Professional Documents
Culture Documents
SmartAX MA5300
SmartAX MA5300
1. Basic Operations
2. Service Configuration
3. Maintenance Operations
4. Appendix
V100R005
SmartAX MA5300/5303 Broadband Access System
Operation Manual
BOM 31161292
Huawei Technologies Co., Ltd. provides customers with comprehensive technical support
and service. Please feel free to contact our local office or company headquarters.
Website: http://www.huawei.com
Email: support@huawei.com
Copyright 2004 Huawei Technologies Co., Ltd.
Trademarks
All other trademarks mentioned in this manual are the property of their respective
holders.
Notice
The information in this manual is subject to change without notice. Every effort has
been made in the preparation of this manual to ensure accuracy of the contents, but
all statements, information, and recommendations in this manual do not constitute
the warranty of any kind, express or implied.
About This Manual
Release Notes
The current version of this manual applies to the SmartAX MA5300 Broadband Access
System V100R005.
Related Manuals
The following manuals provide detailed information about the SmartAX MA5300
Broadband Access System (MA5300 for short).
Manual Content
It provides an overall introduction to the MA5300, including
MA5300 Broadband Access System the major functions, system structure, service
Technical Manual implementation, management & maintenance, networking
& applications.
SmartAX MA5300/5303 Broadband It is used for assisting the users in general operations, data
Access System Operation Manual configurations and typical applications.
It introduces all commands available in the MA5300, as well
SmartAX MA5300/5303 Broadband
as the command usage and examples. For specific
Access System Command Reference
command reference, consult the related electronic
(CD-ROM)
documentation.
It provides information on the system installation, including
MA5300 Broadband Access System
the installation of the cabinet, power system and various
Installation Manual
cables.
The following manuals provide detailed information about the SmartAX MA5303
Broadband Access System (MA5303 for short).
Manual Content
It provides an overall introduction to the MA5300 Series,
SmartAX MA5300/5303 Broadband including the major functions, system structure, service
Access System Technical Manual implementation, management & maintenance, networking
& applications.
It is used for assisting the users in general operations, data
SmartAX MA5300/5303 Broadband
configurations and typical applications of the MA5300
Access System Operation Manual
Series.
SmartAX MA5300/5303 Broadband It introduces all commands available in the MA5300 Series,
Access System Command Reference as well as the command usage and examples. It is only
(CD-ROM) available in electronic form.
It provides information on the system installation of the
MA5303 Broadband Access System
MA5303, involving the installation of the cabinet, power
Installation Manual
system and various cables.
This manual takes the MA5300 for illustration. Also refer to this manual for
configuration of the MA5303. The following describes the difference between the
MA5300 and the MA5303.
Both the MA5300 and the MA5303 are Huawei-developed broadband access devices
that provide broadband access services such as ADSL, VDSL and LAN.
The MA5300 is of the cabinet structure. Each MA5300 frame has 16 slots, among
which slots 7 and 8 house the ESM board, while slots 0 6, 9 15 house various
service boards. Slots 14 and 15 can also house the ISU boards.
The MA5303 has 7 slots, among which slot 7 houses the ESM board, while slots 1 6
house various service boards.
Organization
The manual assists the users in general operations, data configurations and typical
applications of the MA5300. There are four parts in the manual, including:
Part 1 Basic Operations details the maintenance terminal configuration, system basic
configuration, user management, Line management, board management, MAC
address management, ARP configuration and network management configuration.
Intended Audience
Conventions
I. General conventions
Convention Description
Arial Normal paragraphs are in Arial.
Arial Narrow Warnings, Cautions, Notes and Tips are in Arial Narrow.
Boldface Headings are in Boldface.
Courier New Terminal Display is in Courier New.
II. Command conventions
Convention Description
Boldface The keywords of a command line are in Boldface.
italic Command arguments are in italic.
[] Items (keywords or arguments) in square brackets [ ] are optional.
Alternative items are grouped in braces and separated by vertical bars.
{ x | y | ... }
One is selected.
Optional alternative items are grouped in square brackets and separated
[ x | y | ... ]
by vertical bars. One or none is selected.
Alternative items are grouped in braces and separated by vertical bars. A
{ x | y | ... } *
minimum of one or a maximum of all can be selected.
Optional alternative items are grouped in square brackets and separated
[ x | y | ... ] *
by vertical bars. Many or none can be selected.
Convention Description
Button names are inside angle brackets. For example, click the <OK>
<>
button.
Window names, menu items, data table and field names are inside square
[]
brackets. For example, pop up the [New User] window.
Multi-level menus are separated by forward slashes. For example,
/
[File/Create/Folder].
Format Description
Press the key with the key name inside angle brackets. For example,
<Key>
<Enter>, <Tab>, <Backspace>, or <A>.
Press the keys concurrently. For example, <Ctrl+Alt+A> means the three
<Key1+Key2>
keys should be pressed concurrently.
Press the keys in turn. For example, <Alt, A> means the two keys should
<Key1, Key2>
be pressed in turn.
V. Mouse operation
Action Description
Click Press the left button or right button quickly (left button by default).
Double Click Press the left button twice continuously and quickly.
Drag Press and hold the left button and drag it to a certain position.
VI. Symbols
Eye-catching symbols are also used in the manual to highlight the points worthy of
special attention during the operation. They are defined as follows:
Module/Chapter Content
Basic Operations
Chapter 1 Maintenance Terminal Configuration
Chapter 2 Basic Operations
Chapter 3 User Management
Chapter 4 Line Configuration
Chapter 5 Board Management
Chapter 6 MAC Address Management
Chapter 7 ARP Configuration
Chapter 8 Network Management Configuration
Chapter 9 RMON Configuration
Chapter 10 DHCP Relay Configuration
Chapter 11 IP Performance Configuration
Service Configuration
Chapter 1 Ethernet Port Configuration
Chapter 2 VDSL Port Configuration
Chapter 3 ADSL Port Configuration
Chapter 4 ADSL2+ Port Configuration
Chapter 5 SHDSL Port Configuration
Chapter 6 VLAN Configuration
Chapter 7 Smart VLAN Configuration
Chapter 8 MUX VLAN Configuration
Chapter 9 STP Configuration
Chapter 10 IGMP Snooping Configuration
Chapter 11 IGMP Proxy Configuration
Chapter 12 Multicast VLAN Configuration
Chapter 13 Managed Multicast Configuration
Chapter 14 ACL Configuration
Chapter 15 QoS Configuration
i
Operation Manual
SmartAX MA5300/5303 Broadband Access System General Table of Contents
Module/Chapter Content
Chapter 16 Cluster Management Configuration
Chapter 17 802.1x Configuration
Chapter 18 AAA and RADIUS Configuration
Chapter 19 PITP Configuration
Chapter 20 ISU Configuration
Chapter 21 Overview of IP Routing Protocol
Chapter 22 Static Route Configuration
Chapter 23 OSPF Configuration
Maintenance Operations
Chapter 1 Loading and Backup
Chapter 2 Patch Management
Chapter 3 Logs and Alarms
Chapter 4 File Management
Chapter 5 Environment Monitor Management
Chapter 6 Active/Standby Switchover
Appendix
Appendix A Acronyms and Abbreviations
ii
HUAWEI
Basic Operations
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Table of Contents
Table of Contents
i
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Table of Contents
ii
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Table of Contents
iii
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 1 Maintenance Terminal Configuration
The command line interface (CLI) of the MA5300 Multi-service Access Module
(referred to as the MA5300 hereinafter) offers two types of configuration modes, the
serial port configuration and Telnet configuration.
Local maintenance is made through the serial port or Telnet, and the remote
maintenance is made through the Modem or Telnet.
You can use the HyperTerminal software operating under Windows 9x, Windows 2000
or Windows NT to configure the serial terminal.
PC (Console)
Console cable
1-1
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 1 Maintenance Terminal Configuration
Select the standard character terminal or PC terminal serial port that is actually
connected to the MA5300 (assuming serial port 2).
3) Click <OK> to pop up the COM2 Properties dialog box. Then configure the serial
port parameters by selecting 9600 bits/s for baud rate, 8 for data bits, 1 for stop
bits, none for parity and none for flow control.
Note that the setting of baud rate should be consistent with that for serial port
parameters. The default baud rate for the system is 9600bit/s.
1-2
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 1 Maintenance Terminal Configuration
1-3
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 1 Maintenance Terminal Configuration
1-4
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 1 Maintenance Terminal Configuration
Note:
For pasting files to the HyperTerminal, Character delay controls the transmission speed of each
character and Line delay controls the time interval of every line. Too short delay may cause character
missing. When commands for file pasting functions abnormally, such values should be modified.
Enter the user name and password in the prompt box for user registration (by default,
the super user name is root and password is admin), and wait until the command
line prompt (such as MA5300>) appears. If no prompt information concerning user
name and password appears, click [Hang-up] first and [Dial] next, and then press the
<Enter> key. If you still fail to log on, return to the last step to check the parameter
settings and physical connections, and then try again.
Configure the system using maintenance commands. If necessary, you can type ? to
obtain help.
For details about the configuration, refer to the chapters that follow.
1-5
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 1 Maintenance Terminal Configuration
To perform remote configuration for the MA5300 through the serial port, you need an
external Modem. Before powering on the MA5300, you should power on its external
Modem first, and then wait for the remote PC to initiate a call through the Modem.
Once the dialup connection is set up, all other configuration steps are the same as
those for configuring local serial port.
Figure 1-7 shows how to configure the remote serial terminal using Modems.
MODEM Console
Telephone line
MA5300
PSTN
COM
MODEM
PC
You can configure the MA5300 Telnet environment through the outband port (namely
the ETH port) or the inband port (namely the Fast Ethernet/Gigabit Ethernet (FE/GE)
port or the ADSL/VDSL port).
To configure Telnet using the ETH port, you should set correctly the IP address and
the reachable route for the MA5300s ETH port through the serial port first. After that,
you can Telnet to the MA5300 through Local Area Network (LAN) and Wide Area
Network (WAN) for configuration.
To configure Telnet using the inband port, you should correctly configure the VLAN IP
address and the reachable route for the inband port. After that, you can use Telnet to
log on to the MA5300 through LAN and WAN for configuration.
1-6
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 1 Maintenance Terminal Configuration
After the completion of configuration, you should check whether the MA5300 can ping
the IP address of a PC. If yes, the configuration is successful. Otherwise, check the
network interface address and network status indicators.
MA5300
Workstation
ETH/FE/GE
LAN
Server Workstation
Configuration PC
1-7
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 1 Maintenance Terminal Configuration
Workstation
Router
LAN
WAN line
MA5300 ETH/FE/GE
1-8
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 1 Maintenance Terminal Configuration
When you log on, the system will prompt the following information:
User Access Verification
Username:root
Password:
The default user name and password for an Administrator is root and admin
respectively.
After logging on to the system, you can perform configuration or view equipment by
using corresponding commands. If necessary, you can also type ? to get help. For
detailed descriptions of configurations, refer to the following chapters.
1-9
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 1 Maintenance Terminal Configuration
I. Networking description
Upstream
0# 7# 0# 7# 13#
ETH
E ME SS
A MS MM
D XM BB
HAB HRB
MA5300 MA5200
1) The traffic passes upstream from the ETH port on the ESM board of the MA5300
to port 0 of the MA5200s HAB board through a cross-over network cable.
2) The IP address of the MA5300s outband port is 10.10.20.1 255.255.255.0.
3) The Telnet IP address is 10.10.21.1 255.255.255.0 (not included in the above
figure).
4) The IP address of the MA5200s virtual terminal (VT) interface is
10.10.20.254/24.
5) The IP address of port 0 of the MA5200s HRB board is 10.10.40.1/30.
1-10
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 1 Maintenance Terminal Configuration
By default, the user name and password for an Administrator is root and admin
respectively. You can use them to Telnet to the equipment or to add new users.
MA5300#terminal user name
User Name(<=16 chars): huawei
User Password(<=16 chars):
Confirm Password(<=16 chars):
User's Level(13).
