to different links.

0 . Ac ce ler at o rOS Ve rsi on 7. Otherwise. because Transparent encapsulation preserves the packet header and is therefore unsuitable. AES-192. AES-256 or 3DES). 2. Ensure that the appropriate cyrpto mode is displayed. by selecting the requested authentication method (either SHA1 or MD5) and encryption method (AES-128. 4. Click Enable IPsec on Link. For details. use the Crypto Mode screen to change it. 2. 5. Select the requested PFS Group (1.1 Us er Gu id e . see section Defining Crypto Mode. i Note: When IPsec is enabled. Ensure that the appropriate crypto mode is displayed. Set up the parameters of ESP Algorithms 1. Select the requested policy from the Policy Name list. on page 274. This screen also lets you view the parameters of the IKE policy you defined. 4. Otherwise. You can also assign different policies to different links. 2 or 5). Applying IPsec Policies on a Link The Apply IPsec on Link screen lets you select one of the previously defined IPsec policies and assign them to a single link. Define a name for the policy in the Policy Name field. see section Defining Crypto Mode. on page 274. use the Crypto Mode screen to change it. Select the requested link from the Link Name list. Select the requested SA Lifetime (either by hours or by seconds). 2 and 3. 3. For details. 3. the only encapsulation method possible is IPComp. i Note: You will not be able to apply an IPsec policy on a link if the Crypto mode is “None”.276 C h ap t er 7: Optimizing Acceleration Services To configure an IPsec policy: 1. To apply an IPsec policy on a link: 1. 6. Click Add.

by clicking Setup > My Links and the Advanced button and then opening the IPSec Menu. see Editing Links. 5. click the Disable IPsec on Link button. Make sure that the remote and local NAT IP address has been configured. To disable the IPsec on the link. click the SA Link Renegotiate button. by clicking on the + sign. .E na bl in g Traf f ic En cry p ti on 277 To terminate the SA time and replace the encryption key immediately. Make sure that the Enable IPSec checkbox is checked and that the Local and Remote NATIP address fields are complete. on page 89. For further assistance on the link setup.

HTTPs) 7. choose the method you will use to transfer the file (TFTP.0 .278 C h ap t er 7: Optimizing Acceleration Services Remote Desktop Protocol Services The Remote Desktop Protocol service captures RDP Proxy traffic and removes the encryption and compression so that the you don’t have to remember to change the settings on every remote desktop and server. on page 278 Collecting RDP Proxy Statistics.1 Us er Gu id e . Enter the location of certification file and file name by entering this information into the File Path/Name field. In the Transfer Method drop-down menu. 2. To import your own certificate clear the Default Certificate checkbox and the Certification File menu opens. 5. 10. on page 279. To choose the certificate supplied with your Accelerator. The following topics are included: Configuring Terminal Services. 4. FTP. For example my path/myfilename. Note that the RDP Proxy has the best performance on links that have TCP acceleration enabled as well. 3. Enter the User Name. Click Import and then click Submit. In addition. click the Proxy Enabled checkbox. This action is done automatically once it is enabled. see Collecting RDP Proxy Statistics. Password. 9. To collect statistics for an RDP Proxy session. HTTP. Ac ce ler at o rOS Ve rsi on 7. on page 279 Excluding Terminal Services. on page 280 Configuring Terminal Services Allows you to enable or disable the RDP Proxy. and IP address of the machine (from which you want to import the file) in the relevant fields. 6. 8. To enable the RDP Proxy. click the Default Certificate checkbox and click Submit to save your changes. To disable the RDP Proxy. Go to the Services Menu and click Remote Desktop Proxy > Configuration. clear the Proxy Enabled checkbox. you can either use the certificate supplied on your Accelerator or transfer your own to the RDP. To enable or disable the RDP Proxy: 1.

Current Number of Sessions—this is the number of RDP sessions that are currently running. b. The next time you re-enable the RDP service. A pop-up opens with the following information: Peak Number of Concurrent Sessions—this is the maximum number of RDP sessions that were detected running simultaneously from the time that the service was enabled. Click Close to close the window. To view the RDP Proxy statistics: 1. Go to the Services Menu and click Remote Desktop Proxy > Configuration. 4. On the Remote Desktop Proxy screen. Maximum RDP PDU Size—this is the maximum PDU detected (in bytes) for all units that have traversed the RDP session from the time the service was enabled. the counters in the statistics are reset. 7. 5. that the statistics counters will be set to 0 until you have at least one RDP session established. you can print the report or save it as an HTML or text file. Click Save. Click Print. Select the printer. click the Statistics button. To print this report: a. Optionally. Select the file’s location and choose the file type (HTML or Text). Click the Print button. Average RDP PDU Size—this is the average Protocol Data Unit size (in bytes) that have traversed the RDP session from the time the service was enabled. c. To save this report: a. Click the Save button. on page 278 to configure RDP. See Configuring Terminal Services. 3.R em o te D es kt o p Pro t oc ol Se rvi ce s 279 Collecting RDP Proxy Statistics The RDP statistics are collected from the moment the RDP service is enabled and will be collected until it is disabled. 2. 6. Note. c. b. . Make sure you have configured RDP services.

2. Subnet—fill in a valid IP address and a valid subnet.280 C h ap t er 7: Optimizing Acceleration Services Excluding Terminal Services This allows you to exclude a specific server or subnet from the RDP services. Host Name—fill in a valid host name. Click Add and the entry is added to the Excluded table.0 . select the row and click Delete. by selecting one of the following from the Exclude By drop-down box: IP Address—fill in a valid IP address in the field. To add a server to the exclusion list: 1. Decide how you will exclude the server or client. click Remote Desktop Proxy > Exclusion. Note that enabling other services on an excluded machine will have to be done by hand. Decide the direction you want to exclude by clicking one of the following radio buttons: Client—excludes traffic to the proxy from the Client. To remove an entry from this table. 5. Server—excludes traffic to the Server from the proxy. 3. Ac ce ler at o rOS Ve rsi on 7. From the Services menu. 4.1 Us er Gu id e .

SSH.Chapter 8: Configuring Management Options You can configure the Accelerator via CLI via Telnet. SSH. on page 282 Using Out-of-Band Management. on page 338. all options mentioned above are enabled (Telnet. Logging can be sent to SNMP or SyslogD servers and can be sent via email. see Configuring AAA. on page 285 Receiving Log Error Messages. This chapter contains information on the following: Studying the ExpandView System. on page 287 . you can configure the Accelerator via WebUI. or direct Console connection. direct console. Alternatively. To disable a specific service. i Note: By default. on page 284 Using SNMP. accessed by using HTTP or HTTPS. HTTP and HTTPS).

i Generating Advanced Alerts for World-Class NOCs ExpandView generates alerts on application performance thresholds for remote Accelerators. Generating Proactive Reports for Network Provisioning ExpandView lets you generate trend reports. giving IT managers the tool to correct them.282 C h ap t er 8: Configuring Management Options Studying the ExpandView System Expand Networks' ExpandView is a centralized monitoring and management system for Expand Accelerators. Simplifying WAN Optimization ExpandView takes the complexity out of deploying WAN optimization. into global WAN operations. traffic gauge. Once new Accelerators are powered up. thereby letting you implement global changes in minutes. Ac ce ler at o rOS Ve rsi on 7. If you have ExpandView installed. Acceleration percentage.0 . ExpandView automatically updates them with all preconfigured parameters and starts collecting statistics. it is not recommended to make configuration changes via AcceleratorOS. before they happen. and a multitude of other parameters can be used to predict WAN performance incidents. ExpandView gives you total visibility. Detailed graphs and reports.1 Us er Gu id e . or the CLI. via a Dynamic Network Map. thus enabling proactive performance management. This includes all Accelerator Platforms including Mobile and Virtual. easy-to-use QoS templates and tight integration with Expand's award-winning Accelerators make ExpandView the ideal Centralized monitoring and management system for ensuring optimal application performance over the WAN. which detail anticipated future utilization of WAN links based on previous usage and performance of the links. Note: any change made outside of Expand View will be overwritten by the configuration settings that are sent from Expand View.

Updating the IP Address of ExpandView Server To work with ExpandView. You can publish new policies to multiple devices in a single step. and enforce QoS policy consistency by creating QoS templates. Figure 1: Statistics and Monitoring graph Defining Scalable QoS Centralized insight into network traffic and application performance enables informed and controlled use of available bandwidth. The following AcceleratorOS CLI commands enable interaction with ExpandView by setting the ExpandView server IP address and port number: .St u dy in g t h e E xpa nd Vie w Sy st em 283 Such reports are useful in helping IT provision networks to accommodate business growth and expansion. ExpandView enables group configuration of QoS and policy prioritizing. each Accelerator must be updated with the IP address of the ExpandView server.

Connect the Accelerator’s Ethernet 0 to the remote network.1 Us er Gu id e .0 . To use Out-of-band management: 1. 2.284 C h ap t er 8: Configuring Management Options Using Out-of-Band Management You can manage the Accelerator remotely from a management station on a LAN external to the accelerated network. Add a separate IP address for this interface. and should not use WCCP or RIP route injection. should not be part of OSPF or RIP router polling support. Ac ce ler at o rOS Ve rsi on 7. When Out-of-band management is used. Ethernet 0 cannot participate in VLAN or HSRP/VRRP. Set Ethernet 0 to be removed from the Accelerator’s bridging capabilities 3.

you have to update the network’s SNMP settings in the Accelerator. Figure 2: SNMP . functioning as an SNMP agent for monitoring performance statistics from a Network Management System (NMS). To work with the Accelerator’s SNMP management. the Accelerator can send SNMP traps to the NMS and other network devices. In addition. Define the following SNMP Communities and enable traps (if requested). 2c and 3.Using SNMP Us in g SN MP 285 The Accelerator supports SNMP versions 1.

followed by Advanced. 6. 4. If you are entering a new password. i The SNMP Version 3 default initial user name is expand_user and the default initial password is expand_initial_password. select Enable to enable the Accelerator to function as an SNMP agent. The default Read Community is public. spaces may not be used.286 C h ap t er 8: Configuring Management Options To access configuration options: 1. Enter the SNMP Version 3 password (see note) and then enter a new password. 2. 3. 5. If you want the Accelerator to receive SNMP traps. Click on Setup. and then SNMP. and enter the new string in the pop-up window.1 Us er Gu id e . To add a Community String that is different from Public. click Add in the Communities Table. make sure the SNMP Traps drop-down is set to Enable and then enter the Trap Community Name and Manager IP address in the relevant fields. Click the Submit button in the bottom right hand corner. In the SNMP Agent drop-down. Ac ce ler at o rOS Ve rsi on 7.0 .

Receiving Log Error Messages
The following sections detail how status updates are sent: Sending Updates to a Syslog Server, on page 287 Sending Updates via Email, on page 289

R ece iv in g L og E r r o r M es sa ge s

287

The Accelerator can send status updates about the Accelerator to a SYSLOG server, to an email address, or to both.

Figure 3: Logging screen

Sending Updates to a Syslog Server
Syslog is a method of collecting messages from devices to a server running a syslog daemon. Logging to a central syslog server helps in aggregation of logs and alerts. Accelerator devices can send their log messages to a SYSLOG service. A SYSLOG service simply accepts messages, and stores them in files or prints them according to a simple configuration file. This form of logging can provide protected long-term storage for logs. This is useful both in routine troubleshooting and in incident handling. Set the Syslog parameters to define the syslog server’s IP address and the severity level of events by which error notifications are to be sent.

288

C h ap t er 8: Configuring Management Options

To set syslog parameters:
1. Click on Setup, followed by Advanced, and then Logging. 2. Enter the following parameters as necessary.
Parameter Item
Facility

Description
The Facility setting sets the Syslog level (0-23), as follows: 0—kernel messages 1—random user-level messages 2—Mail system 3—system daemons 4—security/authorization messages 5—messages generated internally by syslog 6—line printer subsystem 7 —network news subsystem 8—UUCP subsystem 9 —clock daemonother codes through 15 reserved for system use 16—reserved for local use 17 —reserved for local use 18—reserved for local use 19—reserved for local use 20 —reserved for local use 21—reserved for local use 22—reserved for local use 23—reserved for local use Enter the IP address of the Syslog server. Select the maximum severity that you want to be notified about by email, the default is Fatal. Other choices include: Error, Warning, or Information. It is best that the maximum level be higher than the minimum level. The hierarchy of error messages from least to most is information, warning, error and fatal. Select the minimum severity that you want to be notified about by email, the default is Information. Other choices include: Fatal, Error, and Warning. It is best that the minimum level be lower than the maximum level. The hierarchy of error messages from least to most is information, warning, error and fatal.

Server IP Address Severity Maximum

Severity Minimum

Ac ce ler at o rOS Ve rsi on 7.0 .1 Us er Gu id e

R ece iv in g L og E r r o r M es sa ge s

289

Sending Updates via Email
The Accelerator allows log error messages to be sent via email to notify you of Accelerator status changes.

To set the email logging feature:
1. Click on Setup, followed by Advanced, and then Logging. 2. To enable email notification to be sent, ensure that the Enable checkbox in the Mail section is selected. 3. Enter the following parameters as necessary:
Parameter Item
From

Description
Enter the information you want to appear in the From field of the e-mail when it is received. This can either be text (as in your name) or an e-mail address. Make sure you have checked your spam filter settings if needed. Enter the e-mail address to which the e-mail should be sent. Make sure the e-mail address is valid and correct. Enter the subject that you want to appear in the subject field of the e-mail. This subject will be used each time the mail message is sent. Enter the IP address of the e-mail server Enter the port number that the e-mail server uses. The default is 25 Select the maximum severity about which you want to be notified by email; the default is fatal. Other choices include: Error, Warning, or Information. It is best that the maximum level be higher than the minimum level. The hierarchy of error messages from least to most is information, warning, error and fatal. Select the minimum severity about which you want to be notified by email; the default is Information. Other choices include: Fatal, Error, and Warning. It is best that the minimum level be lower than the maximum level. The hierarchy of error messages from least to most is information, warning, error and fatal.

Recipient Subject Server IP Address Server port Severity Maximum

Severity Minimum

290

C h ap t er 8: Configuring Management Options

Ac ce ler at o rOS Ve rsi on 7.0 .1 Us er Gu id e

Chapter 9: Setting Advanced Parameters
Advanced setup includes complex configuration that should be attempted only by trained and certified Accelerator operators. You can set the following advanced parameters for the Accelerator: Adding WANs, on page 292 Handling Interfaces, on page 295 Creating Static ARP Entries, on page 301 Defining Authentication Settings, on page 302 Configuring DNS, on page 303 Dial-on-Demand, on page 305 Dial-on-Demand, on page 305

292

C h ap t er 9: Setting Advanced Parameters

Adding WANs
The Accelerator arrives preconfigured with one default WAN. To define the bandwidth setting for this default WAN, select Setup >My Accelerator > Basic menu, and then click the Advanced Settings button to open the Advanced Settings screen. See Defining Advanced Settings, on page 32. On large networks (for example in cases where there are two routers or one router with multiple WAN interfaces) in which the Accelerator will optimize the traffic of more than one WAN, you can add additional WANs to the Accelerator.

Figure 1:My WANs

To add an additional WAN to the Accelerator:
1. Click the Setup tab, followed by Networking, and then My WANs. 2. Enter the Name of the new WAN. 3. Fill in the remaining parameters as follows

Ac ce ler at o rOS Ve rsi on 7.0 .1 Us er Gu id e

A d d in g WAN s
:

293

Parameter
Bandwidth Out Strict Priority Out Burst Out

Description
Select the outbound bandwidth maximum value Select Enable to enable encrypted outbound traffic to have priority, Disable to disable. If you want to allow “greedier” outbound traffic to temporarily take more bandwidth (either fixed amount or auto adjusting) then you have allotted to it (it will only take what hasn’t been taken by any other application, up to the fixed amount or up to the maximum available), then do one of the following: • Select Always Allow Burst Out to always allow bandwidth bursts on outgoing traffic. This will allow the Accelerator to automatically adjust the bandwidth and to allow bursts in bandwidth where needed. • Deselect Always Allow Burst Out and select a limit to the burst, using the Burst Out drop-down menu. This will allow bursts of bandwidth on the outbound traffic up to the amount selected. If there is more bandwidth available the application will not use it. Select the Enable Bandwidth In checkbox to set a bandwidth limit on incoming traffic, then select the Bandwidth In value. Select Enable to enable encrypted inbound traffic to have priority, Disable to disable. If you want to allow “greedier” inbound traffic to temporarily take more bandwidth (either fixed amount or auto adjusting) then you have allotted to it (it will only take what hasn’t been taken by any other application, up to the fixed amount or up to the maximum available), then do one of the following: • Select Always Allow Burst In to always allow bandwidth bursts on outgoing traffic. This will allow the Accelerator to automatically adjust the bandwidth and to allow bursts in bandwidth where needed. • Deselect Always Allow Burst In and select a limit to the burst, using the Burst In drop-down menu. This will allow bursts of bandwidth on the outbound traffic up to the amount selected. If there is more bandwidth available the application will not use it.

Enable Bandwidth In Strict Priority In Burst In

4.

Click Add and the new WAN will appear below the default-WAN in the WAN table.

To delete a WAN:
Highlight a WAN and use the Delete button if at any point you want to delete a WAN.

294

C h ap t er 9: Setting Advanced Parameters

To edit a WAN:
To edit an existing WAN, highlight the WAN in the WAN Table and click the Edit WAN button. The Edit WAN popup appears, letting you modify the fields you set previously (explained in the table above). Click Submit to confirm your changes.

Ac ce ler at o rOS Ve rsi on 7.0 .1 Us er Gu id e

Handling Interfaces
i

H an d lin g I nt e r fa ce s

295

Note: The total WAN bandwidth will always be enforced. It is the sum of all WANs configured for the Accelerator The Accelerator automatically detects the MAC address and Speed and Duplex settings for each of its interfaces. You can perform all required speed and duplex setting modifications via the My Interfaces menu. The interface name corresponds to the name printed on the back panel of the Accelerator and cannot be modified. The MAC address is permanent and cannot be modified. The Speed and Duplex settings let you define the link as either 10 or 100 Mbits (or 1000 Mbits for the Accelerator 6800 series) and as either Half or Full duplex. The Auto setting automatically configures the Accelerator to the detected link speed and duplex setting (this is the default setting).

i

Note: Setting wrong interface speed and duplex values for the Accelerator may result in many errors on the line towards the router, and even loss of connectivity. If you are uncertain as to the speed and duplex setting required, you can use the Auto setting; however, you are advised to manually set the speed and duplex. Note: When the Accelerator is installed in an On-Path deployment, ensure that both interface 0/0 and 0/1 have the same link speed and duplex settings. If the Accelerator operates in by-pass mode for any reason, this will enable the two devices adjacent to the Accelerator to interact.

i

296

C h ap t er 9: Setting Advanced Parameters

Viewing Available Interfaces
The Interfaces Table shows all detected Accelerator interfaces. Additional ports are shown only for platforms which support multi-port. If optional panels are used, 4 pairs are shown, otherwise 2 pairs. In other words, the UI shows only the amount of available ports, as indicated in the following figure:

Figure 2: My Interfaces screen

To view all detected interfaces:
1. Click the following sequence: Setup > Advanced > My Interfaces. 2. The interface table appears, displaying all detected interfaces. The status of each

To edit an interface:
1. Click the following sequence: Setup > Advanced > My Interfaces. 2. In the Interfaces Table, click on the name of the Interface to be modified. 3. The edit dialog box opens. Information about the interface (MAC address, name, hardware type, etc.) is given and cannot be modified. 4. The following parameters however can be modified as follows:

Ac ce ler at o rOS Ve rsi on 7.0 .1 Us er Gu id e

H an d lin g I nt e r fa ce s

297

Parameter
Link Mode Bridged State

Description
Choose the link speed in Mbits and if the link is to be full or half duplex. When enabled, allows all Interfaces to receive the same logical IP as the Accelerator. When disabled, you will have to enter the IP address and subnet mask of the interface in the fields that follow. The IP address of the interface. This is only enabled, when the Bridged state (above) is Disabled. The Subnet mask of the interface. This is only enabled, when the Bridged state (above) is Disabled.

IP Address Mask

5. Click Submit.

Working with VLAN
The Accelerator supports protocol 802.1q VLAN. VLAN is a virtual layer on top of the Ethernet that enables the Ethernet to be divided into smaller virtual groups. You can add up to 255 VLAN groups to the Accelerator. You can set Each VLAN group, identifiable by a number, on any basis (precise location, department, primary application, type of user, and so on). The Accelerator can incorporate itself into a VLAN network as follows: you can assign the Accelerator a VLAN ID, enabling it to be considered as part of a VLAN group. If VLANs are defined on the Accelerator, all VLAN traffic passes as bridged traffic. Defining a VLAN as Native means that the Accelerator uses the IP address from its local interface as the IP address for a particular VLAN. The Accelerator will handle packets arriving tagged from the Native VLAN, but will forward them without the tag (this is especially useful in setups in which the router does not support VLAN). Setting the Accelerator to work in with Native tagged will enable the Accelerator to set one VLAN as Native with the IP address from its local interface, but will forward packets received from the native VLAN with the tag. If traffic is already handled (for example if VoIP is set on a separate network and receives priority), the traffic that is not to be handled by the Accelerator should not be set as a VLAN and it should not be advertised anywhere in the Accelerator network - the traffic should be bridged through the Accelerator. The following figure depicts working with VLAN in an On-LAN configuration.

298

C h ap t er 9: Setting Advanced Parameters

Figure 3: VLAN in an On-LAN Configuration

In the setup depicted, VLAN 1, 2, and 3 are defined in the Accelerator. VLAN 1 is defined as native, meaning that it takes its IP address from the Accelerator’s Local interface. A second 802.1q trunk is created from the Layer-2 switch to the Accelerator enabling VLAN support in an On-LAN environment.

Ac ce ler at o rOS Ve rsi on 7.0 .1 Us er Gu id e

H an d lin g I nt e r fa ce s

299

The following figure depicts working with VLAN in an On-Path configuration:

Figure 4: VLAN in On-Path Configuration

The Accelerator is connected directly to a Layer-2 switch via a VLAN (802.1q) trunk. VLAN 1, 2 and 3 are defined in the Accelerator and VLAN 1 is defined as Native.

Viewing the VLAN Interfaces
To view the VLAN interfaces:
1. Click the following menu sequence: Setup > Advanced > VLAN Interfaces. 2. The VLAN interfaces are displayed in the table. 3. To Add an interface, see Adding a VLAN Interface, on page 300. To delete an interface, select it in the table and click Delete.

300

C h ap t er 9: Setting Advanced Parameters

Adding a VLAN Interface
To include the Accelerator in a VLAN group:
1. Click the following menu sequence Setup > Advanced > VLAN Interfaces. 2. 3. In the VLAN Interfaces menu, enter the necessary VLAN ID number (1 to 4094). The Accelerator must have an extra IP address and Subnet Mask for each VLAN group it joins. To enter an IP address and subnet mask to be used within the VLAN group, select the IP address radio button and enter the IP address and subnet mask into the supplied fields. To use the Accelerator’s original IP address and subnet mask as its address within the VLAN group, select the Native IP setting radio button. When Native is selected, it is possible to select the Tagged checkbox to include the VLAN tag in the packets sent from the Native VLAN. 4. Click the Add button. All VLAN interfaces added will appear in the VLAN Interfaces table, at the bottom of the screen. To Delete an interface from the table, select it within the table and click Delete. Note: It is unusual for the Native VLAN to be tagged. Please check if indeed it is. Otherwise the IP address in the Local Interface will act in the Native VLAN

i

Figure 5: VLAN Interfaces screen

Ac ce ler at o rOS Ve rsi on 7.0 .1 Us er Gu id e

Creating Static ARP Entries
To map a static ARP entry:

Cre at i n g Stat i c A RP E n t r i e s

301

If you want to make a replacement within the ARP table, you can add a static ARP entry, by mapping a specific IP address to a specific MAC address.

1. Click the Setup tab, followed by Networking, and then ARP. 2. In the ARP menu, add the IP address and MAC address to be mapped. 3. If this change is to be permanent, select the Permanent checkbox. Otherwise, this entry will remain until the next Accelerator reboot, or until it is deleted from the ARP table. 4. Click the Add Static Entry button. The entry appears in the ARP table. If you want to delete the entry, click the Delete button. To delete the entire ARP table, including all its entries, click the Clear All button.

Figure 6: ARP Table

302

C h ap t er 9: Setting Advanced Parameters

Defining Authentication Settings
The Accelerator lets you modify the password necessary for logging in.

To modify the password:
1. Click on Setup, followed by Security, and then Users. 2. In the Users table, double-click the name of the user whose password you want to modify. Alternatively, highlight the line of this user and click the Edit button. The Edit User Details dialog box appears:

Figure 7: User Details

3. Enter the local password and re-enter it for confirmation. 4. Click the Submit button.

Ac ce ler at o rOS Ve rsi on 7.0 .1 Us er Gu id e

Make sure that there is at least one entry in either the servers table or static host table (see below if you need to add entries). the order is sequential and the newest entry is last. in order to select it. The newly added server now appears in the Domain Name Table. If you want to 4. enter the new server’s IP address. click Add. 2. 3. 3. 4. Click Submit. click Add. In the Add Domain dialog box that opens now. In the Servers table. To delete an existing server: 1. select the new position in the Order drop down box. 2. Click OK. To add a new server: 1. Click Submit. Select whether to enable or disable IP Domain Lookup. By default. 2. In the Servers table.Configuring DNS Co n fi g ur in g DN S 303 The Domain Name Server (DNS) Configuration screen lets you manage Domain Name Servers and define domain name. Click Delete. 5. domain name search path and static hosts. highlight the line that contains the server address. To set a domain name: 1. 5. followed by Networking. change this order. 3. The order may also be changed by using the arrows on the side of the table. select the new position in the Order drop down box. change this order. . Enter the domain name in the Domain Name field. The newly added server now appears in the Servers Table. 2. 3. The order may also be changed by using the arrows on the side of the table. 5. You are now prompted to confirm the deletion. enter the new Domain Name. In the Add New Server dialog box that opens now. the order is sequential and the newest entry is last. Click the Setup tab. The server is now removed from the Servers Table. The domain now appears in the Domain Name Table. Click Apply. To add a domain name: 1. By default. If you want to 4. and then DNS. In the Domain Name table.

2.0 . Click Delete. Click OK.1 Us er Gu id e . 3. 3. highlight the line that contains the Static Host name. 4. Ac ce ler at o rOS Ve rsi on 7. Click OK. 2. in order to select it. Click Delete. enter the new Host Name. Enter a valid IP address.304 C h ap t er 9: Setting Advanced Parameters To delete an existing domain name: 1. Click Submit. 6. highlight the line that contains the domain name. click Add. in order to select it. In the Static Host table. 8. The newly added server now appears in the Servers Table. The server is now removed from the Static Host Table. You are now prompted to confirm the deletion. In the Add Static Host dialog box that opens now. To delete an existing static host: In the Static Host table. The server is now removed from the Domain Name Table. In the Domain Name table. 5. You are now prompted to confirm the deletion. 7. To add a static host: 1.

These interfaces initiate a call (dial to) the remote end (typically over ISDN or Satellite links) when “interesting” traffic is being sent. Link establishment of the dial-up interfaces and connectivity time can be fairly expensive. i Note: The ExpandView agent must be disabled i Note: Connecting to a link by using its HSRP address will not work.o n -D em a nd 305 You can deploy the Accelerator in environments that have routers with dial-up (dialon-demand) interfaces. the link goes down again until new “interesting” traffic is sent. After a specific quiet period.Dial-on-Demand Di al. The dial-on-demand solution enables the Accelerator to support dial-on-demand environments by not sending keepalive messages. Therefore you may sometimes want to keep the link down until new “interesting” traffic is forwarded via the link. the keep alive messages are considered “interesting” and will keep the dial-up link alive (and costly). The Accelerator poses a problem in these environments as it uses a keep-alive mechanism to check the health of the link between the remote sites. i Note: Both peers must configure the link in dialup mode with the same time out. . By default.

1 Us er Gu id e .0 .306 C h ap t er 9: Setting Advanced Parameters Ac ce ler at o rOS Ve rsi on 7.

on page 315 . If you want to change your Accelerator model to be able to use these features. contact your account representative. on page 311 Router Redundancy Protocols.Chapter 10: Resiliency and Redundancy This chapter explains how to get added resiliency and redundancy with the use of one or more Accelerators. The topics in this chapter include: RAID. Where noted the feature is model specific. The features documented in this chapter are hardware specific and the Accelerator you purchased may or may not feature all of these benefits. on page 308 Multi-Port Support.

This allows overlapped disk I/O across drives. Accelerator model 6950 uses RAID-1 support and the drives are not hotswappable. on page 308 RAID Support in Accelerators' Hard Drives. By placing data on multiple disks. such as medical or other scientific images. A RAID appears to the operating system to be a single logical hard disk.0 . better performance requires establishing a stripe wide enough to hold the typical or maximum size record. Accelerator models 79xx feature RAID-5 support with hot-swappable disk drives. are stored. storing data redundantly also increases fault tolerance. improving performance. In a multi-user system. on page 309 Ac ce ler at o rOS Ve rsi on 7. RAID employs the technique of disk striping. Since multiple disks increases the mean time between failures (MTBF).1 Us er Gu id e . which involves partitioning each drive's storage space into units ranging from a sector (512 bytes) up to several megabytes. on page 308 About RAID RAID (redundant array of independent disks) is a way of storing the same data in different places (thus. In a single-user system where large records. I/O (input/output) operations can overlap in a balanced way. The two RAID types supported with current Accelerator equipment includes: RAID-1 Mirrored set without parity. The stripes of all the disks are interleaved and addressed in order. on page 309 RAID-5 Striped set with distributed parity. redundantly) on multiple hard disks.308 C h ap t er 10: Resiliency and Redundancy RAID Topics in this section include: About RAID. the stripes are typically set up to be small (perhaps 512 bytes) so that a single record spans all disks and can be accessed quickly by reading all disks at the same time. RAID Support in Accelerators' Hard Drives There are at least nine types of RAID plus a non-redundant array (RAID-0).

Keep in mind however that the array will have data loss in the event of a second drive failure and the data is vulnerable until the data that was on the failed drive is rebuilt onto a replacement drive. the drive failure is masked from the end user and all data is read from the subsequent drives. In fact. Array continues to operate so long as at least one drive is functioning. Increased read performance occurs when using a multi-threaded operating system that supports split seeks. real-time copy. Figure 1: RAID-1 RAID-5 Striped set with distributed parity Distributed parity requires all drives but one to be present to operate.R AI D 309 RAID-1 Mirrored set without parity Provides fault tolerance from disk errors and failure of all but one of the drives. disk shadowing. but the array is not destroyed by a single drive failure. or t1 copy. RAID-1 is sometimes called duplexing. drive failure requires replacement. very small performance reduction when writing. .

and remove faulty disks. on page 615 Ac ce ler at o rOS Ve rsi on 7. click on one of the following links: (RAID) (RAID) (RAID) (RAID) add-disk. To get the CLI commands for these options. on page 616 exit.0 .310 C h ap t er 10: Resiliency and Redundancy Figure 2:RAID-5 Using the CLI.1 Us er Gu id e . you can view the list of disk drives. on page 614 remove-disk. on page 615 show. the disk status.

and 7940) feature ports that are designed with optical or copper fail-to-wire circuitry in order to provide maximum up time for the network.Multi-Port Support M u lt i. This feature is particularly useful in the event of a host system failure. power off. Figure 3: Multi-Port Accelerator in a Network Using a multi-port design in your network topology allows you to create more redundancy in networks that are configured in an On-Path deployment scenario (as shown above). a crossed connection loop-back is created between the Ethernet ports and traffic is not affected. . Hence.P o r t S u p p or t 311 Specific Accelerator models (6850. 6950. In the case of an Accelerator failure. the ports will re-route the traffic as shown. or software requested by-pass. This feature enables the ports to by-pass a failed system and provides maximum up time for the entire network. in by-pass mode all packets received from one port are transmitted to the other port and vice versa. In such instances. or upon software request. power off. 7930.

Using the CLI.1 Us er Gu id e . you can manually set one pair or all port pairs to by-pass mode. Green indicates that by-Pass is disabled. The by-pass status is reflected in the LED next to the port pair. Ac ce ler at o rOS Ve rsi on 7.0 .312 C h ap t er 10: Resiliency and Redundancy Figure 4: Accelerator Failure in Multi-port Scenario In addition. Red indicates by-pass is enabled. you can create groups or specify a maintenance/management link.

7930 and 7940 have port pairs.P o r t S u p p or t 313 Figure 5: LED Locations Accelerator models 6850. the port number is the numerator (the top of the fraction) and you should make sure to use both ports from the same pair. In the 6x50. ETH0/0 and ETH0/1 are pairs. 6950. The port pairs are shown in below: These ports are a  pair These ports are a  pair .M u lt i. For example.

0 . on page 762. The ports may be a pair or set of 2 pairs depending on which card you ordered.1 Us er Gu id e . By-pass Mode Commands. on page 295 Enabling NetFlow. Ac ce ler at o rOS Ve rsi on 7. on page 72 Configuring the Ethernet Statistics Display Fields. on page 14 Handling Interfaces. on page 69 Accdump. the ports not labeled.314 C h ap t er 10: Resiliency and Redundancy Figure 6: Port Pairs Your Accelerator may not be configured with these ports. on page 377 Working with By-pass Mode. These ports are a pair These ports are a pair Figure 7: Port Pairs See the table below for links to more specific information: For information on Installing a multi-port Accelerator Getting information on. or selecting a specificAccelerator interface Enabling NetFlow on a specific Accelerator interface Receiving a statistic detailing the data displayed on the monitoring graphs per a specific Accelerator interface Enabling AccDump on a specific Accelerator interface Initiating by-pass Go to Connecting and Configuring Multi-Port Accelerators. In the 7930 and 7940. In the case of a 4 port pair the first two are a pair and the second two are a pair. on page 16 and in the CLI.

If the Standby device fails or becomes the Active device. another device is selected as the Standby device. enabling one device to assume the routing responsibility of another. at any given time. In HSRP the devices are all configured with a priority status within the group. ensuring that user traffic immediately and transparently recovers from first-hop failures in network edge devices or access circuits. which backup device takes over in the event of failure. The Backup devices perform the standby function. In general. by sharing an IP address (known as a Virtual IP Address or VIP) and a MAC address. the device with the next-highest priority is the Standby device that takes over in the event of Active device failure or unavailability. Hosts continue to forward IP packets to a consistent IP and MAC address. The VRRP can include many backup devices. but does not have management functionality of the Virtual IP. while VRRP is the IETF standard for redundancy protocols (RFC 2338). If the Active device fails. or set a dedicated VIP.Router Redundancy Protocols R o ut e r R ed u nd a nc y Pro to c ol s 315 Hot Standby Router Protocol (HSRP) and Virtual Router Redundancy Protocol (VRRP) are router redundancy protocols that provide network resilience for IP networks. It acquires the Virtual IP address of the group. and the changeover of devices is transparent. the Master device is configured to have the highest priority and is active in the group. only the transfer capabilities. the device with the highest priority is naturally the Active device. In HSRP and VRRP. In general. The recovery time of the VRRP is about three . while VRRP takes up less network overhead by letting you use the IP address of one of the devices already in the group. and this protocol does not support knowing. HSRP is a Router Protocol developed by Cisco (RFC 2281). the Standby device assumes the packet-forwarding duties of the Active device. Dominant devices in the virtual HSRP group continually exchange status messages. The main differences between the two are that HSRP requires you to dedicate an extra IP address as a virtual IP address for the group. should it stop operating for either planned or unplanned reasons. multiple network devices can act in concert to present the illusion of a single virtual router to the hosts on the LAN. VRRP works in much the same way.

the router protocol gets into effect and the router assumes the duties of the Accelerator and becomes the Active device. The Accelerator and routers are configured with the MAC address and the IP network address of the virtual HSRP/VRRP group. Therefore. so that if. due to severe power failure or any other unlikely event. one of the routers acts as the Standby router. In HSRP. on page 317 Setting Manual HSRP Configuration. It is configured with the IP address and MAC address of the virtual router and forwards any packets addressed to the virtual router.0 . Figure 8: VRRP Group Accelerators can take part in HSRP and VRRP and work in tandem with the routers that provide backup for the network.316 C h ap t er 10: Resiliency and Redundancy times faster than HSRP (the HSRP default is 10 seconds instead of 3 seconds in VRRP). The Accelerator is configured to have the highest priority and work as the Active/ Master device. on page 318 (config) HSRP autodetect. The following figures display an Accelerator application working with routers in a virtual HSRP and VRRP group. The following sections describe the options for configuring HSRP groups. if due to severe power failure or any other unlikely event the Accelerator stops transferring packets. on page 641 Ac ce ler at o rOS Ve rsi on 7. the Accelerator stops transferring packets.1 Us er Gu id e . both routers are configured as backup routers. one of the backup routers assumes the duties of the Accelerator. In VRRP. Enabling HSRP Automatic Detection. HSRP The AcceleratorOS lets you set up HSRP groups. either manually or by automatic detection.

R o ut e r R ed u nd a nc y Pro to c ol s 317 (config) HSRP. i Figure 9: HSRP screen To automatically detect all HSRP groups: 1. you must enable the same HSRP services on every appliance. 3. . The HSRP table automatically fills up with the details of the HSRP groups detected on the network. select the Auto Detect checkbox. In the HSRP screen. Note: IPSec uses the primary IP address of the Accelerator to create the IPSec tunnel. Click the following menu sequence: Setup > Networking > HSRP. Therefore it is not recommended to use IPsec in conjunction with features that use virtual IP addresses (as in HSRP and VRRP). on page 640 Enabling HSRP Automatic Detection The Accelerator can auto-detect HSRP groups on its networks and add them to its Group Table. While the Accelerator adds these groups. by default the Accelerator does not join the groups. i Note: If you have a network with multiple Accelerators. If you use a protocol that uses an IP address other than the primary (as is done in virtual IP addresses) the traffic sent out will be dropped. 2. highlight the HSRP group in the table and click the Edit button. When the groups are added. To Join the HSRP group or to modify other HSRP parameters. 4. by default its status in the groups is Not Joined.

or if you want to manually add or edit an HSRP group. the Priority (0 . the Active router is set according to IP address.255). Parameter Item Group ID Virtual IP Address Priority Virtual MAC Address Joined Authentication Force Priority Ac ce ler at o rOS Ve rsi on 7. highlight the row in the HSRP table and click the Edit button to modify the following parameters: i Note: If you have a network with multiple Accelerators. The default setting for the authentication command is cisco. the Virtual IP address. Description You must enter a group number. verify that all other devices in the HSRP group have the same authentication setting. in which the selected group tries to learn the IP address from the network. followed by Networking. the Authentication command lets you set the authentication password to communicate with the routers in the group. 2.0 puts the group into Learn mode.0 . When this setting is enabled. Setting the Accelerator’s priority lets you select its status in the HSRP group. Preempt is also enabled automatically. To manually modify the HSRP configuration: 1. Force Priority is done per group and enables the Accelerator to hold the highest priority of the selected group. If two devices in the HSRP group have the same priority. Once the Accelerator is set to have the highest priority. Click the Setup tab. even if the target group is group 0 All devices in the HSRP group must have the same Virtual IP address. Gives the Accelerator the highest priority in the HSRP group at all times.0. To modify the information. If Authentication is enabled in the HSRP group. Enable or Disable the Accelerator’s status in the group.0.318 C h ap t er 10: Resiliency and Redundancy Setting Manual HSRP Configuration If the Automatic detection does not find an HSRP group. you can modify the parameters as follows. Adding a virtual IP address of 0. 3. If you change the default authentication setting. it becomes the active router in the HSRP group. the Virtual MAC address and the status of the Accelerator in the group (whether the Joined option is Disabled or Enabled).1 Us er Gu id e . Joining the group enables the Accelerator to function as any other router in the HSRP group.255). enter the Group ID number (0 . you must enable the same HSRP services on every appliance. In the HSRP menu. The HSRP group immediately appears in the HSRP table. All devices in the HSRP group must have the same Virtual MAC address. 4. Click Add. Expand does not recommend this setup. and then HSRP.

You are advised not to change the default timer setting: 3 seconds Hello Time and 10 seconds Hold Time. If you change the default parameters. All members of the HSRP group must have the same Hello Time and Hold Time. These definitions comply with the recommended settings of having the Hold Time length more than three times the length of the Hello Time. If the Accelerator is part of a VLAN. On the other hand. Hello time is the interval between Hello messages (an exchange of HSRP priority and state information) and the Hold Time is the interval between a receipt of a Hello message and the presumption that the sending router/Accelerator has failed. When enabled. the higher priority router assumes the Standby mode until the current Active router experiences a failure. Timer settings are derived from the Active device and any timer configurations that you set in the Accelerator are not saved.R o ut e r R ed u nd a nc y Pro to c ol s 319 Parameter Item Preempt Description Used for determining how to react when a higher priority router joins the group. so you have to use preempt carefully. Hello and hold timers HSRP over VLAN . the change-over between one device and another can take two to three seconds. If the Accelerator is not currently the Active device in the HSRP group. the higher priority router prevails. during which the network has no default gateway. Set the packet rate between the devices in the HSRP group. ensure that you update all members of the HSRP group with the new parameters. Setting the Accelerator to enable preempt is useful when you want the Accelerator to remain active as much as possible. but increases the protocol bandwidth overhead and conversely. Decreasing timer-default rates shortens the time that the network has without a default gateway during Active router changeover. operating with HSRP requires updating the VLAN group number (1 to 4094). when disabled.

Figure 10: VRRP Group To manually modify the VRRP configuration: 1.320 C h ap t er 10: Resiliency and Redundancy VRRP Unlike HSRP. The VRRP group immediately appears in the VRRP table. All devices in the VRRP group must have the same Virtual IP address. In the VRRP menu. Setting the Accelerator’s priority lets you select its status in the VRRP group. enter the Group ID number (0-255). the Active router is set according to IP address. 3. To modify the information. Accelerator VRRP does not have a default group number. even if the target group is group 0. the Priority (1-254). Click the Setup tab. and then VRRP.0 . you cannot configure VRRP automatically and must add it manually. 4. Click Add. followed by Networking. 2. highlight the row in the VRRP table and click the Edit button to change the following parameters: Parameter Item Group ID Virtual IP Priority Description You must enter a group number. Expand does not recommend this setup. it becomes the active router in the VRRP group.1 Us er Gu id e . the preempt status and the timer setting. If two devices in the VRRP group have the same priority. Once the Accelerator is set to have the highest priority. Ac ce ler at o rOS Ve rsi on 7. the Virtual IP address.

during which the network has no default gateway. If the Accelerator is part of a VLAN. Sets the interval between the Hello messages sent between VRRP group members. you should modify it for all devices in the group. On the other hand. operating with VRRP requires updating the VLAN group number (1 to 4094). When enabled.R o ut e r R ed u nd a nc y Pro to c ol s 321 Parameter Item Preempt Description Preempt is used for determining how to react when a higher priority router joins the group. when disabled. If for some reason you have to modify this setting. The default setting is 1. the higher priority router will assume the Standby mode until the current Active router experiences a failure. All devices in the VRRP group must have the same Timer setting. so you have to use preempt carefully. Setting the Accelerator to enable preempt is useful when you want the Accelerator to remain active as much as possible. Timer VRRP over VLAN . the change-over between one device and another can take two to three seconds. the higher priority router will prevail.

0 .322 C h ap t er 10: Resiliency and Redundancy Ac ce ler at o rOS Ve rsi on 7.1 Us er Gu id e .

Chapter 11: Working with Mobile Accelerators In the event that ExpandView is not available. on page 330 . on page 326 Monitoring Collective Branch Statistics. Additional configurations can be implemented via the AcceleratorOS CLI. Topics in this chapter include: Overview. on page 324 Configuring the Mobile Accelerator Client. you can use the AcceleratorOS WebUI to configure a MACC without using ExpandView. you can edit the XML file that contains the MACC configuration and then import this file to the Mobile Accelerator Client. On the PC that has the Mobile Accelerator Client installed.

or a Collective Branch configuration as dictated below: Collective Branch – refers to the group of MACCs that are a members of the same subnet as a defined remote branch (Collective Branch). a basic understanding of the terminology may prove to be helpful.0 . There is a remote office. it will connect first with ExpandView. there is a datacenter. This configuration setting can either be a Default configuration. When a Mobile Accelerator (MACC) connects to the network. there are mobile users who enter and exit the network as needed and are not part of the same subnet as the small office. Members of the Collective Branch will adhere to the same QoS rules and configuration settings as dictated in the Collective Branch templates. Ac ce ler at o rOS Ve rsi on 7. It will receive from ExpandView its configuration settings and will also be associated with the appropriate Accelerator in the Datacenter. that has a small group of users. See the diagram below. a Unique User configuration. which houses the Accelerators and ExpandView Server. Figure 1: Mobile Network Diagram In the above network scenario. In addition.324 C h ap t er 11: Working with Mobile Accelerators Overview If this is your first time working with the Mobile Accelerator Client.1 Us er Gu id e .

be associated to the Default Associated Set. . Default Associated Set — refers to the Associated Set which all Mobile Users that are not pre-registered will connect to using the Default Configuration settings from ExpandView. Unique Mobile User — refers to a MACC that registers with ExpandView using a unique user-defined setting. Associated Set — refers to a group of Accelerators to which the Mobile Accelerator Client will connect. only one Accelerator is supported in an Associated Set. This user connects to the network in a subnet that is not part of the Collective Branch and will by default. Only one Accelerator in the network can be set as the Default Associated Set. Currently.Ove rvi ew 325 Mobile User — refers to a MACC that registers with ExpandView using the Default Configuration setting.

and click Delete.0 . 2. followed by My Collective Branches. To delete a Collective Branch. on page 327. To add a collective branch to the table. Destination Subnet—this is the subnet to which the collective branch belongs. Ac ce ler at o rOS Ve rsi on 7. on page 329 Viewing the Collective Branches The My Collective Branches Table lists all collective branches that are known by the Accelerator. 3. Bandwidth out and In—these parameters are set when the Collective branch is created. Concurrent MACC Connections—this is the number of Mobile Accelerators currently connected within this Subnet. select Setup. select the branch you want to delete (make sure the whole table line is highlighted in yellow). The Collective Branch Table displays the following information: ID—this is the ID number for the Collective Branch. Collective Branch Name—this is the name that was assigned to the Collective Branch. Clicking on this number allows you to edit the branch parameters. on page 326 Creating a Collective Branch. see Creating a Collective Branch.326 C h ap t er 11: Working with Mobile Accelerators Configuring the Mobile Accelerator Client The following configurations are available with the WebUI: Viewing the Collective Branches. To view the collective branches 1.1 Us er Gu id e . on page 327 Creating a Collective Branch Template. In the AcceleratorOS WebUI. on page 328 Creating Mobile Accelerator Link Templates.

Click Add. See note below. To delete the Collective Branch. select the Collective Branch from the table and click Delete. Note: A note about distributed POAA: In order to help links that are subject to congestion. To add a collective branch: 1. enter the Mobile Accelerator’s Subnet’s IP address. use the drop-down menu to select the default WAN. In the Subnet Mask field. In the POAA (Post Acceleration Aggregation) section configure the dPOAA (distributed POAA) Parameters. Note that this is optional and should not be set unless required. 7. select the ID number from the ID row in the table and click Edit. give the collective branch a name. 4. enter the subnet mask of the subnet 6. Inward is from the WAN and Outward is to the WAN. go to the My Collective Branches screen. as this can cause an asynchronous configuration settings.Co n f ig u r in g t he M ob il e Ac ce ler a t or Cl ie nt 327 Creating a Collective Branch Extreme care should be used in creating Collective Branches without ExpandView. In the IP address field. followed by My Collective Branches. In the WAN field. 3. In the Collective Branch Name field. 8. you can select the Inward and Outward bandwidth for the collective branch. you can implement POAA (or Post Acceleration Aggregation) parameters. To edit a Collective Branch. all Mobile Accelerators within this subnet are automatically assigned to the Collective Branch. 10. go to the My Collective Branches screen. where packets are aggregated and sent to one Accelerator. Unlike standard POAA. using no spaces. The MACC that receives the packet will deliver the smaller packets to the other recipients over the LAN. This allows the bandwidth to be maximized and doesn't congest the pipe with smaller packets and lots of ACK replies. combines the packets meant for multiple MACCs within the Collective Branch and sends them as one large packet to the first MACC whose destination is received by the Accelerator. In the AcceleratorOS WebUI. i . select Setup. 2. 5. Optionally. Note that once defined. 9. distributed POAA.

followed by My Collective Branches. on page 84 See Advanced Link Configurations. 2. Spaces are not valid This field cannot be edited. In the AcceleratorOS WebUI. on page 84 See Advanced Link Configurations. This is the name you set when you created the Collective Branch The Accelerator IP The Subnet the Collective Branch belongs to See Advanced Link Configurations. on page 84 See Advanced Link Configurations. on page 84 See Advanced Link Configurations. To create a collective branch template: 1. on page 84 See Advanced Link Configurations. Click the ID number of the collective branch whose template you want to create. Click Collective Branch Template 4. on page 84 See Advanced Link Configurations. Fill in the parameters as described in the table: Parameter Name Parameters Section Link Name Remote Name Collective Branch name Source IP Destination IP MTU Metric Fragmentation Acceleration Section Tunneling Section TCP Acceleration Section Advanced TCP Acceleration Section Post Acceleration Aggregation Section Bandwidth Adjustment Section Give a name for the Link.0 . select Setup. 3. on page 84 See Advanced Link Configurations. on page 84 Description Ac ce ler at o rOS Ve rsi on 7.328 C h ap t er 11: Working with Mobile Accelerators Creating a Collective Branch Template This template sets the parameters for the link between the Accelerator and the Collective Branch. The MACC template and ACC template are different.1 Us er Gu id e . on page 84 See Advanced Link Configurations.

on page 84 See Advanced Link Configurations. on page 84 Description . on page 84 See Advanced Link Configurations. on page 84 See Advanced Link Configurations. it appears in the Links table.Co n f ig u r in g t he M ob il e Ac ce ler a t or Cl ie nt 329 Creating Mobile Accelerator Link Templates The Mobile Accelerator Link template dictates the settings between a MACC and an Associated Set. on page 84 See Advanced Link Configurations. See interface link mobile. select MACC. on page 84 See Advanced Link Configurations. where the MACC is to receive the default configuration. see Creating a Collective Branch Template. the link to the MACC needs to be created via the CLI. Spaces are not valid This field cannot be edited. Select the following menu sequence: Setup > My Links > Link Templates 2. on page 84 See Advanced Link Configurations. In the Template Type drop-down menu. on page 328. In cases where you have a unique setting. This is the name you set when you created the Collective Branch The Accelerator IP The Subnet the Collective Branch belongs to See Advanced Link Configurations. on page 680 for instructions. on page 84 See Advanced Link Configurations. Fill in the parameters as described in the table: Parameter Name Parameters Section Link Name Remote Name Collective Branch name Source IP Destination IP MTU Metric Fragmentation Acceleration Section Tunneling Section TCP Acceleration Section Post Acceleration Aggregation Section Bandwidth Adjustment Section Give a name for the Link. Clicking on the link in the Links Table allows you to edit its settings. Make sure the link status is set as Idle before making changes. 3. To create a link template for the link between the MACC and the Collective Branch. To create a Mobile Accelerator Link Template for stand-alone MACCs that will use the default configuration: 1. Once the Link is created.

while the yellow represents the amount of bandwidth that would have been used without the Accelerator. Ac ce ler at o rOS Ve rsi on 7.1 Us er Gu id e . on page 330 Acceleration Statistics. and therefore cannot exceed 100% of the link speed. (what actually goes over your WAN link) and the pre-accelerated throughput. Selecting the link speed is necessary in order for the Utilization graph to display accurate data. on page 332 Viewing Collective Branch Throughput Statistics The Throughput Statistics graph lets you monitor how much traffic passed though the Collective Branch. on page 331 Statistics. on page 331 Compression Statistics. The traffic displayed is accelerated traffic.330 C h ap t er 11: Working with Mobile Accelerators Monitoring Collective Branch Statistics Using the Monitor tab. which is the throughput that would have been used without the Accelerator’s compression mechanisms. Viewing Collective Branch Utilization Statistics The Utilization Statistics graph lets you monitor how much of the Collective Branch is being utilized. The blue area represents the actual bandwidth used with the Accelerator.0 . you can view different statistical graphs for the Collective Branch in the same manner as Links and Applications. on page 330 Utilization Statistics. This graph lets you compare between accelerated throughput. Topics in this section include: Viewing Viewing Viewing Viewing Viewing Collective Collective Collective Collective Collective Branch Branch Branch Branch Branch Throughput Statistics.

Viewing Collective Branch Compression Statistics The Compression Statistics graph displays the amount by which traffic was reduced by the Collective Branch. how much less data is passing over the physical link because of acceleration.M o ni to ri ng Co ll ec ti ve Br an ch Sta ti st ic s 331 Viewing Collective Branch Acceleration Statistics The Acceleration Statistics graph lets you view acceleration percentages for inbound and outbound traffic on the Collective Branch per interface/link or for the total for the Collective Branch. This graph represents in percents. .

Last 5 Seconds—Data transferred over the link selected that was collected over the last 5 seconds. Click the following menu sequence: Monitor > Collective Branches > Statistics. 3. From the drop-down menu. or Acceleration.332 C h ap t er 11: Working with Mobile Accelerators Viewing Collective Branch Statistics The Accelerator’s Statistics table displays data presented in the Link graphs in table format per link or for the entire traffic. To view a statistics table: 1.0 . or in number of packets. System up—Data transferred over the link selected that was collected since the Accelerator was powered on. select the statistics to be displayed: All. Data is listed in KB. For a description of the information that is displayed in the table. Errors. Select a Collective Branch from the Collective Branch drop-down menu. Data is listed in KB. or in number of packets. 2. Data is listed in Kbps or in percentages. in percentages. Parameter Item Bytes Information In Bytes Out Bytes Raw In Bytes Raw Out Bytes Exceeded License Bytes Number of input bytes Number of outgoing bytes Total incoming bytes being accelerated using this link Total outgoing bytes being accelerated using this link Number of bytes that are not optimized because the bandwidth limit as set by the AcceleratorOS license is exceeded Description Packets In Packets Out Packets Number of input packets Number of outgoing packets Packets Discarded In Packets Incoming packets that were discarded by a rule with discard policy Ac ce ler at o rOS Ve rsi on 7. Throughput. Since Clear—Data transferred over the link selected that was collected since the Accelerator’s counters were last cleared.1 Us er Gu id e . in percentages. see the following table below: All statistic items are displayed according to: Data—Lists type of statistic gathered.

or combined. Number of packets sent out marked not to be routed into the link. Outgoing Packets that were aggregated as part of the default postacceleration aggregation policy Incoming Packets that were aggregated as part of the user defined-1 post-acceleration aggregation policy. Outgoing Packets that were not optimized due to being sent through the Traffic-Gauge mechanism in order to enhance performance Number of small packets aggregated. such as queues and obsolete Outgoing Packets that were dropped by QoS enforcements. Number of packets that are not optimized because the bandwidth limit as set by the AcceleratorOS license is exceeded Poly In Packets Poly Out Packets Agg Default In Packets Agg Default Out Packets Agg User-Defined 1 In Packets Agg User-Defined 1 Out Packets Agg User-Defined 2 In Packets Agg User-Defined 2 Out Packets Agg Thin Client In Packets Agg Thin Client Out Packets Do Not Acc Packets Do Not Tunnel Packets Exceeded License Packets Errors CRC Errors Other Errors Number of CRC-errored packets received Unexpected errors received Errors Acceleration In Acceleration Out Acceleration Inbound Acceleration percentage Outbound Acceleration percentage . after transmission Number of small packets aggregated. Incoming Packets that were aggregated as part of the user defined-2 post-acceleration aggregation policy. or combined. such as queues and obsolete Outgoing Packets that were dropped by QoS enforcements. Outgoing Packets that were aggregated as part of the user defined-1 post-acceleration aggregation policy. Outgoing Packets that were aggregated as part of the user defined-2 post-acceleration aggregation policy Incoming Packets that were aggregated as part of the Thin Client post-acceleration aggregation policy Outgoing Packets that were aggregated as part of the Thin Client post-acceleration aggregation policy Number of packets sent out marked as Do not Accelerate.M o ni to ri ng Co ll ec ti ve Br an ch Sta ti st ic s 333 Parameter Item Discarded Out Packets Dropped In Packets Dropped Out Packets Dropped Out IPsec Packets Traffic-Gauge Packets Description Outgoing Packets that were discarded by a rule with discard policy Incoming packets that were dropped by QoS enforcements. such as queues and obsolete on a secure link. before transmission Incoming packets that were aggregated as part of the default postacceleration aggregation policy.

1. so make sure you want to do this before proceeding. 2.334 C h ap t er 11: Working with Mobile Accelerators Parameter Item In Actual Acceleration Out Actual Acceleration In Compression Out Compression Description Acceleration that considers all incoming throughput Acceleration that considers all outgoing throughput Inbound compression percentage Outbound compression percentage To clear all of the statistics counters: i Note: This will clear all of the statistics counters.1 Us er Gu id e .0 . Ac ce ler at o rOS Ve rsi on 7. Click Yes when prompted. Click the Clear Counters button.

on page 338 Auditing Administration Activities.Chapter 12: Security This chapter describes the various methods for ensuring security within the Accelerator. on page 336 Configuring AAA. This chapter includes the following sections: Studying the AcceleratorOS AAA. on page 344 . on page 343 Locking and Unlocking the Keypad.

the new functionality will include per-user settings to control access to the Accelerator as well as passwords quality verification functionality and password aging (to be implemented at a later stage). Accounting—Tracks usage patterns of individual users. allowing end-users to define additional accounts besides the default expand user.1 Us er Gu id e . and Accounting (sometimes called Auditing). as well as control access to the services from a defined set of sources (subnets for ACL). You can configure the Accelerator to make use of a security server via either the TACACS+ or RADIUS security protocols. Authentication is the part of the system that lets users define how they authenticate to the system. service. This functionality enables controlling different levels of users in the system with different authorities and lists the auditing functions performed for various operations. the Accelerator’s AAA enables the system to be secured. The Accelerator.336 C h ap t er 12: Security Studying the AcceleratorOS AAA The Accelerator lets you manage access by means of Authentication. or both. The Accelerator’s AAA functionality includes the Accelerator’s ability to use remotely accessed user-repositories for authenticating users. The Accelerator’s authorization lets you define the users and their roles. use the logging > show events command. On the authentication side. when.0 . and whether their attempt to access the Accelerator succeeded or failed. Therefore. These events can be sent via email or sent to a Syslog server. normally installed in enterprises. and allows limiting access to certain management options available on the Accelerator. Authorization. Authentication—Validates users' identity in advance of granting login. allowing the authentication to be based on external authentication servers. requires strict security for the networks with which it interacts. To view the log of these events. day of week. time of day. Ac ce ler at o rOS Ve rsi on 7. The Accelerator’s authentication lets you define the users and set the location in which passwords are stored. host. government and military organizations. Authorization—Lets users access networks and commands. AAA includes control over provided management services. and so on. Each user must be defined locally in the Accelerator as well as in remote AAA servers. also known as AAA. The Accelerator’s accounting lets you receive logs detailing who signed in. The Accelerator’s AAA supports multiple users per Accelerator.

Stu d yi n g th e A cce le rat o rOS A A A 337 Setting different user roles. allowing different access levels to the system is supported with pre-defined roles available in the system. . Definition of new roles is user-configurable. AAA includes auditing of all major operations performed on the Accelerator into log entries saved in the system log files and routable to email message. syslog server and SNMP trap.

Only Administrator users can modify AAA settings. then enter and confirm a new password for this user. enter a name for the user in the User Name field. Passwords must be at least 6 characters in length and cannot be Ac ce ler at o rOS Ve rsi on 7. on page 338 Viewing the Authentication Servers. Scroll down in the User Role field to select one of the following: Administrator—complete access to the Accelerator and its commands.1 Us er Gu id e . Monitor—access the Accelerator’s CLI but cannot modify configuration. Click on Setup followed by Security. on page 342 Configuring Users Figure 1: Users screen To add a new Accelerator user: 1.0 . 2.338 C h ap t er 12: Security Configuring AAA The following Configuration options are available: Configuring Users. 3. on page 340 Defining the Security Settings. In the Users menu. only remote authentication servers will be able to authenticate passwords. 4. WAFS-Administrator—complete access to WAFS management screen and console. select the Enable Local Password checkbox. in addition to web acceleration and DNS configuration. If the checkbox is not checked. If a local password is to be set for this user. NetAdmin—complete access to the Accelerator and its commands with the exception of the Security commands and WAFS management screen.

2.C o nf i gu ri ng A A A 339 keyboard sequences (qwertyu. Deleting Users To delete an Accelerator user: 1. 123456). Note: when working with a TACACS server. 3. Click the Delete button. click on the name of the user in the Users Table. you must add each user name into the Accelerator. . Click the Add button to apply settings. i 5. highlight the line in the User’s Table that includes the name of the user to be deleted. and click Edit. 3. make sure the user whose information you want to change is highlighted. click in the row in the table. Click on Setup followed by Security. To modify an Accelerator user: 1. or alternatively. Click the Submit button to apply settings. In the Users menu. palindromes. Modify details as needed. In the User’s menu. Click the Submit button to apply settings. 2. Click on Setup followed by Security. (see section above for help on the fields) 4. or simple recognized dictionary words.

0 . To edit the settings for a specified authentication server: Click on a server name in the table and click Edit. To view the authentication servers: 1. Ac ce ler at o rOS Ve rsi on 7. The Authentication Servers table displays all configured authentication servers.340 C h ap t er 12: Security Viewing the Authentication Servers The Authentication screen lets you set Authentication Servers (Radius.1 Us er Gu id e . Click the following menu sequence: Setup > Security > Authentication. The parameters that you can edit are the same as those you filled out in Adding a New Authentication Server. In the Authentication menu. Adding a New Authentication Server To add a new authentication server: 1. 2. 2. TACACS+ and Local) and manage these servers and their preference order in the Accelerator. Click the following sequence: Setup > Security > Authentication. Figure 2: Authentication Preferences screen To delete an authentication server: Click on a server name in the table and click Delete. on page 340. click the Add button above the Authentication Servers Table.

C o nf i gu ri ng A A A 341 i Note: If you select Radius or TACACS+ as the Server Authentication Method. enter the following information: Name Server Name Server Type IP Address Server Port Server Order Encryption Key Server Time out Description The name of the server you want to add. Though the user’s credentials exist on the Authentication Server. as all users must have local identification in order to be authenticated. The server’s port. In the Add New Authentication Server dialog box. 3. Click on Setup followed by Security. If more than one authentication type is used. Click Submit. See Configuring Users. for information on adding new users. Defines whether the server is the first. you will need to add all of the users you wish to allow access to the Accelerator on the Local Accelerator. The server type (Radius or Tacacs). The new server’s IP address. The server’s encryption key Time period after which the connection times out. on page 338. second or third to be addressed. Setting the Authentication Method The authentication method lets you define which servers are to be checked. To set the authentication method: 1. select the server types in the order in which they are to be authenticated. 4. Figure 3: Authentication Method .

select the checkboxes of the types of access methods allowed for connecting to the Accelerator. 2. Click Setup followed by Security.1 Us er Gu id e . all transport types are set to Enabled. By default.342 C h ap t er 12: Security In the Authentication menu. 2. except for FTP and TFTP. Click the Submit button to apply settings. 3. It is recommended that the first level be set to Local. In the Settings menu. such as which access methods to use when connecting to the Accelerator and the maximum failed login attempts before an account would be disabled. In the 2 field set the second level of Authentication and so on. scroll down in the 1 field to set the first level of Authentication. which are set to Disabled. Defining the Security Settings The Settings screen lets you define security settings. Figure 4: Security Settings screen To define security settings: 1. Click the Submit button. Ac ce ler at o rOS Ve rsi on 7.0 .

In the Accelerator’s audit table. 2. select or deselect the boxes that refer to the activities you want to audit or to stop auditing. . Click Submit.Auditing Administration Activities Au d it in g A dm in i st r at io n A ct iv it ie s 343 The Audit screen lets you select which administration activities to audit (for example: changing the configuration. 3.) Figure 5: Audit screen To select which activities to audit: 1. and then Audit. followed by Security. creating links and adding users. Click the Setup tab.

see section Installing the Accelerator. 2. To set the lock key combination sequence. Figure 6: Keypad Settings screen To lock/unlock the keypad via the WebUI: 1. To set the auto-lock timer: 1. Click the following sequence: Setup > Security > Keypad. 2. Setting the Keypad Lock Definitions Selecting the Auto-Locked value for the keypad lets you set the number of times after which the keypad will automatically lock. enter a number (in seconds) into the auto-lock timer field.1 Us er Gu id e .0 . Click the Submit button. Ac ce ler at o rOS Ve rsi on 7. In the Keypad screen. Click the Submit button.344 C h ap t er 12: Security Locking and Unlocking the Keypad The LCD keypad on the front panel of the Accelerator (if included) can be locked. as well as the key sequence to be entered for unlocking the keypad once it is locked. In the Keypad status drop-down menu select one of the following: Locked—immediately locks the LCD Auto-Locked—automatically locks the LCD when not in use Unlocked—keeps the LCD unlocked 3. on page 13.

The default unlock sequence is Right button. Up button. enter the unlock sequence. up to five depressions. 2. the WebUI or the CLI. Figure 7: Unlocking the Keypad 1. Enter button. scroll down in the fields to select the button to be pressed in the order intended. To unlock the keypad. Down button.Lo c kin g a n d Un lo c kin g t h e Ke ypad 345 To set an unlock sequence: The unlock sequence sets a the sequence of keypad buttons that must be pressed in order to unlock the LCD. Defining Other LCD Settings Turning By-pass On Locking the Keypad You can lock the Accelerator’s keypad via the LCD. The default is as follows: Up arrow. In the Keypad screen. Down arrow. Enter. Left button. in any order. The unlock sequence set should be a combination of the buttons. Click the Submit button. You can modify the lock sequence via the WebUI as described in section Locking and Unlocking the . Right arrow. Left arrow. in the Unlock Sequence fields.

on page 344. or via the CLI. as described in section (config) lcd lock. Product ID Management IP Management Mask Ac ce ler at o rOS Ve rsi on 7.1 Us er Gu id e . on page 755.346 C h ap t er 12: Security Keypad.0 .

as follows: Carrying out the Troubleshooting Procedure. on page 361 Checking for a Corrupted Terminal. on page 355 Checking the Link Status. on page 348 Password Issues. on page 357 Checking Lack of Acceleration. on page 356 Checking Ethernet Settings. on page 352 Displaying Information for Troubleshooting. on page 360 Checking Link Malfunction. on page 349 Checking the Event Log.Chapter 13: Troubleshooting This chapter describes troubleshooting procedures for the Accelerator and explains Accelerator alerts and events. on page 362 .

is the default gateway set correctly? What is being affected? All the links? Particular links? Use Tools to find the source of the problem Put the local Accelerator and then the remote Accelerator into by-pass mode Ac ce ler at o rOS Ve rsi on 7. try using the following steps to help diagnose the source of the problem: Check the Event log Check the topology and host settings .348 C h ap t er 13: Troubleshooting Carrying out the Troubleshooting Procedure If there is a problem with your Accelerator.1 Us er Gu id e .0 .

1 2 . some. 1 ( Bu il d 3. . on page 349 P as sw o r d I ss ue s 349 Resetting the Password If you forget your password. . C o nn ec t ed t o 1 7 2.. to their default values. Ac ce l er at o r 6 80 0 S er ie s V e rs io n 7 . 12 (P OR T :2 3 ). you can use the reset command from the login prompt instead of the password. 53 ) l o gi n: re se t i Note: You must connect to the Accelerator you want to reset using a Console connection. 16 . acceleration and QoS settings. 3 1. Choosing a Legal Password Your Accelerator is supplied with a default password and you need to change it once you enter the Setup Wizard.. 31 . all of the following character types: Upper case letters Lower case letters Numerals Symbols . including the device’s passwords. 1 6. You will need to re-configure all links.Password Issues Topics in this section include: Resetting the Password. T r yi ng 17 2. or.0 . A password is variable in length and may contain one. on page 349 Choosing a Legal Password. This command deletes all passwords and configurations and resets all of the Accelerator’s settings. you can use the default login (expand) and password (Expand) to log in and reconfigure the Accelerator. A c ce le r at or O S. After resetting.

Contains a dictionary word Contains keyboard sequence Too simplistic and too sequential Meets minimum length.0 . Examples of Good and Bad Passwords For examples see the following table: Password Choice dfghkeg dfghke9 AeFgL9 31415926 1122332211 Network Admin223 Li!tt!le Qwerty Zaq1xsw2cde3vfr4 5rtgvb q1w2bghn975lhkp o5tgx45tym4sj0 Li!tfeL Good/Bad Bad Good Good Good Bad Bad Good Bad Bad Bad Good Comments characters in all the same character type. which increases the possibility of a typographical error. it is a palindrome. A strong password has the following: At least 6 characters if in mixed character types At least 8 characters if in the same character type Is not composed of a dictionary word (meaning a string of letters that can be recognized as an English word) or a reverse dictionary word (in either mixed case or with letters separated by other characters) Is not a keyboard sequence Is not a numerical sequence Is not a palindrome Is not considered to be too simplistic or too systematic There are no maximum limits for character length. and does not contain any dictionary words or palindromes. Contains mixed text of appropriate length.350 C h ap t er 13: Troubleshooting Password Strength A password that is strong enough is considered to be valid. but it is not advised to make the password too long. it is a dictionary word. but it is combined of two character types Only 6 characters but it has 3 character types 8 characters in length meets the minimum for a single character type password Although this password is appropriate in length. Contains a reverse dictionary word (Left) Ac ce ler at o rOS Ve rsi on 7.1 Us er Gu id e . Although it is appropriate in length and is mixed case. is complex. This password is too short if it is to be of the same character type 7 characters.

Password changes to the Expand administrative account also affect access to the kernel when using the start-shell command. the login request will be forwarded to the next identified authentication method (local – if set) and they will be authenticated to that database. but do NOT impact the password associated with root access within WAFS. Maximum length for a WAFS password is 15 characters. . those individuals attempting login whose ID’s exist within the authentication server will be required to use the passwords associated with that authentication server.Pas sw o rd I ss ue s 351 Additional Notes About Passwords If Authentication is applied via TACACS or RADIUS. If the ID does not exist within the authentication server. Password changes to the root password appear to impact the root access in both kernels.

direction outbound Checking Warning Events Warning events identify issues or configuration errors within the Accelerator. The system continues to run. but action may be required to return the Accelerator to normal operating standards.352 C h ap t er 13: Troubleshooting Checking the Event Log The first thing to do when you encounter problems with Accelerator performance is to check the Event log for any unusual errors. Error:Warning Ac ce ler at o rOS Ve rsi on 7. on page 352. on page 352. for example: 06-Jun-07 10:29:07 <WARNING> #1 HSRP Message authentication has failed due t11 Checking Error Events Error events occur sporadically. The following logging levels are supported: For Informational messages. Checking Info Events Info events notify regarding status changes that occur in the normal operation of the system. If you think you have Unit failure. see Checking Warning Events. To check if Warning conditions exist. see Checking Error Events.0 .1 Us er Gu id e . the user can define the minimum and maximum event logging (range) that will be emailed or broadcasted. but the Accelerator easily recovers from them. When used with these. for example: 06-Jun-07 10:38:41 <ERROR> #1 Configuration-load: 'Line# 16. see Checking Fatal Events. see Checking Info Events. for example: 06-Jun-07 10:38:41 <INFO> #1 Add QoS global rule. rule id=1. If you think Error conditions exist. on page 352. These levels are related to the severity levels used by email and broadcast functions. on page 353.

In the CLI.0. or fatal. Message-text: Text string containing detailed information about the event being reported. ACC1# show events 06-Jun-07 10:29:07 <WARNING> #1 HSRP Message authentication has failed due t11. in the following format: dd/mmm/ yy hh:mm:ss Level of Severity: Debug. warning.1 status changed from acc 29-Jun-07 10:19:19 <INFO> #2 Link ID 1 was Updated 29-Jun-07 10:20:51 <INFO> #1 Subnets for Remote link CP Id 1 changed 29-Jun-07 10:38:41 <INFO> #1 Link 1 was Added 29-Jun-07 10:38:41 <INFO> #1 Add QoS global rule.cpp(26) TWDSupervisor:TWDSupervisor Watch Dog: Reboot system due to a failure of client. 06-Jun-07 10:29:07 <WARNING> #1 _peer. The Accelerator event log records changes in the state of Accelerator links and changes to configuration.cppLink 222. error. All events are given a timestamp relative to the Accelerator’s local time. information. Check the Accelerator’s system time when viewing any event the Accelerator generates. Timestamp: Log date and time. use the following commands to view events. . Error:Warning Studying Log Message Formats Log messages are displayed in the following format: TIMESTAMP: <LEVEL of SEVERITY> #OCCURRENCE: Message-text. for example: 06-Jun-07 07:37:59 <fatal> #1 TWDSupervisor. rule id=1. saving them in a list format. Occurrence: The number of times this log has been recorded. named: TelnetDaemon.0. direction outbound 29-Jun-07 10:38:41 <ERROR> #1 Configuration-load: 'Line# 16.Ch e cki n g th e Ev en t L og 353 Checking Fatal Events Fatal events are events for which you have to take corrective action in order to return the Accelerator to operation.

1 Us er Gu id e .354 C h ap t er 13: Troubleshooting To view the Accelerator system time: ACC1#show clock System time is: THU SEP 04 17:37:57 2003 Time zone offset: 0 minutes Ac ce ler at o rOS Ve rsi on 7.0 .

on page 355. See Gathering Statistics for Technical Support. see section Archiving Log Files.providing a window into the Accelerator’s inner workings and configuration.Displaying Information for Troubleshooting D is p lay in g I nf o r m at io n f o r Tro ub le sh o o ti ng 355 The Accelerator’s Show Tech-Support command lets you aggregate all necessary troubleshooting information in the Accelerator via one simple command . Displaying Statistics in a Compressed. on page 376. on page 372 for information on gathering and saving information that the technical support team will require prior to opening a case. For details. . see Displaying Statistics in a Compressed. Archived File The statistics displayed by using the method described above is one of the logs that you can concentrate to create one compressed archive file. To create a compressed archived file. Archived File.

If this probe fails. Link is active and the link is tunnelling but not accelerating traffic. it attempts to retry until the Accelerator responds. Remote Accelerator is not available. The remote Accelerator is not active. Link parameters are being negotiated (cache size. Internal error occurred during definition of the link in the system. If a link is inactive. and so on).2. Communication has been lost.0.0. meaning that the remote Accelerator is not properly licensed. Link is active and acceleration is on.2.6|15000/N/A |dropped | non-link | 100000/ N/A | virtual non | N/A --------------------------------------------------------- Link Status states are as follows: Link Initialize Inactive Trying to Connect Negotiating Remote Found Accelerating Active Status The remote Accelerator is initializing. a keepalive will be automatically sent to the remote Accelerator. Link is establishing connection.356 C h ap t er 13: Troubleshooting Checking the Link Status The status of the link may point to the source of a problem.1 Us er Gu id e . An initial probe is used during the Accelerator’s initial link connection stage. Link is active.0 . If 10 keepalive packets do not receive a response. ACC1# show interface link summary -------------------------------------------------------LINK|DEST IP ADDRESS|DESCRIPTION|BANDWIDTH|LINK STATUS ----+---------------+-----------+---------+----------1 | 10. Active can be either No local license. or No remote license. meaning that the link is inactive because the local Accelerator is not properly licensed. A Virtual link (no far-end Accelerator).6 | L-10. Drop Load Error Virtual Unknown Ac ce ler at o rOS Ve rsi on 7. the Accelerator assumes that the remote Accelerator is down and the local Accelerator automatically passes the link traffic transparently through to the WAN.

........................ the two devices that are cabled to the Accelerator are directly connected...ethernet 0/0 MAC................................ If an Accelerator goes into hardware by-pass.... You can check this by using the appropriate show interface ethernet commands.......10baseT/Half 10baseT/ Full 100baseT/Half 100baseT/Full ....yes Supports auto-negotiation...............00:02:B3:C8:4E:9C Hardware type.......... ACC1# show interface ethernet 0/0? <cr> continuous output ACC1# show interface ethernet 0/0 Description...mii Link mode.................yes Supports link modes...... Ensure that Ethernet settings are correct........... it should be considered in all hardware installations.... and any incompatibilities between them may cause problems...auto (100Mbit-Full) link is up Link detected....... Figure 1: Ethernet Settings diagram As a symptom of incorrect Ethernet settings.............Checking Ethernet Settings C h eck in g E t h er n e t S et t in g s 357 Although Ethernet level compatibility is not an issue unique to the Accelerator................. discarded packets and loss of connectivity may be experienced on the Accelerator.............. as follows....

Continuous enables the entire output instead of one screen at a time. Enter the interface port number and continuous if you want the entire output in a scrolling window. 0.358 C h ap t er 13: Troubleshooting LAN throughput data In Bytes In Packets Dropped In Packets Out Bytes Out Packets Dropped Out Packets System Up 3826461 23240 0 159363519 1723079 0 Since Clear N/A N/A N/A N/A N/A N/A Last 30 Secs N/A N/A N/A N/A N/A N/A LAN throughput data In Frame Error In Overruns Dropped In Packets In Total Errors Out Collisions Out Lost Carrier Out Underruns Out Total Errors System Up 0 0 0 0 0 92 0 92 Since Clear N/A N/A N/A N/A N/A N/A N/A N/A Last 30 Secs N/A N/A N/A N/A N/A N/A N/A N/A Command Description Parameters Example with Syntax ACC1#show interface ethernet [0 | 0/0 | 0/1] [continuous] Lists all ethernet interface configuration and statistics information per interface.0 .1 Us er Gu id e .h al f 1 00 M e ga bi t h al f d up l ex 1 0M bi t -f u ll 1 0 M eg a b i t fu l l du p le x 1 0M bi t -h a lf 1 0 M eg a b i t ha l f du p le x a ut o A u to Ac ce ler at o rOS Ve rsi on 7. Expand recommends using the following command to manually set Speed and Duplex values: Command l i nk -m o de 1 0 0M bi t -f u ll 1 0 0 Me g a b it f u ll d u pl e x 1 00 Mb i t. 0/ 0 and 0/1. ACC1#show interface ethernet 0 Continuous Ensure that Speed and Duplex settings are set correctly.

h al f . No additional parameters necessary 359 A CC 1 # c on fi g ur e A CC 1 (c o nf ig ) # in t er f ac e e th er n et 0 A CC 1 (i n te rf a ce )# li n k.C h eck in g E t h er n e t S et t in g s Description Parameters Example with Syntax Enters the mode to set Ethernet interface 0 parameters.mo d e 10 M bi t.

360 C h ap t er 13: Troubleshooting Checking Lack of Acceleration If applications are not being accelerated. but the Accelerator is still not functioning as expected. and remote networks that have no Accelerator for QoS only. links and routing tables. often the source of the problem is missing information in the subnets.1 Us er Gu id e . can you ping its router? Ac ce ler at o rOS Ve rsi on 7.0 . it is often due to one or more of the following reasons: Traffic is not associated with the correct link Another link is being used QoS classification (application definition) is wrong QoS rule order is incorrect for the setup Check link utilization .if the link is underutilized. on page 371 and Sending a Traceroute Packet. Check the following tables to ensure that they contain everything they should: Subnets table—contains all subnets that are part of the Accelerator’s network that need to be advertised. on page 371 to check routes to remote Accelerators and networks. Local and Remote Subnets—use the CLI show subnets command to view all local and remote subnets known to the Accelerator. If acceleration percentages are not as expected. Can you access a remote device? Can you access the remote Accelerator? Can you access the remote router? From the remote Accelerator. use the tools Sending a Ping to the Remote Accelerator. Links table—contains all remote networks that the Accelerator is aware of for Acceleration and QoS. Routing table—must list all next hops necessary to reach all remote networks. check for greedy applications Accessing Remote Devices If all necessary connections have been made.

Consider the following: Is by-pass disabled on the other side of the link? Are the bandwidth settings correct? Is Acceleration enabled on both sides of the link? Is the MTU size set correctly and not larger than the maximum MTU of the link path? Are the correct subnets advertised to the remote site? Is there bandwidth oversubscription on the WAN or on a link? Are packets being dropped on the link? In case there is a firewall in the path.Checking Link Malfunction C he ck in g L in k M a lf un c ti on 361 If the link is not operating as expected. ensure that the Accelerator configuration reflects the hardware and software infrastructure. Some external devices may require that the Accelerator be transparent .consider using RTM encapsulation. are IPComp and TCP port 1928 open? Is the correct link destination address configured? . Perhaps performance is being affected by misapplied MPLS or load balancing in the network.

This will reset the terminal settings and let you log in as “expand”.362 C h ap t er 13: Troubleshooting Checking for a Corrupted Terminal If the terminal settings become corrupted. no flow control. 1 stop bit. no parity. 8 data bits.1 Us er Gu id e . Ensure that the terminal settings on your terminal emulation are correct: 9600 baud. exit to the login prompt and log into the Accelerator as the user named 'r' with no password. Ac ce ler at o rOS Ve rsi on 7. as usual.0 .

Ensure that the correct HSRP group is configured . In AcceleratorOS 5. In the CLI this is accomplished using the join command. Ensure that the correct Priority is configured so the Accelerator does not conflict with the same priority on another unit in the group. after HSRP group parameters are updated.0 and above.Checking HSRP Malfunction Ch e ck in g HS RP Ma lf un c ti on 363 Ensure that you “join” the HSRP group.check the configuration on the other units in the group. If authentication is used. the Accelerator must join the group. Ensure that the correct virtual IP address is configured. ensure that you use the same password (default cisco) .

it could be due to the definition of the local subnet. Ac ce ler at o rOS Ve rsi on 7.364 C h ap t er 13: Troubleshooting Checking QoS Malfunction QoS on a non-link: if QoS is not functioning as expected for non-link traffic. Check that the application definitions are correct. If a local subnet is not defined as LOCAL. the Accelerator QoS and monitoring features do not function properly. Ensure that all local subnets are defined as local.1 Us er Gu id e . Check that the policy rules are applied on the correct links. Ensure that the bandwidth statements on the links are correct.0 .

Chapter 14: Using the Accelerator Tools The Accelerator Tools let you manage AcceleratorOS upgrade versions. on page 366 Using the Configuration Tools. This chapter contains the following sections: Upgrading the AcceleratorOS Software. on page 368 Using the General Tools. on page 376 Accdump. on page 375 Archiving Log Files. save and replace the Accelerator’s configuration file and perform tasks such as traceroute and ping. on page 370 Managing User Files. on page 374 Viewing System Information. on page 377 .

5. In the fields provided. Click on the Tools tab. 4. to select the way the file will be copied (FTP.0 . Scroll down in the Copy method field. if your Accelerator uses a Compact Flash card. in case of a hard drive-based Accelerator. After rebooting. Enter the path to the file. TFTP or HTTP). the Accelerator extracts the file and runs it. Reboot the Accelerator with the new file name.1 Us er Gu id e . To upgrade software: 1. Password and IP address of the device from which the files are to be copied. Alternatively. Click the Submit button to copy the file to the user area. followed by Upgrade. 6.366 C h ap t er 14: Using the Accelerator Tools Upgrading the AcceleratorOS Software You can upgrade the AcceleratorOS software by uploading software from a remote server or from the local drive.tgz file). at least 10 MB of free space is provided on the card for file extraction. Figure 1: Copy Upgrade Package screen Ac ce ler at o rOS Ve rsi on 7. 3. followed by the file name (the file will be a *. enter the User Name. 2. Select Locally stored on Accelerator to upgrade to an AcceleratorOS version that is stored locally on the Accelerator. 7.

.0(6). and create applications expand-internal with port 1928. rename these applications exactly as in the preconfigured application before performing an upgrade. remove these ports from the list or range. Then change the policy-rules to match also this application. If applications have been configured for port of 1928 (saved for the expand-internal application) or 2598 (citrix-ica-sr). note that two new preconfigured applications were added in this version that may affect user-defined applications on the same ports.U pgra di n g the Ac ce le ratorOS S oft wa re 367 i Note: If you are running a version of AcceleratorOS previous to 5. If an application exists for a list of ports or range of ports that include the specified port numbers (1928 and 2598). and citrix-ica-sr with port 2598.

Click the Erase Startup Configuration button.368 C h ap t er 14: Using the Accelerator Tools Using the Configuration Tools Changes made to the Accelerator’s configuration are automatically saved to the Accelerator’s Running Configuration and are applied until changed or until the Accelerator is shut down. In the WebUI.1 Us er Gu id e . and therefore all changes made to the Accelerator since its last shutdown are now saved as the startup configuration 3. to select the way the file is copied (FTP. Figure 2: Configuration Tools screen To save a startup configuration: 1. 2. 4. even after shutdown. Ac ce ler at o rOS Ve rsi on 7. TFTP or HTTP). followed by Configuration Tools. Click on Tools. 2. Click on Tools. Any changes that you want to remain configured on the Accelerator.0 . Scroll down in the Copy method field. Click the Write Startup Configuration button. followed by Configuration Tools. To erase the startup configuration saved on the Compact Flash Card: 1. must be saved to the Accelerator’s Startup Configuration. i Note: The running configuration is saved as the startup configuration. make any changes to be saved.

1. Click on Tools. 1. followed by Configuration Tools. 2. To import the startup configuration: Importing the startup configuration opens a web page dialog that lets you browse to select a configuration file to be uploaded to the Accelerator. Click on Tools. You can either save this file for future reference or upload it to other Accelerators. 2.U sin g t h e Co n fi g ur at io n To ol s 369 To export the startup configuration: Exporting the startup configuration opens a web page dialog that displays the Accelerator’s startup configuration in CLI command format. . followed by Configuration Tools. Click on Tools. followed by Configuration Tools. To export the running configuration: Exporting the running configuration opens a web page dialog that displays the Accelerator’s running configuration in CLI command format. Click the Import Configuration button. You can either save this file for future reference or upload it to other Accelerators. Click the Export Running Configuration button. 1. 2. Click the Export Startup Configuration button.

on page 372 Gathering Statistics for Technical Support.1 Us er Gu id e . Figure 3: General Tools The general tools are as follows: Sending a Ping to the Remote Accelerator. on page 371 Rebooting the Accelerator. on page 372 Ac ce ler at o rOS Ve rsi on 7.0 .370 C h ap t er 14: Using the Accelerator Tools Using the General Tools General tools are provided to let you use basic networking tools and commands via the Accelerator WebUI. on page 371 Sending a Traceroute Packet.

Under Traceroute. 2. enter the number of times to try sending packets to the remote device. In the Number of Times field. In the Packet Size field. 3. Click the Trace Route button. To send a traceroute: 1. in the Destination IP Address field. 5. enter the size of the ping packets to be sent (default is 64 bytes). Click Tools followed by General Tools. Sending a Traceroute Packet The Accelerator lets you send a traceroute packet to network devices and remote Accelerators from the Accelerator via the WebUI. In the Maximum Number of Hops field. Click Tools followed by General Tools.U si n g th e G en e ral To ol s 371 Sending a Ping to the Remote Accelerator The Accelerator lets you use the WebUI to Ping network devices and remote Accelerators. 2. enter the IP address of the device to which the ping is to be sent. Under Ping. enter the IP address of the device to which the traceroute is to be sent. 4. . in the Destination IP Address field. To ping a network device: 1. Click the Ping button. enter the maximum length the packet can travel before arriving at the designated destination (default is 30). 4. 3.

2. To create a compressed archived file. 2. unless other changes were saved.372 C h ap t er 14: Using the Accelerator Tools Rebooting the Accelerator Rebooting the Accelerator does not save changes from the current running configuration to the Startup configuration. The Accelerator reboots using the previously saved Startup configuration. Ac ce ler at o rOS Ve rsi on 7. You can use one command to gather all of the necessary information. Archived File. it may take a minute to load. The Technical Support dialog box appears. followed by General Tools. on page 355. To view Accelerator troubleshooting statistics: 1. Under Reboot. Click the Show Technical Support button. To reboot the Accelerator: 1. Click on Tools. click Yes to continue. Click Tools followed by General Tools.0 . see Displaying Statistics in a Compressed. When prompted. 3. it may be necessary to gather many statistics for Expand Networks’ Technical Support. click the Reboot button. Gathering Statistics for Technical Support In the unlikely event of Accelerator malfunction or error. All users logged into this machine will be logged out.1 Us er Gu id e .

U si n g th e G en e ral To ol s 373 3. Figure 4: Troubleshooting Information . as either a text or an HTML file. 4.com and attach the file. 5. Send an E-mail to technical support at TAC@expand. Click the Print button to print the data. 6. on page 423. Alternatively. Click the Save button to save this data in the requested location. you can contact customer support in the methods described in Contacting TAC. Click Close to close the pop-up.

Figure 5: User Files screen To remove files from the Flash card or hard drive: 1. for hard drive-based Accelerators).374 C h ap t er 14: Using the Accelerator Tools Managing User Files The User Files screen lets you manage the files that are located in the User Area of your Flash card (or hard drive.0 . 2. 3. you can use the User Files screen for deleting unneeded files.1 Us er Gu id e . Ac ce ler at o rOS Ve rsi on 7. Highlight the files to be deleted. If more space is needed on the Flash card/hard drive. Click Tools followed by User Files. The date listed for the file is the date when the file was copied. Click the Delete button.

Viewing System Information Vie w in g Sy st em In fo rm a ti on 375 The System Information screen lets you view information regarding several aspects of the system. click the Advanced Setting Configuration button. 2. such as the CPU operating frequency and model name as well as CPU and Memory Utilization Information. Select the Basic tab. click Tools followed by System Information. To set up the requested maximum links: 1. 4. To display system information in the Accelerator’s WebUI. enter a value in the Requested Max Links field. Under Basic. 3. Figure 6: CPU and Memory Information screen Almost all parameters shown in this screen are for display only and cannot be changed. Click Setup followed by My Accelerator. The only parameter that you can set is Requested Maximum Links. . In the Maximum Links section.

376 C h ap t er 14: Using the Accelerator Tools Archiving Log Files The log archiving feature lets you concentrate all existing log archives in the Accelerator. Click the Create Log Archive button to create a new log archive.1 Us er Gu id e . The suffix is predetermined by the system (time stamp). You can create archive files for the following types of logs: AOS Webcache WAFS Statistics To create an archive log file: 1. Figure 7: Archiving Screen 2. Click Tools followed by Archiving. select these files in the table and click the Delete button. to create one compressed archive file. To download one file or more. select these files in the table and click the Download button. Ac ce ler at o rOS Ve rsi on 7. To delete one file or more. The newly created log file now appears in the log archive files table. Use the Log Archive Prefix field to set the prefix for the log file you want to create (default: acclog).0 . 3.

zip. You can capture the tcpdump information from various sources. on page 378 Deleting Accdump Files. on page 380 Downloading Accdump Files. See the following for more information: Enabling Accdump.Accdump i Ac cd u mp 377 Note: This feature is only available to Accelerators that are configured with a hard drive. This data is stored in the user area of the Accelerator as a zip file in the following format/location: /user_area/ACCDumpfiles*. The Accdump feature lets you download and display tcpdump information from the system. namely: to intercept and display TCP/IP and other packets being transmitted or received over a network to which the computer is connected. on page 380 Figure 8: AccDump screen . Note that once the Accdump is activated a new file will be created for approximately every 10MB of data. and select whether to receive this information from all these sources or only from a single source.

in which case the default number of files (100) and file size (10MB) is used. see Deleting Accdump Files. To download an Accdump file. 2. on page 380. select Other and insert your customized values. otherwise 2 pairs. Click Tools followed by Accdump. and the maximum size of all files combined must not exceed 1GB. the files are saved in a cyclic manner. and select the Enabled option to start the Accdump operation. Note too. To enable Accdump: 1. 4 pairs are shown. i Note: The number of files cannot exceed 999. none available (N/ A) or a particular interface. Ac ce ler at o rOS Ve rsi on 7. Additional ports are shown only for platforms which support multi-port. The Interface drop-down menu shows all detected Accelerator interfaces. Under Number of Files.0 . 3.378 C h ap t er 14: Using the Accelerator Tools Enabling Accdump For more information on Accdump. see Downloading Accdump Files. see Accdump. the UI shows only the amount of available ports. on page 377. Alternatively.1 Us er Gu id e . If optional panels are used. on page 380. Under Interface. Click on the scroll box near the Accdump field. you can select the Auto option. In other words. To delete an Accdump file. select whether to enable all interfaces (Any). as indicated in the following figure: Figure 9: AccDump Interface Port Selection 4.

7.6.0/24 produce a report that: • -q produces a report that includes less protocol information so that the output lines are shorter.0 7.255.8) produce a report that: • -v produces (slightly more) verbose output.0 mask 255. Also enables additional packet integrity checks such as verifying the IP and ICMP header checksum.2. For all traffic between the two hosts (1. • -s0 includes all TCP sequence numbers • -v produces (slightly more) verbose output. or belong to a specific type. Use the File Format scroll box to select in which file format the files are to be saved and downloaded to the local host. For some examples.3. if you want to . For example. the time to live. you are now ready to enable Accdump and download the tcpdump files. total length and options in an IP packet are printed. Alternatively. Having set all the requested definitions. -v host 1. enter these flags in the Optional Flags field.2.3.8 -q net 1. The available types are Pcap (saves the default format) and Enc (reformats the file). total length and options in an IP packet are printed. identification.255.3. you can use the Filter Expression field to intercept only packets that come from a specific source or IP address. If you do not want to dump all of the packets (default).7.2. the time to live. see TCPDump Optional Flags. The entire flag list is found in the section TCPDump Optional Flags. on page 425: Filter Expression -e -v -s 0 tcp port 1928 or tcp port 80 Explanation For all traffic on port 1928 or all TCP traffic on port 80.Ac cd u mp 379 5. identification.6. see the following table which also uses the TCP optional flags as part of the expression for the filter. For example. on page 425.4 and 5. For all traffic belonging to network 1. If you want to use one or more optional flags.3.2.4 and host 5. produce a report that: • -e: includes the link-level header on each dump line. For a detailed description of the optional flags. 6. are destined to a specific port or IP address. Also enables additional packet integrity checks such as verifying the IP and ICMP header checksum.

8.0 . click on the scroll box near the Accdump field and select the Disabled option. Ac ce ler at o rOS Ve rsi on 7. You are prompted that downloading the Accdump files will delete the existing files. 2. Downloading Accdump Files To download Accdump files: 1. Select the requested location and click Save. To stop the Accdump operation. all existing Accdump files are deleted. see Downloading Accdump Files. 10. if you want to download the Accdump file. 9. 4. Deleting Accdump Files To delete an Accdump file. In the Accdump Files Table. 3. Click the Submit button. Click the Download button.1 Us er Gu id e . on page 380. select the checkbox to highlight the files you want to download. Click OK.380 C h ap t er 14: Using the Accelerator Tools revert to default values. Click OK to confirm the operation. When you enable the Accdump feature again. select the file in the Accdump table and click Delete. The dialog box that appears now requests you to select a location for saving the file. click the Set Default Values button and confirm this operation.

Automatically Monitored? No No No No No No No No No No Yes Yes Yes Yes No Yes No No No No No No No No No Application tcpmux compressnet-mgmt compressnet echo discard systat daytime qotd msp chargen ftp-data ftp ssh telnet priv-mail smtp nsw-fe msg-icp msg-auth dsp priv-print time rap graphics nicname Port/Protocol Number 1 2 3 7 9 11 13 17 18 19 20 21 22 23 24 25 27 29 31 33 35 37 38 41 43 .Appendix A: Pre-Defined Applications The following table lists all applications that are predefined in the Accelerator. their port/protocol number and whether they are monitored by the Accelerator by default.

0 .1 Us er Gu id e .382 A p pe n di x A: Pre-Defined Applications Application (Continued) ni-ftp auditd tacacs xns-time domain xns-ch isi-gl xns-auth priv-term xns-mail priv-file ni-mail acas whois++ covia tacacs-ds sql*net gopher priv-dialout deos priv-rje vettcp finger http-www hosts2-ns xfer mit-ml-dev ctf mfcobol priv-termlink su-mit-tg dnsix mit-dov npp dcp objcall dixie Port/Protocol Number 47 48 49 52 53 54 55 56 57 58 59 61 62 63 64 65 66 70 75 76 77 78 79 80 81 82 83 84 86 87 89 90 91 92 93 94 96 Automatically Monitored? No No No No Yes No No No No No No No No No No No No No No No No No No Yes No No No No No No No No No No No No No Ac ce ler at o rOS Ve rsi on 7.

383 Application (Continued) swift-rvf tacnews metagram newacct hostname iso-tsap gppitnp acr-nema csnet-ns 3com-tsmux snagas pop2 pop3 mcidas auth audionews ansanotify uucp-path sqlserv nntp erpc smakynet ansatrader locus-map unitary locus-con gss-xlicen pwdgen cisco-fna cisco-tna cisco-sys ingres-net endpoint-mapper profile netbios-ns netbios-dgm netbios-ssn Port/Protocol Number 97 98 99 100 101 102 103 104 105 106 108 109 110 112 113 114 116 117 118 119 121 122 124 125 126 127 128 129 130 131 132 134 135 136 137 138 139 Automatically Monitored? No No No No No No No No No No No No Yes No No No No No No No No No No No No No No No No No No No No No Yes Yes Yes .

384 A p pe n di x A: Pre-Defined Applications Application (Continued) emfis-data emfis-cntl bl-idm imap2 uma uaac iso-tp0 iso-ip jargon aed-512 sql-net bftp netsc-prod netsc-dev sqlsrv knet-cmp pcmail-srv nss-routing snmp snmptrap xns-courier s-net namp rsvd send print-srv multiplex cl-1 xyplex-mux mailq vmnet genrad-mux nextstep bgp ris unify audit Port/Protocol Number 140 141 142 143 144 145 146 147 148 149 150 152 154 155 156 157 158 159 161 162 165 166 167 168 169 170 171 172 173 174 175 176 178 179 180 181 182 Automatically Monitored? No No No Yes No No No No No No No No No No No No No No Yes Yes No No No No No No No No No No No No No No No No No Ac ce ler at o rOS Ve rsi on 7.0 .1 Us er Gu id e .

385 Application (Continued) ocbinder ocserver remote-kis kis aci mumps qft gacp prospero osu-nms srmp irc dn6-nlm-aud dn6-smm-red dls dls-mon smux src at-rtmp at-nbp at-3-5-7-8 at-echo at-zis quickmail z39-50 914c-g anet vmpwscs softpc cai-lic dbase mpp uarps imap3 fln-spx rsh-spx cdc Port/Protocol Number 18 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 206 209 210 211 212 214 215 216 217 218 219 220 221 222 223 Automatically Monitored? No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No No Yes No .

8080 614 636 666 989 990 992 994 995 1352 1419 1433 1434 1477 1478 1494 1498 Automatically Monitored? No No No No No No Yes Yes No No No No No No No No No No No No No No No No No No No No No Yes No No No No No Yes Yes Ac ce ler at o rOS Ve rsi on 7. 8008.386 A p pe n di x A: Pre-Defined Applications Application (Continued) peer-direct sur-meas daynachip link dsp3270 bh-fhs ldap https smtps exec login shell printer talk ntalk ibm-db2 uucp rtsp nntps banyan-vip alternate-http sshell ldaps doom ftps-data ftps telnets ircs pop3s notes timbuktu-srv ms-sql-server ms-sql-monitor ms-sna-server ms-sna-base citrix-ica sybase_sqlany Port/Protocol Number 242 243 244 245 246 248 389 443 465 512 513 514 515 517 518 523 540 554 563 573 591.0 .1 Us er Gu id e .

2103. 1526.387 Application (Continued) t-120 oracl-tns ingres-lock oracl-srv oracl-coauthor oracl-remdb oracl-names america-online h323 oracl-em1 oracl-em2 ms-streaming ms-sms ms-mqs oracl-vp2 oracl-vp1 openwindows gupta-sqlbase cvs-pserver citrix-ica-sr sybase-sqlanywhere ccmail ms-terminal-server sap-r3 ibm-db2-conn-svc ibm-db2-int-svc ichat pc-anywhere-data xwin ircu vdolive realaudio cu-seeme alternate-rtsp the-palace quake filenet-RPC Port/Protocol Number 1503 1521. 2105 1808 1809 2000 2155 2401 2598 2638 3264 3389 3200 3700 3701 4020 5631 Automatically Monitored? No No No Yes No No No No No No No No No No No No No No No No No No Yes No No No No No Yes No 7000 7070 8554 26000 32769 No No No No No No No . 1527 1524 1525 1529 1571 1575 1720 1748 1754 1755 1801. 2101.

1 Us er Gu id e . 6257 445 39 50 51 67 68 69 88 120 123 177 213 247 370 407 512 513 514 520 1558 1604 1718 1719 Automatically Monitored? No No No No No No No No No No No No No No Yes No No No No No Yes Yes No Yes No No No No No No No No No No No No No Ac ce ler at o rOS Ve rsi on 7.388 A p pe n di x A: Pre-Defined Applications Application (Continued) filenet-NCH kazaa gnutella-svc gnutella-rtr edonkey radius radius-acct groupwise smaclmgr nameserver wins pcanywhere bittorent winmx microsoft-ds rlp re-mail-ck la-maint bootps bootpc tftp kerberos cfdptkt ntp xdmcp ipx-tunnel subnet-bcast-tftp backweb timbuktu biff who syslog ip-xns-rip streamworks-xing-mpeg citrix-icabrowser h323-gatekeeper-disc h323-gatekeeper-stat Port/Protocol Number 32770 1214 6346 6347 4662 1812 1813 1677 4660 42 1512 65301 6699.0 .

9945. 56768 1701 2427 1985 525 2049 546. 847 Automatically Monitored? No No No No No No No No No No Yes Yes Yes Yes 3777 396 1 2 4 8 9 23 24 25 26 41 46 47 50 51 58 88 89 94 103 105 108 Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes . 547.389 Application (Continued) ms-mqs-discovery ms-mqs-ping rtp rtcp pc-anywhere-stat ivisit l2tp sgcp hsrp timed nfs dhcp mimix-dr1 mimix-ha1 mimix-rj novel-netware-over-ip icmp igmp ipencap egp igp trunk-1 trunk-2 leaf-1 leaf-2 ipv6 rsvp gre ipv6-crypt ipv6-auth ipv6-icmp eigrp ospf ipip pim scps ipcomp Port/Protocol Number 1801 3527 5004 5005 5632 9943. 647.

0 .1 Us er Gu id e .390 A p pe n di x A: Pre-Defined Applications Application (Continued) ipx-in-ip vrrp l2tp-over-ip stp isis Port/Protocol Number 111 112 115 118 124 Automatically Monitored? Yes Yes Yes Yes Yes Ac ce ler at o rOS Ve rsi on 7.

on page 404 Calculating Acceleration using other Applications.Appendix B: Accelerator Integration Integrating the Accelerator into environments in which third party applications run on the network sometimes requires a certain amount of fine tuning. on page 392 Configuring NetFlow. on page 401 Disabling Compression on SAP. This appendix covers the following topics: Acceleration and Citrix Traffic. on page 406 . This appendix describes various environments and applications and how to best set them for Accelerator performance.

The results achieved by this mechanism are not at all comparable to the throughput increase achieved by the Accelerator.392 A p pe n di x B: Accelerator Integration Acceleration and Citrix Traffic The Accelerator utilizes network resources efficiently and delivers improved acceleration results for Citrix-hosted applications. Ac ce ler at o rOS Ve rsi on 7. It constitutes almost 30% of the Citrix packet. more consistent Citrix performance. and sends packets optimized for specific WAN conditions. and support of up to four times more Citrix users on the existing infrastructure. The end result is better.0 . The Accelerator eliminates all redundant data transmissions across the WAN. Citrix has its own internal compression mechanism. Controlling latency and jitter: the Accelerator reduces latency and jitter. The Accelerator enhances support for Citrix applications. The Accelerator achieves this increase in throughput by: Consolidating Citrix header data in pure IP implementations: IP header represents significant overhead in small packets generated by Citrix.1 Us er Gu id e . especially over slow WAN links that are commonly used for Citrix deployments. because acceleration allows more Citrix data to traverse the WAN. but disabling compression via the WebUI will cause all links that are not accelerated to become congested and unusable. Citrix users repeatedly access the same content from the network. Citrix’s internal compression mechanism must be disabled so that the Accelerator can access the original data. Disabling Citrix NFuse Compression You can disable Citrix compression on each Citrix client PC. When accelerating Citrix traffic. Consolidating Citrix payload in all environments: the Accelerator extracts data from small packets originating from different Citrix users. The Accelerator removes repeat-header information and sends this data only once across the network.

Chtmllogin. 2. . Copy the two ica files provided here into the following directory: C:\Program Files\Citrix\NFuse 3. launch.vbs. also referred to as ICA. Copy the three vbs files into the following directory: C:\inetpub\wwwroot\Citrix\MetaFrameXP\site\include\serverscripts 4. Clogin. This will modify the Web Interface server by creating a drop-down menu on the login page. Restart the World Wide Web service by opening a command prompt and typing: iisreset 6. Citrix.A cc el era ti on an d Ci t rix Tra f fi c 393 To disable Citrix compression: 1. 5. Back up the current copy of the following files: template.vbs. adds quite a few features that RDP does not have and therefore is popular for terminal and thin client deployments.ica. Links not connected to Accelerators should be set to With Compression. Figure 1: Citrix Login Disabling Citrix Encryption and Compression Citrix is a popular application installed on top of Microsoft’s Remote Desktop Protocol (RDP) that was created in joint development by Microsoft and Citrix. Select No Compression for all Accelerated clients in the Web Interface Login page.vbs. which will allow users to specify which type of connection is required. Any link connected to an Accelerator should be set to No Compression.

3. because encryption is random by definition. In the Connections tab. 2. For Encryption.0 . all Citrix and RDP communications to the server must meet the minimal encryption settings of the ICA and RDP protocol listener. However.394 A p pe n di x B: Accelerator Integration Both RDP and Citrix can compress traffic sent to and from the servers. and do not perform as well as Expand’s Accelerator. Settings made to the ICA or RDP listener apply to all traffic and applications. Defining Settings on the Server An administrator can set encryption and compression settings on the server for the RDP and Citrix connections by modifying the protocol’s properties. However. The RDP-Tcp properties window opens Figure 2: RDP-TCP Connection Properties Ac ce ler at o rOS Ve rsi on 7.1 Us er Gu id e . Both RDP and Citrix can encrypt traffic sent to and from the servers. double-click the RDP-Tcp connection. Open the Terminal Server Configuration console: All Programs>Administrative Tools>Terminal Server Configuration. these capabilities are limited. its very nature limits the ability of the Accelerators to remove repetitive data. Setting/checking ICA or RDP listener traffic To disable compression and encryption in RDP: 1.

Select the option “Enabled” from the radio button. the setting will replicate to the environment. 3. To speed up the process. Click OK. Set the “Encryption Level” to “Low Level” 6. Double-click the “Set client connection encryption level” setting. Open the Default Domain Group Policies on the Domain Controller (AD) 2.A cc el era ti on an d Ci t rix Tra f fi c 395 4. Under the General Tab. Click OK. 5. you can manually update the group policy by running the following command from the command line: gpupdate /force . and close the configuration console. Browse to Computer Configurations > Administrative Templates > Windows Components > Terminal Services > Encryption and Security. Once set. and close the configuration console. 5. set the encryption level to Low. To use group policies for disabling compression and encryption in RDP: 1. Figure 3: Properties window 4.

SSL also provides Ac ce ler at o rOS Ve rsi on 7. Open the Citrix Connection Configuration tool and double click on the ICA-TCP connection type. To disable compression and encryption in NFUSE and NFUSE Elite Server: Compression and encryption configurations are set during the publishing of the application and are stored within a file called template.0 . These encryption levels are the same choices available on the client (see below). Compression is enabled by default even though there is not a specific entry within the template. For additional information on turning off compression.ica file that mentions this.ica file by adding a line entered under the application name that reads Compress=Off. 3. The location of this file can vary. you can configure each application type individually for encryption. Open the Published Applications Manager tool and view the properties of the application being used. For Published Applications. In addition. Click on the Client tab and view the encryption required from the Client. see Citrix documentation: CTX554864 and CTX101865. 1.396 A p pe n di x B: Accelerator Integration To disable compression and encryption in Citrix: 1. To disable encryption. Within the Advanced Connection Settings. 4. consult with a Citrix administrator for the specific location). 2.ica. 2. however it is typically stored on the web server within the web directory (if necessary. If multiple applications exist. Publishing the application and recreating the application with the lowest encryption level of Basic can remove encryption. Edit the template. Any company that uses published applications normally requires a certain encryption level via the Published Applications Manager. the encryption required is Read only. if SSL certificates are used for creating secure web connections (web connections that begin with HTTPS: instead of HTTP). 3. set encryption to None.1 Us er Gu id e . If the application is already published. you have to enter multiple times the command Compress=Off. publish the application again with the lowest encryption level of Basic. Setting the encryption level for Published Applications can require an identical encryption level from the client.

Right-click the farm and choose Application Set settings. click on the Options tab to view and or change the settings. To disable compression and encryption for ‘farms’: 1. disabling encryption requires you to remove SSL. When enabled. Defining Settings on the Client For Citrix NFUSE is controlled via the server. Custom Connections and Published Applications allow for changes to be made on the clients. click on the tab labelled Options to view and/or change the settings. so no settings need to be altered on the client. Therefore.A cc el era ti on an d Ci t rix Tra f fi c 397 encryption for the session. Once you see the Properties menu. 3. Remove any configured application by clicking Delete. Custom connections are created from the client. Each client has a Citrix Program Neighborhood that contains settings for the connections that can override the settings on the server. Each specific published application can also have settings for encryption and compression. and you can use the Properties page to set all settings during creation or afterwards. Right click the specific application and choose Application Set settings. Once the Properties menu is displayed. For both of these. deselect compression and set encryption to Basic. 2. . Within the farm settings. click on the Options tab to view and/or change the settings. 4. Published applications use a ‘farm’ concept in which these applications can be grouped together with settings that apply for all the applications. Speed Screen Latency Reduction Manager SpeedScreen Latency Reduction Manager allows an administrator to enable compression for an application depending on the latency of the connection. Once the Properties menu is displayed. a client can set the encryption and compression. Citrix will monitor the round trip time for responses to and from the server and client and enable compression when needed. Right-click the custom connection and choose Properties.

Resolving the PNA Problem Edit the PNAgent template. the option for compression is presented when choosing the server to log into. Add the value Compress=Off under the Application tag.ica If you are unsure of the location on your server. Access the template. When the session for RDP is launched from the ‘raw’ Terminal Services Client icon.0 . Navigate to the Connection Options tab and deselect the box labelled Enable data compression if it is selected. Within the Client Connection Manager.ica file: 1. The place to set these values depends on how the RDP session is being launched. although the same is required for NFUSE as well. Turning Compression off in the PNAgent Client This section instructs you how to resolve the Citrix PNA problem by turning of compression in the PNAgent client. right-click the connection and choose Properties.398 A p pe n di x B: Accelerator Integration For RDP Only compression can be set on the client and not encryption as previously discussed regarding the Citrix client. To edit the PNA template. 2. To disable compression on the RDP client: 1.ica file on the Web Interface server. 2.ica file is different than the one used by NFUSE. This template. For most environments this will be done through the Client Connection Manager. search for the PNAgent directory and look there for a template. Data compression in the PNAgent is ON by default if the value disabling it is not present.ica file: Default location: C:\Inetpub\wwwroot\Citrix\PNAgent\template.1 Us er Gu id e . as follows: Ac ce ler at o rOS Ve rsi on 7. Understanding the PNA Problem Citrix Program Neighborhood Agent (PNA) is a combination of published applications and NFUSE.ica file.

in which each application does not open a new TCP session. The Accelerator’s Layer-7 monitoring is aware of both of these sessions. meaning that the Administrator defines certain applications on the server for users to use on their desktop. When applications are downloaded. for each Citrix application session run between the client and the server.A cc el era ti on an d Ci t rix Tra f fi c 399 [ [ NF us e _A pp N am e ]] A dd re s s= [N F us e _A pp S er ve r Ad d re ss ] I n it ia l Pr og r am = #[ NF u se _A p pN a me ] L o ng Co m ma nd L in e =” [N F us e_ A pp C om ma n dL in e ]” D e si re d Co lo r =[ N Fu se _ Wi nd o wC o lo rs ] T r an sp o rt Dr i ve r =T CP / IP W i nS ta t io nD r iv e r= IC A 3 . which is never encrypted or compressed.0 A u to Lo g on Al l ow e d= On C o mp re s s= Of f . The users can either download the applications and their names from the server. Citrix creates a TCP session for running the application and a UDP session that serves as a control for the application. If Citrix is configured to work in single-session (virtual channel) TCP. and identifies the open sessions by the new published application name. the Accelerator still has to monitor the control session (UDP). When applications are added manually. . Citrix Applications work as follows: Applications are published. Identifying Citrix Layer-7 Applications Monitoring Citrix/ICA Layer-7 traffic requires each Layer-7 application running through Citrix to open a separate TCP session. or define them manually. the Accelerator is unable to access the Layer-7 information it needs. the Accelerator does not support Citrix session sharing. i Note: The Accelerator supports both Automatic and Direct Citrix application discovery mode. The Administrator also assigns names for these applications.

! Ac ce ler at o rOS Ve rsi on 7. Setting this registry value to 1 overrides session sharing.1 Us er Gu id e . the application names defined must match the application names exactly as entered into the Citrix server WARNING! Editing the registry or using a Registry Editor incorrectly can cause serious. Create the following entry in the server’s registry (which overrides session sharing): HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Citrix\WFS HELL\TWI 3. Note that this flag is SERVER GLOBAL. All Citrix application names entered into the Accelerator must be in ALL CAPS. Back up your registry first and use Registry Editor at your own risk. i Note: When creating Layer-7 Citrix applications in the Accelerator. the client converts the published application name to capitals. Microsoft does not guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Due to this requirement.400 A p pe n di x B: Accelerator Integration To disable session sharing in the Citrix server: 1. Add the following value: Name: SeamlessFlags Data type: REG_DWORD Data value: 1 4. At the command prompt of the Citrix server. where traffic types are collected and listed.0 . take into account the following considerations: You are advised to create Citrix Layer-7 applications via the Monitoring > Layer-7 Discovery menu. instead of entering them manually. 2. when the client communicates with the server. system-wide problems that may require you to reinstall Windows to correct them. This is because in some environments. open the registry editor by entering the regedit command.

local to remote traffic. the AcceleratorOS 6. remote to local traffic (local hosts are attached to the broadcast network). UDP TRAFFIC—Total amount of UDP traffic sorted by port. relative distribution of the IP protocols according to the host name. as follows. IP MULTICAST—Total amount of multicast traffic generated or received by the host. NetFlow tracks network usage. IP TRAFFIC DISTRIBUTION—UDP vs. Traffic Monitoring. This arrangement offloads the processing requirements from operational nodes to the NetFlow host. IPX. . HTTP. thereby letting you track all traffic activities of a particular host. The following are some of the statistics and reports that you can collect by using NetFlow Traffic Measurement: DATA SENT /RECEIVED—(TOP 10) the total traffic (volume and packets) generated or received by the host. USED BANDWIDTH—Actual. TCP traffic. All packets in the subnet are captured and associated with a sender/receiver pair. Network Optimization and Planning and Detection of Network Security Violations.0 and up integrates NetFlow support for detailed reporting. average and peak bandwidth usage. generating a series of statistics for hosts sending data through the interface. While previous versions of AcceleratorOS included RMON. and so on) and IP protocol (FTP. AppleTalk. NFS. This combination enables extracting statistics like in RMON’s Top Talker. The main focus of NetFlow is Traffic Measurement. TRAFFIC DISTRIBUTION—Local traffic.USED SERVICES—List of IP-based services (for example: open and active ports) provided by the host with the list of the last five hosts that used them. TCP/UDP . The traffic is classified according to network protocol (IP. Studying Traffic Measurement Traffic Measurement measures usage of relevant traffic activities. TCP SESSIONS HISTORY—Currently active TCP sessions established/accepted by the host and associated traffic statistics. and so on). The necessary information is collected by the host running NetFlow by observing the traffic on the network.Configuring NetFlow C o nf i gu ri ng Ne tF lo w 401 The following configuration modifications are needed in order to use NetFlow with the Expand Accelerator.

which does not require the IF. If a monitoring tool has already been implemented on the network.uk/products/ntop-xtra.openxtra. it may be possible to integrate NetFlow into the existing tool (for example. Use software that does not require the IF.16. the NetFlow Monitor software does not present any statistics when working with an Accelerator. does not include the IF.0 . even when enabled.402 A p pe n di x B: Accelerator Integration Studying Traffic Monitoring Traffic Monitoring lets you identify those situations where network traffic does not comply with specified policies or when it exceeds a defined threshold. because the graphs can be interface-based (IF. network administrators specify policies that apply to the behavior of elements in the managed network.co.21 is the PC running the NetFlow application: accelerator(NetFlow) ip flow-export 172.htm Some NetFlow collectors.Index for the Netflow statistics and works very well with the Accelerator. Several open source NetFlow software platforms are available for free download. and HP OpenView support NetFlow). which can be downloaded from http://www. For example. Concord.Index).Index for flows because the Accelerator functions as a bridge. such as Crannog’s NetFlow Monitor.80.80.16. Configuring Accelerator NetFlow accelerator#config accelerator (config) #netflow accelerator (NetFlow) #? exit current node ip ip NetFlow command no remove collector show NetFlow parameters Here is an example of the config needed if 172. Therefore. require enabling SNMP. it is important to specify the version number.1 Us er Gu id e .21 port 2055 version 5 interface ethernet 0/0 Ac ce ler at o rOS Ve rsi on 7. When configuring NetFlow on the Accelerator. In general. Crannog software has another Netflow collector called NetFlow Tracker. The Accelerator’s SNMP feature.Index. Expand recommends NTop-XTRA. i Note: Only NetFlow Version 5 is supported.

80. KNOWN LIMITATION—You can enable NetFlow only on ethernet or bridge and not per link or virtual link.21|2055 | 5 | Ethernet 0/0 i Note: In On-Path installations.C o nf i gu ri ng Ne tF lo w 403 accelerator (NetFlow) # show --------------------------------------------------------# | COLLECTOR IP | PORT | VERSION | INTERFACE --------------------------------------------------------1| 172. . in On-LAN installations use Ethernet 0/1 when configuring NetFlow.16. You can configure only one NetFlow probe. use Ethernet 0.