1. Common User(1) 2. Operator(10) 3. Administrator(15):2
Permitted Reenter Number(04):2
User's Appended Info(<=50 chars): 07558008302118
User's callback dialstring(<=32 chars):
Callbackverify?[Y|N]n
This user has been added
Repeat this operation? [Y|N]n //Select Y to add more users. The system
will prompt you to enter another user name.
4) Save Data.
MA5300(config)#write
By now, the configuration for the MA5300 is completed. After configuring the MA5200
and the Telnet terminal, you can log on to the MA5300 through the Telnet terminal.
I. Networking description
Upstream
0# 7# 0# 7# 13#
E
S
E MM SS
A M MM
D E7/2/0 BB
X
HAB HRB
MA5300 MA5200
1) The traffic passes upstream from the port Ethernet 7/2/0 of the MA5300s ESM
board to port 0 of the MA5200s HAB board. The service VLAN ID is 4000.
2) The inband management IP address of the MA5300 is 10.10.20.1/24. The
management VLAN ID is 1000.
3) The Telnet IP is 10.10.21.1/24 (not included in the above figure).
1-11
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 1 Maintenance Terminal Configuration
1-12
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 1 Maintenance Terminal Configuration
By now, the configuration for the MA5300 is completed. After configuring the MA5200
and the Telnet terminal, you can then log on to the MA5300 through the Telnet
terminal.
1-13
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 2 Basic Operations
Basic system operations refer to the common operations and information queries
performed for the MA5300 and the operation terminal, including:
z Command line operation characteristics
z Setting online help
z Setting interactive mode
z Switching terminal languages
z Setting system time
z Setting system name
z Setting terminal type
z Setting terminal timeout exit
z Setting terminal screen length
z Setting terminal screen clearance
z Viewing hardware/software version
z Viewing CPU occupancy ratio
z Viewing history commands
z Using network test tools
Through the CLI, you can manage, maintain and configure the MA5300.
Note:
For command line format, refer to II Command conventions in the preface of the manual.
2-1
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 2 Basic Operations
have to enter long key words, thus making your operation more convenient. If no
correct match is found, you cannot proceed with the next key word or parameter.
Therefore, when you are operating the system using command line, the command lines
displayed are always in complete form. If you cannot enter a space, it indicates that you
have entered a wrong command. In this case you should check and enter the correct
one.
The CLI provides basic command editing functions. It allows multi-line editing and a
maximum of 256 bytes for each command. Such function is available for both
HyperTerminal and Telnet terminal. However, for HyperTerminal, and arrow keys
are disabled, whereas for other terminals, some editing keys are disabled. Table 2-1
lists the edit functions.
Key Functionality
If the edit buffer is not full, pressing such key will move the
Common keys
cursor rightward from its current position.
Pressing such key will delete the character before the cursor
<BackSpace> and move the cursor forward. When reaching the beginning of
the command, the cursor stops.
2-2
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 2 Basic Operations
The CLI also provides Doskey-like function, enabling auto saving of history commands.
By using such function, you can obtain history commands saved in the CLI and execute
them repeatedly. Up to 10 history commands can be saved for every user in the CLI.
The system performs grammar check for every command entered, and executes it if it
proves correct. For the command that fails to pass the check, the system will prompt
you with error information. Table 2-3 shows common error information.
2-3
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 2 Basic Operations
The MA5300s CLI adopts hierarchical protection to prevent any unauthorized access.
For users of different levels, the command modes involved are different, and the
executable commands are also different even though they operate in the same mode.
Figure 2-1 shows the relationship between the various command modes in the MA5300
system.
Other modes
exit MA5300 ( config-...)#
end
Table 2-4 lists the functionalities and characteristics of the command modes.
2-4
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 2 Basic Operations
MA5300(config)#
Gigabit Ethernet (GE) To configure GE port MA5300(config-if-gigabitethernet- interface
port mode attributes. 7/1/0)# gigabit-ethernet
slot/subslot/port
MA5300(config)#
To configure VDSL port
VDSL port mode MA5300 (config-if-vdsl2/0/0)# interface vdsl
attributes.
slot/subslot/port
MA5300(config)#
To configure ADSL port
ADSL port mode MA5300 (config-if-adsl2/0/0)# interface adsl
attributes.
slot/subslot/port
To configure the attributes
of IP interface MA5300(config-if-vlan-interface1) MA5300(config)#interfa
VLAN interface mode
corresponding to VLAN # ce vlan-interface 1
and VLAN interface.
To configure VLAN
VLAN mode MA5300 (config-vlan1)# MA5300(config)#vlan 1
attributes.
To configure Line
Line mode MA5300 (config-line0)# MA5300(config)#line 0
attributes.
Note:
z To exit command mode level by level, use the exit command; to exit from the current mode to the
privilege mode, use the end command; to exit the privilege mode and enter the common user mode,
use the disable command.
z By default, the command line prompt uses MA5300 as its prefix. It can be modified using the
hostname command. What is included in the bracket is used to describe the current configuration
mode.
The CLI offers four means for you to obtain online help.
z Execute the help command to obtain an overview of the system.
MA5300>help
2-5
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 2 Basic Operations
z You can type ? after the command line prompt to display the current mode and
all commands available in that mode.
For example:
MA5300>?
--------------------------------------------------------------------
Command Of user Mode:
--------------------------------------------------------------------
clear Reset functions.
cls Clear screen.
debug[2] debug command group, 2 sub-command.
enable Turn on privilege mode commands.
exit Exit from current mode and enter prior mode.
help Description of the interactive help system.
lock Lock the terminal.
no Negate a command or set its defaults.
ping[11] ping command group, 11 sub-command.
send[3] send command group, 3 sub-command.
show[13] show command group, 13 sub-command.
system Show used percent of memory.
telnet Open a telnet connection.
tracert[8] tracert command group,8 sub-command.
z You can type ? after an incomplete key word to obtain online help information
about that key word.
For example:
MA5300>s?
--------------------------------------------------------------------
Command Of user Mode:
--------------------------------------------------------------------
send[3] send command group,3 sub-command.
2-6
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 2 Basic Operations
z You can type ? after a complete key word to obtain brief online help information
about the current command and its parameters.
For example:
MA5300>show ?
--------------------------------------------------------------------
Command Of user Mode:
--------------------------------------------------------------------
alarm[4] alarm command group, 4 sub-command.
board Show information of board.
cpu Show used percent of cpu.
history Display the session history command.
infolevel[4] infolevel command group, 4 sub-command.
infoswitch[4] infoswitch command group,4 sub-command.
language Show language version information.
line[3] line command group, 3 sub-command.
loghost Show the configuration list of the log server.
patch[2] patch command group, 2 sub-command.
terminal[2] terminal command group, 2 sub-command.
time Show system time.
version Show version.
You can use the smart command to enable interactive command input mode or use the
no smart command to disable it, depending on your personal preference. The default
one is to enable interactive command input mode.
After the interactive mode is enabled, pressing the <Enter> key after inputting a
command will enable the system to check whether the command and its parameters
have been completely entered. If not, the system will prompt you to make them
complete. Prompt information is also available for optional parameters, but you can
press <Enter> key to ignore them.
MA5300#smart //Enable the interactive input mode.
MA5300#config
{ terminal<K> }: //If you press the <Enter> key after having typed an incomplete
command, the system may prompt you with the next parameter name.
After the interactive mode is disabled, pressing the <Enter> key after typing a
command will enable the system to check the parameters and execute the command. If
no parameter is entered, the system will prompt you with error information.
2-7
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 2 Basic Operations
The MA5300 system supports two languages. They serve as the local language and
the general language respectively. Currently, the supported languages are English and
Chinese. English is the default language. You can use the load language command to
load Chinese.
Use the show language command to view information concerning the names and
version of the loaded languages.
MA5300>show language
Local:
Description: CHINESE SIMPLIFIED
Version: V100R002B03D020
General:
Description: ENGLISH (DEFAULT LANGUAGE)
Version: V100R002B03D020
Use the terminal language command to switch the current language to the other
language. You can choose one of them for information display according to your
personal preference.
MA5300>terminal language
The current language has been switched over
You can use the show time command to view current system time and check whether
it is correct.
If not, the system administrator is entitled to modify it by using the time command. The
modification takes effect upon the completion of the setting. The time format for the
setting is hh:mm:ss yyyy-mm-dd, namely hour:minute:second year-month-day. Take
special care in setting the leap year and leap month.
MA5300#time 11:06:39 2003-12-17
MA5300>show time
Date: 2003-12-17
Time: 11:06:40
2-8
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 2 Basic Operations
To differentiate various MA5300 devices, the administrator can rename the device by
using the hostname command. Such setting takes effect immediately after it is made.
The command line prompt will change accordingly with the name of the associated
equipment. The default equipment name is MA5300.
MA5300(config)#hostname MA5300A
MA5300A(config)#
The MA5300 operating system allows query and setting of the terminal type. VT100
and ANSI are two terminal types available in the system. The default one is ANSI.
1) Set terminal type using the terminal type {ansi | vt100} command.
MA5300#terminal type vt100
Note:
For some terminal tools allowing terminal type setting (such as HyperTerminal, Telnet and neterm), you
can use the associated menu to set the terminal emulation type so that the type of the terminal tool is
consistent with that of terminal in the system.
You can use the exec-timeout command to set the timeout exit for the system. With
such function, the system will exit from the terminal if no information is entered for the
specified period of time.
By default, the timeout exit function is enabled whenever you log on. You can use the
no exec-timeout command to disable it. However, to prevent the system from being
occupied by a user performing no operation for too long period, the system will still exit
2-9
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 2 Basic Operations
as long as no information is entered on the terminal for 120 minutes, even though the
timeout exit function is disabled.
MA5300(config-line0)# exec-timeout 5 0
You can set the length of terminal screen required by using the length command. The
default terminal screen length is 24 lines (you can use the no length command to
restore the default setting). To disable the screen splitting function, use the length 0
command.
MA5300(config-line0)#length 12
To facilitate information display, you can use the cls command to clear the screen. The
command will clear the screen output, and display the command prompt on the upper
left of the screen. This command only clears what is displayed on the screen rather
than those in the buffer.
MA5300>cls
You can use the show version command to show the version of the system and a
board. Only the information for boards in good working status is available.
MA5300>show version
MA5300(config)#show version
{ <cr>|frameid[/slotid]<S><1,5> }:
Huawei Versatile Routing Platform Software.
VRP (tm) Software, Version V3R000M03
Copyright (c) 2000-2002 HUAWEI TECH CO., LTD
To show the history commands, use the command show history. This command can
only show the commands executed by the current user. After re-login, the history
commands will be cleared.
To set the number of history commands that can be displayed, use the command
history size. By default, 10 commands will be displayed.
MA5300(config-line0)#history size 5
MA5300>show history
2-10
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 2 Basic Operations
history size 5.
Exit.
configure terminal.
To show CPU occupancy ratio of a specific board, use the command show cpu. The
system will generate alarms when the CPU occupancy ratio exceeds the threshold.
MA5300>show cpu 0/7
CPU occupancy: 12%
Network test tools refer to the commands used to test the network connectivity and the
host reachability. You can run the commands to check all gateways passed by data
packets sent from the host to the destination, and locate network faults. ping and
tracert are two commonly used commands.
I. ping
To check the network connectivity and the host reachability, use the ping command.
MA5300#ping 10.11.106.133
PING 10.11.106.133: 56 data bytes, press CTRL_C to break.
Reply from 10.11.106.133: bytes=56 Sequence=0 ttl=125 time = 6 ms.
Reply from 10.11.106.133: bytes=56 Sequence=1 ttl=125 time = 6 ms.
Reply from 10.11.106.133: bytes=56 Sequence=2 ttl=125 time = 6 ms.
Reply from 10.11.106.133: bytes=56 Sequence=3 ttl=125 time = 6 ms.
Reply from 10.11.106.133: bytes=56 Sequence=4 ttl=125 time = 6 ms.
II. tracert
To check the gateways passed by a data packet sent from the host to the destination,
use the tracert command. This aims to check the connectivity of network and locate
faults in the network.