1. and 1 in the Variable Value field. In the Environment Variables window. Ac ce ler at o rOS Ve rsi on 7.1 Us er Gu id e . click on Properties. Type TDW_NOCOMPRESS in the Variable Name field. 2. From My Computer. 4. click the New button. Click on Advanced. the following procedure describes how to disable SAP compression.404 A p pe n di x B: Accelerator Integration Disabling Compression on SAP If SAP compression must be disabled in order to achieve higher Accelerator efficiency. followed by Environment Variables. or from the Control Panel click on System.0 . Figure 4: System Properties-Advanced Tab 3.

or set the Variable Value to 0. . delete this variable.D is ab li n g Co m p r es sio n o n S A P 405 Figure 5: New User Variables To undo this procedure and restore SAP compression.

as follows: ac cI n te rf a ce P er fo r ma nc e In A cc el e ra ti o nP e ri od OI D: 1. ex pa n dn et w or k s( 34 0 5) . 3 . If you are using ExpandView to monitor Accelerators.4 . 3 1 Full path: is o( 1 ). ac cI n te rf a ce P er fo r m an ce I nA cc e le r at io n Pe ri o d( 3 0) Module: EXPAND-ACCLERETOROS-MIB Description: Inbound traffic acceleration percentage during last sampling period. or SNMPc.d od ( 6) . such as What’s Up Gold.a c ce l er at o rO s( 3 ). accInterfacePerformanceOutAccelerationPeriod OI D: 1. 3 4 Full path: is o( 1 ).1 . Use the standard method for calculating the acceleration percentage: Ac ce ler at o rOS Ve rsi on 7. and capture the relevant data. a cc In t er fa c es ( 4) .i n te r ne t( 1 ). ac cI n te r fa ce E nt ry ( 1) . 2. 1. ExpandView will automatically record the acceleration values. 2. or g (3 ) . 3 . 6 .1 Us er Gu id e . HP OpenView. For these reasons it is preferable to use ExpandView for this purpose.i n te r ne t( 1 ). en te r pr i se s( 1 ) .a c c In te r fa ce T ab l e( 2) . 4. using external applications to view acceleration statistics can be complex and it may be necessary to follow the method outlined below to avoid errors being generated by Excel.406 A p pe n di x B: Accelerator Integration Calculating Acceleration using other Applications The following section explains how to calculate the acceleration percentage achieved on the Accelerator via Excel. 3.d od ( 6) . or g (3 ) .0 . 1. 3 40 5. 1. 4. 3 40 5. 1. in which the Private MIB was not supported. you can use the Private MIB to view acceleration figures via external applications. Alternatively.a c c In te r fa ce T ab l e( 2) .1 . and use the Throughput Recorder for generating the graphs. In AcceleratorOS versions lower than 4. ac cI n te rf a ce P er fo r m an ce O ut Ac c el e ra ti o nP er i od ( 33 ) Module: EXPAND-ACCLERETOROS-MIB Description: Outbound traffic acceleration percentage during last sampling period.4 . 3. en te r pr i se s( 1 ) . 6 .0. ac cI n te r fa ce E nt ry ( 1) . by using data captured from a Management Application other than ExpandView. pr i va t e( 4) .a c ce l er at o rO s( 3 ). a cc In t er fa c es ( 4) . pr i va t e( 4) . ex pa n dn et w or k s( 34 0 5) .

if the Raw Data value is less than the Accelerated data. However.IF({Raw Data}<{Accelerated Data}. this does not cause too much of a problem.C al cu la ti ng Ac cel era ti o n u sin g o t he r A p pl ic at io n s 407 ((Raw Data/Accelerated Data)-1) x 100 In low traffic. it is a workaround enabling Excel to calculate the acceleration figures needed to produce a graph. or acceleration percentage will be 0. as it is quite easy to alter the resulting acceleration figure to a zero. Only if neither of these statements is true will Excel calculate the acceleration percentage. thus resulting in a graph with gaps. the “real” formula is: =IF(D2=0. when keepalives are sent and no data is transferred. what this formula tells Excel. as seen in the screen capture below: Working with a small amount of data."0". then the output. Although this may be true in terms of the Accelerated Data value being zero. then the output will be 0. Data})-1)*100))) Although this looks difficult. To avoid this."0". you can use the following formula: =IF({Accelerated Data}=0. or even negative acceleration figures. this causes the raw data to be low or the accelerated data to be high."0".((({Raw Data}/ {Acc. it will be almost impossible to remove all these errors. causing Excel to return error messages."0". when working with a large amount of data. and negative acceleration. .IF(C2<D2.(((C2/ D2)-1)*100))) In effect. is: If the Accelerated Data value is 0.

408 A p pe n di x B: Accelerator Integration Ac ce ler at o rOS Ve rsi on 7.0 .1 Us er Gu id e .

For a definition of and information about MIME types. on page 415 Image.org/rfcs/rfc2045. http://www. on page 417 Model. divided into the following categories: Application.faqs. on page 410 Audio.html. on page 416 Message.org/rfcs/rfc2046. on page 421 . This appendix provides a list of some very common MIME types. on page 418 Multipart.org/assignments/media-types and http://www.faqs. please see http:// www.iana.html. on page 420 Video.Appendix C: MIME Types Thousands of possible MIME types can be used as part of Web application definition. on page 419 Text.

nprend qsig resource-lists+xml rtf sbml+xml set-payment-initiation sgml sieve slate atomicmail cals-1840 cpl+xml cybercash dialog-info+xml dvcs EDI-X12 fits hyperstudio index index.cww rdf+xml remote-printing rls-services+xml samlmetadata+xml set-payment set-registration-initiation shf+xml simple-messagesummary applefile beep+xml commonground CSTAdata+xml dec-dx dns EDIFACT eshop http im-iscomposing+xml index.alvestrand.plucker reginfo+xml riscos samlassertion+xml sdp set-registration sgml-open-catalog simple-filter+xml soap+xml Ac ce ler at o rOS Ve rsi on 7.vnd isup mac-binhex40 mathematica mpeg4-generic news-transmission octet-stream parityfec pgp-keys pkcs10 pkix-cert pkix-pkipath prs.410 A p pe n di x C: MIME Types Application Application MIME Types andrew-inset batch-SMTP cnrp+xml csta+xml dca-rft dicom EDI-Consent epp+xml font-tdpfr iges index.response ipp kpml-response+xml marc mikey news-message-id ocsp-response ogg pgp-encrypted pidf+xml pkcs7-signature pkix-crl prs.1 Us er Gu id e .titrax-sheet prs.obj iotp kpml-request+xml macwriteii mbox msword ocsp-request oda pdf pgp-signature pkcs7-mime pkixcmp postscript prs.cmd index.0 .

cybank vnd.fujixerox.Ap p li ca ti on 411 Application MIME Types spirits-event+xml tve-trigger vnd.acucorp vnd.ecowin.fdf vnd.cups-postscript vnd.groove-vcard vnd.multipass vnd.ami vnd.quickcall vnd.epson.ericsson.oasys2 vnd.canon-lips vnd.simply.ecowin.ecowin.cosmocaller vnd.fujitsu.curl vnd.chart vnd.dpgraph vnd.dna vnd.msf vnd.groove-account vnd.accpac.ddd vnd.filerequest vnd.oasys vnd.lesson-player vnd.data vnd.canon-cpdl vnd.hhe.wbs+xml vnd.simply.audiograph vnd.groove-identitymessage vnd.contact.criticaltools.docuworks.Post-it-Notes vnd.imp vnd.amiga.hp-PCLXL vnd.ecowin.eudora.fujitsu.3gpp.blueice.hp-hps vnd.businessobjects vnd.tuxedo vnd.aso vnd.commerce-battelle vnd.ffsns vnd.fints vnd.cups-raster vnd.bin der vnd.anser-web-fundstransfer-initiation vnd.httphone timestamp-query vemmi vnd.imp vnd.hbci vnd.ctc-posml vnd.epson.pic-bw-large vnd.groove-tool-template vnd.3M.hp-HPGL vnd.salt vnd.pic-bw-small vnd.seriesreques t vnd.ecowin.3gpp.commonspace vnd.accpac.hzn-3d-crossword timestamp-reply vnd.3gpp.afplinedata .fujitsu.quickanime vnd.groove-help vnd.docuworks vnd.epson.3gpp.fujitsu.fujixerox.grafeq vnd.genomatix.framemaker vnd.epson.enliven vnd.fileupdate vnd.oasysgp vnd.cinderella vnd.sms vnd.oasys3 vnd.dreamfactory vnd.anser-web-certificateissue-initiation vnd.data-vision.fujitsu.bmi vnd.ecowin.ecdis-update vnd.fsc.series vnd.groove-tool-message vnd.weblaunch vnd.fujixerox.groove-injector vnd.cmsg vnd.hcl-bireports vnd.pic-bw-var vnd.esf vnd.cups-raw vnd.dxr vnd.hp-PCL vnd.aether.fut-misnet vnd.ibm.FloGraphIt vnd.rdz vnd.seriesupdate vnd.epson.acucobol vnd.xfdf vnd.adobe.claymore vnd.hp-hpid vnd.ssf vnd.oasysprs vnd.

kde.rightsmanagement vnd.mfmp vnd.electronicmedia vnd.mistyguard.DIS vnd.kde.desktop vnd.mediastation.ibm.intu.kde.lotus-organizer vnd.Mobius.informix-visionary vnd.Mobius.llamagraphics.ipunplugged.minisoft-hp3000-save vnd.Mobius.MQY vnd.koan vnd.application vnd.mozilla.micrografx.DAF vnd.MiniPay vnd.flexsuite.nncp vnd.TXF vnd.intertrust.PLC vnd.japannet-jpnstorewakeup vnd.japannetregistrationwakeup vnd.motorola.lotus-1-2-3 vnd.motorola.ttc vnd.ibm.flo vnd.flexsuite vnd.kontour vnd.kde.lotus-approach vnd.exchange+xml vnd.kspread vnd.jisp vnd.lifebalance.digibox vnd.lifebalance.mseq vnd.flexsuite.mitsubishi.japannetverificationwakeup vnd.motorola.ms-artgalry vnd.motorola.fis vnd.kde.kidspiration vnd.MSL vnd.intertrust.japannet-setstore-wakeup vnd.kde.kformula vnd.meridian-slingshot vnd.1 Us er Gu id e .lotus-freelance vnd.motorola.micrografx.mophun.is-xpr vnd.flexsuite.MBK vnd.kde.Kinar vnd.flexsuite.adsi vnd.Mobius.mif vnd.motorola.Mobius.japannet-registration vnd.kenameaapp vnd.kivio vnd.ibm.kpresenter vnd.karbon vnd.modcap vnd.rcprofile vnd.japannet-verification vnd.lotus-notes vnd.kde.xul+xml vnd.Mobius.kmr vnd.ibm.intu.Mobius.qfx vnd.cdkey vnd.certificate vnd.japannet-payment-wakeup vnd.0 .package +xml vnd.lotus-wordpro vnd.igx vnd.kword vnd.mophun.lotus-screencam vnd.motorola.mcd vnd.trustweb vnd.flexsuite.secure-container vnd.412 A p pe n di x C: MIME Types Application MIME Types vnd.ms-asf vnd.ibm.g otap vnd.flexsuite.japannet-directoryservice vnd.formnet vnd.kchart vnd.ms-excel Ac ce ler at o rOS Ve rsi on 7.w em vnd.intercon.qbo vnd.irepository.llamagraphics.liberty-request+xml vnd.

sus-calendar vnd.landmark+xml vnd.ms-lrm vnd.seemail vnd.powerbuilder6 vnd.noblenet-sealer vnd.uplanet.alert-wbxml vnd.uplanet.paos.vectorworks .signal vnd.noblenet-directory vnd.uplanet.uplanet.informed.sealed.palm vnd.music-niff vnd.ptid1 vnd.informed.net vnd.uplanet.Quark.swiftview-ics vnd.ht ml vnd.smaf vnd.uplanet.sealed.publishare-deltatree vnd.formdat a vnd.pdf vnd.sealed.list vnd.EDM vnd.ppt vnd.sealedmedia.uplanet.shana.ufdl vnd.previewsystems.shana.syncml.for mtemplate vnd.pg.sealed.sealed.svd vnd.sealed.ms-powerpoint vnd.noblenet-web vnd.syncml.uplanet.bearer-choice vnd.softseal.ds.packag e vnd.EDX vnd.ms-works vnd.powerbuilder75 vnd.truedoc vnd.softse al.listcmd vnd.netdeploy vnd.uiq.xls vnd.radio-presets vnd.QuarkXPress vnd.omads-email+xml vnd.omads-folder+xml vnd.street-stream vnd.doc vnd.channel vnd.omads-file+xml vnd.nokia.ms-project vnd.msign vnd.obn vnd.nokia.pg.sss-cod vnd.shana.notification vnd.uplanet.powerbuilder6-s vnd.ms-tnef vnd.uplanet.osa.triscape.osasli vnd.sss-ntf vnd.nokia.EXT vnd.netfpx vnd.s3sms vnd.radio-preset vnd.novadigm.format vnd.xml vnd.uplanet.theme vnd.Ap p li ca ti on 413 Application MIME Types vnd.informed.nervana vnd.nokia.sss-dtf vnd.cacheop vnd.RenLearn.pwg-xhtml-print+xml vnd.landmark+wbx ml vnd.eml vnd.uplanet.sealedmedia.novadigm.mht vnd.pvi.ms-wpl vnd.landmarkcollection+xml vnd.picsel vnd.shana.informed.nokia.rlprint vnd.box vnd.cacheop-wbxml vnd.rapid vnd.list-wbxml vnd.musician vnd.powerbuilder7 vnd.listcmd-wbxml vnd.powerbuilder7-s vnd.uplanet.alert vnd.novadigm.interchange vnd.mxs vnd.vcx vnd.bearerchoice-wbxml vnd.channel-wbxml vnd.powerbuilder75-s vnd.+xml vnd.trueapp vnd.pwg-multiplexed vnd.

csp+wbxml vnd.wap.hv-voice vnd.vividence.wap.smafphrase whoispp-query wordperfect5.vsf vnd.yamaha.wap.webturbo vnd.1 xml xmpp+xml vnd.wordperfect vnd.visionary vnd.wv.1 Us er Gu id e .wqd vnd.smaf-audio watcherinfo+xml wita xhtml+xml xml-external-parsed-entity zip Ac ce ler at o rOS Ve rsi on 7.vidconferenc e vnd.yamaha.csp+xml vnd.wv.xara vnd.xfdl vnd.yamaha.ssp+xml vnd.414 A p pe n di x C: MIME Types Application MIME Types vnd.yellowriver-custom-menu whoispp-response x400-bp xml-dtd xop+xml vnd.visio vnd.hv-dic vnd.vidsoft.wbxml vnd.sic vnd.slc vnd.yamaha.wap.stf vnd.wmlc vnd.wv.wmlscriptc vnd.wt.hv-script vnd.wap.0 .yamaha.wrq-hp3000-labelled vnd.scriptfile vnd.

voice vnd.cvsd AMR BV16 CN dsr-es202050 DVI4 EVRC-QCP G723 G726-32 G729 GSM L8 L24 MP4A-LATM mpeg4-generic PCMU RED SMV-QCP VDVI vnd.vbk vnd.Audio 3gpp basic clearmode dsr-es201108 dsr-es202212 EVRC0 G.ecelp4800 vnd.ecelp9600 vnd.3gpp.audiokoz vnd.nuera.nse vnd.vmx.cns.nokia.octel.anp1 vnd.inf1 vnd.nuera.sid SMV telephone-event vnd.cisco.cns.ecelp7470 vnd.lucent.mobile-xmf vnd.softseal.plj vnd.rhetorex.nuera.sbc vnd.iufp vnd.everad.32kadpcm Au d io 415 AMR-WB BV32 DAT12 dsr-es202211 EVRC G722 G726-16 G726-40 G729D GSM-EFR L16 LPC mpa-robusta parityfec prs.1 G726-24 G728 G729E iLBC L20 MPA mpeg PCMA QCELP SMV0 tone vnd. mpeg .sealedmedia.nortel.722.digital-winds vnd.

inf2 vnd.fastbidsheet vnd.wbmp vnd.wap.net-fpx vnd.gif vnd.djvu vnd.0 .microsoft.png vnd.fujixerox.416 A p pe n di x C: MIME Types Im age cgm gif jpeg naplps prs.edm ics-rlc vnd.softseal.fpx vnd.sealedmedia.fst vnd.xiff Ac ce ler at o rOS Ve rsi on 7.btif tiff vnd.pgb g3fax jp2 jpx prs.pti tiff-fx vnd.icon vnd.globalgraphics.edmics-mmr vnd.sealed.mix vnd.svf fits ief jpm png t38 vnd.ms-modi vnd.1 Us er Gu id e .sealedmedia.dwg vnd.jpg vnd.cns.fujixerox.dxf vnd.softseal.

M e ssage CPIM external-body partial sip delivery-status http rfc822 sipfrag disposition-notification news s-http tracking-status Me ss ag e 417 .

1 Us er Gu id e .vtu vnd.0 .transmit.mts vnd.gdl vnd.gtw vnd.3dml vnd.gs-gdl vnd.text mesh vnd.flatland.parasolid.parasolid.transmit.binary vrml Ac ce ler at o rOS Ve rsi on 7.dwf vnd.418 A p pe n di x C: MIME Types Model iges vnd.

Multipart alternative digest header-set related voice-message appledouble encrypted mixed report M ul ti part 419 byteranges form-data parallel signed .

IPTC.NITF [IPTC] xml css dns example parityfec rfc822-headers sgml uri-list xml-external-parsedentity csv ecmascript (obsolete) html plain richtext t140 vnd.1 Us er Gu id e .NewsML [IPTC] Ac ce ler at o rOS Ve rsi on 7.0 .420 A p pe n di x C: MIME Types Text calendar directory enriched javascript (obsolete) RED rtx troff vnd.IPTC.

Video 3gpp BMPEG DV H263 H264 MP1S mp4 mpeg parityfec rtx 3gpp2 BT656 example H263-1998 JPEG MP2P MP4V-ES mpeg4generic pointer SMPTE292M 3gpp-tt CelB H261 H263-2000 MJ2 MP2T MPV nv raw vc1 Vid eo 421 .

1 Us er Gu id e .0 .422 A p pe n di x C: MIME Types Ac ce ler at o rOS Ve rsi on 7.

on page 355. SEs may involve R&D engineers in order to ensure that problem cases are resolved to the customer's satisfaction. The SE becomes the call owner and is responsible for ensuring that the problem is addressed and fixed quickly. In other instances. To gather Accelerator troubleshooting information. To do this. SEs may replicate a customer's environment in the TAC laboratory.Appendix D: Contacting TAC Expand Networks is dedicated to delivering both excellent products and customer support. to open Priority 3 cases. TAC SEs work with customers until their problems are resolved. Customer call center agents answer calls and dispatch problems to Support Engineers (SEs) for resolution. . The TAC includes highly trained engineers. The Expand Technical Assistance Center provides around-the-clock support to customers worldwide. call our toll free TAC number at: International: +1-920-490-7337 North America: +1-877-4-EXPAND (877-439-7263) UK 08004049236 Ireland 1800559803 Netherlands 08000233047 France 0800906560 When contacting the TAC. it is essential that information about the nature of the problem be at your disposal. You can open Priority 1 and 2 cases by calling TAC. use the show tech-support command as described in Displaying Information for Troubleshooting. TAC is available to all partners and registered customers and allows posting support inquiries directly to Expand’s help desk. use Expand’s Extranet or Channel Portal. including Cisco Certified Internetwork Experts (CCIEs) and Microsoft Certified Professionals (MCPs). In a critical network-down problem. Expand Networks wishes to offer you the best tech support it can. When deemed necessary. we are committed to solving your networking problems. From our Technical Assistance Center (TAC) to our online Knowledge Base. The TAC works closely with customers to isolate and replicate problems.

424 A p pe n di x D: Contacting TAC Figure 1: Opening a Support Case Ac ce ler at o rOS Ve rsi on 7.1 Us er Gu id e .0 .

-u. If that address or netmask are not available. The AcceleratorOS supports the following flags: -A.Appendix E: TCPDump Optional Flags You may encounter several TCP flags when using TCPDump.usually it hangs forever translating non-local internet numbers). -S. -O. -a Print each packet (minus its link level header) in ASCII. . i Note: The use of the -l flag by the ‘|’ pipe is not supported in the WebUI. and any attempt for such a use results in an error message. i Note: The -a flag is not supported when ethereal is used. -e. -e Print the link-level header on each dump line. -l. -l Make stdout line buffered. Handy for capturing web pages. The test for `foreign' IPv4 addresses is done using the IPv4 address and netmask of the interface on which capture is being done. -f Print `foreign' IPv4 addresses numerically rather than symbolically (this option is intended to get around serious brain damage in Sun's NIS server --. Useful if you want to see the data while capturing it. -X. this option will not work correctly. either because the interface on which capture is being done has no address or netmask or because the capture is being done on the Linux “any” interface. -v. which can capture on more than one interface. This chapter describes the uses of each of these flags. -x. -q. -p. -R. -f. -t.

1 Us er Gu id e . -S Print absolute. -w When writing to a file with the -w option.426 A p pe n di x E: TCPDump Optional Flags -O Do not run the packet-matching code optimizer. Ac ce ler at o rOS Ve rsi on 7. -u Print undecoded NFS handles. -x Print each packet (minus its link level header) in hex. identification. the number of packets captured. Also enables additional packet integrity checks such as verifying the IP and ICMP header checksum. tcpdump cannot deduce the version of ESP/ AH protocol. For example. every 10 seconds. `-p' cannot be used as an abbreviation for `ether host {local-hw-addr} or ether broadcast'. Since there is no protocol version field in ESP/AH specification. the padding bytes will also be printed when the higher layer packet is shorter than the required padding. Note that this is the entire link-layer packet. tcpdump will not print replay prevention field.0 . rather than relative. hence. Print less protocol information so output lines are shorter. This is useful only if you suspect a bug in the optimizer. -q Quick (quiet?) output. produce (slightly more) verbose output. Note that the interface might be in promiscuous mode for some other reason. -R Assume ESP/AH packets to be based on old specification (RFC1825 to RFC1829). the time to live. If specified. -p Don't put the interface into promiscuous mode. total length and options in an IP packet are printed. The smaller of the entire packet or snaplen bytes will be printed. -t Don't print a timestamp on each dump line. so for link layers that pad (For example Ethernet). report. -v When parsing and printing. TCP sequence numbers.

If there is no type qualifier. but you cannot name them explicitly in a filter expression.11 wireless LAN headers. decnet. dst. Possible protos are: ether. Possible types are host. tcp and udp. [`fddi' is actually an alias for `ether'. For example. FDDI headers also contain other fields. If there is no proto qualifier. `src foo' means `(ip or arp or rarp) src foo' (except the latter is not legal syntax). `tcp port 21'. ip6.3'. `host foo'. All of these are described below. ip. greater and arithmetic expressions. `dst net 128. the previous paragraph's statements about FDDI headers also apply to Token Ring and 802. `src or dst port ftp-data'. the inbound and outbound qualifiers can be used to specify a desired direction. so you can filter on these FDDI fields just as with the analogous Ethernet fields. the parser treats them identically as meaning ``the data link level used on the specified network interface. src or dst and src and dst. all protocols consistent with the type are assumed. rarp. For some link layers. dir qualifiers specify a particular transfer direction to and/or from id. arp. host is assumed. `port 20'.427 -X Print each packet (minus its link level header) in hex and ASCII. proto qualifiers restrict the match to a particular protocol. For example. and often contain Ethernet-like packet types. This is very handy for analyzing new protocols. net and port.] In addition to the above. Possible directions are src.3'. such as SLIP and the ``cooked'' Linux capture mode used for the ``any'' device and for some other device types. less. there are some special `primitive' keywords that don't follow the pattern: gateway. wlan. `net 128. `net bar' means `(ip or arp or rarp) net bar' and `port 53' means `(tcp or udp) port 53'. For 802. . src or dst is assumed. Similarly.'' FDDI headers contain Ethernet-like source and destination addresses. type qualifiers say what kind of thing the id name or number refers to. tr.3'. broadcast. fddi. and TA fields aren't tested. If there is no dir qualifier. `src foo'. the BSSID.11 headers. the destination address is the DA field and the source address is the SA field. `ether src foo'. RA. For example. `tr' and `wlan' are aliases for `ether'. For example. `arp net 128.

Host must be a name and must be found both by the machine's host-name-to-IPaddress resolution mechanisms (host name file. ether dst ehost True if the ethernet destination address is ehost.). Allowable primitives are: dst host host True if the IPv4/v6 destination field of the packet is host.428 More complex filter expressions are built up by using the words and. etc. For example. (An equivalent expression is ether host ehost and not host host . ether src ehost True if the ethernet source address is ehost.e. host host True if either the IPv4/v6 source or destination of the packet is host. ip. For example. Any of the above host expressions can be pre-pended with the keywords. Ehost may be either a name from /etc/ethers or a number (see ethers(3N) for numeric format). which may be either an address or a name. the ethernet source or destination address was host but neither the IP source nor the IP destination was host. identical qualifier lists can be omitted. I. `host foo and not port ftp and not port ftp-data'. or ip6 as in: ip host host which is equivalent to: ether proto \ip and host host If host is a name with multiple IP addresses.) and by the machine's host-name-to-Ethernet-address resolution mechanism (/etc/ethers. ether host ehost True if either the ethernet source or destination address is ehost. arp. or and not to combine primitives. rarp. To save typing. NIS. each address will be checked for a match. gateway host True if the packet used host as a gateway. DNS. etc. `tcp dst port ftp or ftp-data or domain' is exactly the same as `tcp dst port ftp or tcp dst port ftp-data or tcp dst port domain'.. src host host True if the IPv4/v6 source field of the packet is host.

Net may be either a name from /etc/networks or a network number (see networks(4) for details). dst port 513 will print both tcp/login traffic and udp/who traffic. ip6/tcp or ip6/udp and has a destination port value of port. May be qualified with src or dst. only the port number is checked (For example. net net True if either the IPv4/v6 source or destination address of the packet has a network number of net. and port domain will print both tcp/domain and udp/domain traffic). Ac ce ler at o rOS Ve rsi on 7. ip/udp. net net mask netmask True if the IP address matches net with the specific netmask.429 A p pe n di x E: TCPDump Optional Flags which can be used with either names or numbers for host / ehost. The port can be a number or a name used in /etc/services (see tcp(4P) and udp(4P)). as in: tcp src port port which matches only tcp packets whose source port is port. tcp or udp.0 . less length True if the packet has a length less than or equal to length. src net net True if the IPv4/v6 source address of the packet has a network number of net. port port True if either the source or destination port of the packet is port. This is equivalent to: len <= length. dst port port True if the packet is ip/tcp. Any of the above port expressions can be prepended with the keywords. Note that this syntax is not valid for IPv6 net.1 Us er Gu id e . If a number or ambiguous name is used. src port port True if the packet has a source port value of port.) This syntax does not work in IPv6-enabled configuration at this moment. net net/len True if the IPv4/v6 address matches net with a netmask len bits wide. If a name is used. dst net net True if the IPv4/v6 destination address of the packet has a network number of net. both the port number and protocol are checked. May be qualified with src or dst.

or hop-by-hop option header. which can capture on more than one interface. either because the interface on which capture is being done has no netmask or because the capture is being done on the Linux "any" interface. This is equivalent to: len >= length. Protocol can be a number or one of the names icmp. ip broadcast True if the packet is an IPv4 broadcast packet. ip6 protochain 6 matches any IPv6 packet with TCP protocol header in the protocol header chain. Note that this primitive does not chase the protocol header chain. The ether keyword is optional. between IPv6 header and TCP header. icmp6. pim. or tcp. and looks up the subnet mask on the interface on which the capture is being done. but this is for IPv4. authentication header. which is \ in the C-shell. The packet may contain. igrp. ip6 protochain protocol True if the packet is IPv6 packet. ip6 proto protocol True if the packet is an IPv6 packet of protocol type protocol. and icmp are also keywords and must be escaped via backslash (\). vrrp. . ah. Note that this primitive does not chase the protocol header chain. ip protochain protocol Equivalent to ip6 protochain protocol. and contains protocol header with type protocol in its protocol header chain. esp. this check will not work correctly. ip proto protocol True if the packet is an IP packet (see ip(4P)) of protocol type protocol. igmp. for example. If the subnet mask of the interface on which the capture is being done is not available. ether broadcast True if the packet is an ethernet broadcast packet. For example. udp. Note that the identifiers tcp. The BPF code emitted by this primitive is complex and cannot be optimized by BPF optimizer code in tcpdump. so this can be somewhat slow. routing header.430 greater length True if the packet has a length greater than or equal to length. It checks for both the all-zeroes and all-ones broadcast conventions. udp.

or 802. aarp. The exceptions are: iso. The exceptions are: iso tcpdump checks the DSAP (Destination Service Access Point) and SSAP (Source Service Access Point) fields of the LLC header. In the case of Ethernet.3 frame and then checks the LLC header as it does for FDDI. Token Ring (For example. lat. This is shorthand for `ether[0] & 1 != 0'. ip multicast True if the packet is an IP multicast packet. or 802. and netbeui tcpdump checks for an 802. Token Ring. for most of those protocols. sap.0 . When filtering for most protocol identifiers on FDDI. [In the case of FDDI (For example. mopdl. ether proto protocol True if the packet is of ether type protocol.11 wireless LANS (For example. tcpdump checks the Ethernet type field for most of those protocols. stp.431 A p pe n di x E: TCPDump Optional Flags ether multicast True if the packet is an ethernet multicast packet. decnet. iso. and 802.11. atalk tcpdump checks for a SNAP-format packet with an OUI of 0x080007 and the AppleTalk etype. Token Ring. stp and netbeui tcpdump checks the DSAP of the LLC header.2 Logical Link Control (LLC) header. it doesn't check whether the packet is in SNAP format with an OUI of 0x000000. which is usually layered on top of the FDDI. for encapsulated Ethernet. The ether keyword is optional.1 Us er Gu id e . `fddi protocol arp'). Token Ring. and IEEE 802. arp.11 header. the protocol identification comes from the 802.11. moprc. ip6. Protocol can be a number or one of the names ip. ipx. Note these identifiers are also keywords and must be escaped via backslash (\). rarp. `wlan protocol arp'). atalk. `tr protocol arp'). or netbeui. ip6 multicast True if the packet is an IPv6 multicast packet. sca. Ac ce ler at o rOS Ve rsi on 7. tcpdump checks only the protocol ID field of an LLC header in so-called SNAP format with an Organizational Unit Identifier (OUI) of 0x000000.

aarp tcpdump checks for the AppleTalk ARP etype in either an Ethernet frame or an 802.2 SNAP frame with an OUI of 0x000000. ipx tcpdump checks for the IPX etype in an Ethernet frame. Token Ring. on interface Synonymous with the ifname modifier. bad-offset. rset name True if the packet was logged as matching the specified PF ruleset name of an anchored ruleset (applies only to packets logged by pf(4)). The known codes are: match. ifname interface True if the packet was logged as coming from the specified interface (applies only to packets logged by OpenBSD's pf(4)). decnet src host True if the DECNET source address is host. which may be an address of the form ``10. [DECNET host name support is only available on ULTRIX systems that are configured to run DECNET.11.123''. normalize. and memory (applies only to packets logged by OpenBSD's pf(4)). and the IPX etype in a SNAP frame.432 atalk tcpdump checks both for the AppleTalk etype in an Ethernet frame and for a SNAP-format packet as it does for FDDI. the 802. the IPX DSAP in the LLC header. fragment. . rnr num True if the packet was logged as matching the specified PF rule number (applies only to packets logged by OpenBSD's pf(4)). rulenum num Synonymous with the rnr modifier. and 802.] decnet dst host True if the DECNET destination address is host. decnet host host True if either the DECNET source or destination address is host. short. or a DECNET host name. reason code True if the packet was logged with the specified PF reason code.3-with-no-LLC-header encapsulation of IPX.

0 . srnr num True if the packet was logged as matching the specified PF rule number of an anchored ruleset (applies only to packets logged by pf(4)). ip.1Q VLAN packet. netbeui Abbreviations for: ether proto p where p is one of the above protocols. mopdl Abbreviations for: ether proto p where p is one of the above protocols. esis. esis. ipx. icmp Abbreviations for: ip proto p or ip6 proto p where p is one of the above protocols. stp. iso proto protocol True if the packet is an OSI packet of protocol type protocol. ip6. Ac ce ler at o rOS Ve rsi on 7. tcp. Note that tcpdump does not currently know how to parse these protocols. If [vlan_id] is specified. isis Abbreviations for: iso proto p where p is one of the above protocols. moprc. aarp. lat. action act True if PF took the specified action when the packet was logged. rarp.1 Us er Gu id e . arp.433 A p pe n di x E: TCPDump Optional Flags ruleset name Synonymous with the rset modifier. subrulenum num Synonymous with the srnr modifier. or isis. udp. clnp. atalk. Known actions are: pass and block (applies only to packets logged by OpenBSD's pf(4)). Protocol can be a number or one of the names clnp. Note that the first vlan keyword encountered in expression changes the decoding offsets for the remainder of expression on the assumption that the packet is a VLAN packet. only true is the packet has the specified vlan_id. vlan [vlan_id] True if the packet is an IEEE 802. decnet. iso.

and is a segment OAM F4 flow cell (VPI=0 & VCI=3). vci n True if the packet is an ATM packet. oamf4 True if the packet is an ATM packet. oam True if the packet is an ATM packet. oamf4s True if the packet is an ATM packet. for SunATM on Solaris. Note that the first lane keyword encountered in expression changes the tests done in the remainder of expression on the assumption that the packet is either a LANE emulated Ethernet packet or a LANE LE Control packet. l2. snp. If lane isn't specified. psnp Abbreviations for IS-IS PDU types. for SunATM on Solaris. llc True if the packet is an ATM packet. and is an end-to-end OAM F4 flow cell (VPI=0 & VCI=4). the tests are done under the assumption that the packet is an LLCencapsulated packet. lane True if the packet is an ATM packet. for SunATM on Solaris. and is an LLCencapsulated packet. for SunATM on Solaris.434 l1. for SunATM on Solaris. for SunATM on Solaris. and is an ATM LANE packet. and is a segment or end-to-end OAM F4 flow cell (VPI=0 & (VCI=3 | VCI=4)). with a virtual path identifier of n. iih. and is a segment or end-to-end OAM F4 flow cell (VPI=0 & (VCI=3 | VCI=4)). vpi n True if the packet is an ATM packet. for SunATM on Solaris. lsp. . for SunATM on Solaris. csnp. for SunATM on Solaris. oamf4e True if the packet is an ATM packet. and is on a meta signaling circuit (VPI=0 & VCI=1). with a virtual channel identifier of n. metac True if the packet is an ATM packet.

for SunATM on Solaris. (ether. |. slip and link all refer to the link layer. !=. The expression `ip[6:2] & 0x1fff = 0' catches only un-fragmented datagrams and frag zero of fragmented Ac ce ler at o rOS Ve rsi on 7. for SunATM on Solaris. &. wlan. for SunATM on Solaris. Connect. tr. To access data inside the packet. and defaults to one. connectmsg True if the packet is an ATM packet. Connect Ack. and is on a signaling circuit (VPI=0 & VCI=5). expr relop expr True if the relation holds. >=. slip. Release. and special packet data accessors. is given by expr. and is on an ILMI circuit (VPI=0 & VCI=16). <<. Call Proceeding. link. <. tcp.) Note that tcp. icmp or ip6. and is on a signaling circuit and is a Q. not IPv6 (this will be fixed in the future). metaconnect True if the packet is an ATM packet. <=. the normal binary operators [+. a length operator. >>]. fddi. udp. it can be either one. fddi. and is on a meta signaling circuit and is a Q. The expression `ip[0] & 0xf != 5' catches all IP packets with options. -. arp. Call Proceeding. gives the length of the packet. /. udp and other upperlayer protocol types only apply to IPv4.2931 Setup. tr.0 . For example. ilmic True if the packet is an ATM packet. for SunATM on Solaris. where relop is one of >. The byte offset. =. or Release Done message. wlan. and is on a broadcast signaling circuit (VPI=0 & VCI=2). ppp.1 Us er Gu id e . relative to the indicated protocol layer. *. Release. indicated by the keyword len. two.435 A p pe n di x E: TCPDump Optional Flags bcc True if the packet is an ATM packet.2931 Setup. and expr is an arithmetic expression composed of integer constants (expressed in standard C syntax). rarp. and indicates the protocol layer for the index operation. Connect. Size is optional and indicates the number of bytes in the field of interest. ppp. or four. The length operator. `ether[0] & 1 != 0' catches all multicast traffic. for SunATM on Solaris. use the following syntax: proto [ expr : size ] Proto is one of ether. sc True if the packet is an ATM packet. ip. or Release Done message.

icmproutersolicit. icmp-paramprob. icmp-ireq. and tcpflags (TCP flags field). icmp-routeradvert. icmpcode (ICMP code field). icmp-redirect. icmp-tstamp. tcp-urg. icmp-maskreply. icmp-timxceed. tcppush. This check is implicitly applied to the tcp and udp index operations. For instance. Some offsets and field values may be expressed as names rather than as numeric values. icmp-ireqreply. icmp-sourcequench. . and never means the first byte of an intervening fragment. The following TCP flags field values are available: tcp-fin.436 datagrams. tcp-syn. The following ICMP type field values are available: icmp-echoreply. icmp-maskreq. icmp-echo. tcp-ack. tcp-rst. The following protocol header field offsets are available: icmptype (ICMP type field). icmp-tstampreply. tcp[0] always means the first byte of the TCP header. icmpunreach.

437 A p pe n di x E: TCPDump Optional Flags Ac ce ler at o rOS Ve rsi on 7.1 Us er Gu id e .0 .

438 .

Unless noted. Topics in this chapter include: Getting Started. the commands herein may also be configured using the WebUI and are referenced accordingly.Appendix F: Command Line Interface This chapter lists and describes the commands that you can use with the Command Line Interface (CLI). on page 452 Configuring Security. see the CLI index. on page 762 . on page 748 Technical Information and Trouble Shooting Tools. For a alphabetical listing of commands. based on the tree created in the CLI. This chapter is built hierarchically. on page 440 Configuration Commands.

In some cases a screen shot is included. For example. For example. Ac ce ler at o rOS Ve rsi on 7. on page 448 Customizing the CLI. Links to related commands will be listed Example with Syntax Related Commands The following conventions are used in examples: The ()# prompt indicates the current command node.1 Us er Gu id e . Command conventions are displayed in tables as shown: Command Description Parameters Shows the command as seen in the CLI A description of the command is given. on page 447 Configuration Settings Commands. on page 442 Licensing Commands. Each command node supports specific commands. on page 450 Understanding the CLI Documentation The Accelerator CLI enables complete configuration of the Accelerator. If this is the case. then the words”no additional parameters are necessary” are displayed. are in angle brackets < >. Use of the CLI is for experts and technicians familiar with CLI configuration that you will see and use with a typical router or switch. including basic and advanced configuration via a Command Line Interface (CLI). In some cases only the command is needed. Any parameters with accepted values is listed. on page 444 Basic Setup Commands. on page 441 Login and Logout Commands.440 A p pe n di x F: Command Line Interface Getting Started The following command topics are available: Understanding the CLI Documentation. the by-pass enable command can only be used within the configuration node. An example with parameters is given. Each node is documented separately and the commands within are shown in alphabetical order. on page 440 Accessing the CLI. the following prompt indicates you are within the global configuration node: Acc1(config)# Non-printing characters.0 .

G et t i n g Start e d / 441 Accessing the CLI To access configuration options: 1. configuring it as follows: Baud rate: 9600 bps Parity: none Data bits: 8 Stop bits: 1 2. Login to the Accelerator . Press <Enter> several times until the Accelerator prompt is displayed: accelerator>. Connect to AcceleratorOS Command Line Interface (CLI). Run your terminal-based application. 3.

This lets you log in to the Accelerator via SSH.1 Us er Gu id e .442 A p pe n di x F: Command Line Interface Login and Logout Commands Secure Shell (SSH) is an application program that provides authentication and encryption capabilities for secure Internet communications. on page 442 Ac ce ler at o rOS Ve rsi on 7. To log into the Accelerator via SSH: In the Accelerator’s CLI. When accessing the Accelerator from the CLI. at the login prompt. login Logging into the Accelerator is accomplished in a series of steps. on page 442 exit At any point you can use the Exit command to log out of the Accelerator. if SSH is installed. Command Description Parameters Example Related Commands ex i t Logs you out of the CLI No additional parameters are necessary ex i t login. The Exit command exits each level of the CLI hierarchy one at a time. and the default password is Expand (case sensitive). type the command ssh followed by the Accelerator’s IP address.0 . Command Description Parameters Example Related Commands lo g i n: Pa s s wo r d Logs you into the CLI Both login and password are case sensitive lo g i n: e x pa n d Pa s s wo r d :E x p an d exit. enter your user name and password. so you may need to use the Exit command a number of times to leave the Accelerator session. The default user name is expand (case sensitive).

You can continue to press the up arrow key earlier entered commands. enter a question mark. You can use the question mark (?) and arrow keys to help you enter commands. press the up-arrow key. the CLI will fill in the following: Acc1(config)#show To get a list of acceptable commands or values: For a list of command variables. For example. 2. the following string is enough for the Accelerator to recognize the show startup configuration command: Acc1# show startup config To get help in a terminal session: 1. enter a few known characters followed by a tab. . as described in detail below.G et t i n g Start e d / 443 Basic CLI Actions You have to enter only enough characters for the Accelerator to recognize the command as unique. enter the command followed by a space and a question mark for example: Acc1(config)# show? To re-display a command previously entered: To re-display a command you previously entered. For example: Acc1(config)#? To complete a command: To complete a command. For a list of available commands under each command. The CLI will fill in the missing letters For example if you type and press the Tab key: Acc1(config)#sh By pressing the Tab key.

This section contains the following commands: (config) (config) (config) (config) (config) activate-license. on page 460 licensing server.1 Us er Gu id e .0 . on page 462 show licensing. as shown in (config) show licensing. on page 446. on page 445 show interface link summary. on page 445 interface link refresh-acceleration. on page 446 Ac ce ler at o rOS Ve rsi on 7.444 A p pe n di x F: Command Line Interface Licensing Commands Licensing the Accelerator is accomplished by logging into the Accelerator via the enable mode by using the show licensing command.

C.B. on page 460 (config) licensing server. All Virtual Accelerators require a connection to the licensing server in order to provide acceleration services.G et t i n g Start e d / 445 (config) activate-license You must have a valid license key or file which is supplied to you from Expand Networks<>. Note that. on page 445 (config) licensing server.l ic en s e [ ke y| f il e] Activates an Accelerator’s license via a license key or file. Command Description Parameters A CC 1( c on f ig )# l ic en s in g s er v er [ I P| Ho s t| a ut od is co v er y |f or c e] Connects to the Licensing server by the method entered.copy the license key (supplied via e-mail) and paste it File .1 • • • • (config) activate-license. on page 446 . on page 446 (config) licensing server You must be logged into a Virtual Accelerator to be able to use this command. on page 462 (config) show licensing.1. Command Description Parameters Example Related Commands AC C1 ( co nf i g) # a c ti v at e. If you use a license key copy it from the letter you receive in your email and paste it where shown. Key . requiring you to fix the problem before the grace-period ends. FTP it to the /user_area/ of the Accelerator and note its name. • A.l ic en s e k ey my LI c en Se K eY 39 2 • • • • (config) interface link refresh-acceleration.D type the licensing server IP address • WORD type the licensing server hostname • auto-discovery the Accelerator will automatically discover the Licensing Server (if it is on the same LAN and connected • force forces the licensing mechanism activation Example Related Commands A CC 1( c on f ig )# l ic en s in g s er v er 1. Failure to do so will result in your license being invalidated. on page 462 (config) show licensing.1. on page 445 (config) show interface link summary. the license state will default to a grace-period state. AC C1 ( co nf i g) # a c ti v at e.FTP the file and type its name. Make sure that you have connected the Dongle to the Licensing Server. on page 445 (config) show interface link summary. if for any reason the connection to the licensing server is lost. If you use a license file.

. . .. .. .-.. . .e na b le W a rn in g d ay s .-. . .. . .. . . .1 Us er Gu id e . . . ....-..4 00 C u rr en t l ic e ns e s ta t e: F e at ur e .0 . .-. .. .... .. ... . .....3 0 A l lo ca t ed m a x l in ks . .1 00 Mb p s D i sa bl e d E n ab le d Di s ab l ed Di sa b le d E n ab l ed En a bl ed E na b le d T im e L ef t . . on page 445 • (config) licensing server. AC C1 ( co nf i g) # sh ow li ce n si n g • (config) activate-license. .. . . such as the licensed features and the maximum possible links.-.0 M a x po s si bl e l i nk s.3 75 R e qu es t ed m a x l in ks ..-. . . . .. . . . .. .. .. . . .. . . . . . No additional parameters are required. . .. . ...-.B a nd wi d th Al l ow an c e I P se c L 7 -Q oS W A FS -F B W A FS -F B D T C P A cc e le ra t io n W e b Ca c hi n g QoS L a st l o ad ed li c en se ke y: L ic e ns e . .446 A p pe n di x F: Command Line Interface (config) show licensing Shows the licensing state of the Accelerator Command Description Parameters Example with Syntax Related Commands AC C1 ( co nf i g) # sh ow li ce n si n g Lets you view the entire details of Accelerator’s licensing state. on page 445 A c c2 21 _ 10 (c o nf i g) # s ho w l ic e ns in g D i sp la y w ar n in g s.Un li m it e d Un l im i te d Un l im i te d Un l im i te d Un l im it e d U nl i mi te d Un li m it e d U nl i mi te d Ac ce ler at o rOS Ve rsi on 7. ..

on page 481 Link bandwidth—(link) bandwidth. on page 454 Link destination—(config) interface link.G et t i n g Start e d / 447 Basic Setup Commands The Basic Accelerator CLI Configuration needed to get the Accelerator up and running consists of setting the following parameters: License key—Licensing Commands. on page 459 and (link) link. on page 455 Deployment—(local interface) deployment. on page 466 . on page 444 IP address/subnet mask—Local Interface Commands. on page 456 Hostname—(local interface) hostname. on page 454 IP default gateway—(local interface) ip default-gateway.

c on fi g (config) write. o n p ag e 4 48 ACC1(config)#s ho w r un n in g. [Mandatory] No additional parameters ACC1(config)#wr it e (config) show running-config.29) login: expand Password: Expand Version: 7. ACC1(config)#s ho w r un n in g. on page 448 (config) show running-config. The new License state is: Feature License Time Left Ac ce ler at o rOS Ve rsi on 7.c on fi g Displays the configuration that was set to the Accelerator. This is optional No additional parameters are required.1 accelerator> enable accelerator# configure terminal accelerator(config)# activate-license key ENX1-FUXF-HBJ2K3Y6 License successfully activated. on page 448 (config) show running-config Command Description Parameters Example with Syntax Related Commands ACC1(config)#s ho w r un n in g.c on f ig AcceleratorOS.0.448 A p pe n di x F: Command Line Interface Configuration Settings Commands The following commands are explained: (config) write. Accelerator 4900 Series Version: v6.1 (0) (Build 5. on page 448 (config) write Command Description Parameters Example with Syntax Related Commands ACC1(config)#wr it e Saves the basic configuration as the startup configuration.0 .1 Us er Gu id e .

1.0.G et t i n g Start e d / 449 ------.2.--------Bandwidth Allowance 45 Mbps Unlimited Last loaded license key: ENX1-FUXF-HBJ2-K3Y6 accelerator(config)# interface local accelerator(local interface)# hostname ACC1 ACC1(local interface)# ip address 10.0.1.------.1 ACC1(local interface)#deployment onpath ACC1(local interface)#exit ACC1(config)#wan default ACC1(wan)#bandwidth 256 kbps ACC1(wan)#exit ACC1(config)#interface link ACC1(LINK)#link destination 10.6 ACC1(LINK)#bandwidth 128 ACC1(LINK)#encapsulation transparent ACC1(LINK)#exit ACC1(config)#write ACC1(config)show running-config .6 255.0.0.255.0 ACC1(local interface)#ip default-gateway 10.

expand. Series. Product Name. Title.99.txt> 2.txt and save it in /user_area by using the CLI command: copy <ftp/scp/tftp/http/sftp> <[path]/banner. Create a text file called banner. Product ID. Label LTD. In the body of the text file.1 Us er Gu id e .0 . Serial Number.32. The standard banner appears as follows: Connected to 10. Software Version. which can be displayed as part of the banner: Name.com”) $OEM_LABEL (“Expand Networks<>”) $OEM_LABEL_LTD (“Expand Networks LTD. on page 451 copy banner You can customize the following fields. use the following variables to set the desired values: i i Note: Each variable must be preceded by a $ sign. AcceleratorOS. Ac c el e ra to r $ SE R IE S S er i es ” “ $ SO FT W AR E _V ER S IO N” “ ” ( em p ty . on page 450 (config) banner apply..1 (Build3. Extranet. The default banner is: " $ OE M_ P RO D _N AM E . Time and Date..0..”) $OEM_PROD_NAME (“AcceleratorOS”) Ac ce ler at o rOS Ve rsi on 7.0. URL. Accelerator 6800 Series Version 7.450 A p pe n di x F: Command Line Interface Customizing the CLI You can customize the CLI banner for your viewing pleasure. Label. To customize the fields: 1.li ne ) $OEM_NAME (for example: “expand”) $OEM_NAME_TITLE (for example: “Expand”) $OEM_URL (“www.53) This section contains the following commands: copy banner.

03)”) $TIME = hh:mm:ss (24-hour format) $DATE = DD-MMM-YYYY (the day-of-month “DD” is two-digit number.com”) $PRODUCT_ID (“4820”) $SERIES (“4800”) $SERIAL_NUMBER (“0030. (config) banner apply Command Description Parameters Example with Syntax Related Commands ACC1(config)#b an n er a p pl y Causes the CLI to use the uploaded banner.0(7) (Build1.0005”) $SOFTWARE_VERSION (“Version v5. with leading '0' if needed). No additional parameters ACC1(config)#b an n er a p pl y copy banner.expand. o n pa g e 4 50 .0257.G et t i n g Start e d / 451 $OEM_EXTRANET (“extranet.

on page 579 FTP Acceleration Commands. on page 594 Aggregation Class Commands. on page 588 NetFlow Commands. on page 667 Accdump Commands. on page 572 Keep Alive Commands.1 Us er Gu id e . on page 640 Link Commands. on page 531 WEB Acceleration Commands. on page 454 Link Commands. on page 504 Alias Commands. on page 507 OSPF Commands. on page 617 DNS Acceleration Commands. on page 458 Subnet Commands.0 . on page 581 Studying a Subnet Configuration Network. on page 680 Ac ce ler at o rOS Ve rsi on 7. on page 655 Log Commands. on page 536 TCP Acceleration Commands. on page 517 WCCP Commands. on page 632 ARP Commands. on page 658 Log Archives Commands. on page 665 Configuration Tool Commands. on page 514 RIP Commands. on page 527 DHCP Server Commands. on page 638 Additional Commands. on page 593 QoS Commands. on page 453 Local Interface Commands. on page 676 Mobile Accelerator Commands. on page 653 SNMP Commands. on page 533 HTTP Acceleration Commands.452 A p pe n di x F: Command Line Interface Configuration Commands The following sections are configurable in this section: General Commands. on page 509 Router Polling Commands. on page 646 Expand View Commands. on page 671 RDP Proxy Commands. on page 624 Traffic Encryption Commands. on page 587 Ethernet Statistics Display Commands. on page 522 SNTP Server Commands. on page 528 DHCP Relay Commands.

you must be in configuration mode. Command Description ac c 1# co n fi g Enters enable mode. on page 453 enable To make any configuration changes to your Accelerator. config To make any configuration changes to your Accelerator. Once you have entered Enable mode. on page 453 config. o n p ag e 4 53 The config mode is indicated by the (config) in the prompt. the prompt at the end of the command line changes from > to # No additional parameters Parameters Example with Syntax Related Commands ac c 1# config enable. . You can now carry out various operations in the system. Once you have entered Enable mode. Command Description ac c el er a to r >e na b le [ M an d at or y ] Enters enable mode. the prompt at the end of the command line changes from > to # No additional parameters Parameters Example with Syntax Related Commands ac c el er a to r > enable config. This is necessary for beginning work with the Accelerator.Co n f ig u r at io n C om m an d s / 453 General Commands The following commands are explained: enable. such as deleting data. This is necessary for beginning work with the Accelerator. on page 453 Enable mode is indicated by the # in the prompt. This section describes how to enter configuration mode while using a terminal or PC that is connected to your router CONSOLE port. This section describes how to enter configuration mode while using a terminal or PC that is connected to your router CONSOLE port. printing and sending messages. you must be in configuration mode.

1 Us er Gu id e . on page 456 (local interface) ip default-gateway. on page 455 (local interface) ip address secondary. Choose the way you want to deploy the Accelerartor. on page 455 (local interface) ip address. on page 14. Parameters include: • onpath . For information about On-LAN deployment. on page 455 (local interface) ip address secondary. See “OnPath”. This is dictated by the way you set-up the Accelerator. For information about On Path deployment see. on page 457 (wan) bandwidth. on page 457 (wan) bandwidth. on page 456 (local interface) routing-strategy.for On-path deployment • onlan .0 . on page 455 (local interface) ip address. on page 456 (local interface) routing-strategy. on page 457 (local interface) deployment Command Description Parameters ACC1(local interface)#d ep l oy m en t Set the deployment type to On-Path or On-LAN. on page 456 (local interface) ip default-gateway. on page 14.for On-LAN deployment Example with Syntax Related Commands ACC1(local interface)#deployment[onpath] • • • • • • (local interface) hostname. see See “On-LAN”. on page 457 Ac ce ler at o rOS Ve rsi on 7.454 A p pe n di x F: Command Line Interface Local Interface Commands (local interface) deployment. on page 454 (local interface) hostname.

The hostname can be up to 60 characters. to set this IP address as the Accelerator’s secondary IP address.10. and cannot contain spaces or special characters. x. on page 457 (wan) bandwidth.99/24. the IP address reverts to the AcceleratorOS ‘default IP address . on page 454 (local interface) hostname. Changing the hostname will affect the prompt (in the Example. Enter up to a 60 character string with no spaces or special characters. on page 455 (local interface) ip address secondary. on page 456 (local interface) ip default-gateway. on page 457 (wan) bandwidth. You can add the parameter secondary after the command.0. You can also set the hostname from the conf mode. on page 456 (local interface) routing-strategy. x .x . Command A C C1 (l o ca l i nt e rf ac e )# IP ad d re ss x. on page 456 (local interface) ip default-gateway.99. x.99/24 • • • • • • (local interface) deployment. on page 457 (local interface) ip address i i Note: When executing the ‘no’ command for primary IP address.x x . on page 455 (local interface) ip address secondary. on page 454 (local interface) ip address.x .x / x Description Sets an IP address and subnet mask for the Accelerator.Co n f ig u r at io n C om m an d s / 455 (local interface) hostname To set the device name: Enter the command string that is shown in the table below: Command Description ACC1(local interface)#h os tn a me Sets a name for the Accelerator. Valid IP address must be supplied Parameters Example with Syntax Related Commands ACC1(local interface)#IP address 10. x . Parameters Example with Syntax Related Commands ACC1(local interface)#h os tn a me [ ACC1] • • • • • • (local interface) deployment. the hostname set is ACC1). x or A C C1 (l o ca l i nt e rf ac e )# IP ad d re ss x. on page 457 . on page 456 (local interface) routing-strategy.99.0.

on page 455 (local interface) ip address secondary.1 Us er Gu id e .0. on page 456 (local interface) routing-strategy.99.456 A p pe n di x F: Command Line Interface (local interface) ip address secondary Command Description Parameters Example with Syntax Related Commands ACC1(local interface)#i p a dd r es s x.0 .g at ew a y Sets a default gateway for the Accelerator. on page 457 Ac ce ler at o rOS Ve rsi on 7. Valid IP address must be supplied ACC1(local interface)#IP address 10. on page 454 (local interface) hostname. on page 454 (local interface) hostname.g at ew a y 10. on page 457 (wan) bandwidth. on page 455 (local interface) ip address. on page 455 (local interface) ip default-gateway.99.x. Valid IP address must be supplied AC C1( lo ca l in te rf ac e) # i p d ef au l t.0.99/22 secondary • • • • • • (local interface) deployment. on page 455 (local interface) ip address. on page 456 (local interface) routing-strategy. on page 457 (local interface) ip default-gateway Command Description Parameters Example with Syntax Related Commands AC C1( lo ca l in te rf ac e) # i p d ef au l t. on page 457 (wan) bandwidth.x.x/xx secondary Sets a secondary IP for the Accelerator.99/24 • • • • • • (local interface) deployment.

on page 455 (local interface) ip address. on page 454 (local interface) hostname.s tr a te gy [ auto] • • • • • • (local interface) deployment. on page 456 (local interface) ip default-gateway. on page 454 (local interface) hostname. on page 455 (local interface) ip address secondary. on page 456 (wan) bandwidth. If you select bridge-route. This routing strategy is carried out only in On-Path deployment. on page 456 (local interface) routing-strategy. on page 455 (local interface) ip address. on page 457 (wan) bandwidth Command Description Parameters Example with Syntax Related Commands ACC1(wan)#ba n dw id t h Set the precise bandwidth (in Kbps) of the WAN.Co n f ig u r at io n C om m an d s / 457 (local interface) routing-strategy Command Description ACC1(local interface)#r ou t in g. the Accelerator transfers the packets in Layer-2.s tr a te gy Set the routing strategy to On-Path or On-LAN. on page 455 (local interface) ip address secondary. bridge-route for layer 2 (on-path only) and routing-only for Parameters Example with Syntax Related Commands ACC1(local interface)#r ou t in g. auto for automatic. on non-link and local traffic. A number in Kbps larger than 0 and smaller than 1000000 ACC1(wan)#ba n dw id t h 10000 • • • • • • (local interface) deployment. 0 is not a valid bandwidth. on page 457 . on page 456 (local interface) ip default-gateway. regardless of the routing tables.

on page 486 (link) priority. on page 464 (link) aggregation auto. on page 467 (link) cancel. on page 472 (link) description. on page 491 (link) system udp-destination-port. on page 481 (link) metric. on page 485 (link) ping. on page 471 (link) crypto. on page 461 (config) show interface link summary. on page 478 (link) header. on page 462 (link) acceleration. on page 487 (link) remote-unique-id. on page 484 (link) no.1 Us er Gu id e . on page 466 (link) bandwidth adjust. on page 482 (link) mss. on page 469 (link) checksum. on page 474 (link) encapsulation transparent. on page 494 (link) traffic-gauge. on page 465 (link) bandwidth. on page 483 (link) mtu. on page 488 (link) show. on page 493 (link) tcp-acceleration. Commands within this section include: (config) interface link. on page 495 Ac ce ler at o rOS Ve rsi on 7. If you want to apply global commands on all links.0 . on page 480 (link) link. on page 489 (link) subnet. on page 473 (link) encapsulation. on page 460 (config) interface link template. on page 475 (link) exit. on page 492 (link) system udp-source-port. on page 479 (link) keepalive dialer. on page 459 (config) interface link refresh-acceleration. on page 490 (link) system encapsulation. on page 477 (link) fragmentation. see the specific command within the config menu.458 A p pe n di x F: Command Line Interface Link Commands These commands are link specific commands. on page 470 (link) clear counters.

A CC 1( co nf ig )# interface link 1 • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (config) interface link. on page 466 (link) bandwidth adjust. on page 491 (link) system udp-destination-port. on page 488 (link) show. on page 462 (link) acceleration. on page 464 (link) aggregation auto. on page 483 (link) mtu. on page 474 (link) encapsulation transparent. on page 497 (link) wan-id. on page 459 (config) interface link refresh-acceleration. on page 477 (link) fragmentation. on page 495 (link) udp-destination-port. on page 492 (link) system udp-source-port. on page 465 (link) bandwidth. on page 484 (link) no. on page 460 (config) interface link template. on page 481 (link) metric. on page 478 (link) header. on page 482 (link) mss. on page 490 (link) system encapsulation. on page 472 (link) description. on page 486 (link) priority. on page 469 (link) checksum. on page 485 (link) ping. on page 498 . on page 487 (link) remote-unique-id. on page 475 (link) exit. on page 498 (config) interface link Command Description Parameters Example with Syntax Related Commands ACC1(config)#i nt e rf ac e l i nk Creates a link to the remote Accelerator. on page 471 (link) crypto. on page 496 (link) udp-source-port.Co n f ig u r at io n C om m an d s / 459 (link) udp-destination-port. on page 479 (link) keepalive dialer. on page 473 (link) encapsulation. on page 496 (link) udp-source-port. on page 497 (link) wan-id. on page 493 (link) tcp-acceleration. No additional parameters necessary. on page 489 (link) subnet. on page 480 (link) link. on page 470 (link) clear counters. on page 494 (link) traffic-gauge. on page 461 (config) show interface link summary. on page 467 (link) cancel.

on page 482 (link) mss. on page 479 (link) keepalive dialer. on page 498 Ac ce ler at o rOS Ve rsi on 7. on page 473 (link) encapsulation.460 A p pe n di x F: Command Line Interface (config) interface link refresh-acceleration Command Description Parameters Example Related Commands A CC 1 (c on f ig ) # in t er fa c e l in k 1 r ef r es h a cc e le ra t io n Refreshes the interface link. on page 462 (link) acceleration. on page 486 (link) priority. on page 470 (link) clear counters.0 . on page 472 (link) description. on page 469 (link) checksum. on page 480 (link) link. on page 497 (link) wan-id. on page 488 (link) show. on page 493 (link) tcp-acceleration. on page 478 (link) header. on page 460 (config) interface link template. on page 487 (link) remote-unique-id. on page 461 (config) show interface link summary. on page 459 (config) interface link refresh-acceleration. on page 465 (link) bandwidth. on page 477 (link) fragmentation.1 Us er Gu id e . on page 489 (link) subnet. on page 484 (link) no. on page 491 (link) system udp-destination-port. on page 483 (link) mtu. on page 496 (link) udp-source-port. on page 466 (link) bandwidth adjust. on page 492 (link) system udp-source-port. on page 467 (link) cancel. No Additional Parameters Needed A CC 1 (c on f ig ) # in t er fa c e l in k 1 r ef r es h a cc e le ra t io n • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (config) interface link. on page 495 (link) udp-destination-port. on page 490 (link) system encapsulation. on page 471 (link) crypto. on page 474 (link) encapsulation transparent. on page 481 (link) metric. This is necessary when renewing or changing a license. on page 475 (link) exit. on page 485 (link) ping. on page 494 (link) traffic-gauge. on page 464 (link) aggregation auto.

on page 497 (link) wan-id. on page 475 (link) exit. Template number 0 is the default Accelerator Link template Template number 1 is the default Mobile Accelerator Client Link template Example with Syntax Related Commands ACC1(config)# i nt er f ac e l in k t em p la te 0 • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (config) interface link. on page 488 (link) show. on page 483 (link) mtu. on page 493 (link) tcp-acceleration. on page 492 (link) system udp-source-port. on page 484 (link) no. on page 478 (link) header. on page 485 (link) ping. on page 481 (link) metric. on page 470 (link) clear counters. on page 487 (link) remote-unique-id. on page 480 (link) link. on page 498 . on page 462 (link) acceleration. Currently only templates 0 and 1 are supported. on page 459 (config) interface link refresh-acceleration. on page 469 (link) checksum. on page 486 (link) priority. on page 496 (link) udp-source-port. on page 464 (link) aggregation auto. on page 473 (link) encapsulation. on page 494 (link) traffic-gauge. on page 477 (link) fragmentation. on page 467 (link) cancel. on page 461 (config) show interface link summary. on page 465 (link) bandwidth. on page 472 (link) description. on page 489 (link) subnet.Co n f ig u r at io n C om m an d s / 461 (config) interface link template Command Description Parameters ACC1(config)# i nt er f ac e l in k t em p la te Opens the specified template Template number <0-33> is required. on page 479 (link) keepalive dialer. on page 474 (link) encapsulation transparent. on page 495 (link) udp-destination-port. on page 491 (link) system udp-destination-port. on page 482 (link) mss. on page 460 (config) interface link template. on page 490 (link) system encapsulation. on page 471 (link) crypto. on page 466 (link) bandwidth adjust.