First, the host sends a data packet with the Time to Live (TTL) value as 1 is sent to the
destination. During the first hop, the system returns an Internet Control Message
2-11
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 2 Basic Operations
Protocol (ICMP) message to indicate the failure in transmitting the data packet due to
TTL timeout.
Then, the data packet is re-sent, its TTL is 2. The system also returns TTL timeout in the
second hop.
In this way, the process continues until the data packet reaches the destination. Doing
so will record the source address of each ICMP TTL timeout message, so as to provide
a path that an IP packet passes along the way to the destination.
MA5300#tracert 10.11.106.133
traceroute to 10.11.106.133 max hops 30 ,packet 40 bytes
press CTRL_C to break
1 253 ms 476 ms 508 ms 10.11.120.62
2 * * * Request timed out.
3 * * * Request timed out.
4 4 ms 4 ms 5 ms 10.11.106.133
2-12
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 3 User Management
3.1 Overview
User management refers to user account management and authority assignment for
the MA5300.
Operation users here refer to the users who operate the system using the command
line terminal. Each use has certain attributes include account, authority, password,
reentry count, and appending information.
1) Account.
An account, also called a username, consists of 1 15 non-space characters. All the
usernames are unique and case insensitive.
2) Password.
A password consists of 1 15 characters. The common user can only modify his own
password, while the administrator can modify the passwords of other users. The
password is case sensitive.
Users are required to enter the valid username and password to log in before they can
maintain the system using command line terminal.
3) Reentry count.
Reentry count means the permitted number of re-entries.
When you log in, the system will check whether the user name matches the password
and whether that user name is being used at the moment. It depends on the reentry
count whether that user is allowed to log in, if the user name has already been used to
log in to the console.
4) Authority.
In terms of authority, operation users can be divided into common users, operators
and administrators.
z The common users can simply check the equipment information, and run some
of system commands, such as the cls command.
z The operators are allowed to configure the equipment, such as setting system
time.
3-1
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 3 User Management
z The administrators are of the highest level. The administrators are not involved in
specific configuration action. They mainly carry out system administration, such
as patch management.
The users with higher authority can execute lower level commands, but the users with
lower authority cannot execute higher level commands. However, the users with lower
authority can switch to a higher level.
After passing the login authentication, all users first enter the User mode, and then
other modes, depending on their authorities. Even in the same command mode, users
with different authorities are entitled to perform different operations.
5) Appending information.
Appending information is a kind of supplementary information. It is optional, which can
be the users phone number or address. Its total length is limited to 35 characters.
You need to take the actual condition into consideration when adding a user and
setting the authority. No administrator should be added unless considered necessary.
The default administrative username is "root" and the initial password is "admin".
You can use the terminal user name command to add an authorized user, or the no
terminal user name command to delete a user.
When adding a user, you need to enter the user name, password, user level, reentry
count, and appending information.
3-2
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 3 User Management
Note:
z Only the administrator can add a new user.
z All usernames are unique.
z The user with username root cannot be deleted, but the password can be modified.
z Multiple users can be added at a single time, and a maximum of 126 users can be added.
This example shows how to add a common user Huawei. The reentry count is 2. The
appending information is 5550988, namely the users telephone number.
MA5300#terminal user name
User Name(<=16 chars): huawei
User Password(<=16 chars):
Confirm Password(<=16 chars):
User's Level(13).
1. Common User(1) 2. Operator(10) 3. Administrator(15):1
Permitted Reenter Number(04):2
User's Appended Info(<=50 chars): 555-0988
User's call-back dialstring(<=32 chars):
Callback-verify?[Y|N]n
This user has been added
Repeat this operation? [Y|N]n //Selecting Y allows you to add more
users. Then the system will prompt you to enter another user name.
To show user information after a user has been added successfully, use the command
show terminal user.
MA5300#show terminal user huawei
User name: huawei
User's Level: User
User's ReEnterNum: 2
User's Appended Info: 555-0988
User's Callback-dialstring:
none
Callback-Verify: No
Line:
Idle Time: 0
Location:
3-3
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 3 User Management
When a user is found to have poor credibility or malicious behavior, or his term expires,
the administrator is entitled to delete that user by using the no terminal user name
command. To delete a user, only the name of the user to be deleted is to be entered.
Note:
z Users cannot delete themself.
z The user root cannot be deleted.
z A user who is logging in cannot be deleted unless that user is disconnected first.
z Multiple users can be deleted at single time.
The MA5300 supports the modification of user attributes, including user level,
password, number of permitted re-entries, and appending information.
To modify the user level, use the command terminal user level. Only an
administrator can perform this operation.
This example shows how to change the level of the common user huawei to the level
of an operator.
MA5300#terminal user level
User Name(<=16 chars):huawei
1. Common User(1) 2. Operator(10) 3. Administrator(15):
User's Level(13).2
Confirm Level(13): 2
Information will take effect when this user logs on next time
Repeat this operation? [Y|N]n
3-4
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 3 User Management
To modify the user password, use the command terminal user password.
Administrators can modify the passwords of all users (including themselves), without
entering the old passwords.
However, common users and operators can only modify their own passwords, where
the old passwords are required.
MA5300#terminal user password
User Name(<=16 chars):huawei
User Password(<=16 chars):
Confirm Password(<=16 chars):
Information will take effect when this user logs on next time
Repeat this operation? [Y|N]n
To modify the reentry count, use the command terminal user reenter. Only the
administrator is able to perform this operation.
MA5300#terminal user reenter
User Name(<=16 chars):huawei
Permitted Reenter Number(04):3
Confirm Reenter Number(04):3
Information will take effect when this user logs on next time.
Repeat this operation? [Y|N]n
To modify the appending information, use the command terminal user apdinfo.
Administrators can modify appending information of all users. Common users and
Operators can only modify their own appending information.
MA5300#terminal user apdinfo
User Name(<=16 chars):huawei
User's Appended Info(<=50 chars):support@huawei.com
The user's attribute is set successfully!
Repeat this operation? [Y|N]n
To modify the callback attributes of a user, use the command terminal user callback.
Administrators can modify the callback attributes of all users, while common users
and operators can only modify their own callback attributes.
MA5300#terminal user callback
User Name(<=16 chars):huawei
3-5
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 3 User Management
You can use the show terminal user command to view the information concerning all
users, online users, or a specific user.
Note:
The show terminal user command can only show the information on a user with a level equal to or
lower than that of the current user.
3-6
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 4 Line Configuration
4.1 Introduction
I. Line introduction
Note:
On the MA5300, the AUX port and the Console port refer to the same port. Therefore, only two types of
lines are available: AUX line and VTY line.
There are two modes for the line numbering: the absolute numbering mode and the
relative numbering mode.
1) Rules for the absolute numbering mode are as follows:
z AUX line number is placed at the first digit: such as line0, line1.
z The virtual line (VTY) number follows. Therefore, the absolute line number of the
first virtual line (hereafter referred to as line) is line2, the second is line3, and so
forth.
2) Relative line numbering mode is: line type + serial number. The numbering rules
are as follows:
4-1
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 4 Line Configuration
Run the line command to enter line mode. Then you can configure the attributes of
the asynchronous interface.
You can either enter the single line mode to configure a single line, or enter the
multiple-line mode to configure multiple lines at one time.
For example:
1) To enter the AUX port mode under a line, do as follows.
MA5300(config)#line aux 0
MA5300(config-line-aux0)#
You can configure attributes of asynchronous interface only in line mode. However,
the configuration commands are applicable only when the serial ports are working in
the asynchronous interactive mode.
4-2
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 4 Line Configuration
Run the speed command to set the transmission rate of the serial port. The available
rates are: 300bit/s, 600bit/s, 1200bit/s, 4800bit/s, 9600bit/s, 19200bit/s, 38400bit/s,
57600bit/s and 115200bit/s. By default, it is 9600bit/s.
MA5300(config-line-aux0)#speed 9600
Run the flowcontrol command to configure flow control on the serial port, including
hardware flow control and software flow control. The MA5300 does not support
hardware flow control. By default, the flow control mode is none, namely, not to
enable flow control.
MA5300(config-line-aux0)#flowcontrol none
To set the parity bit of the line, run the parity command. By default, the parity bit is
none, namely, not to enable parity check.
MA5300(config-line-aux0)#parity none
To set the stop bit of the line, run the stopbits command. By default, the stop-bit is 1.
MA5300(config-line-aux0)#stopbits 1
To set the data bit of the line, run the databits command. By default, the data bits are
8.
MA5300(config-line-aux0)#databits 8
To enable EXEC terminal service, run the exec command. Then the user will be able
to log in to the system through the serial port or Telnet session. By default, the EXEC
terminal service is enabled on all lines.
The no exec command is used to disable EXEC terminal service. However, since the
line AUX itself is the console port, the AUX port does not support the no exec
command for the sake of safety. It is supported on other lines apart from the AUX port.
For example:
4-3
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 4 Line Configuration
Once this command is executed, Telnet will be disabled, and the system will prompt:
%Connection refused by remote host.
To enable line locking, run the lockable command in line mode. Then you can
execute the global lock command to lock the line. To unlock the line, password input
is required. This can effectively prevent random modification of the equipment by an
illegal user. Note that you have to make the line lockable before setting line locking.
Otherwise, the line cannot be locked. By default, line locking is disabled.
To enable the function of timeout exit, use the exec-timeout command. That is, when
no operation has been performed on the terminal for a certain period of time (the
specified timeout), the terminal will be disconnected.
By default, the function of timeout exit is enabled whenever you log in. If you do not
need this function, use the no exec-timeout command to disable it.
However, to prevent any user from occupying the system without performing any
operations for too long, the system will disconnect a terminal user if no input from that
terminal is received for 120 minutes.
MA5300(config-line0)# exec-timeout 5 0
4-4
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 4 Line Configuration
You can set the length of a terminal screen as required. The length of the terminal
screen is 24 lines by default. The no length command is used to restore the default
setting, while the command length 0 is used to disable the split-screen function.
MA5300(config-line0)#length 12
To set the number of commands that can be stored in the history buffer, use the story
size command. By default, 10 commands can be stored.
MA5300(config-line0)#history size 5
To show information about the physical attributes and related configurations of the
line(s), use the show line command.
1) Show information about all lines.
MA5300(config)#show line
Tty Typ Tx/Rx A Modem Roty AccO AccI Uses Noise Overruns
I 0 AUX 0 9600 0
1 VTY 0 0
2 VTY 1 0
3 VTY 2 0
4 VTY 3 0
2) Show information about line 0.
MA5300(config)#show line 0
Tty Typ Tx/Rx A Modem Roty AccO AccI Uses Noise Overruns
I 0 AUX 0 9600 0
4-5
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 5 Board Management
5.1 Overview
I. Board types
You can use the show board command to query the information about a board.
When only the frame number is entered, you can obtain the overall information about
such a frame, including board names, board status and subboard types.
By entering the frame number/slot number of a board, you can obtain more detailed
information about that board, such as its board category, status and port-related
information.
For example:
1) Query boards in Frame 0.
MA5300#show board 0
5-1
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 5 Board Management
---------------------------------------------------------------
SlotID BoardName Status SubType1 SubType2
---------------------------------------------------------------
0 EVDA Auto_find
1 EVDA Auto_find
2 EVDA Auto_find
3
4 EADA Auto_find
5
6
7 ESMA Normal E4FE E4FE
8
9
10
11
12
13
14
15
Depending on the user operations and running conditions, boards can be in different
status. Table 5-1 lists various board statuses.
Status Remark
Comm Fail Service board. It indicates the physical link communication fails.
Comm OK Service board. It indicates the physical link communication is normal.
Service board. It indicates the board is registered successfully, and is running
Normal
normally.
Failed Service board. The board is suffering from fault
Active -Normal ESM board
5-2
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 5 Board Management
Status Remark
Standby-Normal ESM board
Configuring Service board. The board is being configured.
Service board. It refers to the status displayed by the system when a board is just
Auto_find
inserted, but not confirmed yet.
Table 5-2 shows the subboard type for various boards (ESMA/ESME and
ISUA/ISUE).