462 A p pe n di x F: Command Line Interface (config) show interface link summary When the Accelerator license has expired. on page 489 (link) subnet. on page 487 (link) remote-unique-id. on page 461 (config) show interface link summary. on page 469 (link) checksum. on page 465 (link) bandwidth.1 Us er Gu id e . on page 497 (link) wan-id. on page 482 (link) mss. but the Bandwidth allocation has been exceeded. on page 464 (link) aggregation auto. on page 493 (link) tcp-acceleration. on page 479 (link) keepalive dialer. the Status is displayed as partial. on page 488 (link) show. on page 484 (link) no. on page 483 (link) mtu. on page 462 (link) acceleration.0 . on page 490 (link) system encapsulation. on page 459 (config) interface link refresh-acceleration. on page 496 (link) udp-source-port. on page 460 (config) interface link template. on page 474 (link) encapsulation transparent. as shown below: Command Description Parameters Example Related Commands A CC 1 (c on f ig ) # sh o w in t er f ac e l in k s um m ar y Shows the status of all interfaces. on page 475 (link) exit. or if the Accelerator was installed but its license was not yet activated. meaning: it would pass the data but not accelerate it (Work in pass-through mode). on page 467 (link) cancel. on page 471 (link) crypto. on page 495 (link) udp-destination-port. on page 498 Ac ce ler at o rOS Ve rsi on 7. on page 492 (link) system udp-source-port. on page 491 (link) system udp-destination-port. on page 470 (link) clear counters. on page 481 (link) metric. on page 486 (link) priority. No Additional Parameters Needed A CC 1 (c on f ig ) # sh o w in t er f ac e l in k s um m ar y • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (config) interface link. on page 466 (link) bandwidth adjust. on page 480 (link) link. the Accelerator’s status is Active. on page 472 (link) description. on page 477 (link) fragmentation. on page 485 (link) ping. if there is an active license. on page 494 (link) traffic-gauge. on page 478 (link) header. Also. on page 473 (link) encapsulation.

214.6 N/A Link 1 2 non Description L-28.224. you will need to refresh the link in order to start Accelerating on it. on page 460. See (config) interface link refresh-acceleration.0.214.0.Co n f ig u r at io n C om m an d s / 463 ACC1(config)# show interface link summary Destination IP Address 28.6 L-28.224. .6 non-link Bandwidth 2000 6000 100000 Link Status N/A |active N/A|partial N/A |active Once you have Renewed or updated the license.0.0.6 28.

on page 467 (link) cancel. on page 479 (link) keepalive dialer. on page 485 (link) ping. Enable to enable Disable to disable. on page 490 (link) system encapsulation. on page 465 (link) bandwidth. on page 483 (link) mtu. on page 489 (link) subnet. on page 498 Ac ce ler at o rOS Ve rsi on 7. on page 470 (link) clear counters. on page 459 (config) interface link refresh-acceleration. on page 486 (link) priority. on page 482 (link) mss. on page 478 (link) header. on page 472 (link) description. on page 495 (link) udp-destination-port. on page 466 (link) bandwidth adjust. on page 473 (link) encapsulation. on page 461 (config) show interface link summary. on page 488 (link) show. on page 460 (config) interface link template.464 A p pe n di x F: Command Line Interface (link) acceleration Command Description Parameters Example with Syntax Related Commands ACC1(LINK)# a cc e le ra t io n Enables or disables acceleration on the specified link. on page 474 (link) encapsulation transparent. on page 471 (link) crypto.1 Us er Gu id e . on page 491 (link) system udp-destination-port. on page 481 (link) metric. on page 492 (link) system udp-source-port. on page 494 (link) traffic-gauge. on page 464 (link) aggregation auto. on page 469 (link) checksum.0 . on page 487 (link) remote-unique-id. on page 462 (link) acceleration. on page 480 (link) link. on page 477 (link) fragmentation. on page 497 (link) wan-id. on page 484 (link) no. on page 493 (link) tcp-acceleration. on page 496 (link) udp-source-port. ACC1(LINK)# a cc e le ra t io n enable • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (config) interface link. on page 475 (link) exit.

on page 495 (link) udp-destination-port. on page 477 (link) fragmentation. on page 488 (link) show. use the Post parameter • To disable aggregation on this link. on page 490 (link) system encapsulation. on page 486 (link) priority. on page 465 (link) bandwidth. on page 473 (link) encapsulation. on page 493 (link) tcp-acceleration. Choose one of the following parameters: • For a specific aggregation value.Co n f ig u r at io n C om m an d s / 465 (link) aggregation auto Command Description Parameters ACC1(LINK)# a gg re g at io n a u to <n u mb er |p o st | d i sa b le > Enables or disables aggregation on a specified link. on page 491 (link) system udp-destination-port. enter a packet size (68-2500) • To allow the Accelerator to define and adjust accordingly. on page 474 (link) encapsulation transparent. on page 460 (config) interface link template. on page 471 (link) crypto. on page 498 . on page 485 (link) ping. on page 497 (link) wan-id. on page 466 (link) bandwidth adjust. on page 487 (link) remote-unique-id. on page 481 (link) metric. on page 470 (link) clear counters. on page 480 (link) link. Example with Syntax Related Commands ACC1(LINK)# a gg re g at io n auto 230 • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (config) interface link. on page 479 (link) keepalive dialer. on page 496 (link) udp-source-port. on page 484 (link) no. on page 462 (link) acceleration. on page 492 (link) system udp-source-port. on page 461 (config) show interface link summary. on page 467 (link) cancel. type disable. on page 459 (config) interface link refresh-acceleration. on page 483 (link) mtu. on page 482 (link) mss. on page 469 (link) checksum. on page 472 (link) description. on page 464 (link) aggregation auto. on page 489 (link) subnet. on page 494 (link) traffic-gauge. on page 475 (link) exit. do not enter a value • To open the Post Acceleration Aggregation menu. on page 478 (link) header.

on page 478 (link) header. on page 494 (link) traffic-gauge. on page 462 (link) acceleration. on page 472 (link) description. on page 465 (link) bandwidth. on page 466 (link) bandwidth adjust. on page 481 (link) metric. on page 495 (link) udp-destination-port. on page 492 (link) system udp-source-port.0 .466 A p pe n di x F: Command Line Interface (link) bandwidth Command Description Parameters Example with Syntax Related Commands ACC1(LINK)# b an d wi dt h < n um be r > Sets the bandwidth limit for the specified link.1 Us er Gu id e . on page 459 (config) interface link refresh-acceleration. on page 488 (link) show. on page 471 (link) crypto. on page 489 (link) subnet. on page 460 (config) interface link template. on page 493 (link) tcp-acceleration. on page 487 (link) remote-unique-id. ACC1(LINK)# b an d wi dt h 2000 • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (config) interface link. on page 498 Ac ce ler at o rOS Ve rsi on 7. on page 464 (link) aggregation auto. on page 474 (link) encapsulation transparent. on page 485 (link) ping. on page 469 (link) checksum. on page 470 (link) clear counters. on page 467 (link) cancel. on page 497 (link) wan-id. on page 491 (link) system udp-destination-port. Enter the bandwidth amount (1 . on page 480 (link) link. on page 475 (link) exit. on page 477 (link) fragmentation. on page 486 (link) priority. on page 496 (link) udp-source-port. on page 461 (config) show interface link summary. on page 490 (link) system encapsulation.1000000). on page 483 (link) mtu. on page 482 (link) mss. on page 479 (link) keepalive dialer. on page 473 (link) encapsulation. on page 484 (link) no.

on page 470 (link) clear counters. on page 465 (link) bandwidth. on page 474 (link) encapsulation transparent. No additional parameters necessary ACC1(LINK)# b an dw i dt h adjust • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (config) interface link. on page 485 (link) ping. on page 482 (link) mss. on page 481 (link) metric. on page 459 (config) interface link refresh-acceleration. on page 491 (link) system udp-destination-port. on page 477 (link) fragmentation. on page 479 (link) keepalive dialer. on page 490 (link) system encapsulation. on page 462 (link) acceleration. on page 484 (link) no. on page 473 (link) encapsulation. on page 498 . on page 486 (link) priority. on page 488 (link) show. on page 493 (link) tcp-acceleration. on page 472 (link) description. on page 471 (link) crypto. on page 496 (link) udp-source-port.Co n f ig u r at io n C om m an d s / 467 (link) bandwidth adjust Command Description Parameters Example with Syntax Related Commands ACC1(LINK)# b an dw i dt h a dj u st Opens the bandwidth adjust node. on page 494 (link) traffic-gauge. on page 497 (link) wan-id. on page 487 (link) remote-unique-id. on page 469 (link) checksum. on page 466 (link) bandwidth adjust. on page 478 (link) header. on page 480 (link) link. on page 483 (link) mtu. on page 467 (link) cancel. on page 460 (config) interface link template. on page 495 (link) udp-destination-port. on page 464 (link) aggregation auto. on page 492 (link) system udp-source-port. on page 475 (link) exit. on page 489 (link) subnet. on page 461 (config) show interface link summary.

on page 480 (link) link. on page 478 (link) header. on page 470 (link) clear counters. on page 461 (config) show interface link summary.0 .468 A p pe n di x F: Command Line Interface (link) bandwidth unlimited Command Description Parameters Example with Syntax Related Commands ACC1(LINK)# b an d wi dt h u n li mi t ed i n bo u nd Allocates unlimited inbound bandwidth on the specified link. on page 485 (link) ping. on page 495 (link) udp-destination-port. on page 496 (link) udp-source-port. on page 486 (link) priority. on page 466 (link) bandwidth adjust. on page 484 (link) no. on page 492 (link) system udp-source-port. on page 479 (link) keepalive dialer. on page 498 Ac ce ler at o rOS Ve rsi on 7. on page 460 (config) interface link template. on page 465 (link) bandwidth. on page 469 (link) checksum. on page 459 (config) interface link refresh-acceleration. on page 471 (link) crypto. on page 493 (link) tcp-acceleration. No additional parameters necessary ACC1(LINK)# b an d wi dt h unlimited inbound • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (config) interface link. on page 472 (link) description. on page 488 (link) show. on page 481 (link) metric. on page 489 (link) subnet. on page 487 (link) remote-unique-id. on page 482 (link) mss. on page 483 (link) mtu. on page 464 (link) aggregation auto.1 Us er Gu id e . on page 473 (link) encapsulation. on page 462 (link) acceleration. on page 474 (link) encapsulation transparent. on page 477 (link) fragmentation. on page 467 (link) cancel. on page 497 (link) wan-id. on page 491 (link) system udp-destination-port. on page 490 (link) system encapsulation. on page 475 (link) exit. on page 494 (link) traffic-gauge.

on page 471 (link) crypto. on page 496 (link) udp-source-port.Co n f ig u r at io n C om m an d s / 469 (link) cancel Command Description Parameters Example with Syntax Related Commands ACC1(LINK)# c an ce l Exits the Link node and moves to the parent node. on page 494 (link) traffic-gauge. on page 461 (config) show interface link summary. on page 470 (link) clear counters. on page 493 (link) tcp-acceleration. on page 464 (link) aggregation auto. on page 492 (link) system udp-source-port. on page 469 (link) checksum. on page 467 (link) cancel. on page 484 (link) no. on page 479 (link) keepalive dialer. on page 466 (link) bandwidth adjust. on page 485 (link) ping. on page 481 (link) metric. on page 472 (link) description. on page 465 (link) bandwidth. on page 491 (link) system udp-destination-port. on page 487 (link) remote-unique-id. on page 478 (link) header. on page 495 (link) udp-destination-port. on page 482 (link) mss. on page 490 (link) system encapsulation. No additional parameters necessary ACC1(LINK)# c an ce l • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (config) interface link. on page 498 . on page 459 (config) interface link refresh-acceleration. on page 474 (link) encapsulation transparent. on page 460 (config) interface link template. on page 477 (link) fragmentation. on page 462 (link) acceleration. on page 488 (link) show. on page 486 (link) priority. on page 475 (link) exit. on page 480 (link) link. on page 473 (link) encapsulation. on page 497 (link) wan-id. on page 489 (link) subnet. on page 483 (link) mtu.

470 A p pe n di x F: Command Line Interface (link) checksum Command Description Parameters Example with Syntax Related Commands ACC1(LINK)# c he c ks um <e n ab le |d is a bl e > Enables or disables checksum Enable to enable. on page 491 (link) system udp-destination-port. on page 482 (link) mss. on page 495 (link) udp-destination-port. on page 464 (link) aggregation auto. on page 483 (link) mtu. on page 477 (link) fragmentation. on page 497 (link) wan-id. on page 492 (link) system udp-source-port. on page 465 (link) bandwidth. on page 471 (link) crypto. on page 484 (link) no. on page 467 (link) cancel. on page 470 (link) clear counters. on page 496 (link) udp-source-port. on page 462 (link) acceleration. on page 473 (link) encapsulation. on page 469 (link) checksum. on page 466 (link) bandwidth adjust. on page 493 (link) tcp-acceleration. on page 479 (link) keepalive dialer. on page 489 (link) subnet. on page 481 (link) metric. on page 485 (link) ping. on page 494 (link) traffic-gauge. on page 478 (link) header. on page 474 (link) encapsulation transparent. on page 472 (link) description. on page 498 Ac ce ler at o rOS Ve rsi on 7. on page 480 (link) link.1 Us er Gu id e . on page 486 (link) priority. on page 460 (config) interface link template. on page 490 (link) system encapsulation. on page 459 (config) interface link refresh-acceleration.0 . on page 487 (link) remote-unique-id. Disable to disable ACC1(LINK)# c he c ks um enable • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (config) interface link. on page 488 (link) show. on page 461 (config) show interface link summary. on page 475 (link) exit.

on page 466 (link) bandwidth adjust. on page 494 (link) traffic-gauge. There is no confirm. on page 478 (link) header. on page 477 (link) fragmentation. on page 467 (link) cancel. on page 485 (link) ping. on page 475 (link) exit. No additional parameters necessary. on page 471 (link) crypto. on page 481 (link) metric. on page 492 (link) system udp-source-port. on page 489 (link) subnet. on page 479 (link) keepalive dialer. ACC1(LINK)# c le ar co un t er s • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (config) interface link. on page 473 (link) encapsulation. on page 495 (link) udp-destination-port. on page 472 (link) description. on page 483 (link) mtu. on page 488 (link) show. on page 493 (link) tcp-acceleration. on page 480 (link) link. on page 497 (link) wan-id. on page 491 (link) system udp-destination-port. on page 460 (config) interface link template. on page 496 (link) udp-source-port. on page 465 (link) bandwidth. on page 490 (link) system encapsulation. on page 487 (link) remote-unique-id. on page 484 (link) no. on page 461 (config) show interface link summary. on page 462 (link) acceleration. on page 474 (link) encapsulation transparent. on page 482 (link) mss.Co n f ig u r at io n C om m an d s / 471 (link) clear counters Command Description Parameters Example with Syntax Related Commands ACC1(LINK)# c le ar co un t er s Clears the traffic counters on the specified link. on page 469 (link) checksum. on page 498 . on page 464 (link) aggregation auto. on page 459 (config) interface link refresh-acceleration. on page 486 (link) priority. on page 470 (link) clear counters.

on page 475 (link) exit. on page 470 (link) clear counters. on page 503 for the Crypto node commands (config) interface link. on page 464 (link) aggregation auto. on page 494 (link) traffic-gauge. on page 479 (link) keepalive dialer. on page 469 (link) checksum. on page 481 (link) metric. on page 486 (link) priority. on page 496 (link) udp-source-port. Requires an IPsec License. on page 485 (link) ping. on page 467 (link) cancel.472 A p pe n di x F: Command Line Interface (link) crypto Command Description Parameters Example with Syntax Related Commands ACC1(LINK)# c ry p to Opens the IP Sec node. on page 490 (link) system encapsulation. on page 465 (link) bandwidth. on page 489 (link) subnet. on page 493 (link) tcp-acceleration.0 . on page 497 (link) wan-id. on page 471 (link) crypto. on page 484 (link) no. No additional parameters necessary. on page 459 (config) interface link refresh-acceleration. on page 462 (link) acceleration. on page 495 (link) udp-destination-port. on page 491 (link) system udp-destination-port. on page 492 (link) system udp-source-port.1 Us er Gu id e . on page 466 (link) bandwidth adjust. on page 483 (link) mtu. on page 461 (config) show interface link summary. on page 480 (link) link. on page 474 (link) encapsulation transparent. on page 478 (link) header. on page 487 (link) remote-unique-id. on page 460 (config) interface link template. on page 473 (link) encapsulation. ACC1(LINK)# c ry p to • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • Crypto Commands. on page 477 (link) fragmentation. on page 498 Ac ce ler at o rOS Ve rsi on 7. on page 482 (link) mss. on page 488 (link) show. on page 472 (link) description.

on page 494 (link) traffic-gauge. on page 466 (link) bandwidth adjust. on page 483 (link) mtu. on page 491 (link) system udp-destination-port. on page 485 (link) ping. on page 462 (link) acceleration. on page 459 (config) interface link refresh-acceleration. Provide a description that contains no spaces or special characters ACC1(LINK)# d es cr i pt io n link_to_branch_office • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (config) interface link. on page 472 (link) description. on page 489 (link) subnet. on page 478 (link) header. on page 469 (link) checksum.Co n f ig u r at io n C om m an d s / 473 (link) description Command Description Parameters Example with Syntax Related Commands ACC1(LINK)# d es cr i pt io n Gives a description for the link. on page 474 (link) encapsulation transparent. on page 484 (link) no. on page 481 (link) metric. on page 487 (link) remote-unique-id. on page 475 (link) exit. on page 498 . on page 497 (link) wan-id. on page 486 (link) priority. on page 482 (link) mss. on page 461 (config) show interface link summary. on page 465 (link) bandwidth. on page 467 (link) cancel. on page 495 (link) udp-destination-port. on page 490 (link) system encapsulation. on page 473 (link) encapsulation. on page 460 (config) interface link template. on page 493 (link) tcp-acceleration. on page 464 (link) aggregation auto. on page 492 (link) system udp-source-port. on page 470 (link) clear counters. on page 479 (link) keepalive dialer. on page 488 (link) show. on page 496 (link) udp-source-port. on page 471 (link) crypto. on page 480 (link) link. on page 477 (link) fragmentation.

on page 497 (link) wan-id. on page 495 (link) udp-destination-port. on page 491 (link) system udp-destination-port. on page 487 (link) remote-unique-id. on page 478 (link) header. on page 479 (link) keepalive dialer. on page 481 (link) metric. on page 484 (link) no. on page 475 (link) exit. on page 464 (link) aggregation auto. on page 482 (link) mss. on page 474 (link) encapsulation transparent.c om p |t ra n sp ar e nt | ud p > Sets the type of encapsulation that is to be done on the specific link. on page 494 (link) traffic-gauge. on page 460 (config) interface link template. on page 477 (link) fragmentation.1 Us er Gu id e . on page 488 (link) show. on page 472 (link) description. on page 465 (link) bandwidth. on page 490 (link) system encapsulation. Choose from one of the following: • IP-comp • Transparent • UDP Example with Syntax Related Commands ACC1(LINK)# e nc a ps ul a ti o n ud p • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (config) interface link. on page 471 (link) crypto. on page 480 (link) link. on page 489 (link) subnet.0 . on page 469 (link) checksum. on page 462 (link) acceleration. on page 493 (link) tcp-acceleration. on page 459 (config) interface link refresh-acceleration. on page 486 (link) priority. on page 496 (link) udp-source-port. on page 473 (link) encapsulation. on page 485 (link) ping. on page 492 (link) system udp-source-port. on page 483 (link) mtu. on page 498 Ac ce ler at o rOS Ve rsi on 7. on page 466 (link) bandwidth adjust. on page 470 (link) clear counters. on page 467 (link) cancel. on page 461 (config) show interface link summary.474 A p pe n di x F: Command Line Interface (link) encapsulation Command Description Parameters ACC1(LINK)# en ca p su la t io n <i p.

If after changing the requested parameters you press Cancel instead of Exit.Co n f ig u r at io n C om m an d s / 475 (link) encapsulation transparent i i Note: Encapsulation settings can be asymmetric. This means that you can set one Accelerator to Router Transparency while setting the other Accelerator to IPComp in the opposite direction. ensure that the IPCOMP protocol is not blocked before selecting either IPCOMP or RTM encapsulation. saving the parameters requires you to exit the link mode. the parameters are not saved i i . However. Therefore. IPCOMP encapsulation will not function if the IPCOMP protocol is blocked by a firewall. Note: Once the link parameters have been modified. This is useful when RTM mode is desired and one of the Accelerators is On-LAN and the other is On-Path.

on page 473 (link) encapsulation. on page 494 (link) traffic-gauge. This setting is optional No additional parameters ACC1(link)#e nc a ps ul a ti o n tr a ns pa r en t • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (config) interface link. on page 471 (link) crypto. on page 491 (link) system udp-destination-port. on page 470 (link) clear counters. on page 465 (link) bandwidth. on page 493 (link) tcp-acceleration. on page 475 (link) exit. on page 498 Ac ce ler at o rOS Ve rsi on 7. on page 477 (link) fragmentation. on page 459 (config) interface link refresh-acceleration. on page 460 (config) interface link template. on page 489 (link) subnet. on page 488 (link) show. on page 484 (link) no. on page 483 (link) mtu. on page 474 (link) encapsulation transparent. on page 496 (link) udp-source-port. on page 480 (link) link. on page 466 (link) bandwidth adjust. on page 469 (link) checksum. on page 472 (link) description. on page 487 (link) remote-unique-id. on page 467 (link) cancel. on page 461 (config) show interface link summary. on page 490 (link) system encapsulation. on page 495 (link) udp-destination-port. on page 479 (link) keepalive dialer. on page 497 (link) wan-id. on page 464 (link) aggregation auto.476 A p pe n di x F: Command Line Interface Command Description Parameters Example with Syntax Related Commands ACC1(link)#e nc a ps ul a ti o n tr a ns pa r en t [ O pt io n al ] Sets the link to work in router transparent mode. on page 492 (link) system udp-source-port. on page 462 (link) acceleration. on page 482 (link) mss. on page 478 (link) header. on page 485 (link) ping. on page 486 (link) priority.0 . on page 481 (link) metric.1 Us er Gu id e .

on page 465 (link) bandwidth. on page 489 (link) subnet. on page 494 (link) traffic-gauge. on page 493 (link) tcp-acceleration. on page 461 (config) show interface link summary. on page 479 (link) keepalive dialer.Co n f ig u r at io n C om m an d s / 477 (link) exit Command Description Parameters Example with Syntax Related Commands ACC1(LINK)# e xi t Exits the Link node and goes to the parent node. on page 470 (link) clear counters. on page 488 (link) show. No additional parameters necessary. on page 491 (link) system udp-destination-port. on page 478 (link) header. on page 467 (link) cancel. on page 466 (link) bandwidth adjust. on page 474 (link) encapsulation transparent. on page 484 (link) no. on page 475 (link) exit. on page 460 (config) interface link template. on page 497 (link) wan-id. on page 498 . on page 496 (link) udp-source-port. on page 471 (link) crypto. on page 482 (link) mss. on page 487 (link) remote-unique-id. on page 483 (link) mtu. on page 480 (link) link. on page 477 (link) fragmentation. on page 472 (link) description. on page 473 (link) encapsulation. on page 459 (config) interface link refresh-acceleration. on page 481 (link) metric. ACC1(LINK)# e xi t • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (config) interface link. on page 486 (link) priority. on page 464 (link) aggregation auto. on page 490 (link) system encapsulation. on page 495 (link) udp-destination-port. on page 462 (link) acceleration. on page 469 (link) checksum. on page 485 (link) ping. on page 492 (link) system udp-source-port.

on page 472 (link) description. on page 466 (link) bandwidth adjust. use the auto command. on page 482 (link) mss. on page 484 (link) no. on page 481 (link) metric. on page 498 Ac ce ler at o rOS Ve rsi on 7. Example with Syntax Related Commands ACC1(LINK)# f ra g me nt a ti o n auto 900 • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (config) interface link.0 . on page 487 (link) remote-unique-id. followed by a packet size (68-6000) if you want to set a specific packet size or click enter if you want the Accelerator to decide. on page 471 (link) crypto. on page 485 (link) ping. on page 459 (config) interface link refresh-acceleration. To disable fragmentation type disable and click Enter. on page 467 (link) cancel. on page 488 (link) show. on page 477 (link) fragmentation. on page 480 (link) link. on page 492 (link) system udp-source-port. on page 496 (link) udp-source-port. on page 474 (link) encapsulation transparent. on page 483 (link) mtu.478 A p pe n di x F: Command Line Interface (link) fragmentation Command Description Parameters ACC1(LINK)# f ra g me nt a ti o n <d i sa bl e | a ut o> Enables or disables fragmentation on a specific link To set fragmentation. on page 495 (link) udp-destination-port. on page 478 (link) header. on page 486 (link) priority. on page 470 (link) clear counters. on page 479 (link) keepalive dialer. on page 460 (config) interface link template. on page 494 (link) traffic-gauge. on page 490 (link) system encapsulation. on page 493 (link) tcp-acceleration. on page 475 (link) exit. on page 491 (link) system udp-destination-port. on page 461 (config) show interface link summary. on page 473 (link) encapsulation.1 Us er Gu id e . on page 489 (link) subnet. on page 465 (link) bandwidth. on page 464 (link) aggregation auto. on page 469 (link) checksum. on page 497 (link) wan-id. on page 462 (link) acceleration.

on page 488 (link) show. or disable to disable. on page 475 (link) exit. on page 465 (link) bandwidth. on page 467 (link) cancel. on page 490 (link) system encapsulation. on page 471 (link) crypto. on page 495 (link) udp-destination-port. on page 479 (link) keepalive dialer. on page 487 (link) remote-unique-id. on page 464 (link) aggregation auto. on page 483 (link) mtu. on page 498 . on page 473 (link) encapsulation. on page 489 (link) subnet. on page 466 (link) bandwidth adjust. on page 462 (link) acceleration. on page 474 (link) encapsulation transparent. on page 478 (link) header. ACC1(LINK)# h ea de r compression enable • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (config) interface link. on page 469 (link) checksum. on page 482 (link) mss. on page 493 (link) tcp-acceleration. on page 477 (link) fragmentation. on page 460 (config) interface link template. on page 496 (link) udp-source-port. on page 497 (link) wan-id. on page 481 (link) metric. Use one of the above choices (compression or preservation). followed by enable to enable. on page 494 (link) traffic-gauge. on page 484 (link) no. on page 486 (link) priority. on page 461 (config) show interface link summary. on page 472 (link) description. on page 485 (link) ping. on page 492 (link) system udp-source-port. on page 491 (link) system udp-destination-port. on page 459 (config) interface link refresh-acceleration. on page 480 (link) link.Co n f ig u r at io n C om m an d s / 479 (link) header Command Description Parameters Example with Syntax Related Commands ACC1(LINK)# h ea de r < co m pr e ss io n | p r es e rv at i on > Enables or disables either header compression or preservation. on page 470 (link) clear counters.

on page 481 (link) metric. on page 472 (link) description. on page 491 (link) system udp-destination-port. on page 466 (link) bandwidth adjust. on page 478 (link) header. on page 462 (link) acceleration. on page 486 (link) priority.480 A p pe n di x F: Command Line Interface (link) keepalive dialer Command Description Parameters Example with Syntax Related Commands ACC1(LINK)# k ee p al iv e d i al er Creates a keepalive value for a specified link. on page 477 (link) fragmentation. on page 497 (link) wan-id. on page 488 (link) show. on page 479 (link) keepalive dialer. on page 483 (link) mtu. on page 495 (link) udp-destination-port. on page 467 (link) cancel. on page 492 (link) system udp-source-port.1 Us er Gu id e . on page 487 (link) remote-unique-id. on page 498 Ac ce ler at o rOS Ve rsi on 7. on page 490 (link) system encapsulation. on page 459 (config) interface link refresh-acceleration. on page 470 (link) clear counters. on page 489 (link) subnet. on page 493 (link) tcp-acceleration. on page 480 (link) link. on page 464 (link) aggregation auto.0 . on page 484 (link) no. on page 461 (config) show interface link summary. on page 474 (link) encapsulation transparent. on page 473 (link) encapsulation. on page 482 (link) mss. on page 460 (config) interface link template. ACC1(LINK)# k ee p al iv e d i al er 10000 • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (config) interface link. on page 465 (link) bandwidth. on page 485 (link) ping. on page 469 (link) checksum. on page 471 (link) crypto. on page 475 (link) exit. on page 496 (link) udp-source-port. on page 494 (link) traffic-gauge. Enter an acceptable keepalive value in seconds (3-86400).

on page 489 (link) subnet.Co n f ig u r at io n C om m an d s / 481 (link) link Command Description Parameters ACC1(LINK)# l in k < de st i na t io n| s er vi c e| s ou rc e > Sets the link’s source. on page 465 (link) bandwidth. on page 483 (link) mtu. on page 475 (link) exit. on page 460 (config) interface link template. on page 488 (link) show. on page 467 (link) cancel. on page 487 (link) remote-unique-id. on page 478 (link) header. on page 462 (link) acceleration. on page 492 (link) system udp-source-port. on page 484 (link) no. on page 461 (config) show interface link summary. on page 486 (link) priority. on page 481 (link) metric. on page 469 (link) checksum.1 • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (config) interface link. on page 485 (link) ping. on page 497 (link) wan-id. and service parameters Enter one/all of the following parameters • Destination +IP address for the link destination IP • Service + tos + tos value (0-255) to update the link service ToS • Source + IP address for the link source IP address Example with Syntax Related Commands ACC1(LINK)# l in k service tos 20 ACC1(LINK)# l in k source 1.1. on page 494 (link) traffic-gauge. on page 466 (link) bandwidth adjust. on page 490 (link) system encapsulation.1. on page 474 (link) encapsulation transparent. on page 498 . on page 471 (link) crypto. on page 493 (link) tcp-acceleration. on page 472 (link) description. on page 482 (link) mss. on page 459 (config) interface link refresh-acceleration. on page 491 (link) system udp-destination-port. on page 477 (link) fragmentation. on page 473 (link) encapsulation. on page 480 (link) link. on page 495 (link) udp-destination-port. destination. on page 479 (link) keepalive dialer. on page 464 (link) aggregation auto. on page 470 (link) clear counters. on page 496 (link) udp-source-port.

on page 472 (link) description. on page 482 (link) mss. on page 478 (link) header. on page 480 (link) link. on page 467 (link) cancel. on page 477 (link) fragmentation. on page 489 (link) subnet.482 A p pe n di x F: Command Line Interface (link) metric Command Description Parameters Example with Syntax Related Commands ACC1(LINK)# l in k m et r ic <n um b er > Sets the Metrics for the specified link. on page 461 (config) show interface link summary.0 . on page 486 (link) priority. on page 459 (config) interface link refresh-acceleration. on page 465 (link) bandwidth. on page 470 (link) clear counters. on page 473 (link) encapsulation. on page 483 (link) mtu. on page 488 (link) show. on page 475 (link) exit. on page 471 (link) crypto. on page 492 (link) system udp-source-port. on page 487 (link) remote-unique-id. on page 466 (link) bandwidth adjust. on page 462 (link) acceleration. on page 481 (link) metric. on page 485 (link) ping. on page 490 (link) system encapsulation.1 Us er Gu id e . on page 464 (link) aggregation auto. on page 491 (link) system udp-destination-port. on page 460 (config) interface link template. on page 484 (link) no. on page 497 (link) wan-id. on page 498 Ac ce ler at o rOS Ve rsi on 7. on page 469 (link) checksum. on page 474 (link) encapsulation transparent. on page 493 (link) tcp-acceleration. on page 479 (link) keepalive dialer. on page 495 (link) udp-destination-port. on page 494 (link) traffic-gauge. on page 496 (link) udp-source-port. Enter the link’s metric value (11-10000) ACC1(LINK)# m et r ic 100 • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (config) interface link.

Co n f ig u r at io n C om m an d s / 483 (link) mss Command Description Parameters ACC1(LINK)# l in k m ss < n um b er | au to |n o ne > Sets the MSS value for the specified link Enter one/all of the following parameters: • A specific packet size (68-6000) • auto . on page 492 (link) system udp-source-port. on page 482 (link) mss. on page 496 (link) udp-source-port. on page 467 (link) cancel. on page 483 (link) mtu. on page 489 (link) subnet. on page 494 (link) traffic-gauge. on page 486 (link) priority. on page 495 (link) udp-destination-port. on page 469 (link) checksum. on page 459 (config) interface link refresh-acceleration. on page 484 (link) no. on page 488 (link) show. on page 481 (link) metric. on page 475 (link) exit. on page 479 (link) keepalive dialer. on page 485 (link) ping. on page 471 (link) crypto. on page 460 (config) interface link template. on page 462 (link) acceleration. on page 461 (config) show interface link summary. on page 493 (link) tcp-acceleration. on page 480 (link) link. on page 464 (link) aggregation auto. on page 473 (link) encapsulation. on page 487 (link) remote-unique-id. on page 498 . on page 472 (link) description. on page 478 (link) header. on page 474 (link) encapsulation transparent.to allow the Accelerator to decide automatically • none .to have MSS be disabled Example with Syntax Related Commands ACC1(LINK)# m ss auto • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (config) interface link. on page 470 (link) clear counters. on page 497 (link) wan-id. on page 466 (link) bandwidth adjust. on page 491 (link) system udp-destination-port. on page 465 (link) bandwidth. on page 490 (link) system encapsulation. on page 477 (link) fragmentation.

0 .1 Us er Gu id e . on page 475 (link) exit. on page 482 (link) mss. on page 464 (link) aggregation auto. on page 473 (link) encapsulation. on page 478 (link) header. on page 470 (link) clear counters. on page 477 (link) fragmentation. on page 485 (link) ping. on page 467 (link) cancel. on page 484 (link) no. on page 495 (link) udp-destination-port. on page 469 (link) checksum. on page 480 (link) link. on page 491 (link) system udp-destination-port. on page 462 (link) acceleration. on page 465 (link) bandwidth. on page 466 (link) bandwidth adjust. on page 490 (link) system encapsulation. on page 493 (link) tcp-acceleration. on page 486 (link) priority. on page 474 (link) encapsulation transparent. on page 497 (link) wan-id. on page 461 (config) show interface link summary. on page 492 (link) system udp-source-port. on page 471 (link) crypto. on page 472 (link) description. on page 489 (link) subnet. on page 488 (link) show.484 A p pe n di x F: Command Line Interface (link) mtu Command Description Parameters Example with Syntax Related Commands ACC1(LINK)# m tu <n um b er > Sets the link’s mean transmission unit value Enter the packet size (68-6000) ACC1(LINK)# m tu 100 • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (config) interface link. on page 483 (link) mtu. on page 481 (link) metric. on page 460 (config) interface link template. on page 496 (link) udp-source-port. on page 494 (link) traffic-gauge. on page 459 (config) interface link refresh-acceleration. on page 479 (link) keepalive dialer. on page 487 (link) remote-unique-id. on page 498 Ac ce ler at o rOS Ve rsi on 7.

on page 471 (link) crypto. on page 459 (config) interface link refresh-acceleration. on page 467 (link) cancel. on page 465 (link) bandwidth.Co n f ig u r at io n C om m an d s / 485 (link) no Command Description Parameters Example with Syntax Related Commands ACC1(LINK)# n o <c o mm an d > Negates any set command. on page 472 (link) description. on page 473 (link) encapsulation. on page 498 . on page 496 (link) udp-source-port. No + the command you want to negate ACC1(LINK)# n o mtu • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (config) interface link. on page 491 (link) system udp-destination-port. on page 466 (link) bandwidth adjust. on page 462 (link) acceleration. on page 481 (link) metric. on page 479 (link) keepalive dialer. on page 490 (link) system encapsulation. on page 464 (link) aggregation auto. on page 461 (config) show interface link summary. on page 486 (link) priority. on page 488 (link) show. on page 493 (link) tcp-acceleration. on page 497 (link) wan-id. on page 482 (link) mss. on page 469 (link) checksum. on page 489 (link) subnet. on page 474 (link) encapsulation transparent. on page 484 (link) no. on page 460 (config) interface link template. on page 492 (link) system udp-source-port. on page 485 (link) ping. on page 483 (link) mtu. on page 495 (link) udp-destination-port. on page 470 (link) clear counters. on page 477 (link) fragmentation. on page 494 (link) traffic-gauge. on page 475 (link) exit. on page 480 (link) link. on page 487 (link) remote-unique-id. on page 478 (link) header.

on page 497 (link) wan-id. on page 473 (link) encapsulation. on page 484 (link) no. on page 480 (link) link. on page 477 (link) fragmentation.486 A p pe n di x F: Command Line Interface (link) ping Command Description Parameters Example with Syntax Related Commands ACC1(LINK)# p in g < de s ti n at io n > Sends a ping to a specific destination Enter a valid IP address of the destination. on page 488 (link) show. on page 475 (link) exit. on page 485 (link) ping. on page 482 (link) mss. on page 459 (config) interface link refresh-acceleration. on page 489 (link) subnet.0 . on page 474 (link) encapsulation transparent. on page 493 (link) tcp-acceleration. on page 471 (link) crypto. on page 483 (link) mtu.1.1. ACC1(LINK)# p in g 1.1 • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (config) interface link. on page 466 (link) bandwidth adjust. on page 478 (link) header. on page 486 (link) priority. on page 467 (link) cancel. on page 481 (link) metric. on page 464 (link) aggregation auto. on page 461 (config) show interface link summary. on page 491 (link) system udp-destination-port. on page 469 (link) checksum. on page 492 (link) system udp-source-port. on page 498 Ac ce ler at o rOS Ve rsi on 7. on page 462 (link) acceleration. on page 487 (link) remote-unique-id. on page 460 (config) interface link template. on page 490 (link) system encapsulation. on page 479 (link) keepalive dialer. on page 470 (link) clear counters. on page 495 (link) udp-destination-port. on page 496 (link) udp-source-port. on page 465 (link) bandwidth. on page 472 (link) description. on page 494 (link) traffic-gauge.1 Us er Gu id e .

on page 479 (link) keepalive dialer. on page 489 (link) subnet. on page 473 (link) encapsulation. on page 481 (link) metric.ql en | ob so l et e |w ei g ht s> Sets priority flags for the specific link Enter one of the following: • max-qlen+auto • max-qlen+discard+prioroty value (0-1000000) • obsolete+auto • obsolete+discard+prioroty value (0-1000000) • weights+auto • weights+discard+priority value (0-1000000) Example with Syntax ACC1(LINK)# p ri or i ty max-qlen discard 500 ACC1(LINK)# p ri or i ty obsolete auto ACC1(LINK)# p ri or i ty weights discard 800 • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (config) interface link. on page 498 Related Commands . on page 496 (link) udp-source-port. on page 491 (link) system udp-destination-port. on page 465 (link) bandwidth. on page 459 (config) interface link refresh-acceleration. on page 482 (link) mss. on page 474 (link) encapsulation transparent. on page 470 (link) clear counters. on page 492 (link) system udp-source-port. on page 460 (config) interface link template. on page 478 (link) header. on page 462 (link) acceleration. on page 493 (link) tcp-acceleration. on page 480 (link) link. on page 495 (link) udp-destination-port. on page 488 (link) show. on page 484 (link) no. on page 466 (link) bandwidth adjust. on page 485 (link) ping. on page 494 (link) traffic-gauge. on page 469 (link) checksum. on page 486 (link) priority. on page 475 (link) exit.Co n f ig u r at io n C om m an d s / 487 (link) priority Command Description Parameters ACC1(LINK)# p ri or i ty < m ax . on page 497 (link) wan-id. on page 483 (link) mtu. on page 477 (link) fragmentation. on page 472 (link) description. on page 471 (link) crypto. on page 487 (link) remote-unique-id. on page 464 (link) aggregation auto. on page 467 (link) cancel. on page 461 (config) show interface link summary. on page 490 (link) system encapsulation.

on page 473 (link) encapsulation.b9 j2 3 56 3 0. on page 469 (link) checksum. on page 467 (link) cancel. on page 471 (link) crypto.63 • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (config) interface link.id 7a 6b 9 -c 4 5r 56 .id <I D> Sets the ID for the remote site Enter a valid 27 character ID string. on page 462 (link) acceleration. on page 474 (link) encapsulation transparent. on page 477 (link) fragmentation. on page 485 (link) ping. on page 496 (link) udp-source-port. on page 482 (link) mss. on page 478 (link) header. on page 487 (link) remote-unique-id. on page 498 Ac ce ler at o rOS Ve rsi on 7. on page 472 (link) description. on page 466 (link) bandwidth adjust. on page 488 (link) show. on page 486 (link) priority. on page 481 (link) metric. on page 483 (link) mtu. on page 490 (link) system encapsulation. on page 489 (link) subnet.0 . on page 460 (config) interface link template.488 A p pe n di x F: Command Line Interface (link) remote-unique-id Command Description Parameters Example with Syntax Related Commands ACC1(LINK)# r em o te -u n iq u e. on page 475 (link) exit. on page 459 (config) interface link refresh-acceleration. on page 464 (link) aggregation auto. on page 492 (link) system udp-source-port. on page 494 (link) traffic-gauge. on page 479 (link) keepalive dialer. on page 461 (config) show interface link summary. on page 491 (link) system udp-destination-port. on page 480 (link) link.1 Us er Gu id e . on page 495 (link) udp-destination-port. ACC1(LINK)# r em o te -u n iq u e. on page 497 (link) wan-id. on page 470 (link) clear counters. on page 484 (link) no. on page 465 (link) bandwidth. on page 493 (link) tcp-acceleration.

on page 471 (link) crypto. on page 479 (link) keepalive dialer. ACC1(LINK)# s ho w • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (config) interface link. on page 466 (link) bandwidth adjust.Co n f ig u r at io n C om m an d s / 489 (link) show Command Description Parameters Example with Syntax Related Commands ACC1(LINK)# s ho w Shows the current configuration of the specific link No additional parameters necessary. on page 484 (link) no. on page 470 (link) clear counters. on page 473 (link) encapsulation. on page 490 (link) system encapsulation. on page 498 . on page 496 (link) udp-source-port. on page 481 (link) metric. on page 465 (link) bandwidth. on page 483 (link) mtu. on page 486 (link) priority. on page 492 (link) system udp-source-port. on page 464 (link) aggregation auto. on page 489 (link) subnet. on page 475 (link) exit. on page 495 (link) udp-destination-port. on page 474 (link) encapsulation transparent. on page 478 (link) header. on page 462 (link) acceleration. on page 494 (link) traffic-gauge. on page 460 (config) interface link template. on page 467 (link) cancel. on page 485 (link) ping. on page 482 (link) mss. on page 472 (link) description. on page 493 (link) tcp-acceleration. on page 497 (link) wan-id. on page 488 (link) show. on page 487 (link) remote-unique-id. on page 491 (link) system udp-destination-port. on page 461 (config) show interface link summary. on page 469 (link) checksum. on page 459 (config) interface link refresh-acceleration. on page 480 (link) link. on page 477 (link) fragmentation.

requires the IP address and or the subnet mask of the subnet Example with Syntax Related Commands ACC1(LINK)# s ub n et a d d 1. on page 496 (link) udp-source-port. on page 464 (link) aggregation auto. on page 466 (link) bandwidth adjust. on page 493 (link) tcp-acceleration.490 A p pe n di x F: Command Line Interface (link) subnet Command Description Parameters ACC1(LINK)# s ub n et < a dd |e xc l ud e> Adds or excludes a specific subnet to the specific link Use one of the following parameters: • add .1 Us er Gu id e . on page 460 (config) interface link template. on page 462 (link) acceleration. on page 472 (link) description. on page 467 (link) cancel. on page 470 (link) clear counters. on page 475 (link) exit. on page 497 (link) wan-id. on page 482 (link) mss. on page 465 (link) bandwidth. on page 469 (link) checksum. on page 492 (link) system udp-source-port. on page 487 (link) remote-unique-id. on page 490 (link) system encapsulation. on page 461 (config) show interface link summary. on page 484 (link) no. on page 477 (link) fragmentation. on page 489 (link) subnet. on page 488 (link) show. on page 481 (link) metric.1 • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (config) interface link. on page 474 (link) encapsulation transparent. on page 480 (link) link.1.1. on page 478 (link) header. on page 494 (link) traffic-gauge. on page 498 Ac ce ler at o rOS Ve rsi on 7. on page 479 (link) keepalive dialer.0 . on page 459 (config) interface link refresh-acceleration. on page 471 (link) crypto. on page 485 (link) ping. on page 473 (link) encapsulation. on page 495 (link) udp-destination-port. on page 486 (link) priority. on page 483 (link) mtu. on page 491 (link) system udp-destination-port.requires the IP address and or subnet mask of the subnet • exclude .

on page 479 (link) keepalive dialer. on page 466 (link) bandwidth adjust. on page 460 (config) interface link template. on page 472 (link) description. on page 464 (link) aggregation auto. on page 470 (link) clear counters. on page 474 (link) encapsulation transparent. on page 462 (link) acceleration. on page 471 (link) crypto.c om p | ud p > Sets the system encapsulation type.the Accelerator will decide • ip-comp . on page 496 (link) udp-source-port.IP-comp encapsulation • udp . on page 469 (link) checksum. on page 480 (link) link. on page 477 (link) fragmentation. on page 490 (link) system encapsulation. on page 467 (link) cancel. Use one of the following parameters: • auto . on page 485 (link) ping. on page 497 (link) wan-id. on page 493 (link) tcp-acceleration. on page 481 (link) metric. on page 465 (link) bandwidth. on page 459 (config) interface link refresh-acceleration. on page 488 (link) show. on page 473 (link) encapsulation. on page 489 (link) subnet. on page 491 (link) system udp-destination-port. on page 498 . on page 487 (link) remote-unique-id. on page 483 (link) mtu. on page 494 (link) traffic-gauge. on page 482 (link) mss. on page 495 (link) udp-destination-port.UDP encapsulation Example with Syntax Related Commands ACC1(LINK)# s ys te m e nc a ps u la ti o n udp • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (config) interface link. on page 492 (link) system udp-source-port. on page 475 (link) exit. on page 461 (config) show interface link summary. on page 478 (link) header. on page 486 (link) priority. on page 484 (link) no.Co n f ig u r at io n C om m an d s / 491 (link) system encapsulation Command Description Parameters ACC1(LINK)# s ys t em en c ap su l at i on <a u to | i p.

on page 494 (link) traffic-gauge. on page 482 (link) mss.d es ti n at io n -p o rt < n um be r > Sets the system’s UDP destination port Enter a valid port number (1-65535) ACC1(LINK)# s ys t em u d p. on page 493 (link) tcp-acceleration. on page 477 (link) fragmentation.0 . on page 461 (config) show interface link summary. on page 472 (link) description. on page 473 (link) encapsulation. on page 485 (link) ping. on page 469 (link) checksum. on page 483 (link) mtu. on page 495 (link) udp-destination-port.d es ti n at io n -p o rt 422 • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (config) interface link. on page 489 (link) subnet. on page 478 (link) header. on page 488 (link) show. on page 490 (link) system encapsulation. on page 486 (link) priority. on page 470 (link) clear counters. on page 474 (link) encapsulation transparent. on page 464 (link) aggregation auto. on page 496 (link) udp-source-port. on page 459 (config) interface link refresh-acceleration. on page 462 (link) acceleration.492 A p pe n di x F: Command Line Interface (link) system udp-destination-port Command Description Parameters Example with Syntax Related Commands ACC1(LINK)# s ys t em u d p.1 Us er Gu id e . on page 467 (link) cancel. on page 479 (link) keepalive dialer. on page 492 (link) system udp-source-port. on page 480 (link) link. on page 484 (link) no. on page 497 (link) wan-id. on page 471 (link) crypto. on page 498 Ac ce ler at o rOS Ve rsi on 7. on page 460 (config) interface link template. on page 465 (link) bandwidth. on page 487 (link) remote-unique-id. on page 481 (link) metric. on page 466 (link) bandwidth adjust. on page 491 (link) system udp-destination-port. on page 475 (link) exit.

on page 489 (link) subnet. on page 467 (link) cancel.Co n f ig u r at io n C om m an d s / 493 (link) system udp-source-port Command Description Parameters Example with Syntax Related Commands ACC1(LINK)# s ys te m u dp . on page 495 (link) udp-destination-port. on page 496 (link) udp-source-port. on page 469 (link) checksum. on page 490 (link) system encapsulation. on page 487 (link) remote-unique-id. on page 466 (link) bandwidth adjust. on page 459 (config) interface link refresh-acceleration. on page 461 (config) show interface link summary. on page 480 (link) link. on page 460 (config) interface link template. on page 485 (link) ping. on page 494 (link) traffic-gauge. on page 491 (link) system udp-destination-port. on page 465 (link) bandwidth. on page 486 (link) priority. on page 483 (link) mtu. on page 474 (link) encapsulation transparent.so u rc e. on page 492 (link) system udp-source-port. on page 472 (link) description. on page 481 (link) metric. on page 477 (link) fragmentation. on page 498 . on page 470 (link) clear counters.p or t 222 • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (config) interface link. on page 479 (link) keepalive dialer. on page 475 (link) exit.so u rc e. on page 497 (link) wan-id. on page 488 (link) show. on page 484 (link) no. on page 493 (link) tcp-acceleration. on page 462 (link) acceleration. on page 473 (link) encapsulation.p or t < nu m be r> Sets the system’s UDP source port Enter a valid port number (1-65535) ACC1(LINK)# s ys te m u dp . on page 478 (link) header. on page 471 (link) crypto. on page 482 (link) mss. on page 464 (link) aggregation auto.

on page 482 • (link) mss. on page 488 • (link) show. on page 485 • (link) ping. on page 491 • (link) system udp-destination-port. on page 494 • (link) traffic-gauge. on page 490 • (link) system encapsulation. on page 467 • (link) cancel. on page 572. on page 470 • (link) clear counters. on page 487 • (link) remote-unique-id. on page 477 • (link) fragmentation. on page 472 • (link) description. on page 492 • (link) system udp-source-port. on page 459 • (config) interface link refresh-acceleration. for commands within the TCP acceleration node • (config) interface link. on page 483 • (link) mtu. on page 480 • (link) link. on page 474 • (link) encapsulation transparent. on page 461 • (config) show interface link summary.0 . on page 473 • (link) encapsulation. on page 471 • (link) crypto.494 A p pe n di x F: Command Line Interface (link) tcp-acceleration Command Description Parameters Example with Syntax Related Commands ACC1(LINK)# t cp . on page 496 • (link) udp-source-port. on page 479 • (link) keepalive dialer. on page 469 • (link) checksum.ac ce l er a ti on • TCP Acceleration Commands. on page 478 • (link) header. on page 481 • (link) metric.ac ce l er a ti on Opens the TCP acceleration node No additional parameters are necessary ACC1(LINK)# t cp . on page 493 • (link) tcp-acceleration. on page 475 • (link) exit. on page 484 • (link) no. on page 466 • (link) bandwidth adjust. on page 465 • (link) bandwidth.1 Us er Gu id e . on page 498 Ac ce ler at o rOS Ve rsi on 7. on page 489 • (link) subnet. on page 462 • (link) acceleration. on page 495 • (link) udp-destination-port. on page 464 • (link) aggregation auto. on page 460 • (config) interface link template. on page 486 • (link) priority. on page 497 • (link) wan-id.

on page 460 (config) interface link template. on page 475 (link) exit. on page 459 (config) interface link refresh-acceleration. on page 492 (link) system udp-source-port. disable to disable ACC1(LINK)# t ra ff i c. on page 480 (link) link. on page 471 (link) crypto. on page 465 (link) bandwidth. on page 474 (link) encapsulation transparent. on page 484 (link) no. on page 478 (link) header. on page 464 (link) aggregation auto. on page 491 (link) system udp-destination-port. on page 487 (link) remote-unique-id. on page 493 (link) tcp-acceleration. on page 461 (config) show interface link summary. on page 483 (link) mtu. on page 469 (link) checksum. on page 497 (link) wan-id.ga u ge en ab l e • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (config) interface link. on page 479 (link) keepalive dialer. on page 477 (link) fragmentation. on page 473 (link) encapsulation. on page 490 (link) system encapsulation. on page 489 (link) subnet. on page 495 (link) udp-destination-port. on page 494 (link) traffic-gauge. on page 462 (link) acceleration. on page 470 (link) clear counters. on page 496 (link) udp-source-port. on page 481 (link) metric. on page 485 (link) ping. on page 472 (link) description. on page 498 .Co n f ig u r at io n C om m an d s / 495 (link) traffic-gauge Command Description Parameters Example with Syntax Related Commands ACC1(LINK)# t ra ff i c. on page 467 (link) cancel. on page 488 (link) show. on page 482 (link) mss. on page 466 (link) bandwidth adjust.ga u ge <e na b le |d i sa b le > Sets the traffic gauge for the specific link Enable to enable. on page 486 (link) priority.

on page 478 (link) header. on page 472 (link) description. on page 489 (link) subnet. on page 492 (link) system udp-source-port. on page 483 (link) mtu. on page 459 (config) interface link refresh-acceleration. on page 482 (link) mss.p or t 422 • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (config) interface link. on page 487 (link) remote-unique-id. on page 493 (link) tcp-acceleration. on page 465 (link) bandwidth. on page 471 (link) crypto. on page 485 (link) ping. on page 477 (link) fragmentation. on page 480 (link) link.de st i na t io n. on page 488 (link) show.de st i na t io n. on page 496 (link) udp-source-port. on page 497 (link) wan-id.1 Us er Gu id e . on page 474 (link) encapsulation transparent. on page 491 (link) system udp-destination-port. on page 494 (link) traffic-gauge. on page 467 (link) cancel. on page 469 (link) checksum.496 A p pe n di x F: Command Line Interface (link) udp-destination-port Command Description Parameters Example with Syntax Related Commands ACC1(LINK)# u dp . on page 495 (link) udp-destination-port.0 . on page 481 (link) metric. on page 462 (link) acceleration. on page 473 (link) encapsulation. on page 466 (link) bandwidth adjust. on page 475 (link) exit. on page 470 (link) clear counters. on page 486 (link) priority. on page 498 Ac ce ler at o rOS Ve rsi on 7. on page 461 (config) show interface link summary. on page 460 (config) interface link template. on page 490 (link) system encapsulation. on page 464 (link) aggregation auto. on page 479 (link) keepalive dialer. on page 484 (link) no.p or t < nu m be r> Sets the link’s UDP destination port Enter a valid port number (1-65535) ACC1(LINK)# u dp .

on page 484 (link) no. on page 460 (config) interface link template. on page 464 (link) aggregation auto. on page 479 (link) keepalive dialer. on page 461 (config) show interface link summary. on page 487 (link) remote-unique-id. on page 481 (link) metric. on page 470 (link) clear counters. on page 488 (link) show. on page 498 . on page 490 (link) system encapsulation. on page 492 (link) system udp-source-port. on page 466 (link) bandwidth adjust. on page 472 (link) description. on page 480 (link) link. on page 491 (link) system udp-destination-port. on page 489 (link) subnet. on page 474 (link) encapsulation transparent. on page 471 (link) crypto. on page 467 (link) cancel. on page 478 (link) header. on page 482 (link) mss. on page 477 (link) fragmentation. on page 473 (link) encapsulation. on page 469 (link) checksum.po r t <n u mb er > Sets the link’s UDP source port Enter a valid port number (1-65535) ACC1(LINK)# u dp -s o ur ce . on page 486 (link) priority. on page 465 (link) bandwidth. on page 459 (config) interface link refresh-acceleration. on page 475 (link) exit.Co n f ig u r at io n C om m an d s / 497 (link) udp-source-port Command Description Parameters Example with Syntax Related Commands ACC1(LINK)# u dp -s o ur ce . on page 462 (link) acceleration. on page 485 (link) ping. on page 494 (link) traffic-gauge. on page 496 (link) udp-source-port. on page 495 (link) udp-destination-port. on page 497 (link) wan-id. on page 493 (link) tcp-acceleration.po r t 222 • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (config) interface link. on page 483 (link) mtu.

on page 497 (link) wan-id.id < n um b er | d ef au l t> Sets the link’s WAN ID Use one of the following parameters: • For a non-default ID.0 .id default ACC1(LINK)# w an . on page 471 (link) crypto. on page 466 (link) bandwidth adjust.1 Us er Gu id e . on page 481 (link) metric. on page 459 (config) interface link refresh-acceleration. on page 484 (link) no. enter a valid ID number (1-5) • For the default WAN ID. on page 478 (link) header. on page 494 (link) traffic-gauge. on page 488 (link) show. on page 490 (link) system encapsulation. on page 480 (link) link. on page 496 (link) udp-source-port. on page 477 (link) fragmentation. on page 487 (link) remote-unique-id. on page 462 (link) acceleration. on page 473 (link) encapsulation. on page 498 Ac ce ler at o rOS Ve rsi on 7. on page 491 (link) system udp-destination-port. on page 475 (link) exit. on page 479 (link) keepalive dialer. on page 465 (link) bandwidth. on page 464 (link) aggregation auto. on page 469 (link) checksum. on page 460 (config) interface link template. enter default Example with Syntax Related Commands ACC1(LINK)# w an . on page 492 (link) system udp-source-port. on page 485 (link) ping.id 3 • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (config) interface link. on page 470 (link) clear counters.498 A p pe n di x F: Command Line Interface (link) wan-id Command Description Parameters ACC1(LINK)# w an . on page 495 (link) udp-destination-port. on page 482 (link) mss. on page 472 (link) description. on page 467 (link) cancel. on page 461 (config) show interface link summary. on page 486 (link) priority. on page 483 (link) mtu. on page 489 (link) subnet. on page 474 (link) encapsulation transparent. on page 493 (link) tcp-acceleration.

on page 501 (BW-ADJ) minimal-bandwidth. on page 502 (BW-ADJ) decrease interval Command Description Parameters Example with Syntax ACC1(BW-ADJ)# d ec re a se i n te r va l < nu mb e r> Decreases bandwidth adjustment over a specific interval of time for a specific link. on page 501 (BW-ADJ) increase rate. on page 501 minimal-bandwidth.Co n f ig u r at io n C om m an d s / 499 Bandwidth Adjust Commands This section includes the following commands: (BW-ADJ) (BW-ADJ) (BW-ADJ) (BW-ADJ) (BW-ADJ) (BW-ADJ) (BW-ADJ) (BW-ADJ) (BW-ADJ) adjust. on page 500 (BW-ADJ) exit. Enter the interval in seconds (1-20) ACC1(BW-ADJ)# d ec re a se i n te r va l 10 . on page 500 increase interval. on page 502 show. on page 499 (BW-ADJ) decrease rate. on page 500 (BW-ADJ) increase interval. on page 502 (BW-ADJ) adjust Command Description Parameters Example with Syntax Related Commands ACC1(BW-ADJ)# a dj us t <e na b le |d is a bl e> Enables or disables bandwidth adjustment Enable to enable. on page 502 (BW-ADJ) show. on page 502 no. on page 467 (BW-ADJ) adjust. on page 501 increase rate. on page 499 decrease rate. on page 500 exit. on page 499 decrease interval. on page 499 (BW-ADJ) decrease interval. Disable to disable ACC1(BW-ADJ)# a dj us t enable • • • • • • • • • • (link) bandwidth adjust. on page 502 (BW-ADJ) no.

on page 500 (BW-ADJ) increase interval.500 A p pe n di x F: Command Line Interface Related Commands • • • • • • • • • • (link) bandwidth adjust.0 . The accepted percentage is higher for the first decrease rate. on page 467 (BW-ADJ) adjust. on page 467 (BW-ADJ) adjust. on page 501 (BW-ADJ) increase rate. on page 502 (BW-ADJ) exit Command Description Parameters Example with Syntax ACC1(BW-ADJ)# e xi t Exits the Bandwidth Adjust node and goes to the parent node No Additional parameters are necessary. on page 502 (BW-ADJ) no. on page 501 (BW-ADJ) minimal-bandwidth. on page 499 (BW-ADJ) decrease rate. Enter the percentage (1-20%). on page 502 (BW-ADJ) decrease rate Command Description Parameters Example with Syntax Related Commands ACC1(BW-ADJ)# d ec r ea se ra te <n u mb er | fi r st > Decreases bandwidth on a specified link to a specified percentage. on page 500 (BW-ADJ) exit. on page 500 (BW-ADJ) increase interval. on page 501 (BW-ADJ) increase rate. ACC1(BW-ADJ)# e xi t Ac ce ler at o rOS Ve rsi on 7. on page 502 (BW-ADJ) show. on page 499 (BW-ADJ) decrease interval. on page 500 (BW-ADJ) exit. ACC1(BW-ADJ)# d ec r ea se ra te 10 • • • • • • • • • • (link) bandwidth adjust. on page 502 (BW-ADJ) no.1 Us er Gu id e . on page 501 (BW-ADJ) minimal-bandwidth. enter first and then a percentage (1-50%). on page 499 (BW-ADJ) decrease rate. on page 499 (BW-ADJ) decrease interval. If you want to have a first decrease rate. on page 502 (BW-ADJ) show.