The MA5300 can auto detect boards in a frame. To configure a board off line (namely
performing data configuration when the board slot is idle) so that the equipment can
enter the running status immediately after the board is inserted, you can first use the
board add command to add the desired board to an idle slot, and then perform data
5-3
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 5 Board Management
configuration. At the moment, the board is in fault status. It will restore to normal
status after the slot is inserted with a board of the same type.
You can only add a board in an idle slot; otherwise, the system will prompt you with
error information. To confirm an idle slot, use the command show board.
To add a board, use the command board add. Service boards can only reside in slots
0 6 and 9 15. Otherwise, the system will prompt you with error information.
MA5300(config)#board add 0/4 evda
! 1[2002-12-18 05:50:54]:ALM-3-AlarmInfo:
Note that even after a board is added successfully off line, the system will still prompt
you that the communication with the ESM board fails.
Note:
z ESPA board is a passive board that can work normally without any connection with the backplane.
Therefore, no operation on this board is required. (ESP is short for Ethernet Splitter board).
z When a service board other than ESPA is inserted into an idle slot, the system will make registration
automatically and identify the board type. Auto registration is not available for the ESPA board.
z The ESPA board should be used in combination with the EVDA board and the EADA board.
5-4
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 5 Board Management
Similarly, you can use the show board command to display the result of the board
adding. At the moment, the board status is failed. It will become normal after a
board of the same type is inserted.
The MA5300 can identify a board automatically. After a board is inserted into an idle
slot, the system can identify the board name and subboard type. To confirm a board
identified automatically by the system, use the command board confirm frame/slot.
You can also use the command board confirm frame to confirm all boards in a frame.
Only after the board is confirmed to be normal can the configuration for that board
begin.
You can delete those boards which are no longer used. Board deletion operation
involves deletion and deletion confirming. The specific operations are as follows:
I. Deleting a board
To delete a board, use the command board delete. A deleted board is not
recoverable, and all of its data will be cleared.
Note:
z ESM board cannot be deleted.
z You can also delete other boards working in normal status. Such command should be used with due
care, as board deletion operation cannot be undone, and it will clear all data of the board.
5-5
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 5 Board Management
You can use the show board command to confirm the deletion of a board. The board
type for a deleted board is empty.
When a board is working abnormally, you can use the board reset command to reset
that board. Board resetting operation may result in board fault alarm and recovery
alarm.
After the board reset command is executed, the ESM board will generate reset
failure alarm if it has not received any response from the service board for a long time.
When a board is reset successfully, the registration will be output to the ESM board.
The ESM board then performs data configuration for the board to restore the services.
MA5300(config)#board reset 0/1
Are you sure to reset board? (y/n)[n]:y
0 frame 1 slot reset board message sent successfully.
Note:
The command board reset cannot reset the ESM or ESPA board. To reset the ESM board, use the
command reboot.
Use the reboot command to reset the ESM board. When it is restarted it will reset all
service boards, so such operation is equivalent to resetting all boards in the system.
MA5300(config)#reboot
Data is not saved, the unsaved data will lose if reboot system, are you sure
to reboot system? (y/n)[n]:y
5-6
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 5 Board Management
Note:
z As reset operation may result in loss of unsaved data, you are recommended to use the write
command to save the system data before the reset operation.
z To avoid affecting the service, due consideration should be made before you reset the system.
System resetting is generally carried out after new application or data is loaded or system restarting
is required.
5-7
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 6 MAC Address Management
6.1 Overview
The MA5300 maintains an address list for packet forwarding. It contains information
about the equipment address and the port number of other equipment connected to
the MA5300.
For the packet with destination address included in the address list, the MA5300 will
use hardware to forward it. For the packet with destination address excluded from the
address list, the MA5300 will broadcast the Layer 2 packet and perform routing for the
Layer 3 packet through software.
The MA5300 also features address aging function. The MA5300 will delete the
associated address items of the equipment which has not sent any packet for a
certain period of time.
If an entered address already exits in the address list, you should modify the
corresponding item by setting the port associated with the address as input port, and
6-1
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 6 MAC Address Management
the property of the address item as input (including the dynamic item, static item,
permanent item and blackhole item)
The MA5300 does not support the parameter blackhole and permanent, since using
these parameters will result in failure in address adding.
This example shows how to add the static address 0800.4e35.dc71 to the port e7/2/1.
MA5300(config)#mac-address-table static 0800.4e35.dc71 interface e7/2/1
vlan 1
To effectively realize the function of address aging, the aging time should be
configured properly.
As long as a device has not sent any packet during the period specified by the aging
time, the associated address item will be deleted. If the aging time is set too short, the
address item will be deleted very soon. As a result, the data packet associated with
the address item will be broadcasted due to the failure in finding the destination
address, thus affecting the running efficiency of the equipment.
On the other hand, if the aging time is set too long, the idle address item will remain in
the address list for too long. This will exhaust the resources of the address list, and
make the equipment unable to update the address list in accordance with the
networking change. Consequently a large amount of packets will be broadcasted due
to the failure in finding the destination address.
Therefore, proper setting of the aging time is the prerequisite for putting the address
aging function into full play.
To restore the default setting of the address aging time, use the no
mac-address-table aging-time command.
However, the configured address aging function can only work for items of addresses
which are learned or enabled with the aging function, namely the dynamic items. In
general conditions, it is recommended to take the default value of 300s.
This example shows how to set the address aging time as 300s.
MA5300(config)#mac-address-table aging-time 300
6-2
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 6 MAC Address Management
The address learning function enables the MA5300 to learn new addresses. When
the MA5300 receives a data packet with destination address the same as what it has
learned, it no longer needs to broadcast them. Disabling address learning function is
usually done for the sake of security. For example, someone may send frames of
different source addresses to the equipment so as to exhaust the resources of
address list. Disabling learning function can effectively prevent this from happening.
You can use the mac-address-table mac-learning disable command to disable the
address learning function on a piece of equipment or a port, or the no
mac-address-table mac-learning disable to enable it. By default, the address
learning function is enabled.
This examples show how to enable and disable the address learning function.
1) Enable address learning function.
MA5300(config)#no mac-address-table mac-learning disable
2) Disable the address learning function of port vdsl4/0/0.
MA5300(config-if-Vdsl4/0/0)#mac-address-table mac-learning disable
You can use the show mac-address-table command to view the address list for fault
diagnosis.
1) View the enabling/disabling status of the address learning function.
MA5300(config)#show mac-address-table mac-learning
mac-address learning status of the switch: enable
PortName Learning Status
Vdsl4/0/0 disable
Vdsl4/0/1 enable
Vdsl4/0/2 enable
Vdsl4/0/3 enable
Vdsl4/0/4 enable
Vdsl4/0/5 enable
Vdsl4/0/6 enable
Vdsl4/0/7 enable
Vdsl4/0/8 enable
Vdsl4/0/9 enable
Vdsl4/0/10 enable
Vdsl4/0/11 enable
Vdsl4/0/12 enable
Vdsl4/0/13 enable
Vdsl4/0/14 enable
6-3
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 6 MAC Address Management
Vdsl4/0/15 enable
Vdsl4/0/16 enable
Vdsl4/0/17 enable
Vdsl4/0/18 enable
Vdsl4/0/19 enable
Vdsl4/0/20 enable
Vdsl4/0/21 enable
Vdsl4/0/22 enable
Vdsl4/0/23 enable
Ethernet7/2/0 enable
Ethernet7/2/1 enable
Ethernet7/2/2 enable
Ethernet7/2/3 enable
GigabitEthernet7/1/5 enable
2) View the setting of the aging time.
MA5300(config)#show mac-address-table aging-time
mac-address-table aging-time: 300s
3) View MAC address list.
z View MAC address according to VLAN.
MA5300(config)#show mac-address-table vlan 1
MAC ADDR VLAN ID STATE PORT INDEX AGING TIME
0020.ed2b.8c27 1 Learned Ethernet7/2/0 N/A
0800.4e35.dc71 1 Config static Ethernet7/2/1 NOAGED
--- 2 mac address(es) found ---
z View MAC address according to port.
MA5300(config)#show mac-address-table interface e7/2/1
MAC ADDR VLAN ID STATE PORT INDEX AGING TIME
0800.4e35.dc71 1 Config static Ethernet7/2/1 NOAGED
--- 1 mac address(es) found ---
z View address list information according to MAC address.
MA5300(config)#show mac-address-table 0800.4e35.dc71
MAC ADDR VLAN ID STATE PORT INDEX AGING TIME
0800.4e35.dc71 1 Config static Ethernet7/2/1 NOAGED
z View static MAC address.
MA5300(config)#show mac-address-table static
This may take several minutes, please wait...
MAC ADDR VLAN ID STATE PORT INDEX AGING TIME
0800.4e35.dc71 1 Config static Ethernet7/2/1 NOAGED
--- 1 mac address(es) found ---
z View dynamic MAC address.
MA5300(config)#show mac-address-table dynamic
This may take several minutes, please wait...
6-4
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 6 MAC Address Management
6-5
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 7 ARP Configuration
7.1 Overview
Address Resolution Protocol (ARP) is used to translate the IP address into the MAC
address.
The IP address cannot be used for direct communication as network equipment can
only identify the MAC address. The IP address represents the address of a host in the
network layer. The hosts physical address should be made available if data in the
network layer are to be transmitted to that destination host. This is why the IP address
should be translated into the MAC address.
Before two hosts in the Ethernet can communicate with each other, they should be
able to know each others MAC addresses. Every host should have an ARP mapping
list for translating IP address into MAC address. The ARP address list contains a
series of IP addresses and the associated MAC addresses. When the host is
activated, the ARP mapping list is empty. If an ARP mapping item remains idle for a
long period, the host will delete it so as to save memory and the time needed for
searching ARP mapping list.
Given two PCs in an Ethernet: host A and host B. The IP address for host A and host B
is respectively IP_A and IP_B. The process for host A to send packet to host B is as
follows:
1) Host A first checks its ARP mapping list to determine whether it contains the ARP
mapping item of IP_B.
2) If host A can find the associated MAC address, it will encapsulate the IP data
packets according to that MAC address and send them to host B.
3) On the other hand, if host A fails to find such address, it will put the data packet in
the ARP waiting queue, then initiate an ARP request, and broadcast it in the
Ethernet. The ARP request contains the IP address of host B, and the IP address
and the MAC address of host A.
4) As the ARP request is broadcasted, all hosts in Ethernet can receive that request.
However, only the host that is requested (namely host B) will respond to that
request.
7-1
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 7 ARP Configuration
First, host B stores the IP address and MAC address of the request initiator
(namely host A) contained in the request to its own ARP mapping list.
Next, host B returns host A the ARP response containing the MAC address of
host B. Such response will be sent directly to host A rather than broadcasted.
After receiving the response, host A extracts the IP address and the MAC
address of host B, and adds them to its own ARP mapping list. Then it will
transmit all data packets in the waiting queue destined for host B.
ARP mapping list can be maintained either dynamically or manually. The manually
configured mapping between IP address and MAC address is usually known as static
ARP.
Administrators are allowed to maintain an ARP mapping list manually. They can use
the arp command to add/delete static ARP mapping items.
The static ARP mapping item will remain effective during the normal working hours of
the MA5300, while the dynamic ARP mapping item can only maintain its effectiveness
for 20 minutes.
MA5300(config)#arp 10.71.53.11 0800.4e35.dc71 1 ethernet7/2/1
You can use the show arp command to view ARP mapping list so as to know the
running of ARP and diagnose existing problems.
1) View all ARP items.
MA5300(config)#show arp
IP Address MAC Address VLAN ID Port Name Type
10.71.53.11 0800.4e35.dc71 1 Ethernet7/2/1 Static
10.71.53.108 0020.ed2b.8c27 1 Ethernet7/2/0 Dynamic
2) View static ARP items.
MA5300(config)#show arp static
7-2
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 7 ARP Configuration
7-3
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 8 Network Management Configuration
The MA5300 supports both inband network management system (NMS) and outband
NMS.
Outband NMS refers to the NM system implemented through the dedicated Integrated
Services Digital Network (ISDN) line, Digital Data Network (DDN) line or E1 line. An
NMS can connect to the managed device through Local Area Network (LAN), or Wide
Area Network (WAN) including DDN.
Compared with inband network, outband network provides more reliable channels for
device management. In outband network, the NMS can timely locate the fault incurred
to a managed device, and monitor the managed device in real time. Outband network
requires additional devices to form a network so as to provide a maintenance channel
independent of the service channel.
Inband NMS refers to the network management system implemented through the
service channel provided by the managed devices. Inband network features flexible
networking and requires no additional devices. But it still has a shortcoming. The
traffic generated in maintenance occupies the service channel, making it impossible
to maintain the managed device when it is faulty.
The MA5300 can implement outband NMS through the local outband network port
(namely the ETH port) or serial port. For configuration of the serial port, refer to the
chapter Configuration of Maintenance Terminal. This chapter focuses on the
outband port configuration.
Outband port configuration involves setting and querying the IP Address of the
outband port.
8-1
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 8 Network Management Configuration
To set IP address and mask for the outband port, use the ip address command. The
IP address of the outband port should be in the same network segment as that of the
configuration terminal or gateway. You can query the information on the IP network
before the actual setting.
You are still recommended to save the IP address once any modification has been
made for future query, though the system has a default IP address
(10.11.18.1/255.255.0.0).
MA5300(config)#interface m-ethernet7/0/1
MA5300(config-if-M-Ethernet7/0/1)#ip address
{ A.B.C.D<I><A.B.C.D> }:10.71.53.2
{ A.B.C.D<I><A.B.C.D> }:255.255.255.0
{ <cr>|secondary<K> }:
Note:
If the IP address of the outband port has not been set, you can use the default IP address of the outband
port, namely, 10.11.18.1/255.255.0.0.
To query the IP address of an outband port, use the show ip interface command.
MA5300(config-if-M-Ethernet7/0/1)#show ip interface m-ethernet 7/0/1
M-Ethernet7/0/1 is down, line protocol is down
Internet Address is 10.71.53.2/24
Broadcast Address is 10.71.53.255
The Maximum Transmit Unit is 1500
5 packets input,707 bytes,0 multicasts
0 packets output,0 bytes,0 multicasts
8-2
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 8 Network Management Configuration
I. Selecting routes
As the host IP address of NM may not be in the same network segment as the
MA5300, IP packets destined to the host must be forwarded to a specific gateway first.
Otherwise, the IP packets will be discarded. To configure a route, you have to be
familiar with configuration of the whole IP network.
To add a route to the gateway, use the command atmlan ip-route. To delete a route,
use the no form of the command.
A maximum of 200 routes can be configured in the system. Useless routes will affect
the routing efficiency.
MA5300(config)#ip route
{ A.B.C.D<I><A.B.C.D> }:10.70.53.0
{ A.B.C.D<I><A.B.C.D>|INTEGER<U><0,32> }:255.255.255.0
{ NULL<K>|Vlan-interface<K>|A.B.C.D<I><A.B.C.D> }:10.71.53.1
{ <cr>|preference<K>|reject<K>|blackhole<K> }:
You are recommended to view the system IP configurations when modifications have
been made. This is to determine whether the route configurations are proper.
MA5300(config)#show ip route
Routing Tables:
Destination/Mask Proto Pre Metric Nexthop Interface
10.70.53.0/24 STATIC 60 0 10.71.53.1 M-Ethernet7/0/1
10.71.53.0/24 DIRECT 0 0 10.71.53.2 M-Ethernet7/0/1
10.71.53.2/32 DIRECT 0 0 127.0.0.1 InLoopBack0
127.0.0.0/8 DIRECT 0 0 127.0.0.1 InLoopBack0
127.0.0.1/32 DIRECT 0 0 127.0.0.1 InLoopBack0
Outband NMS requires the establishment of an NM LAN, which is not practicable for
devices which are far away from each other. In such a case, inband NMS should be
8-3
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 8 Network Management Configuration
provided. The MA5300 implements inband NMS through the FE/GE ports on its ESM
board.
I. Creating NM VLAN
To set the IP address and input mask for the VLAN interface of the MA5300, use the
ip address command. The IP address and input mask must be valid ones.
MA5300(config)#interface vlan 1000
MA5300(config-if-Vlan-interface1000)#ip address 10.71.53.2
{ A.B.C.D<I><A.B.C.D> }:255.255.255.0
{ <cr> }:
To query the IP address setting of the current VLAN interface, use the show ip
interface command.
To query IP address configuration of the current VLAN interface, use the show vlan
command.
MA5300(config-if-Vlan-interface1000)#show ip interface vlan 1000
Vlan-interface1000 is down, line protocol is down
Internet Address is 10.71.53.2/24
Broadcast Address is 10.71.53.255
The Maximum Transmit Unit is 1500
41 packets input,3318 bytes,0 multicasts
8-4
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 8 Network Management Configuration
After having completed setting the NM VLAN and its interface IP address, you need to
enable transparent transmission of NM VLAN on the upstream interface. By setting
the upstream interface as the trunk interface, you can enable transparent
transmission of multiple VLANs, including the NM VLAN.
MA5300(config-if-Ethernet7/2/0)#switchport mode trunk
MA5300(config-if-Ethernet7/2/0)#switchport trunk allowed vlan 1000
Please wait.. Done.
By default, the MA5300 is accessible for all users. However, for the sake of security,
you can configure the system to only allow users within a certain network segment to
access the MA5300 while denying other illegal network segments.
The MA5300 prohibits the access of illegal users through its VLAN-based access
control list (ACL). To analyze and process data packets, it is required to create the
associated ACL rules based on the Layer 3 source IP addresses. As a result, the
standard ACL is adopted, which includes numeral-based ACL and name-based ACL.
You can configure either of them.
1) Define an ACL.
The match orders are as follows:
z config: Indicates to follow the user-defined order to match ACL rules.
z auto: Indicates to follow the depth-first order to match ACL rules.
By default, the user-defined order, namely config, is followed.
8-5
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 8 Network Management Configuration
This example shows how to define the ACL Telnet limit which allows access of the
users within the network segment 10.72.53.0/24. Note that inversed mask is required
here.
MA5300(config)#access-list 200 deny ingress 1000 egress any // Deny the
traffic flow of VLAN 1000
MA5300(config)#access-list 1 permit 10.72.53.0 0.0.0.255 // Permit the
traffic flow of the designated IP address.
MA5300(config)#access-list 201 permit ingress 1000 egress any// Deny the
traffic flow of VLAN 1000.
2) Activate an ACL.
To validate a defined ACL, you need to activate it in the first place.
Refer to 8.3 Configuring SNMP of this chapter for the SNMP configuration.
8.3.1 Overview
SNMP is the most widely used NM protocol in the present computer network. The
SNMP architecture comprises NMS and Agent.
NMS (Network Management Station) is the workstation running the client program
(Sun NetManager and IBM NetView are two commonly applied NM platforms).
After receiving the request from NMS, the Agent will read or write the management
variables depending on the message type, and then generate a Response and
returned it to the NMS. On the other hand, Agent will send Trap to report any
abnormality that occurs in the cold/warm start of the device.
To uniquely identify the management variables in SNMP packet, SNMP identifies the
management objects in a hierarchical naming scenario. It resembles a tree, where the
8-6
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 8 Network Management Configuration
1 2
1 2
1 B 2
5 6
As shown in the above figure, the managed object B can be uniquely identified with a
string of numbers {1.2.1.1}. This number string is the object identifier of B. The
function of the MIB is to describe the hierarchical structure of a tree. It is a set defined
by the standard variables of the monitored network device.
The SNMP Agent in the MA5300 supports SNMP V1 and SNMP V2C. Table 8-1
shows the supported MIBs.
MIB
MIB content Reference
attribute
MIB II based on TCP/IP network device RFC1213
RFC1493
BRIDGE MIB
Public MIB RFC2675
RMON MIB RFC2819
Ethernet MIB RFC2665
8-7
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 8 Network Management Configuration
MIB
MIB content Reference
attribute
DHCP MIB
DHCP MIB
QACL MIB
ADBM MIB
IGMP Snooping MIB
RSTP MIB
VLAN MIB
Equipment management
Proprietary
MIB Interface management
QACL MIB
RSTP MIB
VLAN MIB
ADSL MIB
VDSL MIB
Device management
Interface management
Commands for configuring SNMP vary with the versions of SNMPs. SNMP V1/VC2
authenticates the log-in of PCs based on community name. In comparison, SNMP V3
offers higher security by allowing you to set community name, add users/groups, and
add views.
8-8
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 8 Network Management Configuration
The first running of the snmp-server command will enable all the SNMP versions.
The second running of the snmp-server command will disable all the SNMP
versions.
SNMP V1 adopts the community name authentication solution. SNMP packets not
conforming to the community name recognized by the device will be discarded.
SNMP community is identified with a character string called community name. A
community may have the read-only access authority or the read-write access
authority. Communities with read-only authority can merely query the device
information while those with read-write authority can configure device.
To set names for communities with read-only authority or read-write authority, use the
global snmp-server community command.
To query the community names after having completed the setting, use the show
snmp community command.
MA5300(config)#show snmp community
Community name:public
Group name: public
Storage-type: nonVolatile
Community name:private
Group name: private
Storage-type: nonVolatile
Trap is the unsolicited information sent automatically to NMS by the managed device
to report some urgent events.
8-9
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 8 Network Management Configuration
To cancel the setting, use the no snmp-server host command. The only difference
between configuring SNMP V1 and SNMPV2C lies in the version selection.
MA5300(config)#snmp-server host
{ A.B.C.D<I><A.B.C.D> }:10.71.53.108 //Set IP address of the Trap
destination host
{ WORD<S><1,32>|version<K>|udp-port<K> }:version //Select the SNMP version.
{ 1<K>|2c<K>|3<K> }:1 //Adopt SNMP V1
{ WORD<S><1,32>|udp-port<K> }:private //Specify private as the community
name.
3) Set Trap source address
In global mode, you can set Trap source address using the snmp-server
trap-source command, and cancel the setting using the no snmp-server
trap-source command.
MA5300(config)#snmp-server trap-source
{ Ethernet<K>|GigabitEthernet<K>|Aux<K>|NULL<K>|LoopBack<K>|Vlan-interfac
e<K>|M-Ethernet<K>|Vdsl<K> }:vlan-interface
{ <1-4000> }:1000 //Set Trap source address to vlan interface 1000.
SysContact is a management variable in the system group of MIB II. Its content
includes the ID of device administrator and contact method.
In global mode, you can configure sysContact using the snmp-server contact
command, and restore the default setting using the no snmp-server contact
command. The default setting is HuaWei BeiJing China.
MA5300(config)#snmp-server contact
{ LINE }: mary-075526516793 //Set the ID and contact method of
the personnel in charge of the device.
8-10
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 8 Network Management Configuration
After the configuration completes, you can query information on the ID of device
administrator and contact method using the show snmp contact command.
MA5300(config)#show snmp contact
The contact person for this managed node: mary-075526516793
In global mode, you can set the location of the MA5300 using the snmp-server
location command, or restore the default setting using the no snmp-server location
command.
After having completed the configuration, you can use the show snmp location
command to query information on the device location.
MA5300(config)#show snmp location
The physical location of this node: Shenzhen China
To set the size of the SNMP packet that can be received or sent by the Agent, use the
nmp-server packetsize command.
To restore the default setting, use the no snmp-server packetsize command. The
packet size ranges 484 17940 (unit: byte), and the default value is 17940.
MA5300(config)#snmp-server packetsize 1500
You can use the snmp-server packetsize command to query statistics information
on the SNMP packets.
MA5300(config)#show snmp
0 SNMP packets input
0 Bad SNMP version errors
0 Unknown community name
0 Illegal operation for community name supplied
0 Encoding errors
0 Number of requested variables
0 Number of altered variables
0 Getrequest PDUs
0 Getnext PDUs
0 Setrequest PDUs
0 SNMP packets output
8-11
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 8 Network Management Configuration
This operation is only allowed for SNMP V3. Since an engine ID is associated with the
user information, you have to configure the engine ID before adding an SNMP user.