ACC1(BW-ADJ)# i nc re a se r a te 10 • • • • • • • • • • (link) bandwidth adjust. on page 502 . on page 502 (BW-ADJ) no. on page 501 (BW-ADJ) increase rate. on page 499 (BW-ADJ) decrease interval. on page 499 (BW-ADJ) decrease rate. on page 502 (BW-ADJ) show. on page 502 (BW-ADJ) no. on page 502 501 (BW-ADJ) increase interval Command Description Parameters Example with Syntax Related Commands ACC1(BW-ADJ)# i nc re a se i n te r va l < nu mb e r> Increases bandwidth adjustment over a specific interval of time for a specific link. on page 501 (BW-ADJ) minimal-bandwidth. on page 501 (BW-ADJ) minimal-bandwidth. on page 500 (BW-ADJ) increase interval. on page 502 (BW-ADJ) show. on page 501 (BW-ADJ) increase rate. on page 500 (BW-ADJ) exit. on page 499 (BW-ADJ) decrease rate. on page 500 (BW-ADJ) exit. on page 499 (BW-ADJ) decrease rate. on page 500 (BW-ADJ) exit. on page 500 (BW-ADJ) increase interval. on page 467 (BW-ADJ) adjust. on page 499 (BW-ADJ) decrease interval. on page 502 (BW-ADJ) increase rate Command Description Parameters Example with Syntax Related Commands ACC1(BW-ADJ)# i nc re a se r a te <n um b er > Increases bandwidth on a specified link to a specified percentage. on page 501 (BW-ADJ) minimal-bandwidth. on page 467 (BW-ADJ) adjust. on page 502 (BW-ADJ) show.Co n f ig u r at io n C om m an d s / Related Commands • • • • • • • • • • (link) bandwidth adjust. on page 501 (BW-ADJ) increase rate. on page 500 (BW-ADJ) increase interval. Enter the interval in seconds (1-20) ACC1(BW-ADJ)# i nc re a se i n te r va l 10 • • • • • • • • • • (link) bandwidth adjust. on page 467 (BW-ADJ) adjust. Enter the percentage (1-50%). on page 499 (BW-ADJ) decrease interval. on page 502 (BW-ADJ) no.

on page 499 (BW-ADJ) decrease interval. on page 499 (BW-ADJ) decrease rate.1 Us er Gu id e . on page 467 (BW-ADJ) adjust. Ac ce ler at o rOS Ve rsi on 7. on page 467 (BW-ADJ) adjust. or resets the parameter to its default setting. on page 499 (BW-ADJ) decrease rate. on page 502 (BW-ADJ) show Command Description Parameters ACC1(BW-ADJ)# s ho w < pa r am et e r> Shows the current settings for the specified parameter. on page 499 (BW-ADJ) decrease interval. on page 501 (BW-ADJ) minimal-bandwidth. on page 502 (BW-ADJ) show. on page 502 (BW-ADJ) no Command Description Parameters Example with Syntax Related Commands ACC1(BW-ADJ)# n o < pa ra m et er > Negates a command. on page 501 (BW-ADJ) minimal-bandwidth. This number should be lower than the bandwidth limit. Enter the parameter whose settings you want to view. on page 500 (BW-ADJ) increase interval.502 A p pe n di x F: Command Line Interface (BW-ADJ) minimal-bandwidth Command Description Parameters Example with Syntax Related Commands ACC1(BW-ADJ)# m in i ma l. ACC1(BW-ADJ)# m in i ma l. on page 502 (BW-ADJ) no. on page 500 (BW-ADJ) exit.b an dw i dt h 10 • • • • • • • • • • (link) bandwidth adjust. on page 502 (BW-ADJ) no. on page 501 (BW-ADJ) increase rate. on page 502 (BW-ADJ) show. Enter the parameter you want to negate.0 . on page 500 (BW-ADJ) increase interval.b an dw i dt h < nu m be r> Configures the minimal bandwidth percentage Enter the percentage (5-95%). on page 500 (BW-ADJ) exit. ACC1(BW-ADJ)# n o increase rate • • • • • • • • • • (link) bandwidth adjust. on page 501 (BW-ADJ) increase rate.

on page 502 Crypto Commands This section covers the following commands: . on page 500 (BW-ADJ) exit. on page 502 (BW-ADJ) show. on page 467 (BW-ADJ) adjust. on page 502 (BW-ADJ) no. on page 499 (BW-ADJ) decrease rate. on page 501 (BW-ADJ) increase rate.Co n f ig u r at io n C om m an d s / Example with Syntax Related Commands 503 ACC1(BW-ADJ)# s ho w increase rate • • • • • • • • • • (link) bandwidth adjust. on page 500 (BW-ADJ) increase interval. on page 501 (BW-ADJ) minimal-bandwidth. on page 499 (BW-ADJ) decrease interval.

99] • • • • • (link) subnet exclude. x Excludes the subnet from the interface.99 • • • • • (link) link source. x.99. Enter the IP address od the subnet ACC1(LINK)subnet exclude 10. on page 505 (subnets) no network. The section includes the following commands: (link) link source.0 . x. on page 504 (subnets) advertise. on page 504 (link) subnet exclude. on page 505 (subnets) advertise. HSRP IP and VRRP IP.x .x .504 A p pe n di x F: Command Line Interface Subnet Commands This section describes subnet configuration and management. VLAN IP. on page 505 (subnets) show. on page 505 (subnets) no network.0.99. Use only a valid IP addresses ACC1(link)#li n k s o ur c e [ pr i ma r y] [ 10.x .1 Us er Gu id e . Secondary IP. on page 506 (link) link source Command Description Parameters Example with Syntax Related Commands ACC1(link)#li n k s ou rc e [ pr i ma r y] [ x . on page 505 (subnets) show. x] This command lets you define a link source. on page 505 (subnets) show. on page 506 (link) subnet exclude Command Description Parameters Example with Syntax Related Commands ACC1(LINK)#s ub n et e x cl ud e x . on page 504 (subnets) advertise. on page 505 (subnets) advertise. The valid link source IPs are as follows: Primary IP. x. on page 505 (subnets) no network. x x . on page 506 Ac ce ler at o rOS Ve rsi on 7. on page 504 (subnets) advertise. on page 505 (subnets) advertise.0.

5 101.0.Co n f ig u r at io n C om m an d s / 505 (subnets) advertise Command Description Parameters Example with Syntax Related Commands ACC1(SUBNETS)#a d ve rt i se or n o t. Enter the IP address of the subnet ACC1(SUBNETS)#n o n et w or k 10.x .x | me t ri c [ number] Sets the subnet to be advertised or not advertised (can optionally add the subnet mask). Adds a metric value to the subnet. ACC1(SUBNETS)#advertise 10. on page 504 (subnets) advertise. on page 506 (subnets) network Command Description Parameters Example with Syntax Related Commands ACC1(SUBNETS)#ne tw o rk Adds a subnet Enter a valid IP address for the subnet. x.0.125. on page 505 (subnets) advertise.99/24 | metric [ 10] • • • • • (link) link source. on page 505 (subnets) show. on page 506 .120. x Deletes the subnet (can optionally add the subnet mask).99.2 • • • • • (link) link source. x . on page 506 (subnets) no network Command Description Parameters Example with Syntax Related Commands ACC1(SUBNETS)#n o n et w or k x . followed by the subnet mask.x x.2. on page 505 (subnets) show. x . x. on page 505 (subnets) no network. on page 504 (link) subnet exclude. on page 504 (subnets) advertise. x. on page 504 (link) subnet exclude. on page 505 (subnets) no network. on page 504 (link) subnet exclude.ad v er t is e x.99. Choose advertise to advertise the subnet and not-advertise to not advertise it.15. on page 504 (subnets) advertise. ACC1(SUBNETS)#ne tw o rk 125.99 • • • • • (link) link source. on page 505 (subnets) show.

0 . on page 505 (subnets) advertise.1 Us er Gu id e . on page 505 (subnets) no network. on page 504 (subnets) advertise. on page 504 (link) subnet exclude. on page 505 Ac ce ler at o rOS Ve rsi on 7. No additional parameters ACC1(SUBNETS)#s ho w • • • • • (link) link source.506 A p pe n di x F: Command Line Interface (subnets) show Command Description Parameters Example with Syntax Related Commands ACC1(SUBNETS)#s ho w Displays the configured subnet.

on page 508 map add. on page 507 alias map. on page 508 alias map delete. on page 507 set. on page 507 alias map. on page 507 map.Co n f ig u r at io n C om m an d s / 507 Alias Commands Displays and manages virtual server aliasing. The following commands are available: alias alias alias alias alias show. on page 508 alias map delete. on page 508 alias map add. on page 508 alias show Displays alias information and manages prefix/suffix for exported names. on page 508 alias map add. on page 508 alias set Command {hostname}:filecontroller0#alias set/delete prefix {prefix} Changes/removes prefix for all exported aliases. Command Description Parameters Example with Syntax Related Commands {hostname}:filecontroller0#alias [show] Shows alias information No additional parameters {hostname}:filecontroller0#alias [show] • • • • alias set. No additional parameters Description Parameters Example with Syntax Related Commands {hostname}:filecontroller0#alias set/delete prefix {prefix} • • • • alias show. on page 508 map delete. on page 508 .

on page 508 alias map delete. on page 508 alias map add.0 . on page 508 alias map add Command {hostname}:filecontroller0#alias map add {VSERVER} {ALIAS} Adds an alias to a virtual server. on page 508 alias map delete Command {hostname}:filecontroller0#alias map delete {ALIAS} Deletes a virtual server alias. on page 507 alias set.1 Us er Gu id e . No additional parameters Description Parameters Example with Syntax Related Commands {hostname}:filecontroller0#alias map delete {ALIAS} • • • • alias show. on page 508 alias map delete. on page 507 alias set. on page 508 Ac ce ler at o rOS Ve rsi on 7. on page 507 alias map add. on page 507 alias map. If you are enabling WAFS transparency. do not add an Alias. on page 507 alias set. on page 507 alias map. No additional parameters Description Parameters Example with Syntax Related Commands {hostname}:filecontroller0#alias map add {VSERVER} {ALIAS} • • • • alias show.508 A p pe n di x F: Command Line Interface alias map Command Description Parameters Example with Syntax Related Commands {hostname}:filecontroller0#alias map [list] Shows virtual servers alias information No additional parameters {hostname}:filecontroller0#alias map [list] • • • • alias show.

on page 510 authentication-mode enable. on page 512 (config-ospf) ospf-mode enable.Co n f ig u r at io n C om m an d s / 509 OSPF Commands The following commands are available: (config-ospf) (config-ospf) (config-ospf) (config-ospf) (config-ospf) (config-ospf) (config-ospf) (config-ospf) area number. on page 512 show. on page 511 (config-ospf) network (ip address). on page 509 authentication-key string. on page 513 . either as a decimal value or in IP address format Enter a valid IP address or area ID ACC1(config-ospf)# 120. on page 510 high locality-metric. on page 511 (config-ospf) neighbor. on page 510 (config-ospf) authentication-mode enable. on page 511 neighbor.129. on page 511 network (ip address).3 • • • • • • • (config-ospf) authentication-key string.x. on page 510 (config-ospf) high locality-metric.23.x. on page 512 (config-ospf) show.x) Sets the Area ID for the OSPF group. on page 513 (config-ospf) area number Command Description Parameters Example with Syntax Related Commands ACC1(config-ospf)#a r ea n u mb e r or (x. on page 512 ospf-mode enable.

on page 510 (config-ospf) high locality-metric.1 Us er Gu id e . Enable to enable. on page 509 (config-ospf) authentication-key string.0 . on page 512 (config-ospf) show. on page 512 (config-ospf) ospf-mode enable. on page 512 (config-ospf) ospf-mode enable. on page 513 (config-ospf) authentication-mode enable Command Description Parameters Example with Syntax Related Commands ACC1(config-ospf)# a ut he n ti c at io n -m od e e n ab le / d is a bl e /M D5 Sets the Accelerator to require a password to work with other OSPF devices. on page 511 (config-ospf) network (ip address).510 A p pe n di x F: Command Line Interface (config-ospf) authentication-key string Command Description Parameters Example with Syntax Related Commands A CC 1( con fi g.ke y s tr in g Sets a non-encrypted authentication password for the Accelerator. on page 511 (config-ospf) neighbor.os pf )# a u th en t ic at i on . No additional parameters A CC 1( con fi g. on page 511 (config-ospf) neighbor. MD5 to enable MD5 encrypted authentication ACC1(config-ospf)# a ut he n ti c at io n -m od e e n ab le • • • • • • • (config-ospf) area number.ke y s tr in g • • • • • • • (config-ospf) area number. on page 509 (config-ospf) authentication-mode enable. on page 512 (config-ospf) show. on page 510 (config-ospf) high locality-metric. on page 513 Ac ce ler at o rOS Ve rsi on 7. disable to disable.os pf )# a u th en t ic at i on . on page 511 (config-ospf) network (ip address). Authentication mode enables MD5 encrypted authentication.

x. Enter a valid IP address AA CC 1( co nf ig. on page 510 (config-ospf) authentication-mode enable. on page 512 (config-ospf) show. x.1 0 0. 3 • • • • • • • (config-ospf) area number. 10 . on page 512 (config-ospf) ospf-mode enable. If a subnet is between the high value and the low value.me t ri c [ 10] l o w l oc al i ty -m e tr i c [ 5] • • • • • • • (config-ospf) area number. on page 513 (config-ospf) neighbor Command Description Parameters Example with Syntax Related Commands AC C1 (c on fi g-o sp f) # ne i gh b or x .os pf )# n e ig hb o r 1 00 . ACC1(config-ospf)# h ig h l o ca li t y. on page 513 .Co n f ig u r at io n C om m an d s / 511 (config-ospf) high locality-metric Command Description Parameters Example with Syntax Related Commands ACC1(config-ospf)# h ig h l o ca li t y. on page 511 (config-ospf) network (ip address). on page 512 (config-ospf) show. Make sure that the high locality metric is a larger number then the low. on page 510 (config-ospf) authentication-mode enable. on page 512 (config-ospf) ospf-mode enable. on page 510 (config-ospf) neighbor. it should be advertised Enter a high locality metric and a low locality metric. x Defines an OSPF neighbor for the Accelerator via the IP address. on page 511 (config-ospf) network (ip address). on page 509 (config-ospf) authentication-key string. on page 509 (config-ospf) authentication-key string. on page 510 (config-ospf) high locality-metric.me t ri c [ number] l ow lo c al it y -m et r ic [ number] These two different commands determine a range of subnets to be advertised.

os pf )# network (ip ad dress) 100 . Description Parameters Example with Syntax Related Commands ACC1(config)#ro u te r o sp f AC C1 (c on fi g. on page 510 (config-ospf) high locality-metric. on page 509 (config-ospf) authentication-key string. on page 513 (config-ospf) ospf-mode enable Command ACC1(config)#ro u te r o sp f AC C1 (c on fi g.x Sets the networks that the Accelerator broadcasts to its OSPF neighbors. on page 510 (config-ospf) authentication-mode enable. x. x .x .512 A p pe n di x F: Command Line Interface (config-ospf) network (ip address) Command Description Parameters Example with Syntax Related Commands A CC 1( con fi g. on page 513 Ac ce ler at o rOS Ve rsi on 7. on page 511 (config-ospf) neighbor. on page 511 (config-ospf) ospf-mode enable. on page 512 (config-ospf) show.os pf )# ospf-mode Enables OSPF on the Accelerator enable to enable. x ( su bn e t m as k) x. x.100. on page 512 (config-ospf) show. Enter a valid IP address A CC 1( con fi g. on page 511 (config-ospf) neighbor.1 Us er Gu id e . on page 511 (config-ospf) network (ip address).0 . on page 510 (config-ospf) high locality-metric.os pf )# network ( ip a d dr e ss ) x . disable to disable.os pf )# ospf-mode enable • • • • • • • (config-ospf) area number. on page 510 (config-ospf) authentication-mode enable.5 • • • • • • • (config-ospf) area number. on page 509 (config-ospf) authentication-key string.5 0.

on page 512 . on page 512 (config-ospf) ospf-mode enable. on page 511 (config-ospf) neighbor. No additional parameters A CC 1( co nf ig -o sp f) # sh ow • • • • • • • (config-ospf) area number. on page 511 (config-ospf) network (ip address). on page 510 (config-ospf) authentication-mode enable. on page 509 (config-ospf) authentication-key string. on page 510 (config-ospf) high locality-metric.Co n f ig u r at io n C om m an d s / 513 (config-ospf) show Command Description Parameters Example with Syntax Related Commands A CC 1( co nf ig -o sp f) # sh ow Displays OSPF settings.

on page 514 (router-polling) poll [protocol name(s)]. on page 515 (router-polling) snmp version. on page 514 (router-polling) poll [protocol name(s)]. on page 515 (router-polling) snmp version.1 Us er Gu id e . on page 516 (router-polling) router-polling enable Command Description Parameters Example with Syntax Related Commands ACC1(router-polling)# r ou t er -p o ll i ng [e n ab le | di sa b le ] Enables / disables router-polling. No additional parameters AC C1 (c on fi g) # ro ut e r. on page 514 (router-polling) router-polling enable.p o ll i n g Opens the Router-polling node. on page 515 (router-polling) polling-interval. on page 516 (router-polling) snmp community.0 . on page 515 (router-polling) snmp version. on page 515 (router-polling) router ip. on page 515 (router-polling) polling-interval. on page 515 (router-polling) polling-interval.po ll i ng en ab l e • • • • • • (config) router-polling. on page 516 Ac ce ler at o rOS Ve rsi on 7. on page 515 (router-polling) router ip. Enable to enable. on page 516 (router-polling) snmp community.514 A p pe n di x F: Command Line Interface Router Polling Commands The following options are available: (config) router-polling. disable to disables ACC 1( co nf ig )# r o ut er . on page 516 (config) router-polling Command Description Parameters Example with Syntax Related Commands ACC1(config)# r o u t e r . on page 515 (router-polling) router ip. on page 516 (router-polling) snmp community. on page 514 (router-polling) poll [protocol name(s)].p ol li n g • • • • • • (router-polling) router-polling enable.

on page 516 (router-polling) snmp community. on page 514 (router-polling) router-polling enable. on page 515 (router-polling) router ip. Enter a valid IP address AC C1 (r ou te r.in te r va l 1 80 • • • • • • (config) router-polling. Enter a specific protocol name AC C1 (r ou te r. on page 514 (router-polling) poll [protocol name(s)]. on page 515 (router-polling) snmp version. on page 516 . on page 516 (router-polling) snmp community. on page 514 (router-polling) router-polling enable. on page 516 (router-polling) snmp community. on page 516 (router-polling) polling-interval Command Description Parameters Example with Syntax Related Commands ACC1(router-polling)#p ol l in g.po ll in g) # ro ut e r ip ( 1 0 0 . Default is 180 seconds Enter a frequency in seconds A CC 1( ro ut er -p ol li ng )# po ll i ng . on page 515 (router-polling) snmp version. on page 514 (router-polling) router-polling enable. on page 514 (router-polling) polling-interval.Co n f ig u r at io n C om m an d s / 515 (router-polling) poll [protocol name(s)] Command Description Parameters Example with Syntax Related Commands ACC1(router-polling)#p o ll [protocol name(s)] Lists the protocols that can be polled. 1 0 0 . on page 515 (router-polling) snmp version. 5 0 .x.i nt e rv al Sets the frequency with which the router is polled (in seconds). on page 515 (router-polling) router ip.po ll ing )# p ol l [ p ro t o c o l n a me ( s )] • • • • • • (config) router-polling. on page 515 (router-polling) polling-interval. on page 516 (router-polling) router ip Command Description Parameters Example with Syntax Related Commands ACC1(router-polling)# ro ut e r ip ( x.x) Sets the IP address of the router to be polled. on page 514 (router-polling) poll [protocol name(s)]. 5 ) • • • • • • (config) router-polling.x.

on page 516 Ac ce ler at o rOS Ve rsi on 7. on page 515 (router-polling) router ip. on page 515 (router-polling) router ip. Enter the name of the SNMP community A CC 1( ro ut er -p ol li ng )# po ll i ng -i n te r va l 1 80 • • • • • • (config) router-polling. on page 514 (router-polling) poll [protocol name(s)].1 Us er Gu id e . Enter the SNMP version either 1 or 2c AC C1 (r ou te r-p ol li ng )# sn m p v er si o n [1 ] • • • • • • (config) router-polling. on page 515 (router-polling) polling-interval. on page 514 (router-polling) router-polling enable. on page 514 (router-polling) router-polling enable. on page 515 (router-polling) snmp community. on page 515 (router-polling) polling-interval. on page 516 (router-polling) snmp community Command Description Parameters Example with Syntax Related Commands ACC1(router-polling)#s nm p c om m un it y [ name] Sets the SNMP community to be used for polling the router. on page 514 (router-polling) poll [protocol name(s)].516 A p pe n di x F: Command Line Interface (router-polling) snmp version Command Description Parameters Example with Syntax Related Commands ACC1(router-polling)#s n mp v e rs i on [ 1 | 2 c ] Sets the SNMP version to be used for polling the router.0 . on page 515 (router-polling) snmp version.

on page 520 (config-rip) rip-mode enable. on page 521 (config) router rip Command Description Parameters Example with Syntax Related Commands ACC1(config)#r ou t er r i p Enters the RIP node No additional parameters necessary ACC1(config)#r ou t er r i p • • • • • • • • (config) router rip. on page 521 . on page 518 (config-rip) authentication-key string. on page 518 (config-rip) passive-mode enable. on page 518 (config-rip) network.Co n f ig u r at io n C om m an d s / 517 RIP Commands The following commands are available: (config) router rip. on page 518 (config-rip) authentication-key string. on page 518 (config-rip) passive-mode enable. on page 520 (config-rip) rip-mode enable. on page 517 (config-rip) authentication-mode enable. on page 520 (config-rip) neighbor. on page 521 (config-rip) show. on page 521 (config-rip) show. on page 518 (config-rip) network. on page 520 (config-rip) neighbor. on page 517 (config-rip) authentication-mode enable.

x. on page 521 (config-rip) neighbor Command Description Parameters Example with Syntax ACC1(config-rip)# n ei g hb or x. on page 520 (config-rip) neighbor. Enter the name of the authentication key A CC 1( co nf ig -r ip) # a ut he n ti ca t io n -k ey st ri ng • • • • • • • • • (config) router rip. on page 520 (config-rip) neighbor. on page 517 (config-rip) authentication-mode enable. on page 520 (config-rip) rip-mode enable.x Defines a RIP neighbor for the Accelerator via the IP address. disable to disable A CC 1( co nf ig -r ip )# a ut h en ti c at io n -m o de e n ab le • • • • • • • • (config) router rip. on page 518 (config-rip) network.1 Us er Gu id e . x . on page 518 (config-rip) passive-mode enable. on page 521 (config-rip) show. x . on page 521 (config-rip) authentication-mode enable Command Description Parameters Example with Syntax Related Commands ACC1(config-rip)# a ut h en ti c at i on -m o de e n ab l e/ d i sa bl e /M D 5 Sets the Accelerator to need a password to work with other RIP devices.518 A p pe n di x F: Command Line Interface (config-rip) authentication-key string Command Description Parameters Example with Syntax Related Commands ACC1(config-rip)# a ut he n ti ca t io n -k ey string Sets a non-encrypted authentication password for the Accelerator. Enable to enable. on page 521 (config-rip) show. on page 518 (config-rip) authentication-key string. on page 518 (config-rip) authentication-key string. on page 518 (config-rip) passive-mode enable. on page 517 (config-rip) authentication-mode enable. x. on page 518 (config-rip) network.0 . Enter a valid IP address ACC1(config-rip)# n ei g hb or x.x Ac ce ler at o rOS Ve rsi on 7. on page 520 (config-rip) rip-mode enable. authentication mode enables MD5 encrypted authentication.

on page 518 (config-rip) authentication-key string. on page 521 519 . on page 518 (config-rip) passive-mode enable. on page 521 (config-rip) show. on page 520 (config-rip) rip-mode enable. on page 517 (config-rip) authentication-mode enable.Co n f ig u r at io n C om m an d s / Related Commands • • • • • • • • (config) router rip. on page 520 (config-rip) neighbor. on page 518 (config-rip) network.

x ( s u b n e t m a s k ) x. on page 521 (config-rip) passive-mode enable Command Description Parameters Example with Syntax Related Commands ACC1(config-rip)# pa s si v e. x.0 . x Sets the networks that the Accelerator broadcasts to its RIP neighbors.mo d e en a bl e • • • • • • • • (config) router rip. Disable to disable ACC1(config-rip)# pa s si v e. on page 517 (config-rip) authentication-mode enable. x . on page 518 (config-rip) authentication-key string. x . on page 518 (config-rip) passive-mode enable. on page 518 (config-rip) network.ri p) # network ( i p a d d r e s s ) x . on page 521 (config-rip) show. x . x .mo d e [e n ab le | d is a bl e] Sets RIP to work in Passive mode. on page 521 (config-rip) show. on page 517 (config-rip) authentication-mode enable. on page 518 (config-rip) passive-mode enable. x .1 Us er Gu id e .ri p) # ne tw o rk ( i p a d d r e s s ) x . on page 520 (config-rip) neighbor.520 A p pe n di x F: Command Line Interface (config-rip) network Command Description Parameters Example with Syntax Related Commands AC C1 (c on fi g. x ( s u b n e t m a s k ) x. on page 518 (config-rip) authentication-key string. x . Enable to enable. x . on page 518 (config-rip) network. on page 520 (config-rip) rip-mode enable. on page 520 (config-rip) rip-mode enable. on page 521 Ac ce ler at o rOS Ve rsi on 7. Enter a valid IP address and subnet mask AC C1 (c on fi g. x • • • • • • • • (config) router rip. on page 520 (config-rip) neighbor.

on page 521 (config-rip) show Command Description Parameters Example with Syntax Related Commands ACC1(config-rip)# s h ow Displays RIP settings No additional parameters required ACC1(config-rip)# s h ow • • • • • • • (config) router rip. on page 518 (config-rip) authentication-key string. disable to disable ACC1(config)#r ou te r r i p A CC 1( co nf ig -ri p) # rip-mode en a bl e • • • • • • • (config) router rip. on page 520 (config-rip) neighbor. on page 520 (config-rip) neighbor. on page 520 (config-rip) rip-mode enable. on page 518 (config-rip) network. on page 518 (config-rip) passive-mode enable. on page 520 (config-rip) show. on page 517 (config-rip) authentication-mode enable. on page 518 (config-rip) network. on page 518 (config-rip) authentication-key string. on page 518 (config-rip) passive-mode enable.Co n f ig u r at io n C om m an d s / 521 (config-rip) rip-mode enable Command Description Parameters Example with Syntax Related Commands ACC1(config-rip)#r ip -m o de en a bl e /d is a bl e Enables RIP on the Accelerator Enable to enable. on page 521 . on page 517 (config-rip) authentication-mode enable.

on page 525 (packet interception WCCP) udp-service id. on page 523 (packet interception WCCP) priority. on page 522 (packet interception WCCP) authentication.522 A p pe n di x F: Command Line Interface WCCP Commands The following options are available: (config) packet-interception wccp. on page 525 (packet interception WCCP) udp-service id.0 . on page 523 (packet interception WCCP) priority. on page 523 (packet interception WCCP) router-ip.in te r ce p ti on wc cp • • • • • • • (packet interception WCCP) authentication. on page 524 (packet interception WCCP) tcp-service id. on page 526 (config) packet-interception wccp Note that if you have multiple Accelerators deployed on your network the same WCCP services should be enabled on each appliance. No additional parameters required ACC1(config)#p a ck et . on page 526 Ac ce ler at o rOS Ve rsi on 7.in te r ce p ti on wc cp Enters the WCCP configuration node. on page 526 (packet interception WCCP) wccp-mode. on page 523 (packet interception WCCP) router-ip. Command Description Parameters Example with Syntax Related Commands ACC1(config)#p a ck et . on page 526 (packet interception WCCP) wccp-mode. on page 524 (packet interception WCCP) tcp-service id. on page 524 (packet interception WCCP) show. on page 524 (packet interception WCCP) show.1 Us er Gu id e .

on page 525 (packet interception WCCP) udp-service id. ACC1(packet interception WCCP)#a ut h en t ic at i on pa s sw or d E xp a nd • • • • • • • (config) packet-interception wccp. on page 526 . on page 526 (packet interception WCCP) priority Command Description Parameters Example with Syntax Related Commands ACC1(packet interception WCCP)#p r io r it y [0-254] Sets the WCCP priority. on page 524 (packet interception WCCP) show. on page 522 (packet interception WCCP) priority. on page 525 (packet interception WCCP) udp-service id. on page 524 (packet interception WCCP) show. on page 523 (packet interception WCCP) router-ip. on page 524 (packet interception WCCP) tcp-service id. on page 526 (packet interception WCCP) wccp-mode. Enter a number from 0-254 ACC1(packet interception WCCP)#p r io r it y 1 • • • • • • • (config) packet-interception wccp.Co n f ig u r at io n C om m an d s / 523 (packet interception WCCP) authentication Command Description Parameters Example with Syntax Related Commands ACC1(packet interception WCCP)#a ut h en t ic at i on [n o ne | pa ss w or d word] Sets a password for WCCP authentication. None for no password. on page 526 (packet interception WCCP) wccp-mode. on page 524 (packet interception WCCP) tcp-service id. or enter a password string. on page 522 (packet interception WCCP) authentication. on page 523 (packet interception WCCP) router-ip.

on page 524 (packet interception WCCP) tcp-service id. on page 523 (packet interception WCCP) priority.ip [x. on page 525 (packet interception WCCP) udp-service id. on page 526 (packet interception WCCP) wccp-mode. on page 523 (packet interception WCCP) router-ip. No additional parameters required ACC1(packet interception WCCP)#s h ow • • • • • • • (config) packet-interception wccp.1 Us er Gu id e . on page 523 (packet interception WCCP) priority.x] Sets the WCCP router IP address. on page 522 (packet interception WCCP) authentication.x. on page 525 (packet interception WCCP) udp-service id.0 .x] • • • • • • • (config) packet-interception wccp. on page 526 (packet interception WCCP) wccp-mode. on page 526 (packet interception WCCP) show Command Description Parameters Example with Syntax Related Commands ACC1(packet interception WCCP)#s h ow Displays the status of the WCCP service (activated/deactivated) and the services and routers’ lists. on page 526 Ac ce ler at o rOS Ve rsi on 7.ip [x. on page 522 (packet interception WCCP) authentication.x.x.524 A p pe n di x F: Command Line Interface (packet interception WCCP) router-ip Command Description Parameters Example with Syntax Related Commands ACC1(packet interception WCCP)#r ou t er .x. on page 524 (packet interception WCCP) tcp-service id. on page 523 (packet interception WCCP) show. Enter a valid IP address ACC1(packet interception WCCP)#r ou t er .

on page 526 (packet interception WCCP) wccp-mode. on page 526 .Co n f ig u r at io n C om m an d s / 525 ACC1(packet interception WCCP)#show The status is shown as in the figure below. on page 522 (packet interception WCCP) authentication. on page 523 (packet interception WCCP) router-ip.se r vi ce id [51-99] Sets the WCCP TCP service ID. on page 524 (packet interception WCCP) show.se r vi ce id 6 0 • • • • • • • (config) packet-interception wccp. (packet interception WCCP) tcp-service id Command Description Parameters Example with Syntax Related Commands ACC1(packet interception WCCP)#t cp . on page 524 (packet interception WCCP) udp-service id. Enter a valid ID from 51-99 ACC1(packet interception WCCP)#t cp . on page 523 (packet interception WCCP) priority.

on page 523 (packet interception WCCP) priority. on page 525 (packet interception WCCP) wccp-mode. on page 522 (packet interception WCCP) authentication. on page 526 (packet interception WCCP) wccp-mode Command Description Parameters Example with Syntax Related Commands ACC1(packet interception WCCP)#w c cp -m o de [ en a bl e | d is a bl e] Activates/deactivates WCCP mode. on page 523 (packet interception WCCP) router-ip. on page 525 (packet interception WCCP) udp-service id. on page 524 (packet interception WCCP) tcp-service id. on page 524 (packet interception WCCP) show.s er vi c e id 65 • • • • • • • (config) packet-interception wccp. Enable to enable. Enter a valid ID from51-99 ACC1(packet interception WCCP)#u d p.526 A p pe n di x F: Command Line Interface (packet interception WCCP) udp-service id Command Description Parameters Example with Syntax Related Commands ACC1(packet interception WCCP)#u d p. on page 522 (packet interception WCCP) authentication.mo de en ab l e • • • • • • • (config) packet-interception wccp.1 Us er Gu id e . on page 523 (packet interception WCCP) priority. on page 524 (packet interception WCCP) show. Disable to disable ACC1(packet interception WCCP)#w c cp .0 . on page 523 (packet interception WCCP) router-ip. on page 526 Ac ce ler at o rOS Ve rsi on 7. on page 524 (packet interception WCCP) tcp-service id.s er vi c e id [51-99] Sets the WCCP UDP service ID.

X.5 • (config) SNTP enable/disable. Enter a valid IP address ACC1(config)#SNTP se rv e r 100. on page 527 • (config) SNTP interval hours.X as the address of the SNTP server. Enter the time in hours from 1-1440 ACC1(config)#SNTP in te r va l h ou rs 24 • (config) SNTP enable/disable. on page 527 . on page 527 • (config) SNTP server. on page 527 (config) SNTP server.X.100. on page 527 (config) SNTP interval hours. Enable to enable. disable to disable ACC1(config)#SNTP en ab l e • (config) SNTP interval hours. on page 527 (config) SNTP server Command Description Parameters Example with Syntax Related Commands ACC1(config)#SNTP se rv e r [ x.Co n f ig u r at io n C om m an d s / 527 SNTP Server Commands The following commands are available: (config) SNTP enable/disable.x.x] Enter IP address X. on page 527 (config) SNTP enable/disable Command Description Parameters Example with Syntax Related Commands ACC1(config)#SNTP en ab l e/ di s ab l e Enables the SNTP server. on page 527 (config) SNTP interval hours Command Description Parameters Example with Syntax Related Commands ACC1(config)#SNTP in te r va l h ou rs [ 1-24] | m i nu te s [ 1-1440] Polls the SNTP server for time updates by intervals set by this command.10. on page 527 • (config) SNTP server.x.

thereby copying it directly to the user_area. you are prompted to upload it. on page 528 (DHCP) enable. on page 529 (DHCP) test.1 Us er Gu id e . on page 529 (DHCP) show lease. on page 529 (DHCP) show DHCP.528 A p pe n di x F: Command Line Interface DHCP Server Commands The following commands are available: (config) dhcp. on page 529 (DHCP) show DHCP. on page 529 (DHCP) show lease. on page 529 (DHCP) test. upload the DHCP configuration file via the WebUI. The DHCP configuration file should be in the user_area. disable to disable ACC1(config)#dhcp • • • • • • (DHCP) enable. on page 530 (DHCP) upload. Alternatively. on page 530 (DHCP) upload. on page 530 (DHCP) upload. Enable to enable. on page 528 (DHCP) reload. on page 530 (config) dhcp Command Description Parameters Example with Syntax Related Commands ACC1(config)#dh cp Enters the DHCP node Enable to enable. on page 529 (DHCP) test.0 . on page 530 Ac ce ler at o rOS Ve rsi on 7. on page 530 (DHCP) enable Command Description ACC1(DHCP)#en a bl e/ d is ab l e Enables or disables the DHCP Server. disable to disable Parameters Example with Syntax Related Commands AC C1 (D HC P) # enable • • • • • • (config) dhcp. on page 529 (DHCP) show lease. on page 528 (DHCP) reload. otherwise you have to use the copy command to copy it. Enabling the Server requires having a DHCP configuration file. on page 529 (DHCP) show DHCP. on page 528 (DHCP) reload. If this file does not exist.

on page 530 (DHCP) show DHCP Command Description Parameters Example with Syntax Related Commands ACC1(DHCP)#s ho w D H CP Displays the DHCP status (enabled/disabled). on page 529 (DHCP) show lease.Co n f ig u r at io n C om m an d s / 529 (DHCP) reload Command Description Parameters Example with Syntax Related Commands ACC1(DHCP)#r el o ad [path] [filename] Reloads the DHCP configuration file from the user_area. if you want to update this file with changes you have made in it. on page 530 (DHCP) upload. on page 528 (DHCP) enable. on page 529 (DHCP) show DHCP. on page 529 (DHCP) show lease. on page 528 (DHCP) show DHCP. on page 530 (DHCP) show lease Command Description Parameters Example with Syntax Related Commands ACC1(DHCP)#s ho w l ea s e [hostname] [IP address] Displays the end date of the DHCP lease server period. on page 529 (DHCP) test. on page 528 (DHCP) enable. on page 530 . on page 530 (DHCP) upload. Enter a valid IP address ACC1(DHCP)#s ho w l ea s e [hostname] [IP address] • • • • • • (config) dhcp. no additional parameters necessary ACC1(DHCP)#s ho w D H CP • • • • • • (config) dhcp. Enter a valid path and filename ACC1(DHCP)#reload/user_area/dhcp/dhcpfile • • • • • • (config) dhcp. on page 529 (DHCP) test. on page 528 (DHCP) reload. on page 528 (DHCP) reload. on page 529 (DHCP) test. on page 528 (DHCP) enable. on page 530 (DHCP) upload.

on page 529 (DHCP) show lease. on page 529 (DHCP) show lease. ACC1(DHCP)#upload /user_area/dhcp/dhcpfile • • • • • • (config) dhcp. on page 529 (DHCP) show DHCP.530 A p pe n di x F: Command Line Interface (DHCP) test Command Description Parameters Example with Syntax Related Commands ACC1(DHCP)#t es t [path] [filename] Tests the syntax of the DHCP configuration file. on page 529 (DHCP) upload. on page 528 (DHCP) enable.1 Us er Gu id e . Enter a valid path and file name ACC1(DHCP)#test/user_area/dhcp/dhcpfile • • • • • • (config) dhcp. on page 530 (DHCP) upload Command Description Parameters Example with Syntax Related Commands ACC1(DHCP)#u pl o ad [path] [filename] Uploads the DHCP configuration file from the user_area.0 . on page 528 (DHCP) reload. on page 529 (DHCP) test. on page 530 Ac ce ler at o rOS Ve rsi on 7. on page 528 (DHCP) enable. Enter a valid path and a file name. on page 529 (DHCP) show DHCP. on page 528 (DHCP) reload.

Option to enable the dhcp relay option ACC1(local interface)#d hc re l ay enable • (local interface) dhcrelay. on page 532 (local interface) dhcrelay Command Description Parameters Example with Syntax Related Commands ACC1(local interface)#d hc re l ay Enters the DHCP relay node No additional parameters needed ACC1(local interface)#d hc re l ay • (local interface) dhcrelay enable. on page 532 ip helper address. on page 532 • (local interface) ip helper address. on page 531 dhcrelay enable. Disable to disable. on page 531 dhcrelay option. on page 531 • (local interface) dhcrelay option.X. on page 532 (local interface) dhcrelay enable Command Description Parameters Example with Syntax Related Commands ACC1(local interface)#d hc re l ay en ab l e Enter IP helper address X. on page 532 . on page 532 • (local interface) ip helper address. on page 531 • (local interface) dhcrelay option.Co n f ig u r at io n C om m an d s / 531 DHCP Relay Commands Follow these steps to configure an Accelerator for functioning as a DHCP relay agent: (local (local (local (local interface) interface) interface) interface) dhcrelay.X as the address of the DHCP server Enable to enable.X.

X.1. the relay agent appends an agent option field to each request before forwarding it to the server.le n gt h] Enter IP helper address X.1.X.X as the address of the DHCP server Enter a valid IP address ACC1(local interface)#i p h el pe r a d dr es s 1. • Drop-no-match .X as the address of the DHCP server • Append .if the append flag is set.1. on page 531 • (local interface) dhcrelay enable. • Max-length . on page 531 • (local interface) ip helper address.0 .X.532 A p pe n di x F: Command Line Interface (local interface) dhcrelay option A DHCP relay agent may receive a client DHCP packet forwarded from a BOOTP/ DHCP relay agent closer to the client and may or may not already have a DHCP relay agent option on it. on page 531 • (local interface) dhcrelay enable. • Discard . on page 532 (local interface) ip helper address Command Description Parameters Example with Syntax Related Commands ACC1(local interface)#i p h el pe r a d dr es s [IP address] Enter IP helper address X. on page 532 Ac ce ler at o rOS Ve rsi on 7.this is the maximum length allowed. • Replace . • Forward .replaces the options sent by another DHCP relay with options set on the Accelerator.1 Us er Gu id e .forwards all options from another DHCP relay. Description Parameters Example with Syntax Related Commands ACC1(local interface)#i p h el pe r a d dr es s 1.1.1 • (local interface) dhcrelay.discards all options sent by another DHCP relay.drops the options without counting the packets.1 • (local interface) dhcrelay. on page 531 • (local interface) dhcrelay option.X. Command ACC1(local interface)#d hc r el ay op t io n [a pp e nd |d i sc a rd |f o rw ar d |r e pl ac e |d ro p -n o ma tc h |m ax .

on page 534 (web-acceleration) show. on page 534 (web-acceleration) http-acceleration. on page 534 (web-acceleration) exit. on page 533 (web-acceleration) cancel.ac c el e ra ti o n) # cache clear • • • • • • (config) web-acceleration.ac c el e ra ti o n Enters Web-Acceleration configuration mode No additional parameters needed A C C1 (c o nf i g) # web-acceleration • • • • • • (web-acceleration) cache clear. on page 533 (web-acceleration) cache clear. on page 535 (web-acceleration) tcp-acceleration. on page 534 (web-acceleration) http-acceleration.ac c el e ra ti o n) #c a ch e c le a r Clears the HTTP and FTP caches.Co n f ig u r at io n C om m an d s / 533 WEB Acceleration Commands Some parameters common to both HTTP and FTP Acceleration are configurable as follows: (config) web-acceleration. on page 533 (web-acceleration) cancel. on page 534 (web-acceleration) show. on page 534 (web-acceleration) http-acceleration. on page 535 . on page 535 (web-acceleration) cache clear Command Description Parameters Example with Syntax Related Commands A C C1 (w e b. No additional parameters required A C C1 (w e b. on page 535 (web-acceleration) tcp-acceleration. on page 534 (web-acceleration) exit. on page 534 (web-acceleration) exit. on page 534 (web-acceleration) show. on page 535 (web-acceleration) tcp-acceleration. on page 535 (config) web-acceleration Command Description Parameters Example with Syntax Related Commands A C C1 (c o nf i g) #w e b. on page 533 (web-acceleration) cancel.

on page 534 (web-acceleration) show.1 Us er Gu id e . No additional parameters are needed.a cc e le ra t io n) # exit • • • • • • (config) web-acceleration. on page 535 (web-acceleration) http-acceleration Command Description Parameters Example with Syntax Related Commands A CC 1 (w eb . on page 535 (web-acceleration) tcp-acceleration. on page 533 (web-acceleration) cancel. on page 533 (web-acceleration) cancel.ac ce l er a ti on ) #h tt p -a c ce le r at io n Enters the HTTP acceleration node. A CC 1 (w eb . on page 534 (web-acceleration) http-acceleration. on page 533 (web-acceleration) cache clear. on page 534 (web-acceleration) show. on page 533 (web-acceleration) exit.534 A p pe n di x F: Command Line Interface (web-acceleration) cancel Command Description Parameters Example with Syntax Related Commands AC C 1( c on fi g )# we b -a c ce le r at io n Exits without updating web acceleration parameters No additional parameters needed AC C 1( c on fi g )# web-acceleration • • • • • • (config) web-acceleration. on page 534 (web-acceleration) http-acceleration. on page 536 for the HTTP Acceleration Commands Ac ce ler at o rOS Ve rsi on 7. on page 535 (web-acceleration) tcp-acceleration. on page 535 see HTTP Acceleration Commands.a cc e le ra t io n) # e x it Exits the web acceleration node No additional parameters needed AC C1 ( we b. on page 535 (web-acceleration) exit Command Description Parameters Example with Syntax Related Commands AC C1 ( we b. on page 534 (web-acceleration) show.0 .ac ce l er a ti on ) # http-acceleration • • • • • • • (config) web-acceleration. on page 533 (web-acceleration) cache clear. on page 535 (web-acceleration) tcp-acceleration. on page 533 (web-acceleration) cache clear. on page 534 (web-acceleration) exit.

on page 533 (web-acceleration) cache clear. on page 534 (web-acceleration) show. on page 534 (web-acceleration) exit. on page 534 (web-acceleration) tcp-acceleration. on page 534 (web-acceleration) http-acceleration. on page 535 . on page 534 (web-acceleration) http-acceleration. on page 535 (web-acceleration) tcp-acceleration Command Description Parameters Example with Syntax Related Commands AC C 1( w eb -a c ce le r at i on )# tc p.a cc e le ra t io n) # sh ow Displays Web-Acceleration parameters.a cc e le ra t io n) # show • • • • • • (config) web-acceleration. on page 533 (web-acceleration) cancel.a cc e le ra t io n Opens the TCP acceleration node No additional parameters needed AC C 1( w eb -a c ce le r at i on )# tcp-acceleration • • • • • • (config) web-acceleration. on page 533 (web-acceleration) cache clear. No additional parameters required AC C1 ( we b. on page 534 (web-acceleration) exit.Co n f ig u r at io n C om m an d s / 535 (web-acceleration) show Command Description Parameters Example with Syntax Related Commands AC C1 ( we b. on page 533 (web-acceleration) cancel.

on page 544 (http-acceleration) collect statistics. on page 565 (http-acceleration) tcp-acceleration. on page 547 (http-acceleration) fetch job. on page 559 (http-acceleration) read-ahead. on page 562 (http-acceleration) reset-to-default. on page 538 (http-acceleration) cache clear. on page 548 (http-acceleration) http-acceleration enable.1 Us er Gu id e . on page 540 (http-acceleration) cache-range. on page 539 (http-acceleration) cache-content. on page 546 (http-acceleration) exit. on page 558 (http-acceleration) proxy outgoing host. on page 556 (http-acceleration) port. on page 542 (http-acceleration) cancel. on page 555 (http-acceleration) persistent-timeout. on page 541 (http-acceleration) cache-size. on page 550 (http-acceleration) log-level. on page 537 (http-acceleration) cache-auth-requests. on page 564 (http-acceleration) show. on page 560 (http-acceleration) read-ahead fetch-full-page. on page 566 (http-acceleration) transparency. on page 552 (http-acceleration) max cached-object-size. on page 563 (http-acceleration) rule.536 A p pe n di x F: Command Line Interface HTTP Acceleration Commands The following configurations are available: (web-acceleration) http-acceleration. on page 545 (http-acceleration) deny-content-encoding. on page 551 (http-acceleration) max-client-connect-time. on page 549 (http-acceleration) ie-refresh. on page 543 (http-acceleration) connect-timeout.0 . on page 567 Ac ce ler at o rOS Ve rsi on 7. on page 561 (http-acceleration) read-ahead operation-mode. on page 557 (http-acceleration) port-transparency. on page 553 (http-acceleration) min cached-object-size. on page 554 (http-acceleration) no.

on page 551 (http-acceleration) max-client-connect-time. on page 561 (http-acceleration) read-ahead operation-mode. on page 547 (http-acceleration) fetch job. on page 538 (http-acceleration) cache clear. No additional parameters are needed. AC C 1( w eb -a c ce le r at i on )# http-acceleration • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (http-acceleration) cache-auth-requests. on page 557 (http-acceleration) port-transparency.Co n f ig u r at io n C om m an d s / 537 (web-acceleration) http-acceleration Command Description Parameters Example with Syntax Related Commands AC C 1( w eb -a c ce le r at i on )# h tt p. on page 553 (http-acceleration) min cached-object-size. on page 550 (http-acceleration) log-level. on page 544 (http-acceleration) collect statistics. on page 542 (http-acceleration) cancel. on page 563 (http-acceleration) rule. on page 565 (http-acceleration) tcp-acceleration. on page 552 (http-acceleration) max cached-object-size. on page 556 (http-acceleration) port. on page 543 (http-acceleration) connect-timeout. on page 555 (http-acceleration) persistent-timeout. on page 559 (http-acceleration) read-ahead. on page 564 (http-acceleration) show. on page 549 (http-acceleration) ie-refresh. on page 566 (http-acceleration) transparency. on page 562 (http-acceleration) reset-to-default. on page 545 (http-acceleration) deny-content-encoding. on page 540 (http-acceleration) cache-range. on page 539 (http-acceleration) cache-content. on page 548 (http-acceleration) http-acceleration enable. on page 567 .a cc e le ra t io n Enters the HTTP acceleration node. on page 558 (http-acceleration) proxy outgoing host. on page 554 (http-acceleration) no. on page 560 (http-acceleration) read-ahead fetch-full-page. on page 541 (http-acceleration) cache-size. on page 546 (http-acceleration) exit.

0 . on page 548 (http-acceleration) http-acceleration enable. on page 542 (http-acceleration) cancel.re qu e st s Allows you to enable or disable cache authenticated requests. on page 547 (http-acceleration) fetch job. on page 539 (http-acceleration) cache-content. on page 561 (http-acceleration) read-ahead operation-mode. on page 541 (http-acceleration) cache-size. on page 566 (http-acceleration) transparency.538 A p pe n di x F: Command Line Interface (http-acceleration) cache-auth-requests Command Description Parameters Example with Syntax Related Commands A CC 1 (h tt p -a cc e le r at io n )# ca h ce . on page 546 (http-acceleration) exit. A CC 1 (h tt p -a cc e le r at io n )# cache-auth-requests enable • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (web-acceleration) http-acceleration. on page 552 (http-acceleration) max cached-object-size. on page 556 (http-acceleration) port. on page 564 (http-acceleration) show. on page 565 (http-acceleration) tcp-acceleration. on page 549 (http-acceleration) ie-refresh. on page 567 Ac ce ler at o rOS Ve rsi on 7. on page 560 (http-acceleration) read-ahead fetch-full-page.au th . on page 545 (http-acceleration) deny-content-encoding. on page 551 (http-acceleration) max-client-connect-time. on page 562 (http-acceleration) reset-to-default. on page 544 (http-acceleration) collect statistics. on page 540 (http-acceleration) cache-range. on page 563 (http-acceleration) rule. on page 543 (http-acceleration) connect-timeout. on page 553 (http-acceleration) min cached-object-size. on page 557 (http-acceleration) port-transparency. on page 550 (http-acceleration) log-level. on page 537 (http-acceleration) cache clear. on page 559 (http-acceleration) read-ahead. on page 558 (http-acceleration) proxy outgoing host. on page 555 (http-acceleration) persistent-timeout. Enable to enable Disable to disable. on page 554 (http-acceleration) no.1 Us er Gu id e .

on page 552 (http-acceleration) max cached-object-size. on page 546 (http-acceleration) exit. on page 560 (http-acceleration) read-ahead fetch-full-page. on page 554 (http-acceleration) no. on page 537 (http-acceleration) cache-auth-requests. on page 558 (http-acceleration) proxy outgoing host. on page 545 (http-acceleration) deny-content-encoding.ac c el er a ti on ) # c a ch e c le ar Clears the HTTP Acceleration cache.Co n f ig u r at io n C om m an d s / 539 (http-acceleration) cache clear Command Description Parameters Example with Syntax Related Commands AC C1 ( ht tp . on page 563 (http-acceleration) rule. on page 549 (http-acceleration) ie-refresh. on page 542 (http-acceleration) cancel.o bj e ct si ze [n um b er in M B ] • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (web-acceleration) http-acceleration. on page 564 (http-acceleration) show. on page 556 (http-acceleration) port. on page 548 (http-acceleration) http-acceleration enable. on page 555 (http-acceleration) persistent-timeout. on page 540 (http-acceleration) cache-range. on page 561 (http-acceleration) read-ahead operation-mode. on page 557 (http-acceleration) port-transparency. No additional parameters needed. on page 547 (http-acceleration) fetch job. on page 567 . on page 553 (http-acceleration) min cached-object-size. on page 550 (http-acceleration) log-level.ac c el er a ti on ) #m a x ca c he d. on page 559 (http-acceleration) read-ahead. on page 541 (http-acceleration) cache-size. on page 551 (http-acceleration) max-client-connect-time. on page 538 (http-acceleration) cache-content. AC C1 ( ht tp . on page 544 (http-acceleration) collect statistics. on page 562 (http-acceleration) reset-to-default. on page 566 (http-acceleration) transparency. on page 565 (http-acceleration) tcp-acceleration. on page 543 (http-acceleration) connect-timeout.

on page 554 (http-acceleration) no. Enterprise. on page 546 (http-acceleration) exit.1 Us er Gu id e . on page 538 (http-acceleration) cache clear. on page 561 (http-acceleration) read-ahead operation-mode. on page 547 (http-acceleration) fetch job. on page 563 (http-acceleration) rule. on page 555 (http-acceleration) persistent-timeout. as described above. on page 549 (http-acceleration) ie-refresh.0 . on page 548 (http-acceleration) http-acceleration enable. • Internet caches all traffic on the non-link. on page 560 (http-acceleration) read-ahead fetch-full-page. on page 558 (http-acceleration) proxy outgoing host. on page 564 (http-acceleration) show. on page 544 (http-acceleration) collect statistics. on page 559 (http-acceleration) read-ahead. on page 545 (http-acceleration) deny-content-encoding.540 A p pe n di x F: Command Line Interface (http-acceleration) cache-content Command Description A CC 1 (h tt p -a cc e le r at io n )# ca c he . on page 552 (http-acceleration) max cached-object-size. on page 542 (http-acceleration) cancel. Parameters Example with Syntax Related Commands A CC 1 (h tt p -a cc e le r at io n )# ca c he . on page 557 (http-acceleration) port-transparency. on page 562 (http-acceleration) reset-to-default.co nt e nt all • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (web-acceleration) http-acceleration. on page 567 Ac ce ler at o rOS Ve rsi on 7.co nt e nt [ en t er pr i se | in t er ne t | a l l] Sets the type of content to be cached: • Enterprise caches all traffic from links and virtual links. Internet or All. virtual link and non-link traffic. • All caches all link. on page 550 (http-acceleration) log-level. on page 537 (http-acceleration) cache-auth-requests. on page 556 (http-acceleration) port. on page 551 (http-acceleration) max-client-connect-time. on page 543 (http-acceleration) connect-timeout. on page 565 (http-acceleration) tcp-acceleration. on page 553 (http-acceleration) min cached-object-size. on page 539 (http-acceleration) cache-range. on page 541 (http-acceleration) cache-size. on page 566 (http-acceleration) transparency.

on page 553 (http-acceleration) min cached-object-size. on page 550 (http-acceleration) log-level. on page 556 (http-acceleration) port. on page 548 (http-acceleration) http-acceleration enable. on page 551 (http-acceleration) max-client-connect-time. on page 557 (http-acceleration) port-transparency. on page 561 (http-acceleration) read-ahead operation-mode. Disable to disable AC C 1( ht t p. on page 560 (http-acceleration) read-ahead fetch-full-page. on page 565 (http-acceleration) tcp-acceleration. on page 558 (http-acceleration) proxy outgoing host. on page 549 (http-acceleration) ie-refresh. on page 537 (http-acceleration) cache-auth-requests. on page 563 (http-acceleration) rule. on page 545 (http-acceleration) deny-content-encoding. on page 538 (http-acceleration) cache clear. on page 555 (http-acceleration) persistent-timeout. on page 539 (http-acceleration) cache-content. on page 562 (http-acceleration) reset-to-default. on page 547 (http-acceleration) fetch job. on page 554 (http-acceleration) no. on page 552 (http-acceleration) max cached-object-size.a cc el e ra ti o n) #ca ch e -r an g e [ en ab l e | d is ab l e] Enables or disables (disabled by default) the cache range Enable to enable. on page 567 . on page 559 (http-acceleration) read-ahead. on page 543 (http-acceleration) connect-timeout. on page 542 (http-acceleration) cancel. on page 540 (http-acceleration) cache-size. on page 564 (http-acceleration) show. on page 566 (http-acceleration) transparency. on page 544 (http-acceleration) collect statistics.a cc el e ra ti o n) #ca ch e -r an g e enable • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (web-acceleration) http-acceleration.Co n f ig u r at io n C om m an d s / 541 (http-acceleration) cache-range Command Description Parameters Example with Syntax Related Commands AC C 1( ht t p. on page 546 (http-acceleration) exit.