Any modification of the engine ID will delete all the user information. Therefore, it is
recommended to perform this operation with caution.
In global mode, you can set the engine ID for a device using the snmp-server
engineid command, and restore the default setting using the no snmp-server
engineid command. By default, the engine ID is composed of enterprise ID and
device information. The latter may be device IP address, MAC address or other
self-defined text.
MA5300(config)#snmp-server engineid
{ WORD<532> }:800007DB00E0FC1119C26877
You can use the show snmp engineid command to query the device ID after having
completed the configuration.
MA5300(config)#show snmp engineid
Local SNMP engineID: 800007DB00E0FC1119C26877
Setting SNMP group is only allowed for SNMP V3. This operation involves two
passwords: the authentication protocol password and the privacy protocol password.
Choosing the keyword auth means to authenticate only the first-level password
(namely the authentication protocol password). Choosing the keyword priv means to
authenticate the passwords of both levels (namely the authentication protocol
password and privacy protocol password). Choosing the keyword noauth means that
no authentication is required. The keywords read, wirte and notify are used to define
the read, write and notify attributes of a node in a view.
In global mode, you can add an SNMP group using the snmp-server group
command, and delete an SNMP group using the no snmp-server group command.
MA5300(config)#snmp-server group
{ WORD<S><1,32> }:5300 //Specify the SNMP group name.
8-12
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 8 Network Management Configuration
You can use the show snmp group command to query information on the SNMP
group after having completed the configuration.
MA5300(config)#show snmp group
Group name: 5300 Security model: v3 auth
Readview: 5300a Writeview: 5300b
Notifyview :5300c
Storagetype: nonVolatile
This operation is only allowed for SNMP V3. SNMP V3 implements user-oriented
SNMP packet sending. The SNMP user is a remote user executing the SNMP
management commands. To connect to the Agent module of the MA5300, the user is
required to pass the user authentication (namely the user name and password must
be set). An SNMP user should belong to an SNMP group. The user authority must be
lower than that of the group to which he belongs.
In global mode, you can use the snmp-server user command to add a user to an
SNMP group, and use the no snmp-server user command to delete a user from an
SNMP group.
MA5300(config)#snmp-server user
{ WORD<S><1,32> }:huawei //Add an SNMP user.
{ WORD<S><1,32> }:ma5300 //Specify the SNMP group corresponding to
the SNMP user.
{ v1<K>|v2c<K>|v3<K> }:v3 //Select the SNMP version.
{ <cr>|auth<K> }:auth //Specify the authentication mode.
{ md5<K>|sha<K> }:md5 //Specify the authentication protocol.
{ WORD<S><1,64> }:hello //Set the authentication password
{ <cr>|priv<K> }: //Specify whether the password is encrypted.
You can use the show snmp user command to query information on the SNMP user
after having completed the configuration.
MA5300(config)#show snmp user
User name: huawei
Engine ID: 800007DB00E0FC1119C26877 active
8-13
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 8 Network Management Configuration
This operation is only allowed for SNMP V3. By configuring a view, you can define the
accessibility attributes of a node in the view, thus limiting the access to the data.
In global mode, you can create/modify the view information using the snmp-server
view command, and delete the view information using the no snmp-server view
command.
MA5300(config)#snmp-server view
{ WORD<S><1,32> }:mib2 //Specify the view name.
{ WORD<S><1,255> }:1.3.6.1 //Specify the MIB object
{ included<K>|excluded<K> }:included //Specify that the view includes the
MIB.
You can use the show snmp view command to query the view information.
MA5300(config)#show snmp view
View name:mib2 MIB Subtree:internet
Storagetype: nonVolatile included active
V. Setting Trap
Refer to the description in 8.3.2 II. Configuring Trap sending for the detailed
configuration.
8-14
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 8 Network Management Configuration
I. Networking description
Upstream
0# 7# 0# 7# 13#
ETH
E ME SS
A MS MM
D XM BB
HAB HRB
MA5300 MA5200
1) The outband port (namely the ETH port) on the ESM board of the MA5300 is
connected to port 0 on the MA5200s HAB board through a crossover network
cable.
2) The IP address of the MA5300 outband NMS is: 10.10.20.1 255.255.255.0;
3) The IP address of the NMS: 10.10.21.1 255.255.255.0 (not included in Figure
8-2);
4) The IP address of the virtual terminal (VT) interface on the MA5200 is:
10.10.20.254/24;
5) The IP address of port 0 on the MA5200s HRB board is: 10.10.40.1/30.
8-15
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 8 Network Management Configuration
I. Networking description
Upstream
0# 7# 0# 7# 13#
E
S
E MM SS
A M MM
D E7/2/0 BB
X
HAB HRB
MA5300 MA5200
1) The inband port ethernet 7/2/0 on the MA5300s ESM board is connected to port
0 on the MA5200s HAB board. Service VLAN ID = 4000.
2) The IP address of the MA5300 inband NMS is: 10.10.20.1/24; NM VLAN
ID=1000.
3) IP address of the NMS: 10.10.21.1/24 (not included in Figure 8-3).
4) IP address of the MA5200s VT interface is: 10.10.20.254/24.
5) IP address of the VT interface on the MA5200: 10.10.40.1/30.
8-16
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 8 Network Management Configuration
8-17
Operation Manual - Basic Operations
SmartAX MA5300/5303 Broadband Access System Chapter 8 Network Management Configuration
8-18
HUAWEI
Service Configuration
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Table of Contents
Table of Contents
i
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Table of Contents
ii
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Table of Contents
iii
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Table of Contents
iv
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Table of Contents
v
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Table of Contents
vi
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Table of Contents
vii
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Table of Contents
viii
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Table of Contents
23.2.11 Setting the LSA Retransmit Interval Between Adjacent Routers .................... 23-13
23.2.12 Configuring OSPF Stub Area .......................................................................... 23-13
23.2.13 Configure OSPF NSSA ................................................................................... 23-14
23.2.14 Configuring Route Summarization Between Areas......................................... 23-16
23.2.15 Configuring a Virtual Link ................................................................................ 23-17
23.2.16 Configuring Packet Authentication between OSPF Areas.............................. 23-18
23.2.17 Configuring Packet Authentication Mode........................................................ 23-18
23.2.18 Redistributing Routes of Other Protocols........................................................ 23-19
23.2.19 Configuring Parameters for OSPF to Redistribute External Routes ............... 23-20
23.2.20 Redistributing Default Routes into the OSPF Routing Table .......................... 23-21
23.2.21 Setting Route Preference................................................................................ 23-21
23.2.22 Configuring OSPF Route Filtering .................................................................. 23-21
23.2.23 Configuring MTU Filling for an Interface Transmiting DD Packets ................. 23-22
23.2.24 Configuring Sending of OSPF Packets on an Interface.................................. 23-23
23.2.25 Querying OSPF Information............................................................................ 23-23
23.3 OSPF Configuration Examples.................................................................................... 23-24
23.3.1 Configuring DR Election by OSPF Preference ................................................. 23-24
23.3.2 Configuring OSPF Virtual Links ........................................................................ 23-26
23.4 OSPF Troubleshooting ................................................................................................ 23-28
ix
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 1 Ethernet Port Configuration
1.1 Overview
The ETH board and the subboards attached to the ESM board, ETH board and ISU
board can provide the following types of Ethernet ports:
z The 100Base-TX Ethernet port
Working in half-duplex, full duplex or auto-negotiation mode, the 100Base-TX Ethernet
port is designed to offer FE electrical port. It can negotiate with other network devices to
determine the operating mode and transmission rate, greatly simplifying the system
configuration and management.
z The 100Base-FX single mode/multimode Ethernet port
The 100Base-FX single mode/multimode Ethernet port works invariably at 100Mbit/s
and in full duplex mode. The 100Base-FX single mode Ethernet port can provide FE
single mode optical port; the 100Base-FX multimode Ethernet port can provide FE
multimode optical port.
z The 1000Base-SX/LX Ethernet port
The 1000Base-SX/LX Ethernet port works in kilomega full duplex mode. The
1000Base-LX is used to provide kilomega single mode optical port; while the
1000Base-SX is used to provide kilomega multimode optical port.
The Ethernet port number adopts the format of slot number /sub-slot number /port
number. The slot number is 7 or 8. The sub-slot number is 1 or 2. The FE port number
ranges 0 3. The GE port number ranges 0 1.
The MA5303 has 7 slots, among which slot 7 only houses the ESM board, while slots 1
6 house various service boards.
The Ethernet port number adopts the format of slot number /sub-slot number /port
number. The slot number is 7; the sub-slot number is 1 or 2; the FE port number ranges
0 3; the GE port number ranges 0 1.
Configuration of all the above Ethernet ports are generally the same, which mainly
involves:
z Setting port physical properties
z Setting port flow control
1-1
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 1 Ethernet Port Configuration
Note:
The working mode of the 100Base-FX single mode/multimode Ethernet port is set by the system as
non-auto-negotiation, 100Mbit/s, full duplex. It is not allowed to modify these settings. For the
1000Base-SX/LX Ethernet port working in full duplex, you can choose full (full duplex) or auto
(auto-negotiation) for its working mode.
The available duplex modes of an Ethernet port include: full duplex, half-duplex and
auto negotiation.
When setting two interconnected devices, make sure that the setting for one of them
should be consistent with that of the other. Connecting a port supporting
auto-negotiation with one not supporting auto-negotiation may cause faults.
Use the command duplex to set the duplex mode of a port. The default duplex mode
is auto. The working mode of the 100Base-FX multi-mode/single mode optical port is
set by the system as full duplex. It is not allowed to modify these settings. The
1000Base-SX/LX kilomega optical port works in full duplex mode. You can set the
working mode as full or auto.
MA5300(config-if-Ethernet7/2/0)#duplex full
The FE electrical port supports 10Mbit/s and 100Mbit/s. The default rate setting of the
port is auto. The rate of 100Mbit/s is recommended. The FE multimode/single mode
optical port only supports 100Mbit/s. While the GE optical port only supports
1000Mbit/s. Both of them are not allowed to be set. If you intend to set the transmission
rate, the system will prompt you with Not supported.
MA5300(config-if-Ethernet7/2/0)#speed 100
1-2
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 1 Ethernet Port Configuration
By default, jumbo frame is enabled. It means the MA5300 is able to receive a packet
smaller than 1600 bytes.
When jumbo frame is disabled, the MA5300 is able to receive a packet smaller than
1522 bytes.
MA5300(config-if-Ethernet7/2/0)#jumboframe disable
The FE electrical port adopts straight through network cable and cross-over network
cable.
Use the command mdi to set the cable type. The default network cable type is auto
(auto-adaptive). Such setting only works for the FE electrical port.
MA5300(config-if-Ethernet7/2/0)#mdi auto
When the traffic exceeds a certain level, the MA5300 will send frames to inform the
remote PC to reduce the traffic so as to reduce the packet loss rate. The process
involved is called flow control.
To enable flow control function requires the supports from both the MA5300 and the
remote PC. If both of them support flow control, it will be enabled. If the remote PC fails
to support the flow control, it is disabled. By default, the port flow control is disabled.
Use the command flow-control to enable port flow control or the command no
flow-control to disable it.
MA5300(config-if-Ethernet7/2/0)#no flow-control
When the broadcast traffic exceeds a preset threshold, the system will discard some
broadcast packets until the broadcast traffic falls into the acceptable range. This is to
ensure the normal network services. The process involved is called broadcast storm
suppression.
We use the maximum percentage of linear broadcast rate at the port as the reference
parameter. The smaller the percentage is, the less broadcast traffic is allowed to pass
through a port. The broadcast storm suppression is disabled when the percentage
reaches 100%. It is recommended that you enable/disable the broadcast storm
suppression based on the specific network conditions.
1-3
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 1 Ethernet Port Configuration
The Ethernet port supports eight priority levels and four forwarding queues. The system
sends packets to the associated queues based on their priority levels:
z Packets assigned with the priority levels 0 and 1 are sent to the low priority queue.
z Packets assigned with the priority levels 2 and 3 are sent to the general-priority
queue.
z Packets assigned with the priority levels 4 and 5 are sent to the medium priority
queue.
z Packets assigned with the priority levels 6 and 7 are sent to the high priority
queue.
By doing so, packets assigned with different priority levels are treated with different
quality of service (QoS) guarantees.
Use the command priority to set the priority level of a port, or the command no priority
to restore the default setting.
MA5300(config-if-Ethernet7/2/0)#priority 0
The MA5300 supports 255 multicast groups. By controlling the number of multicast
groups allowed to be added to a port, the system can effectively avoid any malicious
attack. By default, up to two multicast groups are supported.
Several Ethernet ports can be aggregated so that the input/output load can be
distributed among them. The MA5300 supports one aggregated group, which can have
up to eight Ethernet ports at the same rate. These member ports must be numbered
1-4
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 1 Ethernet Port Configuration
successively and the start port number needs to be smaller than the ending port
number Aggregation of ports at different slots is not supported.
Ports to be aggregated should have the same rate settings, and work simultaneously in
duplex mode.
MA5300(config-if-Ethernet7/2/0)#duplex full
MA5300(config-if-Ethernet7/2/0)#speed 100
MA5300(config-if-Ethernet7/2/1)#duplex full
MA5300(config-if-Ethernet7/2/1)#speed 100
Use the command link-aggregation to enable Ethernet port aggregation, and the
command no link-aggregation to disable Ethernet port aggregation.
MA5300(config)#link-aggregation Ethernet7/2/0 to Ethernet7/2/1
ingress-egress
Use the command show interface to view the information on a port, which may include
the port type, port status, duplex state, port rate, flow control, broadcast storm
suppression ratio, and port aggregation state.
MA5300(config)#show interface e7/2/0
Ethernet7/2/0 is down
Hardware is Fast Ethernet, Hardware address is 00e0.fc00.0009
Auto-duplex, 100M, 100_ISUE_TX
Flow control is disabled
Broadcast max-ratio is 15%
PVID is 3
Priority is 0
1-5
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 1 Ethernet Port Configuration
The command clear interface can be used to clear port information. If neither port type
nor port ID is specified, it will clear the information on all ports in the equipment; if both
the port type and port ID are provided, it only clears the information on the specified
port.
MA5300(config)#clear interface e7/2/0
Use the command jumboframe disable to disable long frames on an Ethernet port.
If the long frame is enabled, the Ethernet port can receive a frame within 1600 bytes. If
the long frame is disabled, the Ethernet port can receive a frame within 1522 bytes. The
default setting is no jumboframe disable, namely, the long frame is enabled.
1-6
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 2 VDSL Port Configuration
The MA5300 can provide VDSL access service. It supports 14 EVDA boards. Each
EVDA board can provide 24 VDSL ports. Each frame can offer access for 336 channels
of VDSL services. The EVDA board can reside in any of the 14 service board slots in
the MA5300 frame.
The VDSL port is numbered in the format of slot number/subslot number/port number.
The slot number ranges 0 6 and 9 15; the sub-slot number is 0; and the port number
ranges 0 23.
This example shows how to enter the VDSL board mode for the port 0 of the board in
slot 3.
MA5300(config)#interface vdsl3/0/0
MA5300(config-if-vdsl3/0/0)#
z VDSL board mode
The VDSL board mode is for setting a VDSL board specifically. You can enter the
desired VDSL board mode by running the command board-vdsl in global mode.
This example shows how to enter the board mode for the VDSL board in slot 3.
MA5300(config)#board-vdsl 3
MA5300(config-board-vdsl3)#
Use the command duplex to set the duplex properties of a VDSL port, including full
duplex, half duplex and auto-negotiation. As the duplex state of a port is required to be
the same as that of the PC connected at the far end, which is usually set as
auto-negotiation, the port is generally set as auto-negotiation. The default setting,
namely auto-negotiation, is recommended.
2-1
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 2 VDSL Port Configuration
MA5300(config-if-vdsl3/0/0)#duplex auto
Use the command speed to set the Ethernet rate of a VDSL port. The Ethernet rate for
a VDSL port can be either of 10Mbit/s, 100Mbit/s or auto-negotiation. As the Ethernet
rate of a port is required to be the same as that of the PC connected at the far end,
which is usually set as auto-negotiation, the port is generally set as auto-negotiation.
The default setting, namely auto-negotiation, is recommended.
MA5300(config-if-vd3/0/0)#speed auto
When the traffic exceeds the acceptable level, the equipment will send frames to inform
the remote PC to reduce the traffic so as to cut the packet loss rate. The process
involved is called traffic control. To enable traffic control function requires the supports
from both the MA5300 and the remote PC. If both of them support the traffic control, it is
generally enabled; if the remote PC fails to support the traffic control, it is disabled. By
default, the port traffic control is disabled.
Use the command flow-control to enable the port traffic control, or the command no
flow-control to disable it.
MA5300(config-if-Vdsl3/0/0)#no flow-control
When the broadcast traffic exceeds the preset threshold, the system will discard some
broadcast packets until the percentage of broadcast traffic falls into the acceptable
range. This is to ensure the normal network services. The process involved is called
broadcast storm suppression. We use the maximum percentage of linear broadcast
rate at a port as the reference parameter. The smaller the percentage is, the less the
broadcast traffic is allowed to pass through the port. The broadcast storm suppression
is disabled when the percentage reaches 100%. It is recommended that you
enable/disable the broadcast storm suppression based on the specific network
conditions.
2-2
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 2 VDSL Port Configuration
The Ethernet port supports eight priority levels and four forwarding queues. The system
sends packets to the associated queues based on their priority levels in this way:
z Packets with the priority levels 0 and 1 are sent to the low priority queue.
z Packets with the priority levels 2 and 3 are sent to the general-priority queue.
z Packets with the priority levels 4 and 5 are sent to the medium priority queue.
z Packets with the priority levels 6 and 7 are sent to the high priority queue.
By doing so, packets assigned with different priority levels are treated with different
quality of service (QoS) guarantees. The default port priority level is 0.
To set the priority level of a port, use the command priority. To restore the default
setting, use the command no priority.
MA5300(config-if-Vdsl4/0/0)#priority 0
The MA5300 supports 255 multicast groups. By controlling the number of multicast
groups allowed to be added to a port, the system can effectively avoid any malicious
attack. By default, up to two multicast groups are supported.
The MA5300 is capable of limiting the address number involved in VDSL port address
learning so as to control the total number of users allowed to access it. You can
enable/disable the MAC address learning limitation, and set the maximum number of
MAC addresses allowed to be learned.
You can enable/disable the MAC address learning limitation depending on the actual
requirement. By default, the port MAC address learning limitation is enabled.
2-3
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 2 VDSL Port Configuration
When the MAC address learning limitation is enabled, you can use the command
mac-address-table max-mac-count to set the number of MAC addresses allowed to
be learned, or the command no mac-address-table max-mac-count to restore the
default setting. The default value is 2.
If you do not want to impose limitation on the VDSL port address learning, use the
command mac-address-table max-mac-count no-limit to disable the MAC address
learning limitation for ports of a specified VDSL board. Upon the completion of this
setting, you can use the command show interface to verify the setting.
When operating in the deactive state, a port cannot transmit data. Moreover, it is not
allowed to be operated. After the port is unblocked, it is still in the deactive state. It will
not be in the active state until you run a command to activate it.
If a port is blocked, you need to run a command to unblock it before you can activate it
and set up service channels. By default, all ports of the MA5300 VDSL boards are in the
deactive state without additional unblocking operation.
Use the command (no) block to unblock/block a VDSL port, and use the command (no)
block all to unblock/block all ports. Next, use the command show interface to view
the status of the VDSL port, which is in the deactive state.
MA5300(config-board-vdsl4)#no block all
Note:
A VDSL port can be in any of blocked state, activating state, active state, deactivating state, or deactive
state. Use the command show interface state to view its current state. Figure 2-1 illustrates the relations
between these states.
2-4
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 2 VDSL Port Configuration
no block activate
blocked deactive active
block deactivate
block
The parameters of a VDSL line profile include the upstream/downstream line rate,
upstream/downstream interleave depth, signal-to-noise ratio (SNR) margin, and so on.
When a port is activated, the system will negotiate with the office end and remote end to
determine whether the port can work normally under above conditions. In practice, the
settings for all ports are roughly the same. Therefore MA5300 provides the VDSL line
profile to ease the port configuration. Once the line profile is made available, it can be
used to activate a port directly.
To add a VDSL line profile, use the command vdsl line-profile add.
Note:
VDSL board (EVDA) is designed with a default VDSL line profile. It is named LINE-PROFILE-1, and
numbered 1. By default, the system adopts the LINE-PROFILE-1 profile for port activation.
To configure a VDSL profile, you can follow the procedures as shown in Figure 2-2.
2-5
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 2 VDSL Port Configuration
Configuring a VDSL
line profile
The following describes the details for configuring the VDSL line profile.
1) Set VDSL line profile number.
MA5300(config)#vdsl line-profile add 2
Start profile 2 adding.
During input, press 'CTRL+C' to quit, and then settings at this time are
neglected.
You can enter a profile number or press <Enter> to enable the system to allocate a
profile number. As the profile number is unique, you can delete or modify a VDSL line
profile by its profile number.
2) Select bandplan.
The available bandplans include 0-PLAN997, 1-PLAN998, 2-CHINA-3BAND,
3-ADSL-MODE and 4-10BASE-S. The system only supports PLAN998 and 10BASE-S
2-6
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 2 VDSL Port Configuration
currently. If you select others, the system will prompt that the selected one is not
supported and require you to enter a new one. If you enter 4, the system will adopt the
procedure for configuring VDSL.
3) Enable/Disable VDSL line auto-training.
> VDSL link auto train 1-enable 2-disable (1 2)[1]:
When the auto training is enabled, the link will try to operate at the set rate while
maintaining the SNR margin. The training may lead to the link rate being lower than or
equal to the expected rate. If the link working at the lowest rate is still not able to meet
the expected SNR requirement, it will be disconnected. When the auto training is
disabled, the link will turn the set rate into the expected rate. If the link fails to reach the
expected rate, it will be disconnected, regardless of the SNR. You are recommended to
enable the auto training.
4) Set the maximum downstream bit rate.
> Target bit rate downstream (780 25000 kbps) [12500]:
In the process of setting up VDSL connection, if the line is in good conditions, and the
calculated downstream rate of a VDSL line is higher than the maximum value set, the
bit rate will be limited to the set value. Meanwhile, the downstream noise margin will
increase. If the line is in poor condition, and the calculated downstream bit rate is lower
than the set maximum bit rate, the system will set up the VDSL connection at the
calculated bit rate, while maintaining the target downstream noise margin. To ensure
VDSL connection stability, you are recommended to set the maximum downstream rate
at 12500kbit/s.
5) Set the maximum upstream bit rate.
> Target bit rate upstream (780 25000 kbps) [12500]:
The interleave depth is closely related to the stability of VDSL connection and
transmission delay. It can change the low-resistance impulse noise spectrum in the link,
thus affecting the equipments error correction capability. The larger the interleave
depth, the more powerful the link error correction capability, and the longer the link
transmission delay. It is recommended that you set the interleave depth to 1.
7) Set the maximum upstream interleave depth.
> Target upstream interleaved depth 0,1,2,8,16 (0 16) [1]:
The target SNR margin refers to the SNR margin preserved to maintain the normal data
communication at the time of the line noise deteriorating. The larger the target SNR
2-7
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 2 VDSL Port Configuration
margin, the lower the chance of error occurrence in data transmission, and the more
secure the system will be. Conversely, the larger the SNR margin, the smaller the
achievable maximum rate.
To avoid affecting other equipment, the transmit power of a device in each frequency is
usually required to be equal to or lower than the specified value. If a VDSL device is
likely to interfere with other equipment, its transmit power in some frequencies should
be reduced.
The radio wave band filtering function is used to reduce the performance of the
equipment. This can avoid interfering with other equipment. As the use of radio wave
band filtering may diminish the usable VDSL frequencies and greatly reduce the VDSL
transmission performance, you are recommended to disable the radio wave filtering
function.