A C C1 (h t tp -a c ce l er at i on )# c ac h e. on page 560 (http-acceleration) read-ahead fetch-full-page.si z e 16 • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (web-acceleration) http-acceleration. on page 554 (http-acceleration) no. on page 550 (http-acceleration) log-level. on page 558 (http-acceleration) proxy outgoing host. on page 540 (http-acceleration) cache-range. on page 541 (http-acceleration) cancel. on page 559 (http-acceleration) read-ahead. on page 563 (http-acceleration) rule. on page 539 (http-acceleration) cache-content. on page 551 (http-acceleration) max-client-connect-time. Note that. on page 566 (http-acceleration) transparency. on page 552 (http-acceleration) max cached-object-size. Approximately 10 MB of RAM is needed for each 1 GB of data cached. on page 547 (http-acceleration) fetch job. on page 546 (http-acceleration) exit.0 . on page 545 (http-acceleration) deny-content-encoding. on page 544 (http-acceleration) collect statistics. on page 565 (http-acceleration) tcp-acceleration. on page 556 (http-acceleration) port. on page 549 (http-acceleration) ie-refresh. Default is 16 GB. on page 561 (http-acceleration) read-ahead operation-mode. on page 553 (http-acceleration) min cached-object-size. on page 557 (http-acceleration) port-transparency. on page 537 (http-acceleration) cache-auth-requests.1 Us er Gu id e . on page 548 (http-acceleration) http-acceleration enable. Enter a valid size (between 1-60 GB). on page 543 (http-acceleration) connect-timeout. on page 564 (http-acceleration) show.542 A p pe n di x F: Command Line Interface (http-acceleration) cache-size Command Description Parameters Example with Syntax Related Commands A C C1 (h t tp -a c ce l er at i on )# c ac h e. on page 538 (http-acceleration) cache clear. on page 567 Ac ce ler at o rOS Ve rsi on 7. on page 555 (http-acceleration) persistent-timeout.si z e [n u m b e r i n MB] Sets the size of the cache (between 1 and 60 GB). on page 562 (http-acceleration) reset-to-default.

on page 553 (http-acceleration) min cached-object-size. on page 549 (http-acceleration) ie-refresh. on page 563 (http-acceleration) rule. on page 546 (http-acceleration) exit. on page 562 (http-acceleration) reset-to-default. on page 548 (http-acceleration) http-acceleration enable. on page 566 (http-acceleration) transparency. on page 538 (http-acceleration) cache clear. on page 542 (http-acceleration) connect-timeout. on page 560 (http-acceleration) read-ahead fetch-full-page. on page 557 (http-acceleration) port-transparency. on page 537 (http-acceleration) cache-auth-requests. on page 555 (http-acceleration) persistent-timeout.Co n f ig u r at io n C om m an d s / 543 (http-acceleration) cancel Command Description Parameters Example with Syntax Related Commands A CC 1 (h tt p -a c ce le r at io n )# c an ce l Exits the node without updating the parameters. on page 567 . on page 564 (http-acceleration) show. on page 554 (http-acceleration) no. on page 539 (http-acceleration) cache-content. on page 541 (http-acceleration) cache-size. on page 558 (http-acceleration) proxy outgoing host. on page 561 (http-acceleration) read-ahead operation-mode. on page 550 (http-acceleration) log-level. on page 559 (http-acceleration) read-ahead. on page 547 (http-acceleration) fetch job. on page 540 (http-acceleration) cache-range. on page 544 (http-acceleration) collect statistics. on page 556 (http-acceleration) port. on page 552 (http-acceleration) max cached-object-size. on page 565 (http-acceleration) tcp-acceleration. on page 545 (http-acceleration) deny-content-encoding. on page 551 (http-acceleration) max-client-connect-time. No additional parameters are necessary A CC 1 (h tt p -a c ce le r at io n )# c an ce l • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (web-acceleration) http-acceleration.

on page 542 (http-acceleration) cancel. on page 562 (http-acceleration) reset-to-default. on page 553 (http-acceleration) min cached-object-size. on page 556 (http-acceleration) port. on page 563 (http-acceleration) rule. on page 559 (http-acceleration) read-ahead. on page 538 (http-acceleration) cache clear.544 A p pe n di x F: Command Line Interface (http-acceleration) connect-timeout Command Description Parameters Example with Syntax Related Commands A CC 1 (h t tp -a c ce le r at i on )# c on ne c t. on page 547 (http-acceleration) fetch job.1 Us er Gu id e . on page 541 (http-acceleration) cache-size. on page 557 (http-acceleration) port-transparency. on page 564 (http-acceleration) show. on page 545 (http-acceleration) deny-content-encoding. A CC 1 (h t tp -a c ce le r at i on )# connect-timeout 600 • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (web-acceleration) http-acceleration. between 1 and 600) for a client to remain connected with no traffic being cached.t im eo u t [ nu m be r ] Sets the amounts of time (in seconds. on page 567 Ac ce ler at o rOS Ve rsi on 7. on page 554 (http-acceleration) no. on page 555 (http-acceleration) persistent-timeout. as described above. on page 552 (http-acceleration) max cached-object-size. on page 561 (http-acceleration) read-ahead operation-mode. on page 565 (http-acceleration) tcp-acceleration. on page 539 (http-acceleration) cache-content. on page 548 (http-acceleration) http-acceleration enable. on page 551 (http-acceleration) max-client-connect-time. on page 550 (http-acceleration) log-level. on page 558 (http-acceleration) proxy outgoing host. on page 560 (http-acceleration) read-ahead fetch-full-page. Enter the time amount in seconds. on page 549 (http-acceleration) ie-refresh. on page 566 (http-acceleration) transparency. on page 540 (http-acceleration) cache-range. Default is 600 seconds. on page 537 (http-acceleration) cache-auth-requests.0 . on page 546 (http-acceleration) exit. on page 543 (http-acceleration) collect statistics.

on page 552 (http-acceleration) max cached-object-size. on page 551 (http-acceleration) max-client-connect-time. on page 567 . on page 556 (http-acceleration) port. on page 549 (http-acceleration) ie-refresh. on page 558 (http-acceleration) proxy outgoing host. on page 561 (http-acceleration) read-ahead operation-mode. on page 555 (http-acceleration) persistent-timeout. on page 559 (http-acceleration) read-ahead. on page 557 (http-acceleration) port-transparency. on page 540 (http-acceleration) cache-range. on page 544 (http-acceleration) deny-content-encoding.Co n f ig u r at io n C om m an d s / 545 (http-acceleration) collect statistics Command Description Parameters Example with Syntax Related Commands A CC 1( h tt p -a cc e le ra t io n )# co l le ct st a ti st i cs Enables or disables statistics collection for http acceleration Enable to enable Disable to disable. on page 541 (http-acceleration) cache-size. on page 553 (http-acceleration) min cached-object-size. on page 538 (http-acceleration) cache clear. on page 560 (http-acceleration) read-ahead fetch-full-page. on page 537 (http-acceleration) cache-auth-requests. on page 542 (http-acceleration) cancel. on page 543 (http-acceleration) connect-timeout. on page 546 (http-acceleration) exit. on page 547 (http-acceleration) fetch job. on page 554 (http-acceleration) no. A CC 1( h tt p -a cc e le ra t io n )# co l le ct st a ti st i cs enable • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (web-acceleration) http-acceleration. on page 566 (http-acceleration) transparency. on page 565 (http-acceleration) tcp-acceleration. on page 548 (http-acceleration) http-acceleration enable. on page 550 (http-acceleration) log-level. on page 539 (http-acceleration) cache-content. on page 563 (http-acceleration) rule. on page 564 (http-acceleration) show. on page 562 (http-acceleration) reset-to-default.

A CC 1 (h t tp -a c ce le r at i on )# d en y.c on t en te nc o di n g Enables or disables web page content from being encoded. on page 547 (http-acceleration) fetch job. on page 566 (http-acceleration) transparency. on page 537 (http-acceleration) cache-auth-requests. on page 544 (http-acceleration) collect statistics. on page 565 (http-acceleration) tcp-acceleration. on page 548 (http-acceleration) http-acceleration enable. on page 567 Ac ce ler at o rOS Ve rsi on 7. on page 555 (http-acceleration) persistent-timeout. on page 551 (http-acceleration) max-client-connect-time. on page 539 (http-acceleration) cache-content. on page 553 (http-acceleration) min cached-object-size. on page 554 (http-acceleration) no. on page 563 (http-acceleration) rule. on page 550 (http-acceleration) log-level. on page 557 (http-acceleration) port-transparency. on page 561 (http-acceleration) read-ahead operation-mode. on page 549 (http-acceleration) ie-refresh. on page 559 (http-acceleration) read-ahead. on page 543 (http-acceleration) connect-timeout. on page 541 (http-acceleration) cache-size. Enable to enable Disable to disable. on page 556 (http-acceleration) port. on page 545 (http-acceleration) exit. on page 558 (http-acceleration) proxy outgoing host.1 Us er Gu id e . on page 540 (http-acceleration) cache-range.546 A p pe n di x F: Command Line Interface (http-acceleration) deny-content-encoding Command Description Parameters Example with Syntax Related Commands A CC 1 (h t tp -a c ce le r at i on )# d en y. on page 564 (http-acceleration) show.0 .c on t en te nc o di n g enable • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (web-acceleration) http-acceleration. on page 560 (http-acceleration) read-ahead fetch-full-page. on page 562 (http-acceleration) reset-to-default. on page 552 (http-acceleration) max cached-object-size. on page 542 (http-acceleration) cancel. on page 538 (http-acceleration) cache clear.

on page 549 (http-acceleration) ie-refresh. on page 559 (http-acceleration) read-ahead. on page 564 (http-acceleration) show. on page 560 (http-acceleration) read-ahead fetch-full-page. on page 546 (http-acceleration) fetch job. on page 558 (http-acceleration) proxy outgoing host. on page 550 (http-acceleration) log-level. on page 553 (http-acceleration) min cached-object-size. on page 563 (http-acceleration) rule. on page 555 (http-acceleration) persistent-timeout. No additional parameters are necessary A CC 1( h tt p -a cc e le ra t io n )# ex i t • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (web-acceleration) http-acceleration. on page 554 (http-acceleration) no.Co n f ig u r at io n C om m an d s / 547 (http-acceleration) exit Command Description Parameters Example with Syntax Related Commands A CC 1( h tt p -a cc e le ra t io n )# ex i t Exits the current node and returns to the node that is the parent node. on page 561 (http-acceleration) read-ahead operation-mode. on page 538 (http-acceleration) cache clear. on page 545 (http-acceleration) deny-content-encoding. on page 548 (http-acceleration) http-acceleration enable. on page 552 (http-acceleration) max cached-object-size. on page 566 (http-acceleration) transparency. on page 551 (http-acceleration) max-client-connect-time. on page 567 . on page 537 (http-acceleration) cache-auth-requests. on page 543 (http-acceleration) connect-timeout. on page 544 (http-acceleration) collect statistics. on page 542 (http-acceleration) cancel. on page 539 (http-acceleration) cache-content. on page 556 (http-acceleration) port. on page 557 (http-acceleration) port-transparency. on page 540 (http-acceleration) cache-range. on page 541 (http-acceleration) cache-size. on page 562 (http-acceleration) reset-to-default. on page 565 (http-acceleration) tcp-acceleration.

for additional configuration parameters (web-acceleration) http-acceleration. on page 542 (http-acceleration) cancel. on page 556 (http-acceleration) port. on page 568. on page 541 (http-acceleration) cache-size. on page 558 (http-acceleration) proxy outgoing host. on page 566 (http-acceleration) transparency. on page 552 (http-acceleration) max cached-object-size. on page 539 (http-acceleration) cache-content. on page 547 (http-acceleration) http-acceleration enable. on page 560 (http-acceleration) read-ahead fetch-full-page.548 A p pe n di x F: Command Line Interface (http-acceleration) fetch job Command Description Parameters Example with Syntax Related Commands A CC 1 (h t tp -a c ce le r at i on )# f et ch jo b Enters the Fetch node Fetch job number or name A CC 1 (h t tp -a c ce le r at i on )# f et ch jo b 1 • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • Fetch Job Commands. on page 555 (http-acceleration) persistent-timeout. on page 544 (http-acceleration) collect statistics. on page 554 (http-acceleration) no. on page 543 (http-acceleration) connect-timeout. on page 549 (http-acceleration) ie-refresh. on page 559 (http-acceleration) read-ahead. on page 540 (http-acceleration) cache-range. on page 557 (http-acceleration) port-transparency. on page 565 (http-acceleration) tcp-acceleration. on page 546 (http-acceleration) exit. on page 545 (http-acceleration) deny-content-encoding.1 Us er Gu id e . on page 538 (http-acceleration) cache clear. on page 551 (http-acceleration) max-client-connect-time. on page 561 (http-acceleration) read-ahead operation-mode. on page 562 (http-acceleration) reset-to-default. on page 563 (http-acceleration) rule. on page 550 (http-acceleration) log-level.0 . on page 564 (http-acceleration) show. on page 567 Ac ce ler at o rOS Ve rsi on 7. on page 553 (http-acceleration) min cached-object-size. on page 537 (http-acceleration) cache-auth-requests.

on page 550 (http-acceleration) log-level. on page 556 (http-acceleration) port. on page 538 (http-acceleration) cache clear. on page 567 . on page 545 (http-acceleration) deny-content-encoding. on page 544 (http-acceleration) collect statistics. on page 566 (http-acceleration) transparency. on page 563 (http-acceleration) rule. on page 561 (http-acceleration) read-ahead operation-mode. on page 555 (http-acceleration) persistent-timeout. on page 539 (http-acceleration) cache-content. on page 548 (http-acceleration) ie-refresh. A CC 1 (h tt p -a cc e le ra t io n )# http-acceleration enable • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (web-acceleration) http-acceleration.Co n f ig u r at io n C om m an d s / 549 (http-acceleration) http-acceleration enable Command Description Parameters Example with Syntax Related Commands A CC 1 (h tt p -a cc e le ra t io n )# ht t p. on page 547 (http-acceleration) fetch job. on page 553 (http-acceleration) min cached-object-size. on page 564 (http-acceleration) show. on page 565 (http-acceleration) tcp-acceleration. on page 557 (http-acceleration) port-transparency. on page 543 (http-acceleration) connect-timeout. on page 541 (http-acceleration) cache-size. on page 551 (http-acceleration) max-client-connect-time. on page 562 (http-acceleration) reset-to-default. disable to disable. By default HTTP Acceleration is disabled. Enable to enable. on page 537 (http-acceleration) cache-auth-requests. on page 540 (http-acceleration) cache-range. on page 552 (http-acceleration) max cached-object-size. on page 560 (http-acceleration) read-ahead fetch-full-page. on page 554 (http-acceleration) no. on page 542 (http-acceleration) cancel.ac c el e ra ti o n [ en a bl e | d is a bl e] Enables/disables HTTP Acceleration. on page 546 (http-acceleration) exit. on page 558 (http-acceleration) proxy outgoing host. on page 559 (http-acceleration) read-ahead.

on page 559 (http-acceleration) read-ahead. on page 567 Ac ce ler at o rOS Ve rsi on 7. on page 560 (http-acceleration) read-ahead fetch-full-page. on page 556 (http-acceleration) port.1 Us er Gu id e . on page 549 (http-acceleration) log-level. disable to disable. on page 557 (http-acceleration) port-transparency. on page 546 (http-acceleration) exit. on page 545 (http-acceleration) deny-content-encoding. on page 553 (http-acceleration) min cached-object-size. on page 561 (http-acceleration) read-ahead operation-mode. on page 547 (http-acceleration) fetch job. on page 537 (http-acceleration) cache-auth-requests. on page 562 (http-acceleration) reset-to-default. on page 555 (http-acceleration) persistent-timeout. on page 544 (http-acceleration) collect statistics. on page 565 (http-acceleration) tcp-acceleration. on page 543 (http-acceleration) connect-timeout. Enable to enable. on page 563 (http-acceleration) rule. on page 540 (http-acceleration) cache-range. on page 564 (http-acceleration) show. on page 538 (http-acceleration) cache clear.re f re s h [e n ab le | d is a bl e ] Refreshes Internet Explorer. on page 558 (http-acceleration) proxy outgoing host. on page 542 (http-acceleration) cancel. on page 554 (http-acceleration) no. on page 552 (http-acceleration) max cached-object-size. on page 541 (http-acceleration) cache-size.550 A p pe n di x F: Command Line Interface (http-acceleration) ie-refresh Command Description Parameters Example with Syntax Related Commands A CC 1 (h t tp -a c ce le r at i on )# i e. on page 548 (http-acceleration) http-acceleration enable. A CC 1 (h t tp -a c ce le r at i on )# ie-refresh enable • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (web-acceleration) http-acceleration.0 . on page 566 (http-acceleration) transparency. on page 539 (http-acceleration) cache-content. on page 551 (http-acceleration) max-client-connect-time.

on page 565 (http-acceleration) tcp-acceleration. on page 557 (http-acceleration) port-transparency. on page 550 (http-acceleration) max-client-connect-time.le v el [ a le rt | e r ro r | i n fo | wa r ni ng ] You can set the Accelerator’s log file to accumulate events that occur in HTTP Acceleration. on page 560 (http-acceleration) read-ahead fetch-full-page. on page 547 (http-acceleration) fetch job. the default level is Error. on page 537 (http-acceleration) cache-auth-requests. on page 546 (http-acceleration) exit. When enabled. Parameters Example with Syntax Related Commands A C C1 ( ht tp . on page 552 (http-acceleration) max cached-object-size. on page 545 (http-acceleration) deny-content-encoding. on page 566 (http-acceleration) transparency. on page 567 . on page 538 (http-acceleration) cache clear. on page 541 (http-acceleration) cache-size.Co n f ig u r at io n C om m an d s / 551 (http-acceleration) log-level Command Description A C C1 ( ht tp . on page 544 (http-acceleration) collect statistics. on page 555 (http-acceleration) persistent-timeout. on page 549 (http-acceleration) ie-refresh. logging is disabled. By default.le v el error • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (web-acceleration) http-acceleration.ac ce l er a ti on ) #l og . on page 548 (http-acceleration) http-acceleration enable. as described above. on page 563 (http-acceleration) rule. on page 540 (http-acceleration) cache-range. on page 543 (http-acceleration) connect-timeout.ac ce l er a ti on ) #l og . on page 553 (http-acceleration) min cached-object-size. on page 564 (http-acceleration) show. on page 559 (http-acceleration) read-ahead. To set the type of alerts to be accumulated. on page 542 (http-acceleration) cancel. on page 554 (http-acceleration) no. on page 561 (http-acceleration) read-ahead operation-mode. Enter the time ammount in seconds. set the lowest level of alert to be logged. on page 539 (http-acceleration) cache-content. on page 556 (http-acceleration) port. on page 558 (http-acceleration) proxy outgoing host. on page 562 (http-acceleration) reset-to-default.

Enter the time ammount in minutes 1-5000. on page 539 (http-acceleration) cache-content. on page 538 (http-acceleration) cache clear. on page 567 Ac ce ler at o rOS Ve rsi on 7.1 Us er Gu id e .0 . on page 564 (http-acceleration) show. on page 562 (http-acceleration) reset-to-default. on page 560 (http-acceleration) read-ahead fetch-full-page. on page 537 (http-acceleration) cache-auth-requests. on page 549 (http-acceleration) ie-refresh. on page 565 (http-acceleration) tcp-acceleration. on page 542 (http-acceleration) cancel. AC C 1( ht t p. on page 548 (http-acceleration) http-acceleration enable. on page 563 (http-acceleration) rule.ac c el e ra ti o n) #m a x.c li en t -c on n ec t ti m e 300 • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (web-acceleration) http-acceleration. on page 540 (http-acceleration) cache-range.ac c el e ra ti o n) #m a x. on page 547 (http-acceleration) fetch job. on page 554 (http-acceleration) no. on page 557 (http-acceleration) port-transparency.c li en t -c on n ec t ti m e Sets in minutes the time limit the client will remain connected to the cache process. on page 556 (http-acceleration) port.552 A p pe n di x F: Command Line Interface (http-acceleration) max-client-connect-time Command Description Parameters Example with Syntax Related Commands AC C 1( ht t p. on page 544 (http-acceleration) collect statistics. on page 543 (http-acceleration) connect-timeout. on page 558 (http-acceleration) proxy outgoing host. on page 561 (http-acceleration) read-ahead operation-mode. on page 559 (http-acceleration) read-ahead. on page 545 (http-acceleration) deny-content-encoding. on page 550 (http-acceleration) log-level. on page 555 (http-acceleration) persistent-timeout. on page 553 (http-acceleration) min cached-object-size. on page 566 (http-acceleration) transparency. on page 546 (http-acceleration) exit. on page 541 (http-acceleration) cache-size. on page 551 (http-acceleration) max cached-object-size.

on page 548 (http-acceleration) http-acceleration enable. on page 546 (http-acceleration) exit.Co n f ig u r at io n C om m an d s / 553 (http-acceleration) max cached-object-size Command Description Parameters Example with Syntax Related Commands AC C1 ( ht tp .o bj e ct si ze [n um b er in M B ] • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (web-acceleration) http-acceleration. Note that. on page 543 (http-acceleration) connect-timeout. AC C1 ( ht tp . on page 542 (http-acceleration) cancel. on page 539 (http-acceleration) cache-content. on page 541 (http-acceleration) cache-size. on page 556 (http-acceleration) port. on page 567 .o bj e ct si ze [n um b er in M B ] Sets the maximum size for objects stored in the cache. on page 558 (http-acceleration) proxy outgoing host. on page 547 (http-acceleration) fetch job. on page 562 (http-acceleration) reset-to-default. on page 554 (http-acceleration) no. on page 560 (http-acceleration) read-ahead fetch-full-page. on page 552 (http-acceleration) min cached-object-size. on page 540 (http-acceleration) cache-range. on page 563 (http-acceleration) rule. on page 561 (http-acceleration) read-ahead operation-mode. on page 538 (http-acceleration) cache clear. on page 537 (http-acceleration) cache-auth-requests. Enter a valid size (between 1-60 GB). on page 565 (http-acceleration) tcp-acceleration. on page 555 (http-acceleration) persistent-timeout. Default is 4096 KB.ac c el er a ti on ) #m a x ca c he d. on page 559 (http-acceleration) read-ahead. on page 550 (http-acceleration) log-level. on page 564 (http-acceleration) show. on page 545 (http-acceleration) deny-content-encoding. on page 566 (http-acceleration) transparency. on page 549 (http-acceleration) ie-refresh. on page 544 (http-acceleration) collect statistics. Approximately 10 MB of RAM is needed for each 1 GB of data cached. on page 557 (http-acceleration) port-transparency. on page 551 (http-acceleration) max-client-connect-time.ac c el er a ti on ) #m a x ca c he d.

on page 561 (http-acceleration) read-ahead operation-mode. on page 539 (http-acceleration) cache-content. on page 560 (http-acceleration) read-ahead fetch-full-page. on page 544 (http-acceleration) collect statistics. on page 546 (http-acceleration) exit.0 . on page 548 (http-acceleration) http-acceleration enable.1 Us er Gu id e .a cc el e ra ti o n) # ma x c ac he d -o b je ct si z e 300 • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (web-acceleration) http-acceleration. on page 543 (http-acceleration) connect-timeout. on page 537 (http-acceleration) cache-auth-requests. on page 550 (http-acceleration) log-level. on page 553 (http-acceleration) no. on page 551 (http-acceleration) max-client-connect-time. on page 556 (http-acceleration) port. on page 563 (http-acceleration) rule. on page 545 (http-acceleration) deny-content-encoding. on page 547 (http-acceleration) fetch job. on page 549 (http-acceleration) ie-refresh. on page 567 Ac ce ler at o rOS Ve rsi on 7. This number should not be bigger than the Max value. on page 559 (http-acceleration) read-ahead. Enter a valid size (between 0-5000 KB). on page 562 (http-acceleration) reset-to-default.554 A p pe n di x F: Command Line Interface (http-acceleration) min cached-object-size Command Description Parameters AC C 1( ht t p. on page 557 (http-acceleration) port-transparency. on page 566 (http-acceleration) transparency. on page 558 (http-acceleration) proxy outgoing host. on page 555 (http-acceleration) persistent-timeout. on page 565 (http-acceleration) tcp-acceleration. Example with Syntax Related Commands AC C 1( ht t p. on page 540 (http-acceleration) cache-range. on page 538 (http-acceleration) cache clear. Approximately 10 MB of RAM is needed for each 1 GB of data cached. Note that. on page 541 (http-acceleration) cache-size. on page 552 (http-acceleration) max cached-object-size.a cc el e ra ti o n) # mi n c ac he d -o b je ct si z e [n u mb e r in KB ] Sets the maximum size for objects stored in the cache. on page 564 (http-acceleration) show. on page 542 (http-acceleration) cancel.

on page 544 (http-acceleration) collect statistics. on page 566 (http-acceleration) transparency.ac ce l er a ti on ) # no rule direct avaya • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (web-acceleration) http-acceleration. on page 542 (http-acceleration) cancel. on page 556 (http-acceleration) port. on page 565 (http-acceleration) tcp-acceleration. on page 562 (http-acceleration) reset-to-default. on page 549 (http-acceleration) ie-refresh. Enter a configured regular expression A C C1 ( ht tp . on page 540 (http-acceleration) cache-range. on page 557 (http-acceleration) port-transparency. on page 552 (http-acceleration) max cached-object-size. on page 563 (http-acceleration) rule. on page 553 (http-acceleration) min cached-object-size. on page 554 (http-acceleration) persistent-timeout. on page 551 (http-acceleration) max-client-connect-time.Co n f ig u r at io n C om m an d s / 555 (http-acceleration) no Command Description Parameters Example with Syntax Related Commands A C C1 ( ht tp . on page 543 (http-acceleration) connect-timeout. on page 545 (http-acceleration) deny-content-encoding. on page 567 .ac ce l er a ti on ) #n o Negates a command within a rule. on page 548 (http-acceleration) http-acceleration enable. on page 550 (http-acceleration) log-level. on page 537 (http-acceleration) cache-auth-requests. on page 559 (http-acceleration) read-ahead. on page 561 (http-acceleration) read-ahead operation-mode. on page 558 (http-acceleration) proxy outgoing host. on page 539 (http-acceleration) cache-content. on page 547 (http-acceleration) fetch job. on page 560 (http-acceleration) read-ahead fetch-full-page. on page 564 (http-acceleration) show. on page 538 (http-acceleration) cache clear. on page 541 (http-acceleration) cache-size. on page 546 (http-acceleration) exit.

on page 559 (http-acceleration) read-ahead. on page 539 (http-acceleration) cache-content.556 A p pe n di x F: Command Line Interface (http-acceleration) persistent-timeout Command Description Parameters Example with Syntax Related Commands AC C 1( ht t p. AC C 1( ht t p. on page 558 (http-acceleration) proxy outgoing host. on page 563 (http-acceleration) rule. on page 552 (http-acceleration) max cached-object-size. on page 557 (http-acceleration) port-transparency. on page 540 (http-acceleration) cache-range. on page 548 (http-acceleration) http-acceleration enable. on page 566 (http-acceleration) transparency. on page 545 (http-acceleration) deny-content-encoding. on page 565 (http-acceleration) tcp-acceleration. on page 538 (http-acceleration) cache clear.0 . on page 560 (http-acceleration) read-ahead fetch-full-page. on page 567 Ac ce ler at o rOS Ve rsi on 7.ac c el er a ti o n) # persistent-timeout 1000 • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (web-acceleration) http-acceleration. on page 553 (http-acceleration) min cached-object-size. on page 554 (http-acceleration) no. on page 549 (http-acceleration) ie-refresh.1 Us er Gu id e . on page 542 (http-acceleration) cancel. on page 555 (http-acceleration) port. on page 561 (http-acceleration) read-ahead operation-mode. on page 547 (http-acceleration) fetch job. on page 550 (http-acceleration) log-level. on page 537 (http-acceleration) cache-auth-requests. on page 551 (http-acceleration) max-client-connect-time. on page 564 (http-acceleration) show. Enter a value in seconds.ac c el er a ti o n) #p e rs is t en t -t im e ou t <1 . on page 541 (http-acceleration) cache-size. 1-10000 seconds. on page 544 (http-acceleration) collect statistics.10 00 0 > Allows persistent connections to be timed out. on page 543 (http-acceleration) connect-timeout. on page 546 (http-acceleration) exit. on page 562 (http-acceleration) reset-to-default.

on page 552 (http-acceleration) max cached-object-size.a cc el e ra ti o n) # po rt [p or t n u mb er ] Sets the default port on which HTTP traffic generally arrives. on page 565 (http-acceleration) tcp-acceleration. on page 537 (http-acceleration) cache-auth-requests. on page 539 (http-acceleration) cache-content. on page 553 (http-acceleration) min cached-object-size. on page 567 . on page 560 (http-acceleration) read-ahead fetch-full-page. The default is 80. on page 541 (http-acceleration) cache-size. on page 548 (http-acceleration) http-acceleration enable. on page 543 (http-acceleration) connect-timeout. on page 559 (http-acceleration) read-ahead. on page 547 (http-acceleration) fetch job. on page 542 (http-acceleration) cancel. on page 554 (http-acceleration) no. on page 561 (http-acceleration) read-ahead operation-mode.Co n f ig u r at io n C om m an d s / 557 (http-acceleration) port Command Description Parameters Example with Syntax Related Commands AC C 1( ht t p. on page 558 (http-acceleration) proxy outgoing host. on page 556 (http-acceleration) port-transparency. on page 562 (http-acceleration) reset-to-default.a cc el e ra ti o n) # port 80 • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (web-acceleration) http-acceleration. on page 549 (http-acceleration) ie-refresh. on page 551 (http-acceleration) max-client-connect-time. on page 563 (http-acceleration) rule. on page 538 (http-acceleration) cache clear. on page 550 (http-acceleration) log-level. on page 544 (http-acceleration) collect statistics. on page 564 (http-acceleration) show. on page 566 (http-acceleration) transparency. on page 546 (http-acceleration) exit. on page 555 (http-acceleration) persistent-timeout. Enter a valid port number AC C 1( ht t p. on page 540 (http-acceleration) cache-range. on page 545 (http-acceleration) deny-content-encoding.

on page 548 (http-acceleration) http-acceleration enable. on page 555 (http-acceleration) persistent-timeout. you cannot activate the QoS mechanism according to the source port. if the source port is not preserved. On the other hand. on page 566 (http-acceleration) transparency. on page 554 (http-acceleration) no.ac c el er a ti o n) #p o rt -t r an s pa re n cy enable • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (web-acceleration) http-acceleration. on page 563 (http-acceleration) rule. By default.558 A p pe n di x F: Command Line Interface (http-acceleration) port-transparency i Note: Preserving the port may have bad implications on outgoing traffic from the Web cache. on page 547 (http-acceleration) fetch job. Command Description Parameters Example with Syntax Related Commands AC C 1( ht t p. on page 542 (http-acceleration) cancel. disable to disable AC C 1( ht t p. on page 557 (http-acceleration) proxy outgoing host.1 Us er Gu id e . on page 567 Ac ce ler at o rOS Ve rsi on 7. on page 551 (http-acceleration) max-client-connect-time. on page 564 (http-acceleration) show. on page 539 (http-acceleration) cache-content. on page 553 (http-acceleration) min cached-object-size. on page 541 (http-acceleration) cache-size. on page 565 (http-acceleration) tcp-acceleration. on page 537 (http-acceleration) cache-auth-requests. on page 562 (http-acceleration) reset-to-default. on page 543 (http-acceleration) connect-timeout. on page 561 (http-acceleration) read-ahead operation-mode. on page 540 (http-acceleration) cache-range. port transparency is disabled. on page 545 (http-acceleration) deny-content-encoding. on page 552 (http-acceleration) max cached-object-size.0 . on page 549 (http-acceleration) ie-refresh. Enable to enable. on page 560 (http-acceleration) read-ahead fetch-full-page. on page 546 (http-acceleration) exit. on page 559 (http-acceleration) read-ahead. on page 544 (http-acceleration) collect statistics. on page 550 (http-acceleration) log-level. on page 556 (http-acceleration) port.ac c el er a ti o n) #p o rt -t r an s pa re n cy [e n ab le | di s ab le ] This command configures whether the Client's original source port will be preserved. on page 538 (http-acceleration) cache clear.

AC C1 ( ht t p. on page 552 (http-acceleration) max cached-object-size.ac c el er a ti o n) # proxy outgoing host <x. on page 567 . on page 556 (http-acceleration) port.ac c el er a ti o n) # proxy outgoing host <proxy IP> <proxy listening port> Configures the proxy server IP and listening port. on page 564 (http-acceleration) show. on page 561 (http-acceleration) read-ahead operation-mode. on page 550 (http-acceleration) log-level. on page 553 (http-acceleration) min cached-object-size. on page 537 (http-acceleration) cache-auth-requests. on page 563 (http-acceleration) rule. on page 539 (http-acceleration) cache-content. on page 538 (http-acceleration) cache clear. on page 555 (http-acceleration) persistent-timeout. on page 566 (http-acceleration) transparency. on page 544 (http-acceleration) collect statistics.x. on page 565 (http-acceleration) tcp-acceleration. on page 554 (http-acceleration) no. on page 551 (http-acceleration) max-client-connect-time. on page 540 (http-acceleration) cache-range.x. on page 541 (http-acceleration) cache-size. on page 560 (http-acceleration) read-ahead fetch-full-page. on page 549 (http-acceleration) ie-refresh.x> <xxx> • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (web-acceleration) http-acceleration.Co n f ig u r at io n C om m an d s / 559 (http-acceleration) proxy outgoing host i Note: After proxy was enabled. on page 545 (http-acceleration) deny-content-encoding. Command Description Parameters Example with Syntax Related Commands AC C1 ( ht t p. on page 546 (http-acceleration) exit. Enter a valid IP address and port If you want to un-configure this port enter the no command prior. on page 547 (http-acceleration) fetch job. disabling DNS requires you to disable proxy first. on page 543 (http-acceleration) connect-timeout. on page 548 (http-acceleration) http-acceleration enable. on page 562 (http-acceleration) reset-to-default. on page 557 (http-acceleration) port-transparency. on page 542 (http-acceleration) cancel. on page 558 (http-acceleration) read-ahead. You should configure this command only if DNS is configured.

on page 537 (http-acceleration) cache-auth-requests. on page 552 (http-acceleration) max cached-object-size.a cc el e ra ti o n) #re ad . on page 561 (http-acceleration) read-ahead operation-mode. on page 567 Ac ce ler at o rOS Ve rsi on 7.1 Us er Gu id e . on page 554 (http-acceleration) no. on page 548 (http-acceleration) http-acceleration enable. on page 563 (http-acceleration) rule. on page 553 (http-acceleration) min cached-object-size. on page 559 (http-acceleration) read-ahead fetch-full-page. on page 538 (http-acceleration) cache clear. on page 565 (http-acceleration) tcp-acceleration. on page 558 (http-acceleration) proxy outgoing host. on page 544 (http-acceleration) collect statistics. on page 549 (http-acceleration) ie-refresh.a cc el e ra ti o n) # read-ahead enable • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (web-acceleration) http-acceleration. on page 556 (http-acceleration) port. on page 539 (http-acceleration) cache-content. AC C 1( ht t p. on page 543 (http-acceleration) connect-timeout. on page 542 (http-acceleration) cancel. on page 547 (http-acceleration) fetch job. on page 557 (http-acceleration) port-transparency. on page 566 (http-acceleration) transparency.ah ea d Enables or disables read-ahead Enable to enable Disable to disable. on page 541 (http-acceleration) cache-size. on page 562 (http-acceleration) reset-to-default. on page 540 (http-acceleration) cache-range. on page 551 (http-acceleration) max-client-connect-time. on page 555 (http-acceleration) persistent-timeout. on page 546 (http-acceleration) exit. on page 564 (http-acceleration) show.560 A p pe n di x F: Command Line Interface (http-acceleration) read-ahead Command Description Parameters Example with Syntax Related Commands AC C 1( ht t p. on page 545 (http-acceleration) deny-content-encoding. on page 550 (http-acceleration) log-level.0 .

will fetch the entire page including graphics. on page 566 (http-acceleration) transparency. on page 541 (http-acceleration) cache-size. on page 546 (http-acceleration) exit. on page 564 (http-acceleration) show. AC C1 ( ht t p. on page 542 (http-acceleration) cancel. on page 558 (http-acceleration) proxy outgoing host. on page 543 (http-acceleration) connect-timeout. on page 540 (http-acceleration) cache-range. on page 539 (http-acceleration) cache-content. on page 567 . on page 550 (http-acceleration) log-level.pa g e When read ahead is enabled.ac c el er a ti o n) # read-ahead fetch-full- page • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (web-acceleration) http-acceleration. on page 545 (http-acceleration) deny-content-encoding. on page 556 (http-acceleration) port. on page 565 (http-acceleration) tcp-acceleration. on page 548 (http-acceleration) http-acceleration enable. on page 560 (http-acceleration) read-ahead operation-mode. on page 563 (http-acceleration) rule.ac c el er a ti o n) # r e ad -a h ea d f et c hfu ll . on page 549 (http-acceleration) ie-refresh. on page 544 (http-acceleration) collect statistics. on page 557 (http-acceleration) port-transparency. on page 552 (http-acceleration) max cached-object-size. Enable read ahead in order for this to work No additional parameters are required. on page 559 (http-acceleration) read-ahead. on page 537 (http-acceleration) cache-auth-requests. on page 562 (http-acceleration) reset-to-default. on page 555 (http-acceleration) persistent-timeout. on page 538 (http-acceleration) cache clear. on page 551 (http-acceleration) max-client-connect-time. on page 553 (http-acceleration) min cached-object-size.Co n f ig u r at io n C om m an d s / 561 (http-acceleration) read-ahead fetch-full-page Command Description Parameters Example with Syntax Related Commands AC C1 ( ht t p. on page 554 (http-acceleration) no. on page 547 (http-acceleration) fetch job.

on page 548 (http-acceleration) http-acceleration enable.562 A p pe n di x F: Command Line Interface (http-acceleration) read-ahead operation-mode Command Description Parameters Example with Syntax Related Commands AC C 1( ht t p.1 Us er Gu id e . on page 554 (http-acceleration) no. or High.a cc el e ra ti o n) #re ad . on page 567 Ac ce ler at o rOS Ve rsi on 7. on page 563 (http-acceleration) rule. on page 537 (http-acceleration) cache-auth-requests. on page 549 (http-acceleration) ie-refresh.ah ea d operation- mode low • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (web-acceleration) http-acceleration. on page 552 (http-acceleration) max cached-object-size. Medium. on page 556 (http-acceleration) port. Keep in mind that the higher the setting. on page 566 (http-acceleration) transparency. on page 543 (http-acceleration) connect-timeout. on page 540 (http-acceleration) cache-range. the more memory will be consumed. Low. on page 550 (http-acceleration) log-level. on page 558 (http-acceleration) proxy outgoing host. on page 551 (http-acceleration) max-client-connect-time. AC C 1( ht t p. on page 539 (http-acceleration) cache-content. on page 547 (http-acceleration) fetch job. on page 546 (http-acceleration) exit. on page 557 (http-acceleration) port-transparency. will set the level of fetch operation. on page 545 (http-acceleration) deny-content-encoding. on page 564 (http-acceleration) show. on page 555 (http-acceleration) persistent-timeout. on page 559 (http-acceleration) read-ahead.m od e < no rm a l| l ow |a g gr es s iv e > When read ahead is enabled. on page 544 (http-acceleration) collect statistics. on page 560 (http-acceleration) read-ahead fetch-full-page. on page 565 (http-acceleration) tcp-acceleration. on page 542 (http-acceleration) cancel.a cc el e ra ti o n) #re ad . on page 553 (http-acceleration) min cached-object-size. on page 538 (http-acceleration) cache clear. on page 541 (http-acceleration) cache-size. on page 561 (http-acceleration) reset-to-default.ah ea d op e ra ti o n.0 .

on page 566 (http-acceleration) transparency. on page 549 (http-acceleration) ie-refresh. on page 564 (http-acceleration) show.d ef au l t Erases the HTTP Acceleration configuration.ac c el er a ti o n) # r e se t.ac c el er a ti o n) # reset-to-default Th e c on f ig ur a ti on of HT TP ac ce l er a ti on wi ll be e r as e d an d r es e t t o fa c to ry va l ue s. on page 552 (http-acceleration) max cached-object-size. on page 565 (http-acceleration) tcp-acceleration. and resets all values to the factory default settings. on page 544 (http-acceleration) collect statistics. on page 550 (http-acceleration) log-level. on page 539 (http-acceleration) cache-content. on page 542 (http-acceleration) cancel. on page 543 (http-acceleration) connect-timeout. on page 547 (http-acceleration) fetch job. on page 553 (http-acceleration) min cached-object-size. on page 558 (http-acceleration) proxy outgoing host. on page 540 (http-acceleration) cache-range. on page 538 (http-acceleration) cache clear. on page 556 (http-acceleration) port. on page 548 (http-acceleration) http-acceleration enable. on page 561 (http-acceleration) read-ahead operation-mode. including statistics. on page 546 (http-acceleration) exit. on page 562 (http-acceleration) rule. Ar e yo u s ur e ? (Y / N) Y • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (web-acceleration) http-acceleration. on page 545 (http-acceleration) deny-content-encoding.t o. on page 541 (http-acceleration) cache-size. on page 555 (http-acceleration) persistent-timeout. AC C1 ( ht t p. on page 557 (http-acceleration) port-transparency. on page 567 Related Commands .Co n f ig u r at io n C om m an d s / 563 (http-acceleration) reset-to-default Command Description Parameters Example with Syntax AC C1 ( ht t p. on page 551 (http-acceleration) max-client-connect-time. Y to confirm N to deny. on page 537 (http-acceleration) cache-auth-requests. on page 560 (http-acceleration) read-ahead fetch-full-page. on page 554 (http-acceleration) no. on page 559 (http-acceleration) read-ahead.

A message error will be displayed as a result of any attempt to insert such a character. on page 560 (http-acceleration) read-ahead fetch-full-page. without passing through the proxy server. on page 555 (http-acceleration) persistent-timeout. on page 554 (http-acceleration) no. You can define multiple rules. on page 558 (http-acceleration) proxy outgoing host. you must configure in the client’s browser the same settings configured in the Accelerator. For example: rule direct avaya.0 . on page 550 (http-acceleration) log-level. on page 552 (http-acceleration) max cached-object-size. on page 553 (http-acceleration) min cached-object-size. on page 565 (http-acceleration) tcp-acceleration.1 Us er Gu id e . on page 557 (http-acceleration) port-transparency. on page 547 (http-acceleration) fetch job. all requests for the avaya URL will be forwarded directly to the avaya server. When this rule is applied. on page 537 (http-acceleration) cache-auth-requests. on page 556 (http-acceleration) port. Note: The CLI does not allow regular expression using the following characters: # ‘ “ . on page 562 (http-acceleration) reset-to-default. on page 548 (http-acceleration) http-acceleration enable. on page 563 (http-acceleration) show. Note: Before configuring a rule direct regular expression. on page 540 (http-acceleration) cache-range.. on page 567 Ac ce ler at o rOS Ve rsi on 7. on page 546 (http-acceleration) exit. on page 566 (http-acceleration) transparency. on page 539 (http-acceleration) cache-content. A CC 1( h tt p -a cc e le ra t io n )# ru l e Defining a regular expression that is valid on a URL. on page 545 (http-acceleration) deny-content-encoding.564 A p pe n di x F: Command Line Interface (http-acceleration) rule i i i Note: You should configure this command only if proxy server is configured. on page 543 (http-acceleration) connect-timeout. Enter a valid URL Command Description Parameters Example with Syntax Related Commands A CC 1( h tt p -a cc e le ra t io n )# rule direct avaya • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (web-acceleration) http-acceleration. on page 538 (http-acceleration) cache clear. on page 542 (http-acceleration) cancel. on page 559 (http-acceleration) read-ahead. on page 544 (http-acceleration) collect statistics. on page 561 (http-acceleration) read-ahead operation-mode. on page 541 (http-acceleration) cache-size. on page 549 (http-acceleration) ie-refresh. on page 551 (http-acceleration) max-client-connect-time.

on page 561 (http-acceleration) read-ahead operation-mode. on page 555 (http-acceleration) persistent-timeout. on page 564 (http-acceleration) tcp-acceleration. A C C1 ( ht tp . on page 546 (http-acceleration) exit. on page 556 (http-acceleration) port. on page 545 (http-acceleration) deny-content-encoding. on page 542 (http-acceleration) cancel. on page 541 (http-acceleration) cache-size. on page 553 (http-acceleration) min cached-object-size. on page 549 (http-acceleration) ie-refresh.Co n f ig u r at io n C om m an d s / 565 (http-acceleration) show Command Description Parameters Example with Syntax Related Commands A C C1 ( ht tp . on page 550 (http-acceleration) log-level. on page 554 (http-acceleration) no. on page 566 (http-acceleration) transparency. on page 538 (http-acceleration) cache clear. on page 560 (http-acceleration) read-ahead fetch-full-page. on page 559 (http-acceleration) read-ahead.ac ce l er a ti on ) #s ho w Displays the settings of the specified rule or parameter Enter the name of the rule or setting. on page 567 .ac ce l er a ti on ) #s ho w direct avaya A C C1 ( ht tp . on page 544 (http-acceleration) collect statistics. on page 558 (http-acceleration) proxy outgoing host. on page 540 (http-acceleration) cache-range. on page 562 (http-acceleration) reset-to-default. on page 537 (http-acceleration) cache-auth-requests. on page 543 (http-acceleration) connect-timeout. on page 563 (http-acceleration) rule. on page 557 (http-acceleration) port-transparency. on page 551 (http-acceleration) max-client-connect-time. on page 552 (http-acceleration) max cached-object-size.ac ce l er a ti on ) #s ho w read-ahead • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (web-acceleration) http-acceleration. on page 547 (http-acceleration) fetch job. on page 548 (http-acceleration) http-acceleration enable. on page 539 (http-acceleration) cache-content.

on page 565 • (http-acceleration) transparency. on page 549 • (http-acceleration) ie-refresh.ac c el er a ti o n) #t c p. on page 546 • (http-acceleration) exit. on page 547 • (http-acceleration) fetch job. for additional TCP Acceleration configuration options • (web-acceleration) http-acceleration. on page 560 • (http-acceleration) read-ahead fetch-full-page.566 A p pe n di x F: Command Line Interface (http-acceleration) tcp-acceleration Command Description Parameters Example with Syntax Related Commands AC C 1( ht t p. on page 550 • (http-acceleration) log-level.ac c el e ra ti o n enable. on page 545 • (http-acceleration) deny-content-encoding. on page 543 • (http-acceleration) connect-timeout. on page 544 • (http-acceleration) collect statistics. on page 555 • (http-acceleration) persistent-timeout. on page 564 • (http-acceleration) show. • TCP Acceleration Commands.ac c el e rt io n <e n ab le | di sa b le > Enables or disables TCP Acceleration Enable to enable. on page 542 • (http-acceleration) cancel. on page 563 • (http-acceleration) rule. on page 552 • (http-acceleration) max cached-object-size. on page 567 Ac ce ler at o rOS Ve rsi on 7. on page 558 • (http-acceleration) proxy outgoing host. on page 556 • (http-acceleration) port.ac c el er a ti o n) #t c p. AC C 1( ht t p. on page 537 • (http-acceleration) cache-auth-requests.0 . Disable to disable.1 Us er Gu id e . on page 562 • (http-acceleration) reset-to-default. on page 553 • (http-acceleration) min cached-object-size. on page 551 • (http-acceleration) max-client-connect-time. on page 561 • (http-acceleration) read-ahead operation-mode. on page 557 • (http-acceleration) port-transparency. on page 548 • (http-acceleration) http-acceleration enable. on page 559 • (http-acceleration) read-ahead. on page 540 • (http-acceleration) cache-range. on page 554 • (http-acceleration) no. on page 538 • (http-acceleration) cache clear. on page 541 • (http-acceleration) cache-size. on page 539 • (http-acceleration) cache-content. on page 572.

on page 556 (http-acceleration) port. on page 552 (http-acceleration) max cached-object-size. on page 540 (http-acceleration) cache-range.applying transparency on both the Client and the server sides. on page 548 (http-acceleration) http-acceleration enable. The following statuses are possible: • Semi . thereby preventing the detection of the proxy server’s IP address by sniffing). on page 564 (http-acceleration) show. on page 562 (http-acceleration) reset-to-default. on page 544 (http-acceleration) collect statistics. on page 566 . on page 554 (http-acceleration) no. Parameters Example with Syntax Related Commands AC C 1( h tt p. on page 555 (http-acceleration) persistent-timeout. on page 551 (http-acceleration) max-client-connect-time. on page 543 (http-acceleration) connect-timeout.a cc el e ra t io n) # tr an s pa r en cy [a ut o | se m i | f ul l ] This command configures the status of the interception proxy. on page 547 (http-acceleration) fetch job. on page 537 (http-acceleration) cache-auth-requests. on page 553 (http-acceleration) min cached-object-size.setting the transparency status automatically according to deployment. on page 558 (http-acceleration) proxy outgoing host. You can configure the interception proxy as transparent. on page 546 (http-acceleration) exit. on page 561 (http-acceleration) read-ahead operation-mode. • Auto . on page 542 (http-acceleration) cancel.a cc el e ra t io n) # transparency full • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • (web-acceleration) http-acceleration. namely: Semi in On-LAN deployment and Full in On-Path deployment. on page 563 (http-acceleration) rule. on page 538 (http-acceleration) cache clear. • Full . on page 560 (http-acceleration) read-ahead fetch-full-page. Full. on page 559 (http-acceleration) read-ahead. Semi. on page 545 (http-acceleration) deny-content-encoding. on page 549 (http-acceleration) ie-refresh.Co n f ig u r at io n C om m an d s / 567 (http-acceleration) transparency Command Description AC C 1( h tt p. or Auto as explained above. on page 541 (http-acceleration) cache-size. on page 550 (http-acceleration) log-level.applying transparency only on the Client side. on page 557 (http-acceleration) port-transparency. on page 539 (http-acceleration) cache-content. on page 565 (http-acceleration) tcp-acceleration.

on page 570 (config-fetch-job) schedule. DNS needs to be configured (see (Conf) dns-acceleration. on page 570 (config-fetch-job) show. on page 624) This section contains the following commands: (http-acceleration) fetch job. HTTP Acceleration is available on HD based Accelerators (physical and virtual) and on the 4GB compact flash version. on page 571 (config-fetch-job) url.568 A p pe n di x F: Command Line Interface Fetch Job Commands Fetch allows users to cache data from a pre-determined destination thereby giving the user faster loading time for web pages. on page 549 for information on how to enable HTTP Acceleration. HTTP Acceleration needs to be enabled. on page 571 Ac ce ler at o rOS Ve rsi on 7.0 . This is extremely useful in cases where multiple users will be accessing a specific URL at the same time. on page 569 (config-fetch-job) exit. Note that the following parameters/licenses are required to be set in order for a Fetch Job to work: A license for Web Cache is required (see (config) show licensing. on page 446). See (http-acceleration) http-acceleration enable. on page 569 (config-fetch-job) no. on page 569 (config-fetch-job) cancel. The Pre-fetch option will cache the information from the URL and store it locally on the Accelerator.1 Us er Gu id e .

on page 570 (config-fetch-job) show. on page 571 (config-fetch-job) url. on page 570 (config-fetch-job) show. No additional parameters required. on page 571 (config-fetch-job) cancel Command Description Parameters Example with Syntax Related Commands A CC 1( c on f ig -f e tc h. on page 571 (config-fetch-job) url. on page 569 (config-fetch-job) exit. on page 569 (config-fetch-job) no. A CC 1( c on f ig -f e tc h. on page 569 (config-fetch-job) no. on page 570 (config-fetch-job) show.j ob )#e xi t • • • • • • (http-acceleration) fetch job. on page 570 (config-fetch-job) schedule. on page 570 (config-fetch-job) schedule. on page 571 (config-fetch-job) exit Command Description Parameters Example with Syntax Related Commands A CC 1( c on f ig -f e tc h. on page 569 (config-fetch-job) cancel. on page 571 . on page 570 (config-fetch-job) schedule. on page 571 (config-fetch-job) url. No additional parameters required.j ob )#e xi t Exits the current node and returns to the parent node. A CC 1( c on f ig -f e tc h.j ob )#c an c el Exits the current node without updating and returns to the parent node. on page 569 (config-fetch-job) exit. per job name or number Fetch job number or name A CC 1( h tt p -a cc e le ra t io n )# fe t ch j o b 1 • • • • • • (config-fetch-job) cancel. on page 569 (config-fetch-job) no.j ob )#c an c el • • • • • • (http-acceleration) fetch job.Co n f ig u r at io n C om m an d s / 569 (http-acceleration) fetch job Command Description Parameters Example with Syntax Related Commands A CC 1( h tt p -a cc e le ra t io n )# fe t ch j o b < nu mb e r| n am e> Enters the Fetch node.

but does not run • immediate—occurs one time. Example with Syntax A CC 1 (c o nf ig .1 Us er Gu id e .fe tc h -j o b) #s c he du l e < im m ed i at e| n on e| o nc e |r ec u rr in g > Schedules the fetch job according to the parameters defined.fe tc h -j o b) #s c he du l e recurring weekly monday 11:45 This will run the job every Monday at 11:45 Related Commands • • • • • • (http-acceleration) fetch job. on page 571 Ac ce ler at o rOS Ve rsi on 7. on page 569 (config-fetch-job) no.fe tc h -j o b) #s c he du l e once at 11:45 This will run the job one time at 11:45 A CC 1 (c o nf ig . on page 569 (config-fetch-job) cancel.0 .fe tc h -j o b) #n o url www. immediately • once at—occurs one time on a specific date at a specific hour • once in—occurs one time at a specific hour in X amount of days • recurring daily—occurs every day at a specific hour • recurring weekly—occurs once very week on a specific day and a specific hour • recurring monthly —occurs once a month on a specific date and hour (not recommended to set this to 31. on page 570 (config-fetch-job) show. exit to the HTTP acceleration node and apply the command no fetch job <job number|job name> • • • • • • (http-acceleration) fetch job. on page 569 (config-fetch-job) cancel.fe tc h -j o b) #n o < co m ma n d> Removes commands Command that you want to remove A CC 1 (c o nf ig . on page 570 (config-fetch-job) show. Enter one of the following options • none—the job is created. on page 569 (config-fetch-job) schedule. on page 571 (config-fetch-job) url. on page 569 (config-fetch-job) exit. on page 571 (config-fetch-job) url.com To delete an entire fetch job.expand. as not every month has 31 days). on page 569 (config-fetch-job) exit.570 A p pe n di x F: Command Line Interface (config-fetch-job) no Command Description Parameters Example with Syntax Related Commands A CC 1 (c o nf ig . on page 571 (config-fetch-job) schedule Command Description Parameters A CC 1 (c o nf ig .

on page 570 (config-fetch-job) show. on page 569 (config-fetch-job) exit.expand. on page 571 (config-fetch-job) url Command Description Parameters Example with Syntax Related Commands A CC 1( c on f ig -f e tc h. on page 569 (config-fetch-job) exit. on page 569 (config-fetch-job) no. A CC 1( c on f ig -f e tc h. You may add multiple URLs.j ob )#s ho w Shows the parameters for all fetch jobs No additional parameters required A CC 1( c on f ig -f e tc h.j ob )#u rl www. on page 569 (config-fetch-job) no.com • • • • • • (http-acceleration) fetch job.j ob )#s ho w • • • • • • (http-acceleration) fetch job. on page 569 (config-fetch-job) cancel. on page 570 (config-fetch-job) url. on page 571 . Enter a valid complete URL. To delete a URL. on page 570 (config-fetch-job) schedule.j ob )#u rl Defines the URL to use for the fetch job.Co n f ig u r at io n C om m an d s / 571 (config-fetch-job) show Command Description Parameters Example with Syntax Related Commands A CC 1( c on f ig -f e tc h. use the no command. on page 569 (config-fetch-job) cancel. on page 570 (config-fetch-job) schedule.

on page 572 (tcp-acc) acknowledge packet rate.ac ce l er at i on ) # tcp-acceleration • • • • • • • • • (tcp-acc) acknowledge packet rate. No additional parameters needed. on page 578 (conf) tcp-acceleration Command Description Parameters Example with Syntax Related Commands A CC 1( c on f )# tc p -a cc e le r at io n Opens the TCP acceleration node. on page 577 (tcp-acc) window send. A CC 1( w eb . on page 576 (tcp-acc) typical round-trip.572 A p pe n di x F: Command Line Interface TCP Acceleration Commands This section contains the following commands: (conf) tcp-acceleration. on page 576 (tcp-acc) typical round-trip. on page 577 (tcp-acc) window receive. on page 577 (tcp-acc) window send. on page 575 (tcp-acc) show. on page 576 (tcp-acc) typical-acceleration rate. on page 576 (tcp-acc) typical-acceleration rate. on page 574 (tcp-acc) exclude. on page 573 (tcp-acc) congestion-control. on page 575 (tcp-acc) show. on page 573 (tcp-acc) congestion-control.1 Us er Gu id e .0 . on page 575 (tcp-acc) tcp-acceleration enable. on page 577 (tcp-acc) window receive. on page 574 (tcp-acc) exclude. on page 578 Ac ce ler at o rOS Ve rsi on 7. on page 575 (tcp-acc) tcp-acceleration enable.

on page 575 (tcp-acc) tcp-acceleration enable.8> Determines the number of packets transmitted before sending an ACK message.ac c) #ac kn o wl ed g e p ac ke t r at e 3 • • • • • • • • • (conf) tcp-acceleration. Choose the number of packets within the parameter requirements (between 2 and 8). on page 572 (tcp-acc) congestion-control. on page 576 (tcp-acc) typical-acceleration rate. on page 577 (tcp-acc) window receive. on page 578 . A CC 1( t cp . on page 574 (tcp-acc) exclude.ac ce l er at i on )# a ck no w le dg e pa ck e t r at e < 2.Co n f ig u r at io n C om m an d s / 573 (tcp-acc) acknowledge packet rate Command Description Parameters Example with Syntax Related Commands A CC 1( t cp . on page 575 (tcp-acc) show. on page 576 (tcp-acc) typical round-trip. on page 577 (tcp-acc) window send.

on page 573 (tcp-acc) exclude. on page 575 (tcp-acc) tcp-acceleration enable.574 A p pe n di x F: Command Line Interface (tcp-acc) congestion-control Command Description Parameters AC C 1( tc p -a c c) # c on ge s ti o n. on page 575 (tcp-acc) show. by carefully matching the sending rate to the rate at which packets are successfully being transmitted by the network. Example with Syntax Related Commands AC C 1( tc p -a c c) # c on ge s ti o n control vegas • • • • • • • • • (conf) tcp-acceleration. where recovering from losses is an extremely time-consuming process for the sender. Choose from one of the following: • None—no congestion avoidance is used • Standard—the congestion avoidance conforms to the standard TCP/IP protocol (Reno) • Vegas—TCP Vegas reduces latency and increases overall through-out. on page 578 Ac ce ler at o rOS Ve rsi on 7. The Vegas algorithm maintains shorter queues.1 Us er Gu id e .co n tr ol [n o ne |s t an d ar d| v eg as ] Selects the type of congestion control to be used. such as DSL. and is therefore suitable either for low-bandwidth-delay paths. on page 576 (tcp-acc) typical round-trip. on page 576 (tcp-acc) typical-acceleration rate. on page 572 (tcp-acc) acknowledge packet rate.0 . on page 577 (tcp-acc) window send. or for high-bandwidth-delay WAN paths. on page 577 (tcp-acc) window receive. The shorter queues should also enhance the performance of other flows that traverse the same bottlenecks. where the sender is constantly over-running buffers.

on page 574 (tcp-acc) exclude. on page 576 (tcp-acc) typical-acceleration rate.2 • • • • • • • • • (conf) tcp-acceleration. No additional parameters required.10.server’s logical name IP . on page 574 (tcp-acc) show. on page 575 (tcp-acc) tcp-acceleration enable. on page 577 (tcp-acc) window send.ac c )# show • • • • • • • • • (conf) tcp-acceleration. on page 577 (tcp-acc) window send. on page 573 (tcp-acc) congestion-control. on page 572 (tcp-acc) acknowledge packet rate.IP address of the server or subnet Example with Syntax Related Commands A CC 1( t cp .ac c) # e xc l ud e 120. A C C1 (t c p. on page 578 (tcp-acc) show Command Description Parameters Example with Syntax Related Commands A C C1 (t c p. on page 572 (tcp-acc) acknowledge packet rate.Co n f ig u r at io n C om m an d s / 575 (tcp-acc) exclude Command Description Parameters A CC 1( t cp . on page 576 (tcp-acc) typical round-trip.choose client to exclude the client Server . on page 575 (tcp-acc) tcp-acceleration enable.ac c )# s ho w Shows the TCP Acceleration data. • • • • Client .choose server to exclude the server Word . on page 576 (tcp-acc) typical round-trip.ac c) ex cl u de [c li e nt |s e rv e r| wo r d| IP ] Adds a server or client to the exclude list. on page 578 . on page 577 (tcp-acc) window receive. on page 576 (tcp-acc) typical-acceleration rate. on page 577 (tcp-acc) window receive.44. on page 573 (tcp-acc) congestion-control.

AC C 1( tc p -a c c) # tcp-acceleration disable • • • • • • • • • (conf) tcp-acceleration. on page 576 (tcp-acc) typical round-trip. on page 575 (tcp-acc) show. on page 578 (tcp-acc) typical-acceleration rate Command Description Parameters Example with Syntax Related Commands A CC 1( t cp -a c c) #ty pi c al -a c ce l er at i on r a te [ au to | <0 -5 0 00 0 >] Configures the TCP acceleration rate in seconds. Disable to disable. on page 573 (tcp-acc) congestion-control. on page 577 (tcp-acc) show. on page 574 (tcp-acc) exclude. Enable to enable.0 . on page 577 (tcp-acc) window send. on page 577 (tcp-acc) window receive. By default TCP Acceleration is disabled.1 Us er Gu id e . on page 572 (tcp-acc) acknowledge packet rate. on page 578 Ac ce ler at o rOS Ve rsi on 7.576 A p pe n di x F: Command Line Interface (tcp-acc) tcp-acceleration enable Command Description Parameters Example with Syntax Related Commands AC C 1( tc p -a c c) #t c p.ac c el e ra ti o n [e n ab l e | di s ab le ] Enables/disables TCP Acceleration. Enter an ammount within the range or select Auto and the Accelerator will chose the value for you. on page 575 (tcp-acc) window receive. on page 575 (tcp-acc) typical-acceleration rate. on page 573 (tcp-acc) congestion-control. on page 576 (tcp-acc) typical round-trip. A CC 1( t cp -a c c) # typical-acceleration-rate 20000 • • • • • • • • • (conf) tcp-acceleration. on page 577 (tcp-acc) window send. on page 572 (tcp-acc) acknowledge packet rate. on page 575 (tcp-acc) tcp-acceleration enable. on page 574 (tcp-acc) exclude.

on page 572 (tcp-acc) acknowledge packet rate. on page 575 (tcp-acc) tcp-acceleration enable. on page 578 . AC C1 ( tc p -a cc ) # typical round-trip auto • • • • • • • • • (conf) tcp-acceleration. • auto . Max to enter a maximum amount. on page 578 (tcp-acc) window receive Command Description AC C 1( tc p -a cc ) w i nd ow re ce i ve [ a ut o |m ax <4 00 0 50 0 00 00 0 > Restricts the size of packets received to X ammount (if entered) before sending an ACK request. on page 576 (tcp-acc) typical-acceleration rate.sets the maximum ammount • 4000-50000000 the accepted range Parameters Example with Syntax Related Commands AC C 1( tc p -a cc e le r at io n )# window receive auto • • • • • • • • • (conf) tcp-acceleration. on page 576 (tcp-acc) typical-acceleration rate. on page 574 (tcp-acc) exclude. on page 573 (tcp-acc) congestion-control. on page 577 (tcp-acc) window send. on page 576 (tcp-acc) window receive. on page 574 (tcp-acc) exclude. on page 572 (tcp-acc) acknowledge packet rate. on page 573 (tcp-acc) congestion-control.Co n f ig u r at io n C om m an d s / 577 (tcp-acc) typical round-trip Command Description Parameters Example with Syntax Related Commands AC C1 ( tc p -a cc ) # t yp i ca l r ou n d. on page 576 (tcp-acc) typical round-trip.the Accelerator will decide the ammount • max . Enter an ammount in milliseconds within the accepted range. on page 575 (tcp-acc) tcp-acceleration enable.tr i p [ au to | <1 -6 0 00 0 > Configures the RTT in milliseconds. or enter Auto and the value will dynamically change depending on network and bandwidth conditions. You can enter your own amount. on page 575 (tcp-acc) show. on page 575 (tcp-acc) show. on page 577 (tcp-acc) window send.

on page 577 Ac ce ler at o rOS Ve rsi on 7. or enter Auto and the value will dynamically change depending on network and bandwidth conditions.1 Us er Gu id e . on page 574 (tcp-acc) exclude. on page 575 (tcp-acc) show. Max to enter a maximum amount.ac c) # window send max 20000 • • • • • • • • • (conf) tcp-acceleration. on page 577 (tcp-acc) window receive.ac c) wi n do w s en d [ au t o| ma x < 40 0 05 00 0 00 00 > |< 40 0 0. on page 572 (tcp-acc) acknowledge packet rate. You can enter your own amount.the Accelerator will decide the ammount max . on page 576 (tcp-acc) typical-acceleration rate.sets the maximum ammount 4000-50000000 the accepted range Parameters Example with Syntax Related Commands A CC 1 (t cp .5 00 00 0 00 > Restricts the size of packets sent to X ammount (if entered) before sending an ACK request. on page 573 (tcp-acc) congestion-control. on page 575 (tcp-acc) tcp-acceleration enable. on page 576 (tcp-acc) typical round-trip.0 . auto .578 A p pe n di x F: Command Line Interface (tcp-acc) window send Command Description A CC 1 (t cp .

ac c ) ke e pa l iv e [ di sa b le | en ab l e] Enables or disables Keep Alive messaging.Co n f ig u r at io n C om m an d s / 579 Keep Alive Commands This section contains the following: (tcp-acceleration) keepalive. AC C1 ( tc p. or both. on page 579 (tcp-acceleration) keepalive direction. on page 580 (tcp-acc) keepalive probes. on page 580 (tcp-acc) keepalive probes. Choose Enable to enable.a cc ) # keepalive direction both • • • • (tcp-acceleration) keepalive. on page 580 (tcp-acc) keepalive time.a cc ) k ee p al iv e d i re ct i on [b ot h |l an | wa n ] Configures the direction of the Keep alive messages. on page 579 (tcp-acc) keepalive interval. on page 580 (tcp-acceleration) keepalive Command Description Parameters Example with Syntax Related Commands A CC 1 (t c p.ac c )# k e ep a li ve enable • • • • (tcp-acceleration) keepalive direction. on page 580 (tcp-acceleration) keepalive direction Command Description Parameters Example with Syntax Related Commands AC C1 ( tc p. on page 579 (tcp-acc) keepalive interval. on page 579 (tcp-acc) keepalive interval. on page 580 (tcp-acc) keepalive probes. Disable to disable. WAN only. on page 580 . Choose either LAN only. on page 580 (tcp-acc) keepalive time. A CC 1 (t c p. on page 580 (tcp-acc) keepalive time.

580 A p pe n di x F: Command Line Interface (tcp-acc) keepalive interval Command Description Parameters Example with Syntax Related Commands A CC 1 (t cp . Choose a time in seconds (between 1 and 50000).1 00 00 > Configures the ammount of time to wait (in seconds) before sending the first keep alive probe.ac c) # keepalive interval 300 • • • • (tcp-acceleration) keepalive. on page 579 (tcp-acceleration) keepalive direction.5 00 00 > Configures the ammount of time to wait between sending keep alive messages. on page 579 (tcp-acc) keepalive interval. on page 580 (tcp-acc) keepalive time. on page 580 Ac ce ler at o rOS Ve rsi on 7.ac c ) ke e pa l iv e t im e < 1.ac c )# keepalive time 2000 • • • • (tcp-acceleration) keepalive. on page 580 (tcp-acc) keepalive probes Command Description Parameters Example with Syntax Related Commands A CC 1 (t cp . on page 580 (tcp-acc) keepalive time.ac c )# keepalive probes 10 • • • • (tcp-acceleration) keepalive. on page 580 (tcp-acc) keepalive time Command Description Parameters Example with Syntax Related Commands A CC 1 (t c p. on page 579 (tcp-acc) keepalive probes. Choose a time in seconds (between 1 and 10000). on page 580 (tcp-acc) keepalive probes.1 Us er Gu id e .0 .ac c) ke e pa li v e in t er v al < 1. on page 579 (tcp-acceleration) keepalive direction. A CC 1 (t c p. Choose a time in seconds (between 1 and 10000).ac c ) ke e pa li v e p ro be s < 1.1 00 00 > Configures the ammount of keep alive probes to send before initiating a time out. on page 579 (tcp-acc) keepalive interval. A CC 1 (t cp . on page 579 (tcp-acceleration) keepalive direction. A CC 1 (t cp .

on page 585 (ftp-acceleration) transparency exclude. on page 586 (ftp-acceleration) transparency excluded-servers. No additional parameters are necessary.Co n f ig u r at io n C om m an d s / 581 FTP Acceleration Commands This section includes the following commands: (web-acceleration) ftp-acceleration. AC C1 ( we b -a cc e le ra t io n )# ftp-acceleration • • • • • • • • • (ftp-acceleration) cache-size. on page 581 (ftp-acceleration) cache-size. on page 582 (ftp-acceleration) ftp-acceleration. on page 585 (ftp-acceleration) transparency exclude. on page 586 . on page 586 (ftp-acceleration) transparency excluded-servers. on page 585 (ftp-acceleration) localization. on page 586 (web-acceleration) ftp-acceleration Command Description Parameters Example with Syntax Related Commands AC C1 ( we b -a cc e le ra t io n )# ft p -a cc e le r at io n Enters the FTP acceleration node. on page 584 (ftp-acceleration) min cached-object-size. on page 582 (ftp-acceleration) cache-per-user. on page 584 (ftp-acceleration) transparency. on page 582 (ftp-acceleration) cache-per-user. on page 583 (ftp-acceleration) cache-per-user. on page 584 (ftp-acceleration) min cached-object-size. on page 584 (ftp-acceleration) transparency. on page 585 (ftp-acceleration) localization. on page 583 (ftp-acceleration) cache-per-user. on page 582 (ftp-acceleration) ftp-acceleration.

on page 585 (ftp-acceleration) transparency exclude. Enable to enable. on page 582 (ftp-acceleration) ftp-acceleration. Disable to disable AC C1 ( ft p -a cc e le ra t io n) # cache-per-user enable • • • • • • • • • • (web-acceleration) ftp-acceleration. Enter a valid content type as described above. All caches all link.a cc el e ra t io n) #ca ch e -c o nt en t a ll • • • • • • • • • • (web-acceleration) ftp-acceleration. on page 584 (ftp-acceleration) min cached-object-size. on page 582 (ftp-acceleration) ftp-acceleration. Internet caches all traffic on the non-link. on page 584 (ftp-acceleration) transparency. on page 586 (ftp-acceleration) cache-per-user Command Description Parameters Example with Syntax Related Commands AC C1 ( ft p -a cc e le ra t io n) # cache-per-user [enable | disable] Enables/disables the allocation of cache memory per a specific user. on page 582 (ftp-acceleration) cache-per-user. on page 586 (ftp-acceleration) transparency excluded-servers.a cc el e ra t io n) #ca ch e -c o nt en t [ e nt e rp ri s e | i nt e rn et | al l ] Sets the type of content to be cached: Enterprise caches all traffic from links and virtual links. on page 585 (ftp-acceleration) transparency exclude. on page 585 (ftp-acceleration) localization. on page 583 (ftp-acceleration) cache-per-user.1 Us er Gu id e . on page 582 (ftp-acceleration) cache-per-user. on page 584 (ftp-acceleration) transparency. Parameters Example with Syntax Related Commands A C C1 ( ft p. on page 583 (ftp-acceleration) cache-per-user.582 A p pe n di x F: Command Line Interface (ftp-acceleration) cache-content Command Description A C C1 ( ft p. virtual link and non-link traffic.0 . on page 584 (ftp-acceleration) min cached-object-size. on page 586 Ac ce ler at o rOS Ve rsi on 7. on page 581 (ftp-acceleration) cache-size. on page 585 (ftp-acceleration) localization. on page 581 (ftp-acceleration) cache-size. on page 586 (ftp-acceleration) transparency excluded-servers.

on page 584 (ftp-acceleration) min cached-object-size.Co n f ig u r at io n C om m an d s / 583 (ftp-acceleration) cache-size Command Description Parameters Example with Syntax Related Commands A CC 1( f tp -a c ce l er at i on )# c ac h e. on page 585 (ftp-acceleration) transparency exclude. between 1 and 600) for a client to remain connected with no traffic being cached. on page 586 (ftp-acceleration) connect-timeout Command Description Parameters Example with Syntax Related Commands AC C 1( f tp -a c ce le r at i on )# c on ne c t. on page 585 (ftp-acceleration) transparency exclude. on page 584 (ftp-acceleration) transparency. Default is 60 seconds. on page 582 (ftp-acceleration) cache-per-user. on page 583 (ftp-acceleration) cache-per-user. on page 584 (ftp-acceleration) min cached-object-size.t im eo u t 60 • • • • • • • • • (web-acceleration) ftp-acceleration.si z e [ n um b er i n M B] Sets the size of the cache (between 1 and 60 GB). on page 582 (ftp-acceleration) ftp-acceleration. on page 581 (ftp-acceleration) cache-per-user. on page 586 . on page 586 (ftp-acceleration) transparency excluded-servers. Approximately 360 KB + 8 MB of RAM is needed for each 1 GB of data cached Enter a valid size as described above. on page 585 (ftp-acceleration) localization. on page 585 (ftp-acceleration) localization. on page 581 (ftp-acceleration) cache-size. on page 584 (ftp-acceleration) transparency. Default is 50 GB. AC C 1( f tp -a c ce le r at i on )# c on ne c t. A CC 1( f tp -a c ce l er at i on )# cache-size 50 • • • • • • • • • (web-acceleration) ftp-acceleration. Enter a valid time as described above.t im eo u t [n u mb e r] Sets the amount of time (in seconds. on page 582 (ftp-acceleration) ftp-acceleration. on page 586 (ftp-acceleration) transparency excluded-servers.

0 . on page 581 (ftp-acceleration) cache-size. on page 586 (ftp-acceleration) localization Command Description Parameters Example with Syntax Related Commands AC C1 ( ft p -a cc e le ra t io n )# lo c al iz a ti o n [e n ab le | di s ab l e] Lets you enable or disable the option to view files in languages that require Unicode characters. on page 585 (ftp-acceleration) transparency exclude. Disable to disable. Disable to disable.ac ce l er a ti on d is ab l e • • • • • • • • • (web-acceleration) ftp-acceleration. on page 582 (ftp-acceleration) min cached-object-size. such as Chinese.ac ce l er at i on ) #f tp . on page 586 (ftp-acceleration) transparency excluded-servers. on page 583 (ftp-acceleration) cache-per-user. on page 585 (ftp-acceleration) transparency exclude. on page 582 (ftp-acceleration) ftp-acceleration.1 Us er Gu id e . Enable to enable. on page 585 (ftp-acceleration) transparency. on page 581 (ftp-acceleration) cache-size.584 A p pe n di x F: Command Line Interface (ftp-acceleration) ftp-acceleration Command Description Parameters Example with Syntax Related Commands A CC 1( f tp . on page 583 (ftp-acceleration) cache-per-user.ac ce l er at i on ) #f tp . AC C1 ( ft p -a cc e le ra t io n ) #localization enable • • • • • • • • • (web-acceleration) ftp-acceleration. A CC 1( f tp . on page 584 (ftp-acceleration) transparency. on page 584 (ftp-acceleration) min cached-object-size. on page 585 (ftp-acceleration) localization. on page 586 Ac ce ler at o rOS Ve rsi on 7.ac ce l er a ti on [ en ab l e | d is a bl e] Enables/disables FTP Acceleration. Enable to enable. on page 582 (ftp-acceleration) cache-per-user. By default FTP Acceleration is disabled. on page 586 (ftp-acceleration) transparency excluded-servers. on page 582 (ftp-acceleration) cache-per-user.

The following statuses are possible: • Semi . on page 582 (ftp-acceleration) cache-per-user.a cc el e ra t io n) # mi n c ac h ed -o b je ct s i ze [n um b er i n K B ] Lets you configure a minimal value for the objects stored in the cache. thereby preventing the detection of the proxy server’s IP address by sniffing). Full.applying transparency on both the Client and the server sides. on page 583 (ftp-acceleration) cache-per-user. A C C1 ( ft p. Enter a number in KB that is smaller than the Max value.setting the transparency status automatically according to deployment. on page 584 (ftp-acceleration) min cached-object-size. namely: Semi in On-LAN deployment and Full in On-Path deployment.Co n f ig u r at io n C om m an d s / 585 (ftp-acceleration) min cached-object-size Command Description Parameters Example with Syntax Related Commands A C C1 ( ft p. on page 581 (ftp-acceleration) cache-size. on page 581 (ftp-acceleration) cache-size. Semi. on page 585 (ftp-acceleration) transparency exclude. • Full .applying transparency only on the Client side. • Auto . on page 584 (ftp-acceleration) transparency exclude. on page 584 (ftp-acceleration) localization. on page 582 (ftp-acceleration) cache-per-user. or Auto as explained above. on page 584 (ftp-acceleration) transparency. You can configure the interception proxy as transparent. on page 582 (ftp-acceleration) ftp-acceleration. on page 582 (ftp-acceleration) ftp-acceleration. on page 586 (ftp-acceleration) transparency excluded-servers. on page 585 (ftp-acceleration) localization. on page 586 (ftp-acceleration) transparency excluded-servers. Parameters Example with Syntax Related Commands AC C 1( f tp -a c ce le r at i on )# transparency full • • • • • • • • • (web-acceleration) ftp-acceleration. on page 583 (ftp-acceleration) cache-per-user.a cc el e ra t io n) # mi n c ac h ed -o b je ct s i ze 60 • • • • • • • • • (web-acceleration) ftp-acceleration. on page 586 (ftp-acceleration) transparency Command Description AC C 1( f tp -a c ce le r at i on )# t ra ns p ar e nc y [ au to | se m i | f ul l ] This command configures the status of the interception proxy. on page 586 .

Parameters Example with Syntax Related Commands AC C1 ( ft p. on page 581 (ftp-acceleration) cache-size.0 . on page 582 (ftp-acceleration) ftp-acceleration.source traffic direction • Destination . as defined by the following parameters: • Source .destination traffic direction • WORD .server name • IP . on page 582 (ftp-acceleration) cache-per-user.586 A p pe n di x F: Command Line Interface (ftp-acceleration) transparency exclude Command Description AC C1 ( ft p.server IP or subnet Enter a valid parameter as described above.s er v er s [ cl ea r ] Removes all servers from the list of excluded servers.a cc e le ra t io n) # tr a ns pa r en cy ex c lu de [s ou r ce | de s ti na t io n | W O RD | ip ] Excludes servers from caching. but only traffic that passes after the command entered into effect. on page 586 Ac ce ler at o rOS Ve rsi on 7. on page 586 (ftp-acceleration) transparency excludedservers Command Description AC C1 ( ft p.a cc e le ra t io n) # tr a ns pa r en cy ex c lu de source • • • • • • • • • (web-acceleration) ftp-acceleration. on page 584 (ftp-acceleration) transparency. on page 582 (ftp-acceleration) cache-per-user. on page 585 (ftp-acceleration) transparency exclude. This command does not affect traffic that traversed these servers when they were excluded. on page 584 (ftp-acceleration) min cached-object-size.a cc e le ra t io n) # tr a ns pa r en cy ex cl u de d.1 Us er Gu id e . on page 583 (ftp-acceleration) cache-per-user. on page 583 (ftp-acceleration) cache-per-user. on page 582 (ftp-acceleration) ftp-acceleration. on page 584 (ftp-acceleration) min cached-object-size. No additional parameters are necessary Parameters Example with Syntax Related Commands AC C1 ( ft p. on page 585 (ftp-acceleration) localization. on page 585 (ftp-acceleration) localization.a cc e le ra t io n) # tr a ns pa r en cy ex cl u de d. on page 581 (ftp-acceleration) cache-size.s er v er s clear • • • • • • • • • (web-acceleration) ftp-acceleration. on page 585 (ftp-acceleration) transparency excluded-servers. on page 584 (ftp-acceleration) transparency.

0 A CC 1 (S UB N ET S) # ex i t .0 . 0 .0 .0 .0 . 6 A CC 1 (c on f ig -o s pf ) # au t he nt i ca t io n. 0 /8 A CC 1 # co n fi gu r e t er mi n al A CC 1 (c on f ig )# su b ne ts A CC 1 (S UB N ET S) # ne t wo rk 30 .2 5 5. 0 25 5 .m od e e na b le A CC 1 (c on f ig -o s pf ) # au t he nt i ca t io n.0 . 0 2 55 . 0.0 A CC 1 (S UB N ET S) # no t -a dv e rt is e 3 0 . 0 . 25 5. 0.Co n f ig u r at io n C om m an d s / 587 Studying a Subnet Configuration Network The sample Subnet Configuration is as follows: A CC 1 # co n fi gu r e t er mi n al A CC 1 (c on f ig )# ro u te r o sp f A CC 1 (c on f ig -o s pf ) #a re a 2 0.0 . 0. 0.k ey a c ce l er at o r A CC 1 (c on f ig -o s pf ) # ne i gh bo r 3 0 . 0/ 8 A CC 1 # co n fi gu r e t er mi n al A CC 1 (c on f ig )# ro u te r r ip A CC 1 (c on f ig -r i p) # a ut h en ti c at i on -m o de m d 5 A CC 1 (c on f ig -r i p) # a ut h en ti c at i on -k e y ac c el e ra to r A CC 1 (c on f ig -r i p) # n ei g hb or 30 .

on page 592 (config) monitored-application Command Description Parameters Example with Syntax Related Commands ACC1(config)# m o ni t or ed . on page 592 Ac ce ler at o rOS Ve rsi on 7. on page 591 (config) [application name] statistics-history. on page 588 (config) show application. on page 591 (config) [application name] statistics-history. on page 589 (config) show interface link. on page 590 (config) show traffic-discovery.1 Us er Gu id e . on page 589 (config) show interface link. Enter the application name and link number ACC1(config)# m o ni t or ed . on page 589 (config) show discovered. on page 590 (statistic) discover.0 . on page 591 (config) clear counters link. on page 589 (config) show discovered. on page 590 (config) show traffic-discovery.ap pl i ca t io n [ application name] no r ma l [ link number | Total] Sets a specified application to be monitored over a certain link or over all links.ap pl i ca t io n [ application name] no r ma l [ link number | Total] • • • • • • • (config) show application. on page 590 (statistic) discover. on page 591 (config) clear counters link.588 A p pe n di x F: Command Line Interface Ethernet Statistics Display Commands The following commands are available: (config) monitored-application.

on page 588 (config) show discovered. on page 590 (config) show traffic-discovery. No additional parameters required. on page 591 (config) [application name] statistics-history.se r ve r Displays list of discovered HTTP or Citrix traffic traversing the network.Co n f ig u r at io n C om m an d s / 589 (config) show application Command Description Parameters Example with Syntax Related Commands ACC1(config)# sh o w ap p li ca t io n Displays statistics for all applications. on page 592 . on page 591 (config) clear counters link. on page 588 (config) show application. on page 591 (config) clear counters link. on page 589 (config) show interface link. on page 590 (statistic) discover. on page 590 (statistic) discover. • Http: for HTTP traffic • Citrix for Citrix • MS-Terminal-Server for RDP Example with Syntax Related Commands ACC1(config)# sh o w di s co v er ed http • • • • • • • (config) monitored-application. on page 590 (config) show traffic-discovery. on page 589 (config) show interface link. on page 592 (config) show discovered Command Description Parameters ACC1(config)# sh o w di s co v er ed ht tp | c it ri x |m s -t er m in al . on page 591 (config) [application name] statistics-history. ACC1(config)# sh o w ap p li ca t io n • • • • • • • (config) monitored-application.

Enter all for all applications or a specific application name.0 . on page 589 (config) show discovered. on page 590 (statistic) discover. on page 588 (config) show application. on page 591 (config) [application name] statistics-history. on page 591 (config) [application name] statistics-history.590 A p pe n di x F: Command Line Interface (config) show interface link Command Description Parameters Example with Syntax Related Commands A CC 1 # ( co nf i g) s h ow in te r fa ce li n k Displays Throughput and Performance statistics for all links since up time.1 Us er Gu id e . on page 592 (config) show traffic-discovery Command Description Parameters Example with Syntax Related Commands ACC1(config)# s h ow tr af f ic -d i sc o ve ry [a ll | application name] Displays all applications traversing the network. on page 589 (config) show traffic-discovery. on page 589 (config) show discovered. on page 592 Ac ce ler at o rOS Ve rsi on 7. on page 590 (statistic) discover. on page 588 (config) show application. ACC1(config)# s h ow tr af f ic -d i sc o ve ry all • • • • • • • (config) monitored-application. on page 591 (config) clear counters link. since last cleared and for the last 5 seconds. on page 589 (config) show interface link. No additional parameters are necessary ACC1# ( co n fi g) sh o w in t er fa c e l in k • • • • • • • (config) monitored-application. on page 591 (config) clear counters link.

• Application Name: choose an application from the list • Enable to enable. Enter the name of the link. on page 589 (config) show interface link. on page 589 (config) show discovered. on page 588 (config) show application. on page 590 (config) clear counters link. • Disable to disable Example with Syntax Related Commands ACC1(config)#application src st a ti st i cs h is t or y enable • • • • • • (config) monitored-application. on page 591 (config) clear counters link. on page 589 (config) show interface link. on page 588 (config) show application. on page 590 (config) show traffic-discovery. on page 590 (config) [application name] statistics-history. on page 592 . on page 590 (config) show traffic-discovery. on page 589 (config) show discovered. A CC 1( st at is tic )# discover http enable • • • • • • • (config) monitored-application. on page 592 (config) [application name] statistics-history Command Description Parameters ACC1(c on f ig )# [ ap pl i ca t io n n am e] s ta t is ti c sh is t or y [ en a bl e/ d is ab l e] Enables gathering statistics for a particular application.Co n f ig u r at io n C om m an d s / 591 (statistic) discover Command Description Parameters Example with Syntax Related Commands ACC1(statistic)# d is co v er [ h tt p | c i tr ix ] [ en a bl e | d i sa bl e ] Enables traffic discovery of HTTP or Citrix traffic traversing the network.

clears counters for all links • Link ID .592 A p pe n di x F: Command Line Interface (config) clear counters link Command Description Parameters ACC1# (config) c le ar co u nt er s l in k [ a ll |l i nk I D| n on . or the non-link.li nk ] Clears link counters for a specific link as identified by its link ID.1 Us er Gu id e . on page 590 (config) show traffic-discovery. all of the links. on page 591 Ac ce ler at o rOS Ve rsi on 7. • All .clears counters for the non-link Example with Syntax Related Commands ACC1# c le a r co u nt er s l i nk all • • • • • • (config) monitored-application.clears counters for a specific link as identified by its link ID • non-link .0 . on page 590 (config) [application name] statistics-history. on page 589 (config) show discovered. on page 588 (config) show application. on page 589 (config) show interface link.

. 3.100. on page 593 Related Commands Setting the Max Queue Length To set the Max Queue length: 1. x.10.5 po r t 80 v er s io n [ 5] in t er f ac e e th er n et 0 te m pl at e full Setting the Max Queue Length. ACC1(LINK)#priority max-qlen discard 1000 low 1000 medium 1000 high 1000 real-time 1000 pass-through 1000. enter the interface ethernet to be monitored (the LAN interface Ethernet). 0 /1 ] t e mp la t e [f u ll . In addition.Co n f ig u r at io n C om m an d s / 593 NetFlow Commands netflow Command ACC1# ne tf l ow ACC1(netflow)# i p f l ow -e x po rt [x . as well as the NetFlow version number. 0 /0 . x. l on g . The default greedy-threshold size is 1. on page 357 Enable to enable. For more information on NetFlow statistics collected. x ] po r t [1 to 6 5 53 5] ve r si on [5 ]i n te rf a ce et he r ne t [0 . in interface link configuration mode. Disable to disable Parameters Example with Syntax ACC1# ne tf l ow ACC1(netflow)# i p f l ow -e x po rt 100. sh o rt ] Description Sets the Accelerator to forward all statistic information to the NetFlow server for monitoring and analysis. Follow each parameter by the size of the queue desired. In the Accelerator’s CLI. type priority max-qlen discard [number] low [number] medium [number] high [number] realtime [number] pass-through [number] 2. on page 323. Enter the IP address and port number of the NetFlow collector. see NetFlow Monitored Statistics.

on page 613 Ac ce ler at o rOS Ve rsi on 7. on page 608 (rule) set policy rate burst enable. on page 603 (decision) set tunnel. on page 601 (decision) match application. on page 604 (rule) match.594 A p pe n di x F: Command Line Interface QoS Commands The following lists the commands necessary to perform QoS configuration as described above via the CLI. on page 595 (config) application l-7 name http. on page 607 (rule) set policy priority. on page 609 (rule) set policy rate desired number. on page 600 (config) wan. on page 610 (rule) set policy rate limit number. The following configurations are available: (config) application name. on page 611 (WAN) strict-priority. on page 596 (config) decision. on page 598 (config) policy-rule link number. on page 602 (decision) set accelerate.1 Us er Gu id e . on page 612 (WAN) burst. on page 597 (config) policy-rule global. on page 599 (config) show application.0 . on page 605 (rule) set policy pass-through.

on page 601 (decision) match application. on page 596 (config) decision. on page 610 (rule) set policy rate limit number. on page 597 (config) policy-rule global. on page 613 Related Commands . on page 604 (rule) match. a valid UDP port number and range and a valid over-IP port number and range. on page 607 (rule) set policy priority. on page 602 (decision) set accelerate. on page 608 (rule) set policy rate burst enable. on page 611 (WAN) strict-priority. on page 605 (rule) set policy pass-through. on page 609 (rule) set policy rate desired number. Enter a valid TCP port number. on page 612 (WAN) burst. on page 598 (config) policy-rule link number.Co n f ig u r at io n C om m an d s / 595 (config) application name Command ACC1(config)#a pp l ic a ti on name t c p [p o rt nu mb e r] u d p [p o rt nu mb e r/ ra n ge ] o v er -i p [ p or t/ r an ge ] Description Parameters Example with Syntax Defines a new application and application criteria. on page 599 (config) show application. on page 600 (config) wan. ACC1(config)#a pp l ic a ti on name t c p 80 u d p 60 o v er -i p 55 • • • • • • • • • • • • • • • • • (config) application l-7 name http. on page 603 (decision) set tunnel.

on page 599 (config) show application. on page 598 (config) policy-rule link number. on page 597 (config) policy-rule global.1 Us er Gu id e . on page 605 (rule) set policy pass-through.7 name h t tp h os t -n am e [x.x.x or name] u rl .x or name] u rl . on page 613 Related Commands Ac ce ler at o rOS Ve rsi on 7. on page 609 (rule) set policy rate desired number.7 name h t tp h os t -n am e [x. Enable to enable. on page 604 (rule) match.na me [name] m im e -t yp e [name] u se r -n am e [name] Define a new web application and criteria on the basis of the specified parameters. on page 601 (decision) match application. Disable to disable Description Parameters Example with Syntax ACC1(config)#a pp li c at i on l . on page 607 (rule) set policy priority.x.na me [name] m im e -t yp e [name] u se r -n am e [name] • • • • • • • • • • • • • • • • • (config) application name.x. on page 612 (WAN) burst. on page 600 (config) wan. on page 608 (rule) set policy rate burst enable.x. on page 611 (WAN) strict-priority.0 .596 A p pe n di x F: Command Line Interface (config) application l-7 name http Command ACC1(config)#a pp li c at i on l . on page 603 (decision) set tunnel. on page 595 (config) decision. on page 602 (decision) set accelerate. on page 610 (rule) set policy rate limit number.

on page 598 (config) policy-rule link number. on page 604 (rule) match. on page 611 (WAN) strict-priority. on page 613 .Co n f ig u r at io n C om m an d s / 597 (config) decision Command Description Parameters Example with Syntax Related Commands ACC1(config)#d ec i si on Enters the Decision node No additional Parameters ACC1(config)#d ec i si on • • • • • • • • • • • • • • • • • (config) application name. on page 596 (config) policy-rule global. on page 607 (rule) set policy priority. on page 609 (rule) set policy rate desired number. on page 600 (config) wan. on page 602 (decision) set accelerate. on page 603 (decision) set tunnel. on page 605 (rule) set policy pass-through. on page 610 (rule) set policy rate limit number. on page 608 (rule) set policy rate burst enable. on page 601 (decision) match application. on page 595 (config) application l-7 name http. on page 612 (WAN) burst. on page 599 (config) show application.

on page 605 (rule) set policy pass-through. on page 601 (decision) match application.1 Us er Gu id e .ru l e gl o ba l inbound • • • • • • • • • • • • • • • • • (config) application name. on page 603 (decision) set tunnel. on page 600 (config) wan. on page 595 (config) application l-7 name http. Inbound for inbound. on page 607 (rule) set policy priority.0 . on page 596 (config) decision. on page 608 (rule) set policy rate burst enable. on page 610 (rule) set policy rate limit number. on page 611 (WAN) strict-priority. on page 604 (rule) match. on page 597 (config) policy-rule link number. on page 612 (WAN) burst. on page 609 (rule) set policy rate desired number.598 A p pe n di x F: Command Line Interface (config) policy-rule global Command Description Parameters Example with Syntax Related Commands ACC1(config)#p o li cy . on page 599 (config) show application. on page 613 Ac ce ler at o rOS Ve rsi on 7.ru l e gl o ba l o ut b ou nd / in bo u nd Defines a new rule for globally handling an application. on page 602 (decision) set accelerate. outbound for outbound ACC1(config)#p o li cy .

on page 607 (rule) set policy priority. on page 596 (config) decision. on page 613 . on page 595 (config) application l-7 name http.Co n f ig u r at io n C om m an d s / 599 (config) policy-rule link number Command Description Parameters Example with Syntax Related Commands ACC1(config)#po li c y. on page 610 (rule) set policy rate limit number. on page 609 (rule) set policy rate desired number. on page 603 (decision) set tunnel. on page 600 (config) wan.r ul e l in k number ou tb o un d / in b ou n d Defines a new rule for a specific link. on page 602 (decision) set accelerate. outbound for outbound ACC1(config)#po li c y. on page 601 (decision) match application. Inbound for inbound. on page 612 (WAN) burst. on page 611 (WAN) strict-priority. on page 605 (rule) set policy pass-through. on page 604 (rule) match.r ul e l in k number outbound • • • • • • • • • • • • • • • • • (config) application name. on page 608 (rule) set policy rate burst enable. on page 598 (config) show application. on page 597 (config) policy-rule global.

0 . on page 610 (rule) set policy rate limit number. on page 596 (config) decision. on page 601 (decision) match application. on page 595 (config) application l-7 name http. on page 597 (config) policy-rule global. on page 604 (rule) match. No additional parameters needed. on page 611 (WAN) strict-priority. on page 599 (config) wan. on page 608 (rule) set policy rate burst enable. on page 602 (decision) set accelerate. on page 603 (decision) set tunnel. on page 605 (rule) set policy pass-through. ACC1(config)#sh o w a pp li c at io n • • • • • • • • • • • • • • • • • (config) application name.1 Us er Gu id e . on page 613 Ac ce ler at o rOS Ve rsi on 7. on page 607 (rule) set policy priority. on page 598 (config) policy-rule link number.600 A p pe n di x F: Command Line Interface (config) show application Command Description Parameters Example with Syntax Related Commands ACC1(config)#sh o w a pp li c at io n Displays all detected applications. on page 609 (rule) set policy rate desired number. on page 612 (WAN) burst.

on page 605 (rule) set policy pass-through. on page 608 (rule) set policy rate burst enable. on page 611 (WAN) strict-priority. on page 597 (config) policy-rule global. on page 602 (decision) set accelerate.Co n f ig u r at io n C om m an d s / 601 (config) wan Command Description Parameters Example with Syntax Related Commands ACC1(config)#w a n [name] /[default] Enters the WAN node WAN name. on page 612 (WAN) burst. on page 596 (config) decision. on page 604 (rule) match. on page 595 (config) application l-7 name http. on page 607 (rule) set policy priority. on page 599 (config) show application. on page 598 (config) policy-rule link number. on page 610 (rule) set policy rate limit number. on page 600 (decision) match application. on page 613 . on page 603 (decision) set tunnel. ACC1(config)#w a n • • • • • • • • • • • • • • • • • (config) application name. on page 609 (rule) set policy rate desired number.

602 A p pe n di x F: Command Line Interface (decision) match application Command Description Parameters Example with Syntax Related Commands ACC1(decision)#m a tc h a pp li c at i on [name] Creates an application matcher A valid application name ACC1(decision)#m a tc h a pp li c at i on [name] • • • • • • • • • • • • • • • • • (config) application name. on page 599 (config) show application. on page 613 Ac ce ler at o rOS Ve rsi on 7. on page 596 (config) decision. on page 612 (WAN) burst. on page 604 (rule) match. on page 603 (decision) set tunnel.0 . on page 600 (config) wan. on page 605 (rule) set policy pass-through. on page 609 (rule) set policy rate desired number. on page 598 (config) policy-rule link number. on page 597 (config) policy-rule global. on page 610 (rule) set policy rate limit number. on page 607 (rule) set policy priority.1 Us er Gu id e . on page 608 (rule) set policy rate burst enable. on page 601 (decision) set accelerate. on page 611 (WAN) strict-priority. on page 595 (config) application l-7 name http.

on page 604 (rule) match. on page 601 (decision) match application. on page 605 (rule) set policy pass-through. on page 610 (rule) set policy rate limit number. on page 599 (config) show application. on page 602 (decision) set tunnel. on page 598 (config) policy-rule link number. on page 607 (rule) set policy priority. on page 611 (WAN) strict-priority. on page 595 (config) application l-7 name http. on page 613 . Enable to enable. on page 608 (rule) set policy rate burst enable. on page 596 (config) decision. Disable to disable ACC1(decision)#m at c h ap p li ca t io n [name] • • • • • • • • • • • • • • • • • (config) application name. on page 597 (config) policy-rule global. on page 600 (config) wan. on page 612 (WAN) burst.Co n f ig u r at io n C om m an d s / 603 (decision) set accelerate Command Description Parameters Example with Syntax Related Commands ACC1(decision)#s et ac ce l er at e d i sa bl e /en ab l e Sets a specific application to accelerate or do not accelerate. on page 609 (rule) set policy rate desired number.

on page 597 (config) policy-rule global. on page 611 (WAN) strict-priority. on page 601 (decision) match application. on page 605 (rule) set policy pass-through. on page 608 (rule) set policy rate burst enable.0 .1 Us er Gu id e . on page 599 (config) show application.604 A p pe n di x F: Command Line Interface (decision) set tunnel Command Description Parameters Example with Syntax Related Commands ACC1(decision)#se t t u nn el di sa b le /en a bl e Sets a specific application to tunnel or do not tunnel. on page 607 (rule) set policy priority. Disable to disable ACC1(decision)#se t t u nn el enable • • • • • • • • • • • • • • • • • (config) application name. on page 610 (rule) set policy rate limit number. on page 613 Ac ce ler at o rOS Ve rsi on 7. on page 609 (rule) set policy rate desired number. on page 596 (config) decision. Enable to enable. on page 600 (config) wan. on page 612 (WAN) burst. on page 603 (rule) match. on page 595 (config) application l-7 name http. on page 598 (config) policy-rule link number. on page 602 (decision) set accelerate.

on page 603 (decision) set tunnel. on page 601 (decision) match application.7 name] i p [a n y.Co n f ig u r at io n C om m an d s / 605 (rule) match Command ACC1(rule)#ma t ch a pp li c at io n [ name o r l . on page 602 (decision) set accelerate. d e st in a ti o n] x . s o ur c e. on page 600 (config) wan. x. on page 609 (rule) set policy rate desired number. on page 597 (config) policy-rule global. on page 599 (config) show application. tos bits and/or application name. d e st in a ti o n] x . on page 613 . on page 596 (config) decision. on page 598 (config) policy-rule link number. on page 608 (rule) set policy rate burst enable. Enter the application name and a valid IP address ACC1(rule)#ma t ch a pp li c at io n [ name o r l .7 name] i p [a n y. on page 595 (config) application l-7 name http. s o ur c e. on page 611 (WAN) strict-priority. on page 612 (WAN) burst. x. x t o s b it s Related Commands • • • • • • • • • • • • • • • • • (config) application name. x. x. on page 607 (rule) set policy priority. x t o s b it s Description Parameters Example with Syntax Defines the filter for what type of traffic is handled by this rule per IP. on page 610 (rule) set policy rate limit number. on page 604 (rule) set policy pass-through.

on page 602 (decision) set accelerate. on page 598 (config) policy-rule link number. on page 595 (config) application l-7 name http. on page 599 (config) show application. on page 604 (rule) match. on page 605 (rule) set policy pass-through. on page 600 (config) wan.606 A p pe n di x F: Command Line Interface (rule) set policy order Command Description Parameters Example with Syntax Related Commands ACC1(rule)#s e t po l ic y o rd e r [ 1 00 to 6 5 53 4] Defines the importance of the rule.1 Us er Gu id e . on page 607 (rule) set policy priority. Enter a valid policy order ACC1(rule)#s e t po l ic y o rd e r 1000 • • • • • • • • • • • • • • • • • • (config) application name. on page 596 (config) decision. on page 612 (WAN) burst. on page 597 (config) policy-rule global. on page 608 (rule) set policy rate burst enable. on page 601 (decision) match application. on page 610 (rule) set policy rate limit number. on page 609 (rule) set policy rate desired number. on page 611 (WAN) strict-priority. on page 613 Ac ce ler at o rOS Ve rsi on 7.0 . on page 603 (decision) set tunnel.

on page 599 (config) show application. on page 602 (decision) set accelerate. on page 613 . on page 612 (WAN) burst. on page 609 (rule) set policy rate desired number. on page 600 (config) wan.t hr ou g h Sets the traffic type to override the entire QoS mechanism and pass through critical/ Diagnostic traffic Enter a valid policy priority. on page 608 (rule) set policy rate burst enable. on page 595 (config) application l-7 name http. on page 598 (config) policy-rule link number. on page 604 (rule) match. on page 605 (rule) set policy priority. on page 610 (rule) set policy rate limit number. on page 596 (config) decision. on page 597 (config) policy-rule global. on page 601 (decision) match application. on page 603 (decision) set tunnel. ACC1(rule)#s et po li c y p as s. on page 611 (WAN) strict-priority.Co n f ig u r at io n C om m an d s / 607 (rule) set policy pass-through Command Description Parameters Example with Syntax Related Commands A C C1 (r u le )# s et po li c y pa s s.t hr ou g h • • • • • • • • • • • • • • • • • (config) application name.

on page 600 (config) wan. on page 611 (WAN) strict-priority.608 A p pe n di x F: Command Line Interface (rule) set policy priority Command ACC1(rule)#s e t po l ic y p ri o ri ty h i gh low m e di u m r e al . on page 595 (config) application l-7 name http. on page 603 (decision) set tunnel. Enter a valid policy priority. on page 601 (decision) match application. on page 607 (rule) set policy rate burst enable. on page 612 (WAN) burst. on page 605 (rule) set policy pass-through. on page 613 Related Commands Ac ce ler at o rOS Ve rsi on 7.ti me • • • • • • • • • • • • • • • • • (config) application name. on page 597 (config) policy-rule global. on page 599 (config) show application. on page 602 (decision) set accelerate. on page 598 (config) policy-rule link number. on page 610 (rule) set policy rate limit number.ti me Description Parameters Example with Syntax Defines the Priority for the application. on page 609 (rule) set policy rate desired number.1 Us er Gu id e .0 . ACC1(rule)#s e t po l ic y p ri o ri ty h i gh low m e di u m r e al . on page 604 (rule) match. on page 596 (config) decision.

on page 610 (rule) set policy rate limit number. on page 603 (decision) set tunnel. on page 597 (config) policy-rule global. on page 598 (config) policy-rule link number. on page 600 (config) wan. on page 595 (config) application l-7 name http. on page 613 . on page 611 (WAN) strict-priority. on page 605 (rule) set policy pass-through. on page 599 (config) show application. on page 612 (WAN) burst. on page 604 (rule) match. on page 607 (rule) set policy priority. on page 601 (decision) match application. on page 602 (decision) set accelerate. on page 596 (config) decision. on page 608 (rule) set policy rate desired number.Co n f ig u r at io n C om m an d s / 609 (rule) set policy rate burst enable Command Description Parameters Example with Syntax Related Commands A C C1 (r u le )# s et p oli cy r at e bu rs t en ab le Sets the traffic defined for this rule to be allowed to send bursts No additional parameters required A C C1 (r u le )# s et p oli cy r at e bu rs t en ab le • • • • • • • • • • • • • • • • • (config) application name.

on page 612 (WAN) burst. on page 608 (rule) set policy rate burst enable. on page 609 (rule) set policy rate limit number. Enter a valid policy rate ACC1(rule)#s et p ol i cy ra t e d es i re d number 10000 • • • • • • • • • • • • • • • • • (config) application name. on page 607 (rule) set policy priority. on page 613 Ac ce ler at o rOS Ve rsi on 7. on page 605 (rule) set policy pass-through.0 . on page 603 (decision) set tunnel.610 A p pe n di x F: Command Line Interface (rule) set policy rate desired number Command Description Parameters Example with Syntax Related Commands ACC1(rule)#s et p ol i cy ra t e d es i re d number ( 1 t o 1 0 00 00 0 ) Sets a minimum bandwidth for the application. on page 611 (WAN) strict-priority. on page 595 (config) application l-7 name http. on page 604 (rule) match. on page 602 (decision) set accelerate. on page 598 (config) policy-rule link number.1 Us er Gu id e . on page 596 (config) decision. on page 597 (config) policy-rule global. on page 599 (config) show application. on page 601 (decision) match application. on page 600 (config) wan.

on page 607 (rule) set policy priority. on page 596 (config) decision. on page 603 (decision) set tunnel. on page 595 (config) application l-7 name http. on page 608 (rule) set policy rate burst enable. on page 604 (rule) match. on page 599 (config) show application.Co n f ig u r at io n C om m an d s / 611 (rule) set policy rate limit number Command Description Parameters Example with Syntax Related Commands ACC1(rule)#se t p ol i cy r a te li mi t number (1 to 10 0 00 0 0) Sets a maximum bandwidth for the application. on page 609 (rule) set policy rate desired number. on page 613 . on page 601 (decision) match application. Enter a valid policy rate larger than the minimum ACC1(rule)#se t p ol i cy r a te li mi t number 100000 • • • • • • • • • • • • • • • • • (config) application name. on page 605 (rule) set policy pass-through. on page 602 (decision) set accelerate. on page 612 (WAN) burst. on page 610 (WAN) strict-priority. on page 597 (config) policy-rule global. on page 600 (config) wan. on page 598 (config) policy-rule link number.

1 Us er Gu id e . on page 595 (config) application l-7 name http. on page 597 (config) policy-rule global. on page 598 (config) policy-rule link number.612 A p pe n di x F: Command Line Interface (WAN) strict-priority Command Description Parameters AC C 1( WA N )# st r ic t -p ri o ri ty [e n ab le | di sa b le ] [i n bo un d |o ut b ou n d| bo t h] Sets strict-priority for inbound and/or outbound traffic. on page 613 Ac ce ler at o rOS Ve rsi on 7. on page 608 (rule) set policy rate burst enable. on page 605 (rule) set policy pass-through. on page 602 (decision) set accelerate. on page 596 (config) decision. on page 599 (config) show application. on page 609 (rule) set policy rate desired number.0 . on page 604 (rule) match. on page 610 (rule) set policy rate limit number. on page 600 (config) wan. on page 611 (WAN) burst. • Inbound for inbound • Outbound for outbound • Both for both Example with Syntax Related Commands AC C 1( WA N )# st r ic t -p ri o ri ty enable both • • • • • • • • • • • • • • • • • (config) application name. on page 607 (rule) set policy priority. on page 603 (decision) set tunnel. on page 601 (decision) match application.

on page 610 (rule) set policy rate limit number. on page 598 (config) policy-rule link number. on page 608 (rule) set policy rate burst enable. on page 599 (config) show application. on page 600 (config) wan. on page 612 . on page 607 (rule) set policy priority. on page 604 (rule) match.Co n f ig u r at io n C om m an d s / 613 (WAN) burst Command Description Parameters Example with Syntax Related Commands ACC1(WAN)#b u rs t [ nu mb e r] Enables bursts on the WAN up to the set bandwidth (1 to 1000000). Enter the bandwidth ACC1(WAN)#b u rs t [ nu mb e r] • • • • • • • • • • • • • • • • • (config) application name. on page 595 (config) application l-7 name http. on page 609 (rule) set policy rate desired number. on page 603 (decision) set tunnel. on page 611 (WAN) strict-priority. on page 596 (config) decision. on page 597 (config) policy-rule global. on page 602 (decision) set accelerate. on page 601 (decision) match application. on page 605 (rule) set policy pass-through.

on page 614 (RAID) add-disk. on page 614 (RAID) exit. HDD01 for example A cc 2 3. see About RAID.614 A p pe n di x F: Command Line Interface RAID Commands For general information on RAID. on page 615 (RAID) remove-disk. on page 615 (RAID) remove-disk. on page 616 (config) raid Command Description Parameters Example with Syntax Related Commands Acc(config)# r ai d Enters the RAID node No additional parameters are necessary Acc(config)# r ai d • • • • (RAID) add-disk. The 6950 has 2 RAID arrays with up to two disks. Enter the disk name.79 4 0( RA I D) add-disk HDD01 • • • • (config) raid. The following commands are available: (config) raid.0 . Your specific Accelerator. may be configured differently.1 Us er Gu id e .79 4 0( RA I D) a dd -d i sk [ d is k -n am e ] Adds a disk to the RAID array. on page 616 (RAID) add-disk Command Description Parameters Example with Syntax Related Commands A cc 2 3. on page 614 (RAID) exit. on page 614 (RAID) exit. on page 615 (RAID) show. on page 615 (RAID) show. The 79xx has 1 RAID array and up to 8 disks. on page 308. on page 615 (RAID) show. on page 615 (RAID) remove-disk. on page 616 Ac ce ler at o rOS Ve rsi on 7.

on page 616 (RAID) remove-disk Command Description Parameters Example with Syntax Related Commands A cc (R A ID ) r em o ve -d i sk [d is k -n am e ] Removes a disk from the RAID array. on page 615 (RAID) show. HDD01 for example A cc (R A ID ) remove-disk HDD01 • • • • (config) raid. on page 614 (RAID) remove-disk. Enter the disk name. on page 615 (RAID) show. on page 614 (RAID) exit. No additional parameters needed Ac c( R AI D) exit • • • • (config) raid. on page 614 (RAID) add-disk.Co n f ig u r at io n C om m an d s / 615 (RAID) exit Command Description Parameters Example with Syntax Related Commands Ac c( R AI D) ex i t Exits the RAID menu and returns to the Configuration Menu. on page 614 (RAID) add-disk. on page 616 .

. ..1 Us er Gu id e . . .. . ... . . . .4 88 2 79 4 88 A r ra y N um be r O f D ev i ce s.. . ..H D D0 1 Ac ce ler at o rOS Ve rsi on 7.7 94 0( R AI D ) show raid arr0 T h is o p er at i on ma y t ak e a f e w se c on ds . . .. . . . .. . . . ... .. . .. . .... on page 614 (RAID) exit. . .. ... Command Description Parameters Example with Syntax Related Commands A cc 23 . no -e r ro rs A r ra y S iz e. .. . A r ra y T yp e.. .H D D0 0 A r ra y D ev ic e 1 ... . . .. . .. on page 614 (RAID) add-disk.. .79 40 ( RA I D) sh o w Shows the RAID Arrays list and the Disk List (list will be different for each Accelerator) No additional parameters are necessary A cc 23 . .R AI D 1 A r ra y S ta te .d ir t y.. . on page 615 A similar screen is shown: A c c2 3..1 A r ra y A ct iv e D e vi ce s . .. .0 A r ra y S pa re De v ic es ... .. . . . . . . . .. . .. . .. .. . . . .1 A r ra y F ai le d D e vi ce s . . . . . .. . P l ea se be p a ti e nt . . .616 A p pe n di x F: Command Line Interface (RAID) show This command allows you to view the RAID array list and the disk list that are included in the RAID array. ... . .. . no errors it is not indicative of a problem. . i Note: Should the status of the RAID disk be displayed as dirty. .0 A r ra y D ev ic e L i st : A r ra y D ev ic e 0 ..0 . ... .... . . . .. . .. . . . .. . .. ... . . . .. . This list is dependent on the model of Accelerator that you have deployed.79 40 ( RA I D) show raid arr0 • • • • (config) raid. .. . on page 615 (RAID) remove-disk..

on page 623 . on page 619 (decision) set aggregation-class. on page 618 (config) interface link.Co n f ig u r at io n C om m an d s / 617 Aggregation Class Commands The following commands are covered: (config) aggregation post class. on page 620 (LINK) aggregation post limit. on page 622 (LINK) aggregation post window. on page 619 (LINK) aggregation post. on page 620 (LINK) aggregation post class. on page 621 (LINK) aggregation post threshold.

Citrix is enabled but default. By default. The Citrix Aggregation class parameter configuration is available only per-link. on page 622 (LINK) aggregation post window. This command is not saved in the configuration file.1 Us er Gu id e . You can disable. To view Citrix Aggregation statistics. enable or configure each class. which is preconfigured to properly handle these applications). Citrix Aggregation on a link has 4 predefined classes that let you configure and apply different Citrix Aggregation settings to different types of traffic: • default • custom-1 • custom-2 • citrix Different applications may require different Citrix Aggregation class configuration (for example: different window size and aggregated packet size). on page 623 Related Commands Ac ce ler at o rOS Ve rsi on 7. use the show interface link command from the config prompt. Several well-known applications are defined as belonging to 'default' or 'citrix' aggregation class (for example: Citrix and Telnet applications predefined to belong to the 'citrix' class. You can set each application that exists in the Accelerator to belong to one of the Citrix Aggregation classes. on page 621 (LINK) aggregation post threshold. Description Parameters Example with Syntax ACC1(config)#a gg r eg at i on po st cl a ss [d ef a ul t | c u st om . but goes over each link and changes its configuration to enable/disable. on page 620 (LINK) aggregation post class. on page 620 (LINK) aggregation post limit. on page 619 (decision) set aggregation-class.1 | c us t om 2 | c it ri x ] gl o ba l [ en a bl e | di sa b le ] • • • • • • • (config) interface link. custom-1 and custom-2 are disabled.1 | c us t om 2 | c it ri x ] gl o ba l [ en a bl e | di sa b le ] Sets the Citrix aggregation classes globally.618 A p pe n di x F: Command Line Interface (config) aggregation post class Command ACC1(config)#a gg r eg at i on po st cl a ss [d ef a ul t | c u st om . on page 619 (LINK) aggregation post. The Global command is for ease of use.0 .

on page 623 . on page 620 (LINK) aggregation post limit. on page 620 (LINK) aggregation post limit. To see which application belongs to which class. on page 618 (decision) set aggregation-class. on page 621 (LINK) aggregation post threshold. on page 619 (LINK) aggregation post. on page 619 (LINK) aggregation post. Enter the application name and the correct aggregation class. on page 620 (LINK) aggregation post class.cl a ss citrix • • • • • • • (config) aggregation post class. on page 621 (LINK) aggregation post threshold. type the show decision command.Co n f ig u r at io n C om m an d s / 619 (config) interface link Command Description Parameters Example with Syntax Related Commands ACC1(config)#in t er f ac e l in k [ number] Opens the node for the configuration of a specific link Enter the link number ACC1(config)#in t er f ac e l in k [ number] • • • • • • • (config) aggregation post class. on page 618 (config) interface link. An application is coupled with a Citrix Aggregation class through a decision.cl a ss [ c it r ix | d e fa ul t | cu st o m. on page 622 (LINK) aggregation post window. on page 622 (LINK) aggregation post window.1 | c u st om .2] Sets the post-acceleration class of an application. on page 620 (LINK) aggregation post class. on page 623 (decision) set aggregation-class Command Description ACC1(decision)#s et a g gr eg a ti o n. Parameters Example with Syntax Related Commands ACC1(decision)#m at ch a p pl ic a ti o n myapplication ACC1(decision)#s et a g gr eg a ti o n.

on page 618 (config) interface link.1 Us er Gu id e . on page 620). on page 619 (LINK) aggregation post class. The Citrix Aggregation class parameter configuration is available only per-link (see (LINK) aggregation post. This command is for ease of use. on page 619 (decision) set aggregation-class. threshold and window details see below. on page 618 (config) interface link. on page 619 (decision) set aggregation-class. It is not saved in the configuration file.0 . You can define settings per link per class or for the entire link. on page 621 (LINK) aggregation post threshold. on page 623 (LINK) aggregation post class Command ACC1(LINK)#a gg r eg at i on p o st cl as s [ de f au l t | c us t om . For limit. on page 619 (LINK) aggregation post. on page 620 (LINK) aggregation post limit. but goes over each link and changes its configuration to enable/disable Enter the bandwidth Parameters Example with Syntax ACC1(LINK)#a gg r eg at i on p o st cl as s [ de f au l t | c us t om . on page 621 (LINK) aggregation post threshold.1 | c us to m 2 | ci t ri x] [d i sa bl e | e na b le | li m it | t hr e sh ol d | wi n do w ] • • • • • • • (config) aggregation post class. Enter the bandwidth ACC1(LINK)#a gg re g at io n p o st enable • • • • • • • (config) aggregation post class. on page 622 (LINK) aggregation post window.620 A p pe n di x F: Command Line Interface (LINK) aggregation post Command Description Parameters Example with Syntax Related Commands ACC1(LINK)#a gg re g at io n p o st [e na b le | d is ab l e] Sets the Citrix aggregation classes per link.1 | c us to m 2 | ci t ri x] [d i sa bl e | e na b le | li m it | t hr e sh ol d | wi n do w ] Description Defines a class of post aggregation settings. on page 622 (LINK) aggregation post window. on page 620 (LINK) aggregation post limit. on page 623 Related Commands Ac ce ler at o rOS Ve rsi on 7.

on page 623 . on page 619 (LINK) aggregation post. You can configure LIMIT in range 40-3000 bytes. on page 620 (LINK) aggregation post class. Number in bytes. on page 620 (LINK) aggregation post threshold. is the upper ceiling of packet size for packets to be eligible for Citrix aggregation: packets that are larger than LIMIT are not aggregated (they are supposed to be big enough to be sent one at a time). on page 622 (LINK) aggregation post window. on page 618 (config) interface link. set in bytes.Co n f ig u r at io n C om m an d s / 621 (LINK) aggregation post limit Command Description ACC1(LINK)#a gg r eg at i on p o st li mi t [ 40 . The limit. The default value is 256 Parameters Example with Syntax Related Commands ACC1(LINK)#a gg r eg at i on p o st li mi t 256 • • • • • • • (config) aggregation post class. on page 619 (decision) set aggregation-class.3 00 0] Sets the upper limit for packets to be aggregated. Enter the bandwidth.

on page 619 (LINK) aggregation post.622 A p pe n di x F: Command Line Interface (LINK) aggregation post threshold Command Description ACC1(LINK)#a gg r eg at i on po st th re s ho l d [4 0 3 0 00 | au to ] Sets the post aggregation threshold. You can configure THRESHOLD in range 40-MTU. on page 618 (config) interface link. it can be sent. when an aggregate packet reaches this size. set in bytes. number in bytes 40 to 3000 or automatic.for bandwidth that is more than 1Mbps Parameters Example with Syntax Related Commands ACC1(LINK)#a gg r eg at i on po st th re s ho l d 512 • • • • • • • (config) aggregation post class.for bandwidth that is less than or equal to 512 Kbps • 1024 bytes .for bandwidth that is greater than 512 Kbps and less then 1Mbps • MTU (usually 1500 bytes but no more than 3000) . Enter the correct threshold. on page 619 (decision) set aggregation-class. the threshold auto value will not be larger than the fragmentation size. The default value is auto. which means that the threshold will be calculated dynamically according to available bandwidth as follows: • 512 bytes . on page 621 (LINK) aggregation post window. on page 623 Ac ce ler at o rOS Ve rsi on 7. on page 620 (LINK) aggregation post class. on page 620 (LINK) aggregation post limit. The threshold. If fragmentation is configured in the link.1 Us er Gu id e . is the maximum size of aggregated packets. That is.0 .

Co n f ig u r at io n C om m an d s / 623 (LINK) aggregation post window Command Description ACC1(LINK)#ag gr e ga t io n p o st wi n do w [ 1 .1 00 | au t o] Sets the post-acceleration window. This is the maximum amount of time a packet can be delayed in Citrix Aggregation queues. This is done to avoid long packet delays. on page 621 (LINK) aggregation post threshold. Enter the correct threshold Parameters Example with Syntax Related Commands ACC1(LINK)#ag gr e ga t io n p os t t hr es h ol d 90 • • • • • • • (config) aggregation post class. on page 620 (LINK) aggregation post class. on page 622 . This means that when WINDOW * 10 ms elapses. on page 619 (decision) set aggregation-class. on page 618 (config) interface link. The window command is set in units of 10 ms. number in bytes 1 to 100 or automatic. WINDOW can be configured in a range of 1-100 units. an aggregate packet is sent (even if its total size has not yet reached LIMIT value). The default value is auto. An estimated value of the auto value is bandwidth/Threshold. This enables the aggreagator to wait enough time to get an aggregated packet with the largest size close to the THRESHOLD value. which means that the WINDOW value is calculated dynamically given the bandwidth and the threshold value. on page 619 (LINK) aggregation post. on page 620 (LINK) aggregation post limit.

on page 627 (DNS-ACC) min TTL. on page 629 (DNS-ACC) show statistics. on page 628 (DNS-ACC) show cache.1 Us er Gu id e . By default DNS Acceleration is disabled. on page 629 (DNS-ACC) show statistics. on page 626 (DNS-ACC) ip host. on page 627 (DNS-ACC) ip host purge. Enable to enable. on page 625 (DNS-ACC) cache size. on page 628 (DNS-ACC) show cache. on page 626 (DNS-ACC) Dns-masquerading. on page 625 (DNS-ACC) dns-acceleration. on page 624 (DNS-ACC) cache clear. on page 628 (DNS-ACC) query timeout.624 A p pe n di x F: Command Line Interface DNS Acceleration Commands This section has the following commands: (Conf) dns-acceleration. on page 626 (DNS-ACC) Dns-masquerading. on page 631 Ac ce ler at o rOS Ve rsi on 7. on page 629 (DNS-ACC) show statistics. Disable to disable A CC 1 (c on f )# Dn s -a c ce le r at io n • • • • • • • • • • • • • (Conf) dns-acceleration. on page 629 (DNS-ACC) use-accelerator-dns. on page 629 (DNS-ACC) show statistics. on page 625 (DNS-ACC) dns-acceleration. on page 625 (DNS-ACC) cache size.0 . on page 628 (DNS-ACC) query timeout. on page 627 (DNS-ACC) ip host purge. on page 624 (DNS-ACC) cache clear. on page 626 (DNS-ACC) ip host. on page 627 (DNS-ACC) min TTL. on page 629 (DNS-ACC) use-accelerator-dns. on page 631 (Conf) dns-acceleration Command Description Parameters Example with Syntax Related Commands A CC 1 (c on f )# Dn s -a c ce le r at io n Enables/disables DNS Acceleration.

on page 631 (DNS-ACC) cache size Command Description Parameters Example with Syntax Related Commands A CC 1( D NS -A C C) # ca ch e s iz e [ 1 00 -3 0 00 0 | a u to ] Lets you select whether to accept the system-defined value of the cache size or to set your own value (between 100 and 30000). on page 628 (DNS-ACC) query timeout. on page 628 (DNS-ACC) query timeout. on page 625 (DNS-ACC) dns-acceleration. on page 629 (DNS-ACC) show statistics. on page 629 (DNS-ACC) show statistics. Enter the application name and the correct aggregation class. on page 627 (DNS-ACC) ip host purge. on page 629 (DNS-ACC) use-accelerator-dns.Co n f ig u r at io n C om m an d s / 625 (DNS-ACC) cache clear Command Description Parameters Example with Syntax Related Commands AC C 1( DN S -A CC ) #c a ch e c le ar Lets you clear the cache contents. on page 626 (DNS-ACC) Dns-masquerading. on page 629 (DNS-ACC) show statistics. on page 626 (DNS-ACC) Dns-masquerading. on page 625 (DNS-ACC) dns-acceleration. on page 628 (DNS-ACC) show cache. on page 626 (DNS-ACC) ip host. on page 627 (DNS-ACC) min TTL. A CC 1( D NS -A C C) # ca ch e s iz e 2400 • • • • • • • • • • • • (Conf) dns-acceleration. on page 629 (DNS-ACC) use-accelerator-dns. on page 627 (DNS-ACC) min TTL. on page 628 (DNS-ACC) show cache. AC C 1( DN S -A CC ) # cache clear • • • • • • • • • • • • (Conf) dns-acceleration. No additional parameters required. on page 631 . on page 629 (DNS-ACC) show statistics. on page 626 (DNS-ACC) ip host. on page 627 (DNS-ACC) ip host purge. on page 624 (DNS-ACC) cache size. on page 624 (DNS-ACC) cache clear.

on page 626 (DNS-ACC) ip host.0 . on page 627 (DNS-ACC) ip host purge. on page 627 (DNS-ACC) min TTL.AC C )# D ns -m a sq ue r ad i ng [ e na bl e | d i sa bl e ] Enables/disables DNS masquerading.AC C )# D ns -m a sq ue r ad i ng enable • • • • • • • • • • • • (Conf) dns-acceleration.626 A p pe n di x F: Command Line Interface (DNS-ACC) dns-acceleration Command Description Parameters Example with Syntax Related Commands A CC 1 (D NS . By default DNS Acceleration is disabled. Enable to enable. on page 631 Ac ce ler at o rOS Ve rsi on 7.AC C) # Dn s -a cc e le ra t io n [ en a bl e | d is a bl e] Enables/disables DNS Acceleration. on page 629 (DNS-ACC) use-accelerator-dns. on page 627 (DNS-ACC) ip host purge. on page 625 (DNS-ACC) cache size. on page 629 (DNS-ACC) show statistics. on page 628 (DNS-ACC) query timeout. on page 629 (DNS-ACC) show statistics. on page 628 (DNS-ACC) show cache. on page 629 (DNS-ACC) show statistics. on page 625 (DNS-ACC) dns-acceleration. Enable to enable. on page 627 (DNS-ACC) min TTL. Disable to disable A C C1 (D N S. on page 624 (DNS-ACC) cache clear. on page 625 (DNS-ACC) Dns-masquerading. on page 625 (DNS-ACC) cache size.AC C) # Dn s -a cc e le ra t io n enable • • • • • • • • • • • • (Conf) dns-acceleration. on page 628 (DNS-ACC) query timeout. Disable to disable A CC 1 (D NS . on page 629 (DNS-ACC) use-accelerator-dns. on page 628 (DNS-ACC) show cache. on page 624 (DNS-ACC) cache clear. By default DNS masquerading is disabled. on page 631 (DNS-ACC) Dns-masquerading Command Description Parameters Example with Syntax Related Commands A C C1 (D N S.1 Us er Gu id e . on page 626 (DNS-ACC) ip host. on page 629 (DNS-ACC) show statistics.

20. on page 625 (DNS-ACC) dns-acceleration. on page 628 (DNS-ACC) show cache.Co n f ig u r at io n C om m an d s / 627 (DNS-ACC) ip host Command Description Parameters Example with Syntax Related Commands A C C1 (D N S.AC C )# i p ho s t [W O RD ] [I P] Lets you define a static host-name to address.A CC )# i p ho s t purge • • • • • • • • • • • • (Conf) dns-acceleration.AC C )# i p ho s t mysite 100.A CC )# i p ho s t [ pu rg e ] Lets you remove all definitions of static hosts. A C C1 (D N S. on page 628 (DNS-ACC) query timeout. on page 628 (DNS-ACC) show cache. on page 631 (DNS-ACC) ip host purge Command Description Parameters Example with Syntax Related Commands A C C1 (D N S. on page 629 (DNS-ACC) show statistics. by using the purge parameter. on page 626 (DNS-ACC) ip host. on page 627 (DNS-ACC) min TTL. A C C1 (D N S. on page 625 (DNS-ACC) cache size. on page 629 (DNS-ACC) use-accelerator-dns. on page 625 (DNS-ACC) cache size. on page 626 (DNS-ACC) Dns-masquerading. on page 626 (DNS-ACC) ip host purge. Enter the site name and the correct IP address. on page 624 (DNS-ACC) cache clear. on page 624 (DNS-ACC) cache clear. on page 628 (DNS-ACC) query timeout.5 • • • • • • • • • • • • (Conf) dns-acceleration. on page 631 .100. on page 629 (DNS-ACC) show statistics. on page 626 (DNS-ACC) Dns-masquerading. on page 629 (DNS-ACC) show statistics. No additional parameters required. on page 629 (DNS-ACC) use-accelerator-dns. on page 627 (DNS-ACC) min TTL. by using the WORD parameter followed by an IP address. on page 629 (DNS-ACC) show statistics. on page 625 (DNS-ACC) dns-acceleration.

on page 625 (DNS-ACC) dns-acceleration. on page 627 (DNS-ACC) ip host purge.0 . on page 629 (DNS-ACC) show statistics. on page 625 (DNS-ACC) cache size. on page 629 (DNS-ACC) use-accelerator-dns. on page 629 (DNS-ACC) show statistics. on page 629 (DNS-ACC) show statistics. on page 627 (DNS-ACC) ip host purge.30 ) Lets you set your own value for the query time out period (between 0 and 30) Enter a valid time out period as described above. on page 624 (DNS-ACC) cache clear. on page 628 (DNS-ACC) show cache. on page 624 (DNS-ACC) cache clear. on page 626 (DNS-ACC) ip host. on page 625 (DNS-ACC) dns-acceleration. on page 629 (DNS-ACC) use-accelerator-dns. on page 628 (DNS-ACC) show cache. on page 629 (DNS-ACC) show statistics. A CC 1 (D N S.AC C )# mi n T TL (m i nu te s ) [p r es e rv et tl | 1 -1 44 0 ] Lets you select whether to keep the system-defined value of the time-to-leave period (preserve-ttl) or to set your own value (between 1 and 1440 minutes).1 Us er Gu id e . on page 626 (DNS-ACC) Dns-masquerading. on page 626 (DNS-ACC) Dns-masquerading.628 A p pe n di x F: Command Line Interface (DNS-ACC) min TTL Command Description Parameters Example with Syntax Related Commands A CC 1 (D N S. Enter the a valid time period as described above. AC C1 ( DN S -A CC ) #q ue r y t im eo u t 25 • • • • • • • • • • • • (Conf) dns-acceleration. on page 631 Ac ce ler at o rOS Ve rsi on 7. on page 625 (DNS-ACC) cache size. on page 626 (DNS-ACC) ip host. on page 631 (DNS-ACC) query timeout Command Description Parameters Example with Syntax Related Commands AC C1 ( DN S -A CC ) #q ue r y t im eo u t (0 . on page 627 (DNS-ACC) query timeout.AC C )# mi n T TL (m in u te s ) pr e se rv e -t tl 440 • • • • • • • • • • • • (Conf) dns-acceleration. on page 627 (DNS-ACC) min TTL.

on page 627 (DNS-ACC) ip host purge. on page 628 (DNS-ACC) show cache. on page 627 (DNS-ACC) ip host purge.A CC ) #s ho w c ac h e Displays the details of all hosts currently stored in the cache: host name. on page 625 (DNS-ACC) cache size. number of hits and number of misses. AC C1 ( DN S. on page 624 (DNS-ACC) cache clear. No additional parameters required. A CC 1( D NS . on page 626 (DNS-ACC) Dns-masquerading. host address. on page 631 . on page 627 (DNS-ACC) min TTL.AC C) # sh ow st a ti st i cs Displays the statistics for the queries since the last time the DNS Acceleration feature was enabled: total number of queries. on page 624 (DNS-ACC) cache clear. on page 625 (DNS-ACC) dns-acceleration. on page 626 (DNS-ACC) Dns-masquerading. on page 626 (DNS-ACC) ip host. on page 626 (DNS-ACC) ip host. on page 629 (DNS-ACC) show statistics.Co n f ig u r at io n C om m an d s / 629 (DNS-ACC) show cache Command Description Parameters Example with Syntax Related Commands AC C1 ( DN S.AC C) # show statistics • • • • • • • • • • • • (Conf) dns-acceleration. on page 625 (DNS-ACC) dns-acceleration. flags and expiry time (time-to-leave). No additional parameters required. on page 628 (DNS-ACC) show statistics. on page 627 (DNS-ACC) min TTL. on page 628 (DNS-ACC) query timeout. on page 629 (DNS-ACC) transparency. on page 630 (DNS-ACC) use-accelerator-dns. on page 631 (DNS-ACC) show statistics Command Description Parameters Example with Syntax Related Commands A CC 1( D NS . on page 628 (DNS-ACC) query timeout.A CC ) #s ho w c ac h e • • • • • • • • • • • • (Conf) dns-acceleration. on page 629 (DNS-ACC) use-accelerator-dns. on page 625 (DNS-ACC) cache size.

630 A p pe n di x F: Command Line Interface (DNS-ACC) transparency Command Description A C C1 (D N S. on page 626 (DNS-ACC) ip host.the traffic is transparent to both the Client and the Server.A CC )# t ra ns p ar e nc y [ au to | f ul l | s e mi ] Lets you set your requested transparency mode: • Semi .A CC )# t ra ns p ar e nc y auto • • • • • • • • • • • • (Conf) dns-acceleration. Parameters Example with Syntax Related Commands A C C1 (D N S. on page 625 (DNS-ACC) dns-acceleration.the traffic is transparent to the Client. • Full . on page 626 (DNS-ACC) Dns-masquerading. The default value is Auto.the transparency is determined automatically according to the deployment level: either Semi (in On-LAN deployment) or Full (in On-Path deployment). on page 625 (DNS-ACC) cache size. on page 627 (DNS-ACC) min TTL. on page 629 (DNS-ACC) use-accelerator-dns. Enter a valid transparency mode as described above. on page 629 (DNS-ACC) show statistics. on page 624 (DNS-ACC) cache clear.0 . • Auto . on page 631 Ac ce ler at o rOS Ve rsi on 7.1 Us er Gu id e . on page 628 (DNS-ACC) show cache. but the server sees it as coming from the Accelerator. on page 627 (DNS-ACC) ip host purge. on page 628 (DNS-ACC) query timeout.

on page 628 (DNS-ACC) query timeout. you have to configure an IP name server under the DNS node. Enable to enable. on page 625 (DNS-ACC) dns-acceleration. on page 629 . on page 629 (DNS-ACC) show statistics. If you enable the use of Accelerator DNS. even if that traffic was sent to another DNS server. on page 625 (DNS-ACC) cache size. on page 627 (DNS-ACC) min TTL. on page 626 (DNS-ACC) Dns-masquerading.Co n f ig u r at io n C om m an d s / 631 (DNS-ACC) use-accelerator-dns Command Description A C C1 (D N S. on page 628 (DNS-ACC) show cache. Parameters Example with Syntax Related Commands A C C1 (D N S. on page 624 (DNS-ACC) cache clear.dn s enable • • • • • • • • • • • • (Conf) dns-acceleration. on page 626 (DNS-ACC) ip host. Disable to disable.dn s [ e na bl e | d i sa bl e ] Enables/disables the use of Accelerator DNS. on page 627 (DNS-ACC) ip host purge. on page 629 (DNS-ACC) show statistics.A CC )# u se -a c ce l er at o r. By so doing. thereby defining the Accelerator as a DNS client. the Accelerator will always intercept traffic and use its setting to process the traffic.A CC )# u se -a c ce l er at o r.

on page 634 (crypto) show tech-encryption. on page 635 (ike_policy) pre-shared key. on page 633 (crypto) ipsec. on page 633 (config) show running-config. by using the following CLI command: subnet network x. on page 635 (ike_policy) esp-algorithm. such as the crypto mode. on page 633 (config) show running-config. on page 636 (ike_policy) pre-shared key.1 Us er Gu id e .x. on page 633 (crypto) ipsec. enabling these subnets to communicate with the Accelerator requires you to define them as local in the Accelerator. on page 636 (ipsec) ike-policy. on page 636 (ike_policy) pre-shared key. on page 636 (ike_policy) pre-shared key.0 . users sending traffic from such subnets will not be able to communicate with the Accelerator. Thus. on page 637 Ac ce ler at o rOS Ve rsi on 7. on page 636 (ike_policy) pre-shared key. on page 634 (crypto) show tech-encryption. when IPsec is enabled. on page 635 (ike_policy) esp-algorithm. No additional parameters required. AC C1 ( co n fi g) # sh ow cr y pt o • • • • • • • • • • (config) show interface link. subnets that are not defined as local subnets are considered by default as remote subnets (subnets over the WAN). the IKE and the IPsec policies.x. on page 634 (ike_policy) description. as their packets will be dropped. on page 632 (config) show interface link. on page 637 (config) show crypto Command Description Parameters Example with Syntax Related Commands AC C1 ( co n fi g) # sh ow cr y pt o Lets you view the entire details of Accelerator’s crypto.x/y This section features the following options: (config) show crypto. Therefore. on page 634 (ike_policy) description. on page 635 (ike_policy) pre-shared key. on page 636 (ipsec) ike-policy.632 A p pe n di x F: Command Line Interface Traffic Encryption Commands i Note: In the Accelerator.

on page 633 (crypto) ipsec.co nf i g Lets you view the entire details of the current crypto configuration. on page 632 (config) show running-config. on page 635 (ike_policy) pre-shared key. on page 636 (ipsec) ike-policy. on page 634 (ike_policy) description. on page 634 (ike_policy) description. on page 636 (ike_policy) pre-shared key. on page 636 (ike_policy) pre-shared key. which IPsec policy is used and other details. on page 635 (ike_policy) esp-algorithm. AC C1 ( co n fi g) # sh ow ru n ni ng . policy rules and decision number. on page 636 (ike_policy) pre-shared key. on page 637 (config) show running-config Command Description Parameters Example with Syntax Related Commands AC C1 ( co n fi g) # sh ow ru n ni ng . Enter the link number. on page 635 (ike_policy) pre-shared key. on page 634 (crypto) show tech-encryption. on page 636 (ike_policy) pre-shared key. No additional parameters required. such as crypto mode. A CC 1( c on f ig )# s ho w i nt e rf ac e l in k 1 • • • • • • • • • • (config) show crypto. on page 637 . on page 633 (crypto) ipsec. on page 634 (crypto) show tech-encryption. on page 632 (config) show interface link. on page 636 (ipsec) ike-policy.Co n f ig u r at io n C om m an d s / 633 (config) show interface link Command Description Parameters Example with Syntax Related Commands A CC 1( c on f ig )# s ho w i nt e rf ac e l in k [ n um be r ] Lets you view whether IPsec is enabled.co nf i g • • • • • • • • • • (config) show crypto. on page 635 (ike_policy) esp-algorithm.

on page 633 (crypto) show tech-encryption.634 A p pe n di x F: Command Line Interface (crypto) ipsec Command Description Parameters Example with Syntax Related Commands A CC 1 (c r yp to ) #i ps e c Lets you enter the IPsec node No additional parameters required. on page 637 (crypto) show tech-encryption Command Description Parameters Example with Syntax Related Commands A CC 1 (c ry p to )# s ho w t ec h -e nc r yp t io n Lets you view the IPsec tunnel status and the Pluto log. A CC 1 (c r yp to ) #i ps e c • • • • • • • • • • (config) show crypto. on page 635 (ike_policy) esp-algorithm. on page 635 (ike_policy) pre-shared key. on page 633 (config) show running-config. on page 634 (ike_policy) description. on page 632 (config) show interface link. on page 634 (ike_policy) description. on page 633 (config) show running-config. on page 636 (ike_policy) pre-shared key. on page 635 (ike_policy) pre-shared key. on page 636 (ike_policy) pre-shared key. on page 637 Ac ce ler at o rOS Ve rsi on 7.1 Us er Gu id e . on page 632 (config) show interface link. on page 633 (crypto) ipsec. on page 636 (ipsec) ike-policy. A CC 1 (c ry p to )# s ho w t ec h -e nc r yp t io n • • • • • • • • • • (config) show crypto.0 . on page 636 (ike_policy) pre-shared key. on page 635 (ike_policy) esp-algorithm. on page 636 (ike_policy) pre-shared key. on page 636 (ipsec) ike-policy. No additional parameters required.

on page 634 (ike_policy) esp-algorithm. Use underscores in place of spaces. on page 636 (ike_policy) pre-shared key. Pick an order from 1-3. on page 637 . on page 637 (ike_policy) esp-algorithm Command Description Parameters Example with Syntax Related Commands A C C1 (i k e_ po l ic y )# es p -a lg o ri t hm < 1 -3 > Lets you set the ESP algorithm for the IKE policy. on page 636 (ipsec) ike-policy. on page 636 (ike_policy) pre-shared key. A C C1 (i k e_ po l ic y )# esp-algorithm 2 • • • • • • • • • • (config) show crypto. on page 632 (config) show interface link. on page 633 (config) show running-config. on page 634 (crypto) show tech-encryption. on page 633 (crypto) ipsec. on page 635 (ike_policy) pre-shared key. A CC 1( i ke _ po li c y) #d e sc r ip ti o n th i s_ d es cr i pt io n • • • • • • • • • • (config) show crypto. on page 636 (ike_policy) pre-shared key. on page 636 (ike_policy) pre-shared key. on page 635 (ike_policy) pre-shared key. Legal text string. on page 634 (crypto) show tech-encryption.Co n f ig u r at io n C om m an d s / 635 (ike_policy) description Command Description Parameters Example with Syntax Related Commands A CC 1( i ke _ po li c y) #d e sc r ip ti o n [W O RD ] Lets you add a description to the IKE policy. on page 633 (crypto) ipsec. on page 634 (ike_policy) description. on page 632 (config) show interface link. on page 633 (config) show running-config. on page 636 (ipsec) ike-policy.

2 4> Lets you set the number of hours for the SA lifetime 1 to 24 hours.1 Us er Gu id e . on page 635 (ike_policy) pre-shared key. on page 632 (config) show interface link. on page 635 (ike_policy) esp-algorithm. on page 635 (ike_policy) pre-shared key. AC C1 ( ik e _p ol i cy )# sa-lifetime hours 12 • • • • • • • • • • (config) show crypto.0 . on page 633 (crypto) ipsec. on page 634 (ike_policy) description. No additional parameters are necessary. on page 632 (config) show interface link.636 A p pe n di x F: Command Line Interface (ike_policy) pre-shared key Command Description Parameters Example with Syntax Related Commands AC C 1( ik e _p ol i cy ) #p re . on page 634 (ike_policy) description. Enter Y to confirm. on page 637 Ac ce ler at o rOS Ve rsi on 7. on page 633 (config) show running-config. on page 636 (ike_policy) pre-shared key. on page 633 (crypto) ipsec.sh ar e d k ey Lets you create a pre-shared key. on page 634 (crypto) show tech-encryption. on page 634 (crypto) show tech-encryption.l if et i me h o ur s < 1. This command is recommended only for transactions over a secure channel: AC C 1( ik e _p ol i cy ) # pre-shared key • • • • • • • • • • (config) show crypto. on page 637 (ike_policy) sa-lifetime hours Command Description Parameters Example with Syntax Related Commands AC C1 ( ik e _p ol i cy )# s a. on page 636 (ipsec) ike-policy. on page 636 (ike_policy) pre-shared key. on page 635 (ike_policy) esp-algorithm. on page 636 (ipsec) ike-policy. on page 633 (config) show running-config.

No additional parameters required. AC C1 ( ip s ec )# i ke -p o li c y • • • • • • • • • • (config) show crypto. on page 633 (crypto) ipsec. on page 636 (ike_policy) pre-shared key. on page 634 (crypto) show tech-encryption. on page 634 (crypto) show tech-encryption. on page 634 (ike_policy) description. on page 633 (crypto) ipsec. on page 635 (ike_policy) esp-algorithm. on page 636 (ike_policy) pre-shared key. on page 633 (config) show running-config. on page 635 (ike_policy) esp-algorithm. on page 636 . on page 637 (ipsec) ike-policy Command Description Parameters Example with Syntax Related Commands AC C1 ( ip s ec )# i ke -p o li c y Lets you enter the IKE policy node. on page 635 (ike_policy) pre-shared key. on page 636 (ipsec) ike-policy. on page 632 (config) show interface link. on page 636 (ike_policy) pre-shared key. on page 635 (ike_policy) pre-shared key. on page 632 (config) show interface link. on page 633 (config) show running-config.Co n f ig u r at io n C om m an d s / 637 (ike_policy) sa-lifetime seconds Command Description Parameters Example with Syntax Related Commands A CC 1 (i k e_ po l ic y) # sa . A CC 1 (i k e_ po l ic y) # sa-lifetime 4000 • • • • • • • • • • (config) show crypto.li fe t im e s ec o nd s < 30 08 64 0 0> Lets you set the number of hours for the SA lifetime 300 to 86400 seconds. on page 634 (ike_policy) description.

on page 639 (config) arp Command Description Parameters Example with Syntax Related Commands ACC1(config)#a r p [ IP a d dr es s x . on page 638 • (config) arp cache max-size. x ] [M A C ad dr e ss x x: x x: xx : xx : xx :x x ] Sets manual ARP cache entries Enter a valid IP address and MAC address. on page 639 (config) arp cache limits Command Description Parameters Example with Syntax Related Commands ACC1(config)#ar p c ac h e li m it s [ three numbers between 128000 and 8000000] Sets three limits on the size of the ARP cache Enter up to three numbers within the valid range ACC1(config)#ar p c ac h e li m it s 200000 300000 400000 • (config) arp. x.2 MA C Ad dr e ss 00:06:5B:15:04:B4 • (config) arp cache limits. ACC1(config)#a r p I P ad d re ss 100. on page 639 Ac ce ler at o rOS Ve rsi on 7. on page 638 • (config) arp cache max-size. on page 639 arp clear-table. on page 638 arp cache limits.50.638 A p pe n di x F: Command Line Interface ARP Commands This section contains the following configurations: (config) (config) (config) (config) arp.x . on page 639 • (config) arp clear-table. on page 639 • (config) arp clear-table.100.0 .1 Us er Gu id e . on page 638 arp cache max-size.

on page 639 (config) arp clear-table Command Description Parameters Example with Syntax Related Commands ACC1(config)#a rp cl ea r -t a bl e [ vo la t il e ] Clears the ARP cache table.s iz e 800000 • (config) arp. on page 639 . on page 638 • (config) arp clear-table.si z e [ number between 128000 and 8000000] Sets a limit on the size of the ARP cache Enter the maximum size within the range listed above. on page 638 • (config) arp cache limits.Co n f ig u r at io n C om m an d s / 639 (config) arp cache max-size Command Description Parameters Example with Syntax Related Commands ACC1(config)#ar p c ac he m a x. ACC1(config)#a rp cl ea r -t a bl e [ vo la t il e ] • (config) arp. AC C1 (c on fi g) # a r p ca c he m a x. Using the volatile variable lets you clear entries from the active ARP without clearing the database. No additional parameters required. on page 638 • (config) arp cache limits. on page 638 • (config) arp cache max-size.

on page 643 (interface) bridged-state disable. on page 642 (config) VRRP. on page 643 (interface) bridged-state disable. Command Description Parameters ACC1(config)#H S RP [number] Sets manual configuration of HSRP Enter the following Parameters: • authentication [string] • force-priority • ip (update IP address.0. Starting from AcceleratorOS 6. on page 644 (interface) ip address.create group if it does not exist) • join • leave (leave HSRP group) • preempt • priority [number 0 . on page 640 (config) HSRP autodetect. after HSRP group parameters are updated. on page 642 (config) interface vlan. on page 641 (config) interface ethernet 0. on page 642 (config) VRRP. In the CLI this is accomplished using the join/leave commands. on page 645 (config) HSRP i i Note: In AcceleratorOS versions up to 6. the Accelerator must join the group. on page 642 (config) interface vlan.0. on page 644 (interface) link-mode. on page 643 (config) wan. on page 644 (interface) ip address. adding an HSRP group automatically included the Accelerator in the group.640 A p pe n di x F: Command Line Interface Additional Commands This section contains the following configuration commands: (config) HSRP. on page 641 (config) interface ethernet 0. on page 645 Ac ce ler at o rOS Ve rsi on 7.0 . on page 644 (interface) link-mode.254] • timers • virtual-mac (virtual MAC address) • vlan (assign HSRP group to VLAN) Example with Syntax Related Commands ACC1(config)#H S RP 20 • • • • • • • • (config) HSRP autodetect.1 Us er Gu id e . on page 643 (config) wan.

Co n f ig u r at io n C om m an d s / 641 ACC1(config)#H SR P 20 a ut h en ti c at i on myauthentication f or c e. on page 645 .50. Disable to disable. ACC1(config)#HS R P au t od et e ct enable ACC1(config)#in t er fa c e vl a n 1 100. on page 644 (interface) link-mode.100.50.pr i or i ty i p 100. on page 643 (config) wan. on page 640 (config) interface ethernet 0.2 j oi n p re e mp t p ri o ri ty 1 t im e rs v ir t ua l. on page 643 (interface) bridged-state disable. on page 644 (interface) ip address. on page 642 (config) interface vlan.100.m ac F:F:F:F:F:F:F: v la n 2 (config) HSRP autodetect Command Description Parameters Example with Syntax Example with Syntax Related Commands ACC1(config)#HS R P au t od et e ct en ab l e/ di s ab l e The Accelerator can auto-detect HSRP groups on its networks and add them to its Group Table Enable to enable. on page 642 (config) VRRP.5 • • • • • • • • (config) HSRP.

642 A p pe n di x F: Command Line Interface (config) interface ethernet 0 Command Description Parameters Example with Syntax Related Commands ACC1(config)# i nt er f ac e e th e rn et 0 Enters the configuration node for the Ethernet 0 interface. on page 642 (config) VRRP.1 Us er Gu id e . on page 641 (config) interface vlan. on page 642 (config) VRRP. on page 640 (config) HSRP autodetect. on page 644 (interface) ip address. x. x. x .50. on page 645 Ac ce ler at o rOS Ve rsi on 7. on page 644 (interface) link-mode. x. on page 643 (interface) bridged-state disable.x x . on page 643 (interface) bridged-state disable. x Enables VLAN. sets group number and IP address or native or native tagged Accelerator IP address as VLAN group IP address.5 • • • • • • • • (config) HSRP. on page 643 (config) wan.0 . on page 640 (config) HSRP autodetect. on page 641 (config) interface ethernet 0. Enter the following information • (enter ip address and subnet mask) • native • native tagged Description Parameters Example with Syntax Related Commands ACC1(config)#i n te rf a ce v l an 1 100. on page 645 (config) interface vlan Command ACC1(config)#i n te rf a ce v l an [number] x .100. on page 644 (interface) ip address. on page 644 (interface) link-mode. No additional parameters needed ACC1(config)# i nt er f ac e e th e rn et 0 • • • • • • • • (config) HSRP. on page 643 (config) wan.

254] • timer Example with Syntax A C C1 (c o nf i g) #V R RP [ n um b er ] i p 1 . on page 642 (config) VRRP. ACC1(config)#w an mywan • • • • • • • • (config) HSRP. on page 641 (config) interface ethernet 0. on page 643 (interface) bridged-state disable. on page 644 (interface) link-mode.Co n f ig u r at io n C om m an d s / 643 (config) VRRP Command Description Parameters A C C1 (c o nf i g) #V R RP [ n um b er ] Sets manual configuration of VRRP Enter the following parameters: • ip (update IP address. on page 645 (config) wan Command Description Parameters Example with Syntax Related Commands ACC1(config)#w an [name] Creates a new WAN. 1. on page 643 (interface) bridged-state disable. on page 640 (config) HSRP autodetect. on page 642 (config) interface vlan.1 . Enter the name of the WAN. on page 645 . on page 641 (config) interface ethernet 0. on page 644 (interface) ip address.create group if it does not exist) • preempt • priority [number 0 . on page 640 (config) HSRP autodetect. on page 642 (config) interface vlan. on page 642 (config) wan. on page 644 (interface) link-mode. on page 644 (interface) ip address. 1 p r ee mp t p r io ri t y 100 t i me r Related Commands • • • • • • • • (config) HSRP.

s ta te di sa b le Disables bridge support for the Ethernet 0 interface. y. on page 640 (config) HSRP autodetect. on page 644 (interface) link-mode. on page 643 (config) wan. on page 640 (config) HSRP autodetect. on page 641 (config) interface ethernet 0. on page 642 (config) VRRP.s ta te disable • • • • • • • • (config) HSRP. on page 644 (interface) link-mode. x . on page 643 (config) wan. No additional parameters needed ACC1(interface)# b ri dg e d. on page 642 (config) interface vlan. x.0 .2 255. y. on page 641 (config) interface ethernet 0. y ] Sets an IP address and subnet mask for the Ethernet 0 interface.644 A p pe n di x F: Command Line Interface (interface) bridged-state disable Command Description Parameters Example with Syntax Related Commands ACC1(interface)# b ri dg e d.23.100. on page 642 (config) VRRP. on page 645 (interface) ip address Command Description Parameters Example with Syntax Related Commands ACC1(interface)# i p a dd re s s [x .1 Us er Gu id e .x y .255. Enter a valid IP and subnet mask AC C 1( in t er fa c e) # i p a dd re s s 100. on page 643 (interface) bridged-state disable.255.255 • • • • • • • • (config) HSRP. on page 645 Ac ce ler at o rOS Ve rsi on 7. on page 642 (config) interface vlan. on page 643 (interface) ip address.

0/0] ACC1(interface)l in k -m o de Sets the speed and duplex setting of the interface. 0/1. on page 642 (config) VRRP. on page 644 (interface) ip address. on page 640 (config) HSRP autodetect. You can use any of the following speed settings: • 1000Mbit-full • 100Mbit-full • 100Mbit-half • 10Mbit-full • 10Mbit-half • auto Description Parameters Example with Syntax Related Commands ACC1(config)#i nt e rf a ce e t he rn e t 0 ACC1(interface)l in k -m o de auto • • • • • • • • (config) HSRP. on page 643 (interface) bridged-state disable. on page 643 (config) wan. on page 642 (config) interface vlan. on page 644 .Co n f ig u r at io n C om m an d s / 645 (interface) link-mode Command ACC1(config)#i nt e rf a ce e t he rn e t [0. on page 641 (config) interface ethernet 0.

on page 647 (LINK) cache-size large. on page 652 (LINK) header preservation tos. on page 647 (LINK) aggregation. on page 648 (LINK) force. on page 651 (LINK) header preservation ttl. on page 652 (config) interface link Command Description Parameters Example with Syntax Related Commands ACC1(config)#in te r fa c e li n k Enters the Interface Link node. on page 650 (LINK) wan-id. on page 649 (LINK) header compression. on page 652 (LINK) wan-id.646 A p pe n di x F: Command Line Interface Link Commands The following commands are available: (config) interface link. on page 647 (LINK) cache-size large. on page 648 (LINK) force. on page 649 (LINK) header compression. on page 651 (LINK) header preservation ttl. on page 652 (LINK) wan-id. on page 652 Ac ce ler at o rOS Ve rsi on 7. on page 646 (LINK) acceleration. on page 648 (LINK) checksum. on page 652 (LINK) header preservation tos. on page 649 (LINK) fragmentation.1 Us er Gu id e . on page 649 (LINK) fragmentation. on page 648 (LINK) checksum. ACC1(config)#in te r fa c e li n k • • • • • • • • • • • • (LINK) acceleration. on page 650 (LINK) wan-id. on page 650 (LINK) header preservation.0 . No additional parameters are necessary. on page 647 (LINK) aggregation. on page 650 (LINK) header preservation.

on page 652 (LINK) wan-id. on page 652 (LINK) wan-id. on page 648 (LINK) force. or Auto for the Accelerator to decide. the QoS mechanism aggregates them and sends them together across the link. on page 652 (LINK) header preservation tos. medium and high priority. Enter a valid number as described above. Disable to disable. Aggregation is accomplished on outgoing packets before the packets are compressed. on page 646 (LINK) acceleration. to avoid adding unnecessary latency on nonproblematic links. on page 652 (LINK) header preservation tos. on page 650 (LINK) header preservation. on page 647 (LINK) cache-size large. on page 648 (LINK) checksum. on page 649 (LINK) header compression. This only applies to traffic set with a CoS value of low. on page 647 (LINK) cache-size large. on page 652 (LINK) aggregation Command Description AC C1 ( LI NK ) #a g gr eg a ti on au t o [n u mb er ] Enables small packets to be aggregated on this link. Parameters Example with Syntax Related Commands AC C1 ( LI NK ) #a g gr eg a ti on au t o 900 • • • • • • • • • • • • (config) interface link. on page 650 (LINK) wan-id. on page 650 (LINK) header preservation. ACC1(LINK)# ac ce l er at i on enable • • • • • • • • • • • • (config) interface link. on page 648 (LINK) checksum. on page 651 (LINK) header preservation ttl. on page 649 (LINK) header compression. Aggregation is applied only on congested links. and therefore you do not have to configure the aggregation symmetrically on both ends. on page 648 (LINK) force. on page 649 (LINK) fragmentation. on page 650 (LINK) wan-id.Co n f ig u r at io n C om m an d s / 647 (LINK) acceleration Command Description Parameters Example with Syntax Related Commands ACC1(LINK)# ac ce l er at i on en ab l e/ di s ab l e Sets the link to accelerate all traffic Enable to enable. on page 646 (LINK) aggregation. on page 652 . on page 649 (LINK) fragmentation. If packets arrive smaller than the set size (68 to 6000). on page 651 (LINK) header preservation ttl.

on page 649 (LINK) header compression. on page 650 (LINK) wan-id. on page 652 (LINK) header preservation tos. Enable to enable. ACC1(LINK)# ca c he -s i ze l a rg e enable • • • • • • • • • • • • (config) interface link. on page 647 (LINK) cache-size large. on page 649 (LINK) header compression. on page 650 (LINK) header preservation. on page 652 Ac ce ler at o rOS Ve rsi on 7. on page 649 (LINK) fragmentation. on page 647 (LINK) checksum. on page 649 (LINK) fragmentation. This setting is useful for high error rate links and troubleshooting purposes. Disable to disable. Enable to enable. on page 652 (LINK) header preservation tos. on page 650 (LINK) header preservation. on page 648 (LINK) force. on page 648 (LINK) force.1 Us er Gu id e . on page 652 (LINK) wan-id.648 A p pe n di x F: Command Line Interface (LINK) cache-size large Command Description Parameters Example with Syntax Related Commands ACC1(LINK)# ca c he -s i ze l a rg e e na b le Sets the link to work in Large cache size mode. on page 652 (LINK) wan-id. on page 650 (LINK) wan-id.0 . on page 646 (LINK) acceleration. on page 646 (LINK) acceleration. on page 651 (LINK) header preservation ttl. on page 647 (LINK) aggregation. on page 647 (LINK) aggregation. on page 652 (LINK) checksum Command Description Parameters Example with Syntax Related Commands ACC1(LINK)# c he ck s um e n ab l e/ di s ab le Includes a checksum in all packet transmissions. Disable to disable ACC1(LINK)# c he ck s um enable • • • • • • • • • • • • (config) interface link. on page 651 (LINK) header preservation ttl.

Enter a valid number as described above. on page 647 (LINK) cache-size large. or auto for the Accelerator to pick. on page 650 (LINK) wan-id. This setting is useful for handling latency on low bandwidth links. Parameters Example with Syntax Related Commands A CC 1( L IN K )# fr a gm en t at i on 900 • • • • • • • • • • • • (config) interface link. Fragmentation is accomplished on outgoing packets before the packets are compressed. on page 647 (LINK) aggregation. on page 652 (LINK) fragmentation Command Description A CC 1( L IN K )# fr a gm en t at i on a u to [ n um b er ] Enables packets to be fragmented on this link. Fragmentation does not have to be configured symmetrically on both ends. on page 652 . on page 650 (LINK) header preservation. on page 651 (LINK) header preservation ttl. on page 648 (LINK) checksum. Enable to enable. If packets arrive larger than the set size (68 to 6000). on page 648 (LINK) force. Disable to disable ACC1(LINK)# f or c e enable • • • • • • • • • • • • (config) interface link. on page 646 (LINK) acceleration. on page 651 (LINK) header preservation ttl. on page 650 (LINK) header preservation. on page 649 (LINK) header compression. on page 648 (LINK) checksum. on page 652 (LINK) header preservation tos. medium and high priority. on page 652 (LINK) wan-id. and applies only to traffic set with a CoS value of low. on page 647 (LINK) cache-size large. on page 649 (LINK) header compression. the QoS mechanism breaks them up.Co n f ig u r at io n C om m an d s / 649 (LINK) force Command Description Parameters Example with Syntax Related Commands ACC1(LINK)# f or c e e na bl e /d is a bl e Sets the link to force all traffic into the tunnel. on page 650 (LINK) wan-id. on page 647 (LINK) aggregation. on page 652 (LINK) wan-id. on page 652 (LINK) header preservation tos. on page 646 (LINK) acceleration. on page 648 (LINK) fragmentation.

650

A p pe n di x F: Command Line Interface

(LINK) header compression
Command Description Parameters Example with Syntax Related Commands

ACC1(LINK)# h ea de r c om p re s si on [ en a bl e| d is ab l e]
Enables or disables header compression Enable to enable, Disable to disable.

ACC1(LINK)# h ea de r c om p re s si on enable
• • • • • • • • • • • • (config) interface link, on page 646 (LINK) acceleration, on page 647 (LINK) aggregation, on page 647 (LINK) cache-size large, on page 648 (LINK) checksum, on page 648 (LINK) force, on page 649 (LINK) fragmentation, on page 649 (LINK) header preservation, on page 650 (LINK) wan-id, on page 652 (LINK) header preservation tos, on page 651 (LINK) header preservation ttl, on page 652 (LINK) wan-id, on page 652

(LINK) header preservation
Command Description

ACC1(LINK)# h ea d er p r es er v at i on s r c
[ e na bl e |d is a bl e ]
Preserves the source IP address of the original IP header. This setting, which is useful for Policy Routing, also enables distinguishing between sessions. The SRC setting is disabled by default. Enable to enable, Disable to disable.

Parameters Example with Syntax Related Commands

ACC1(LINK)# h ea d er p r es er v at i on src enable
• • • • • • • • • • • • (config) interface link, on page 646 (LINK) acceleration, on page 647 (LINK) aggregation, on page 647 (LINK) cache-size large, on page 648 (LINK) checksum, on page 648 (LINK) force, on page 649 (LINK) fragmentation, on page 649 (LINK) header compression, on page 650 (LINK) wan-id, on page 652 (LINK) header preservation tos, on page 651 (LINK) header preservation ttl, on page 652 (LINK) wan-id, on page 652

Ac ce ler at o rOS Ve rsi on 7.0 .1 Us er Gu id e

Co n f ig u r at io n C om m an d s /

651

(LINK) header preservation ports
Command Description Parameters Example with Syntax Related Commands

ACC1(LINK)# he a de r p re se r va t io n p or ts [e n ab l e| di s ab le ]
Preserves the port settings. Enable to enable, Disable to disable.

ACC1(LINK)# he a de r p re se r va t io n ports enable

(LINK) header preservation tos
Command Description Parameters Example with Syntax Related Commands

ACC1(LINK)# h ea de r p r es er v at io n t o s [ en a bl e |d is a bl e]
TOS: Preserves the original ToS point settings - this is enabled by default. Enable to enable, Disable to disable.

ACC1(LINK)# h ea de r p r es er v at io n t o s enable

652

A p pe n di x F: Command Line Interface

(LINK) header preservation ttl
Command Description Parameters Example with Syntax Related Commands

ACC1(LINK)# he ad e r p re se r va ti o n t tl
[e n ab le | di s ab le ]
TTL: Preserves the original TTL. This is disabled by default. Enable to enable, Disable to disable.

ACC1(LINK)# he ad e r p re se r va ti o n ttl enable
• • • • • • • • • • • • (config) interface link, on page 646 (LINK) acceleration, on page 647 (LINK) aggregation, on page 647 (LINK) cache-size large, on page 648 (LINK) checksum, on page 648 (LINK) force, on page 649 (LINK) fragmentation, on page 649 (LINK) header compression, on page 650 (LINK) header preservation, on page 650 (LINK) wan-id, on page 652 (LINK) header preservation tos, on page 651 (LINK) wan-id, on page 652

(LINK) wan-id
Command Description Parameters Example with Syntax Related Commands

ACC1(LINK)#w an - id [ number/ de f au lt ]
Sets the WAN to which this Link is assigned. Enter a valid IP, VRRP group number, and priority number

ACC1(LINK)#w an - id [ number/ de f au lt ]
• • • • • • • • • • • • (config) interface link, on page 646 (LINK) acceleration, on page 647 (LINK) aggregation, on page 647 (LINK) cache-size large, on page 648 (LINK) checksum, on page 648 (LINK) force, on page 649 (LINK) fragmentation, on page 649 (LINK) header compression, on page 650 (LINK) header preservation, on page 650 (LINK) wan-id, on page 652 (LINK) header preservation tos, on page 651 (LINK) header preservation ttl, on page 652

Ac ce ler at o rOS Ve rsi on 7.0 .1 Us er Gu id e

Co n f ig u r at io n C om m an d s /

653

Expand View Commands
This section demonstrates how to configure the Accelerator to work with ExpandView NMS. For more information on ExpandView, contact your Expand Networks supplier. This section contains the following configuration options: (config) expand-view, on page 653 (EVIEW) agent, on page 653 (EVIEW) IP address, on page 654 (EVIEW) port, on page 654 (EVIEW) show, on page 654

(config) expand-view
Command Description Parameters Example with Syntax Related Commands

ACC1(config)# ex pa n d- v ie w
Enables/Disables interaction with ExpandView. Enable to enable, Disable to disable

ACC1(config)# ex pa n d- v ie w
• • • • (EVIEW) agent, on page 653 (EVIEW) IP address, on page 654 (EVIEW) port, on page 654 (EVIEW) show, on page 654

(EVIEW) agent
Command Description Parameters Example with Syntax Related Commands

AC C 1( E VI EW ) # ag e nt [e na b le /d i sa b le ]
Enables/Disables interaction with ExpandView. Enable to enable, Disable to disable

AC C 1( E VI EW ) # ag e nt enable
• • • • (config) expand-view, on page 653 (EVIEW) IP address, on page 654 (EVIEW) port, on page 654 (EVIEW) show, on page 654

654

A p pe n di x F: Command Line Interface

(EVIEW) IP address
Command Description Parameters Example with Syntax Related Commands

A CC 1 (E VI E W) # I P ad d re s s [x . x. x. x ]
Sets the address of the ExpandView server in an Accelerator. Enter a valid IP address of the ExpandView server

A CC 1 (E VI E W) # I P ad d re s s 100.100.25.5
• • • • (config) expand-view, on page 653 (EVIEW) agent, on page 653 (EVIEW) port, on page 654 (EVIEW) show, on page 654

(EVIEW) port
Command Description Parameters Example with Syntax Related Commands

A CC 1 (E VI E W) # p or t [ xx x x]
Sets the port to use for interaction with the ExpandView server. Enter a legal port number that should be used to interact with the ExpandView server.

A CC 1 (E VI E W) # p or t 81
• • • • (config) expand-view, on page 653 (EVIEW) agent, on page 653 (EVIEW) IP address, on page 654 (EVIEW) show, on page 654

(EVIEW) show
Command Description Parameters Example with Syntax Related Commands

AC C 1( EV I EW )# sh ow
Verifies whether the unit is connected to ExpandView. No additional parameters

AC C 1( EV I EW )# show
• • • • (config) expand-view, on page 653 (EVIEW) agent, on page 653 (EVIEW) IP address, on page 654 (EVIEW) port, on page 654

i

Note: For more information on ExpandView, please refer to the ExpandView user
guide.

Ac ce ler at o rOS Ve rsi on 7.0 .1 Us er Gu id e

Co n f ig u r at io n C om m an d s /

655

SNMP Commands
This section contains the following configuration options: (config) (config) (config) (config) (config) snmp snmp snmp snmp snmp change-v3-password, on page 655 community access, on page 656 enable, on page 656 trap community, on page 657 traps, on page 657

(config) snmp change-v3-password
Command Description Parameters Example with Syntax Related Commands

ACC1(config)#s nm p c h an ge - v3 -p a ss w or d
Sets the password SNMP v.3 password. The default password is expand_initial_password and should be changed. Enter a valid password as described above.

ACC1(config)#s nm p c h an ge - v3 -p a ss w or d expand_initial_password
• • • • (config) snmp community access, on page 656 (config) snmp enable, on page 656 (config) snmp trap community, on page 657 (config) snmp traps, on page 657

i

Note: When monitoring for specific MIBs, add the index number of the processor even
if only one processor exists. Failing to add the index number results in an error message. For example: using the snmpget command with the syntax snmpget -v 1 -c expand 10.65.0.209 1.3.6.1.4.1.3405.1.3.1.1.2.1.3 returns the following error: There is no such variable name in this MIB. Failed object: SNMPv2-SMI:enterprises.3405.1.3.1.1.2.1.3 The correct string would be: snmpget -v 1 -c expand 10.65.0.209 1.3.6.1.4.1.3405.1.3.1.1.2.1.3.1 <processor id>

656

A p pe n di x F: Command Line Interface

(config) snmp community access
Command Description

ACC1(config)#s nm p c om m un it y [ na m e] ac ce s s [ re a d- on l y/ r ea d- w ri te ]
Sets the name of the SNMP community (a group of users that are granted access to certain Accelerator devices). Each SNMP community can have either read-only or readwrite authorization. The default community is Public, and its authorization is read-write. Enter a valid name and access type as described above.

Parameters Example with Syntax Related Commands

ACC1(config)#s nm p c om m un it y Public access readwrite
• • • • (config) snmp change-v3-password, on page 655 (config) snmp enable, on page 656 (config) snmp trap community, on page 657 (config) snmp traps, on page 657

(config) snmp enable
Command Description Parameters Example with Syntax Related Commands

ACC1(config)#s n mp e n ab le / di s ab le
Enables/Disables SNMP support in the Accelerator. Enable to enable, Disable to disable.

ACC1(config)#s n mp enable
• • • • (config) snmp change-v3-password, on page 655 (config) snmp community access, on page 656 (config) snmp trap community, on page 657 (config) snmp traps, on page 657

Ac ce ler at o rOS Ve rsi on 7.0 .1 Us er Gu id e

Co n f ig u r at io n C om m an d s /

657

(config) snmp trap community

i

Note: If, after defining snmp trap manager-ip, snmp read community or snmp trap community, you want to clear these values, use the no command to reverse this definition. For example: no snmp read community [name]
Command Description Parameters Example with Syntax Related Commands

ACC1(config)#s nm p t r ap c o mm un i ty [n am e ]
Sets the name of the SNMP trap community. The default is Public. Enter a valid name as described above.

ACC1(config)#s nm p t r ap c o mm un i ty public
• • • • (config) snmp change-v3-password, on page 655 (config) snmp community access, on page 656 (config) snmp enable, on page 656 (config) snmp traps, on page 657

(config) snmp traps
Command Description Parameters Example with Syntax Related Commands

ACC1(config)#sn m p t ra ps en ab l e/ di s ab l e
Enables/Disables SNMP trap support. Enable to enable, Disable to disable.

ACC1(config)#sn m p t ra ps enable
• • • • (config) snmp change-v3-password, on page 655 (config) snmp community access, on page 656 (config) snmp enable, on page 656 (config) snmp trap community, on page 657

658

A p pe n di x F: Command Line Interface

Log Commands
The following commands are available: (config) logging, on page 658 (logging) mail active, on page 659 (logging) mail from, on page 660 (logging) mail recipient, on page 660 (logging) mail server ip, on page 661 (logging) mail server port, on page 661 (logging) mail severity, on page 662 (logging) syslog active, on page 662 (logging) syslog facility, on page 663 (logging) syslog server ip, on page 663 (logging) syslog severity maximum, on page 664 (logging) syslog severity minimum, on page 664

(config) logging

Ac ce ler at o rOS Ve rsi on 7.0 .1 Us er Gu id e

Co n f ig u r at io n C om m an d s /

659

Command Description Parameters Example with Syntax Related Commands

ACC1(config)#l og g in g
Enters the Logging node. No additional parameters are necessary.

ACC1(config)#l og g in g
• • • • • • • • • • • (logging) mail active, on page 659 (logging) mail from, on page 660 (logging) mail recipient, on page 660 (logging) mail server ip, on page 661 (logging) mail server port, on page 661 (logging) mail severity, on page 662 (logging) syslog active, on page 662 (logging) syslog facility, on page 663 (logging) syslog server ip, on page 663 (logging) syslog severity maximum, on page 664 (logging) syslog severity minimum, on page 664

(logging) mail active
Command Description Parameters Example with Syntax Related Commands

ACC1(logging)#m a il a c ti v e [d i sa bl e | en ab l e]
Sets the Accelerator to send email notification when events and alerts are received Enable to enable, disable to disable

ACC1(logging)#m a il a c ti v e enable
• • • • • • • • • • • (config) logging, on page 658 (logging) mail from, on page 660 (logging) mail recipient, on page 660 (logging) mail server ip, on page 661 (logging) mail server port, on page 661 (logging) mail severity, on page 662 (logging) syslog active, on page 662 (logging) syslog facility, on page 663 (logging) syslog server ip, on page 663 (logging) syslog severity maximum, on page 664 (logging) syslog severity minimum, on page 664

660

A p pe n di x F: Command Line Interface

(logging) mail from
Command Description Parameters Example with Syntax Related Commands

ACC1(logging)#ma il fr om [ name]
Sets the name to appear in the From field of emails sent from the Accelerator. Enter a valid password as described above.

ACC1(logging)#ma il fr om [ name]
• • • • • • • • • • • (config) logging, on page 658 (logging) mail active, on page 659 (logging) mail recipient, on page 660 (logging) mail server ip, on page 661 (logging) mail server port, on page 661 (logging) mail severity, on page 662 (logging) syslog active, on page 662 (logging) syslog facility, on page 663 (logging) syslog server ip, on page 663 (logging) syslog severity maximum, on page 664 (logging) syslog severity minimum, on page 664

(logging) mail recipient
Command Description Parameters Example with Syntax Related Commands

ACC1(logging)#m ai l r ec i pi en t [ name]
Sets the name to appear in the To field of emails sent from the Accelerator. Enter a valid email address as described above.

ACC1(logging)#m ai l r ec i pi en t username@emailaddress.com
• • • • • • • • • • • (config) logging, on page 658 (logging) mail active, on page 659 (logging) mail from, on page 660 (logging) mail server ip, on page 661 (logging) mail server port, on page 661 (logging) mail severity, on page 662 (logging) syslog active, on page 662 (logging) syslog facility, on page 663 (logging) syslog server ip, on page 663 (logging) syslog severity maximum, on page 664 (logging) syslog severity minimum, on page 664

Ac ce ler at o rOS Ve rsi on 7.0 .1 Us er Gu id e

Co n f ig u r at io n C om m an d s /

661

(logging) mail server ip
Command Description Parameters Example with Syntax Related Commands

ACC1(logging)#m ai l s er v er i p [ ip address (x.x.x.x)]
Sets the IP address of the mail server. Enter a valid IP address as described above.

ACC1(logging)#m ai l s er v er i p 100.100.50.8
• • • • • • • • • • • (config) logging, on page 658 (logging) mail active, on page 659 (logging) mail from, on page 660 (logging) mail recipient, on page 660 (logging) mail server port, on page 661 (logging) mail severity, on page 662 (logging) syslog active, on page 662 (logging) syslog facility, on page 663 (logging) syslog server ip, on page 663 (logging) syslog severity maximum, on page 664 (logging) syslog severity minimum, on page 664

(logging) mail server port
Command Description Parameters Example with Syntax Related Commands

ACC1(logging)#m a il s e rv er po r t[ port number]
Sets the port of the mail server. Enter a valid port number as described above.

ACC1(logging)#m a il s e rv er po r t 86
• • • • • • • • • • • (config) logging, on page 658 (logging) mail active, on page 659 (logging) mail from, on page 660 (logging) mail recipient, on page 660 (logging) mail server ip, on page 661 (logging) mail severity, on page 662 (logging) syslog active, on page 662 (logging) syslog facility, on page 663 (logging) syslog server ip, on page 663 (logging) syslog severity maximum, on page 664 (logging) syslog severity minimum, on page 664

662

A p pe n di x F: Command Line Interface

(logging) mail severity
Command

ACC1(logging)#m ai l s ev e ri ty mi ni m um [i nf o |
w ar n in g | e r ro r | f a ta l] ma xi m um [e rr o r | f at a l | i nf o | w a rn i ng ]

Description

Defines which events are sent, from the minimum to the maximum. Log events are as follows: • info - informational events • warning - warnings • error - errors in acceleration • fatal - fatal errors Enter the event as described above.

Parameters Example with Syntax Related Commands

ACC1(logging)#m ai l s ev e ri ty minimum info maximum fatal
• • • • • • • • • • • (config) logging, on page 658 (logging) mail active, on page 659 (logging) mail from, on page 660 (logging) mail recipient, on page 660 (logging) mail server ip, on page 661 (logging) mail server port, on page 661 (logging) syslog active, on page 662 (logging) syslog facility, on page 663 (logging) syslog server ip, on page 663 (logging) syslog severity maximum, on page 664 (logging) syslog severity minimum, on page 664

(logging) syslog active
Command Description Parameters Example with Syntax Related Commands

ACC1(logging)#s y sl og ac t iv e [ di sa b le |
en ab l e]
Enables Syslog events to be sent. Enable to enable, Disable to disable

ACC1(logging)#s y sl og ac t iv e enable
• • • • • • • • • • • (config) logging, on page 658 (logging) mail active, on page 659 (logging) mail from, on page 660 (logging) mail recipient, on page 660 (logging) mail server ip, on page 661 (logging) mail server port, on page 661 (logging) mail severity, on page 662 (logging) syslog facility, on page 663 (logging) syslog server ip, on page 663 (logging) syslog severity maximum, on page 664 (logging) syslog severity minimum, on page 664

Ac ce ler at o rOS Ve rsi on 7.0 .1 Us er Gu id e

Co n f ig u r at io n C om m an d s /

663

(logging) syslog facility
Command Description Parameters Example with Syntax Related Commands

ACC1(logging)#sy sl o g f ac il i ty [ number]
Sets the Syslog facility number. Enter a valid number

ACC1(logging)#sy sl o g f ac il i ty 23
• • • • • • • • • • • (config) logging, on page 658 (logging) mail active, on page 659 (logging) mail from, on page 660 (logging) mail recipient, on page 660 (logging) mail server ip, on page 661 (logging) mail server port, on page 661 (logging) mail severity, on page 662 (logging) syslog active, on page 662 (logging) syslog server ip, on page 663 (logging) syslog severity maximum, on page 664 (logging) syslog severity minimum, on page 664

(logging) syslog server ip
Command Description Parameters Example with Syntax Related Commands

ACC1(logging)#s ys l og s e rv e r ip [ IP address (x.x.x.x)]
Sets the IP address of the Syslog server. Enter a valid IP address as described above.

ACC1(logging)#s ys l og s e rv e r ip 100.100.20.3
• • • • • • • • • • • (config) logging, on page 658 (logging) mail active, on page 659 (logging) mail from, on page 660 (logging) mail recipient, on page 660 (logging) mail server ip, on page 661 (logging) mail server port, on page 661 (logging) mail severity, on page 662 (logging) syslog active, on page 662 (logging) syslog facility, on page 663 (logging) syslog severity maximum, on page 664 (logging) syslog severity minimum, on page 664

664

A p pe n di x F: Command Line Interface

(logging) syslog severity maximum
Command Description Parameters

ACC1(logging)#s y sl og se v er it y m ax i mu m
Defines which events to send, from the minimum to the maximum. Use in conjunction with severity minimum. Enter a valid event: • info • warning • error • fatal

Example with Syntax Related Commands

ACC1(logging)#s y sl og se v er it y maximum warning maximum error
• • • • • • • • • • • (config) logging, on page 658 (logging) mail active, on page 659 (logging) mail from, on page 660 (logging) mail recipient, on page 660 (logging) mail server ip, on page 661 (logging) mail server port, on page 661 (logging) mail severity, on page 662 (logging) syslog active, on page 662 (logging) syslog facility, on page 663 (logging) syslog server ip, on page 663 (logging) syslog severity minimum, on page 664

(logging) syslog severity minimum
Command Description Parameters

ACC1(logging)#s y sl og se v er it y m in i mu m
Defines which events to send, from the minimum to the maximum. Use in conjunction with severity maximum. Enter a valid event: • info • warning • error • fatal

Example with Syntax Related Commands

ACC1(logging)#s y sl og se v er it y minimum warning maximum error
• • • • • • • • • • • (config) logging, on page 658 (logging) mail active, on page 659 (logging) mail from, on page 660 (logging) mail recipient, on page 660 (logging) mail server ip, on page 661 (logging) mail server port, on page 661 (logging) mail severity, on page 662 (logging) syslog active, on page 662 (logging) syslog facility, on page 663 (logging) syslog server ip, on page 663 (logging) syslog severity maximum, on page 664

Ac ce ler at o rOS Ve rsi on 7.0 .1 Us er Gu id e

Co n f ig u r at io n C om m an d s /

665

Log Archives Commands
The log archive creation does not have its own mode, and can be carried out either from the Enable or Config nodes. the examples below are done from the Enable node. The following optio