11) Set whether to set upstream PSDmask.
> Will you set upstream PSDMask?(y/n)[n]:
With the above settings, VDSL profile configuration succeeds when the system
displays the following:
Add profile 2 successfully.
To delete a designated VDSL profile, use the command vdsl line-profile delete.
However, when deleting a VDSL profile bound with a port, you have to unbind this
profile first, and then use the command to delete it.
Note:
The default VDSL line profile (numbered 1) cannot be deleted.
2-8
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 2 VDSL Port Configuration
To modify a specified VDSL line profile, use the command vdsl line-profile modify.
The detailed procedures involved are similar to those of adding a VDSL profile.
MA5300(config)#vdsl line-profile modify 2
Start modifying profile 2.
During input, press 'CTRL+C' to quit, and then settings at this time are
neglected.
> VDSL link auto train 1-enable 2-disable (1 2)[1]:
> Target bit rate downstream (780 25000 kbps) [12500]:
> Target bit rate upstream (780 25000 kbps) [12500]:
> Target downstream interleaved depth 0,1,2,8,16 (0 16) [1]:
> Target upstream interleaved depth 0,1,2,8,16 (0 16) [1]:
> Signal to noise ratio margin downstream:precision 0.1dB(0.0 31.0 dB) [6.0]:
> Signal to noise ratio margin upstream:precision 0.1dB(0.0 31.0 dB) [6.0]:
> Will you set downstream PSDMask?(y/n)[n]:n
> Will you set upstream PSDMask?(y/n)[n]:
Modify profile 2 successfully
Attention: To effect the modification will disconnect the VDSL interface
which use this template for a few seconds!
Do you want to make it effect? (y/n)[n]:n
It will take effect after VDSL interface deactive and active again!
Upon the completion of the VDSL line profile configuration, the system will prompt you
whether to validate the profile configurations immediately. If yes, the system will
interrupt all VDSL ports using this profile for several seconds; if not, you can validate it
by deactivating the ports first and then activating them. Board resetting can also
validate a modified profile.
Using the command show vdsl line-profile, you can choose to show a specified VDSL
line profile or all VDSL line profiles. When a VDSL line profile is specified, all
information about the profile is displayed.
2-9
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 2 VDSL Port Configuration
Note:
The profile is the default VDSL line profile. Its parameter settings are shown above.
Before transmitting services, a VDSL port should be activated. Activation refers to the
training between the VDSL Transceiver Unit, Central Office end (VTU-C) and the VDSL
Transceiver Unit, Remote end (VTU-R).
During the training process, the line distance and line status will be checked based on
parameters included in the line profile, such as the specified upstream/downstream line
rates, noise margin. The VTU-C negotiates with the VTU-R to confirm whether the
2-10
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 2 VDSL Port Configuration
MA5300 can work normally in the aforementioned conditions. If the training succeeds,
the VTU-C can communicate with the VTU-R and is ready for transmission (namely in
port activation state).
For an online Customer Premises Equipment (CPE), the activation process ends when
the training completes. The communication terminates after the CPE gets offline. At
this moment, the VTU-C is in listening state. Once the CPE gets online again, the
training process will begin automatically, and the port will be activated after the training
succeeds.
In board mode, you can use the command activate to activate a VDSL port, or the
command activate all to activate all ports in the board. If no line profile number is
entered, use the profile which was bound with the port last time to activate the port.
MA5300(config-board-vdsl4)#activate
{ all<K>|INTEGER<U><0,23> }:all //Activate all ports in the VDSL board in
slot 4.
{ <cr>|INTEGER<U><1,16> }:1 //Bind the line profile 1.
MA5300(config-board-vdsl4)#activate
{ all<K>|INTEGER<U><0,23> }:0 //Activate the port 0 of the VDSL board in
slot 4.
{ <cr>|INTEGER<U><1,16> }:1 //Bind the line profile 1.
In global mode, you can use the command vdsl activate to activate the VDSL port list
and VDSL ports of a specified board, or the command vdsl activate all to activate all
ports at one time.
MA5300(config)#vdsl activate
{ all<K>|INTEGER<U><0,15>|Vdsl<K> }:all //Activate all ports of VDSL boards.
{ <cr>|INTEGER<U><1,16> }:1 //Bind the line profile 1.
MA5300(config)#vdsl activate
{ all<K>|INTEGER<U><0,15>|Vdsl<K> }:4 //Activate all VDSL ports of the board
in slot 4.
{ <cr>|INTEGER<U><1,16> }:1 //Bind line profile 1.
MA5300(config)#vdsl activate
{ all<K>|INTEGER<U><0,15>|Vdsl<K> }:vdsl4/0/0
{ <cr>|to<K>|Vdsl<K>|INTEGER<U><1,16> }:to
{ Vdsl<K> }:vdsl4/0/12 //Activate ports vdsl4/0/0 vd4/0/12.
{ <cr>|Vdsl<K>|INTEGER<U><1,16> }:1 //Bind the line profile 1.
In board mode, you can use the command deactivate to deactivate a VDSL port, or the
command deactivate all to deactivate all ports in the board at one time.
MA5300(config-board-vdsl4)#deactivate all //Deactivate all VDSL ports of the
board in slot 4.
2-11
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 2 VDSL Port Configuration
In global mode, you can use the command vdsl deactivate to deactivate the VDSL
port list and VDSL ports of a specified board, or the command vdsl deactivate all to
deactivate all ports at one time.
MA5300(config)#vdsl deactivate all //Deactivate all VDSL ports in all
boards.
MA5300(config)#vdsl deactivate 4 //Deactivate all VDSL ports in the board
in slot 4.
MA5300(config)#vdsl deactivate vdsl4/0/0 to vdsl 4/0/12 //Deactivate ports
vdsl4/0/0 vdsl 4/0/12.
When a VDSL port is deactivated, the communication between the ADSL Transceiver
Unit, Remote end (ATU-R) and the ADSL Transceiver Unit, Central Office end (ATU-C)
terminates. To enable service transmission, you should re-activate the first.
The VDSL alarm profile is used to set alarm thresholds, count and supervise the
performances of an active VDSL line. Upon the occurrence of threshold crossing, it will
inform the equipment of the event, and send alarms to the log host and the NMS.
However, if all parameters of an alarm profile are set as 0, it will not generate any
threshold alarm. In practice, as most of the ports share these settings, the VDSL alarm
profile is provided in the MA5300 system. When the profile is set successfully, it can be
used to activate a port directly.
To add a VDSL alarm profile, use the command vdsl alarm-profile add.
Note:
The MA5300 is designed with a VDSL alarm profile. It is named as ALARM-PROFILE-1, and numbered 1.
By default, the system uses this profile for port activation.
2-12
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 2 VDSL Port Configuration
To establish a VDSL alarm profile, you need to set the downstream/upstream alarm
threshold parameters.
You can enter a profile number or press <Enter> to enable the system to designate a
number for it. As the profile number is unique, all VDSL alarm profiles are deleted and
modified by their respective number.
2) Enable/Disable downstream line alarm threshold parameter setting.
During input, press 'CTRL+C' to quit, and then settings at this time are
neglected.
> Will you set threshold for modem at near end of line? (y/n)[n]:y
You can select n to disable downstream line alarm threshold setting and turn to 8).
If you select y to enable this setting, the system will prompt you to:
3) Set the threshold for the downstream 15-minute frame second loss.
> [atuc thresh-15-min-lofs] The number of loss of frame seconds within any given
15-minute performance data collection period (0 900) [0]:
Within any given 15-minute performance data collection period, the threshold-crossing
of downstream frame second loss will result in alarm reporting. By far, you are not
required to set this parameter as setting for it is disabled.
4) Set the threshold for the 15-minute signal second loss in the downstream
direction.
> [atuc thresh-15-min-loss] The number of loss of signal seconds within any
given 15-minute performance data collection period (0 900) [0]:
Within any given 15-minute performance data collection period, the threshold-crossing
of downstream signal second loss will result in alarm reporting.
5) Set the threshold for loss of power seconds within 15 minutes at the office end.
> [atuc thresh-15-min-lprs] The number of loss of power seconds within any given
15-minute performance data collection period (0 900) [0]:
Within any given 15-minute performance data collection period, the threshold-crossing
of office-end power second loss will result in alarm reporting. By far, you are not
required to set this parameter as this setting is disabled.
6) Set the threshold for number of loss of errored seconds within 15 minutes in the
downstream direction.
> [atuc thresh-15-min-ess] The number of loss of errored seconds within any
given 15-minute performance data collection period (0 900) [0]:
2-13
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 2 VDSL Port Configuration
You can set it as enable to enable the line initialization failure reporting.
8) Enable/disable upstream alarm threshold parameter setting.
> Will you set threshold for modem at remote end of line? (y/n)[n]:y
You can select n to disable the upstream alarm profile configuration and turn to 2).
If you select y to enable this setting, the system will prompt you to:
9) Set the threshold for number of loss of frame seconds within 15 minutes in the
upstream direction.
> [atur thresh-15-min-lofs] The number of loss of frame seconds within any given
15-minute performance data collection period (0 900) [0]:
2-14
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 2 VDSL Port Configuration
By far, the MA5300 allows you to set the upstream/downstream signal second loss
threshold, upstream/downstream errored second threshold and initialization failure
reporting.
To delete a specified VDSL alarm profile, use the command vdsl alarm-profile delete.
Note:
The default VDSL alarm profile (numbered 1) cannot be deleted.
To modify a specified VDSL alarm profile, use the command vdsl alarm-profile modify.
The procedure involved is similar to that of setting a VDSL alarm profile.
MA5300(config)#vdsl alarm-profile modify 2
During input, press 'CTRL+C' to quit, and then settings at this time are
neglected.
> Will you set threshold for modem at near end of line? (y/n)[n]:y
> [atuc thresh-15-min-lofs] The number of loss of frame seconds within any given
15-minute performance data collection period (0 900) [0]:
> [atuc thresh-15-min-loss] The number of loss of signal seconds within any
given 15-minute performance data collection period (0 900) [0]:
> [atuc thresh-15-min-lprs] The number of loss of power seconds within any given
15-minute performance data collection period (0 900) [0]:
> [atuc thresh-15-min-ess] The number of loss of errored seconds within any
given 15-minute performance data collection period (0 900) [0]:
> [atuc init failure trap]Enables and disables the InitFailureTrap 1-enable
2-disable (1 2) [2]:
> Will you set threshold for modem at remote end of line? (y/n)[n]:y
> [atur thresh-15-min-lofs] The number of loss of frame seconds within any given
15-minute performance data collection period (0 900) [0]:
> [atur thresh-15-min-loss] The number of loss of signal seconds within any
given 15-minute performance data collection period (0 900) [0]:
2-15
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 2 VDSL Port Configuration
> [atur thresh-15-min-lprs] The number of loss of power seconds within any given
15-minute performance data collection period (0 900) [0]:
> [atur thresh-15-min-ess] The number of loss of errored seconds within any
given 15-minute performance data collection period (0 900) [0]:
> [atur init failure trap]Enables and disables the InitFailureTrap 1-enable
2-disable (1 2) [2]:
Modify profile 2 successfully
Attention: To effect the modification will disconnect the VDSL interface
which use this template for a few seconds!
Do you want to make it effect? (y/n)[n]:n
It will take effect after VDSL interface deactive and active again!
When the profile modification completes, the system will prompt you whether to
validate the profile modification immediately. If yes, the system will interrupt all VDSL
ports using this profile for several seconds; if not, you can validate it by deactivating the
ports first and then activating them. Board resetting can also validate a modified profile.
To query a specified VDSL alarm profile, use the command show vdsl alarm-profile.
Note:
The profile is the default alarm profile. Its parameter settings are shown above.
2-16
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 2 VDSL Port Configuration
After setting a VDSL alarm profile, you should bind an alarm profile with a VDSL port.
By default, the port is bound with alarm profile 1.
In board mode, you can use the command alarm-config to bind an alarm profile with a
VDSL port, or the command alarm-config all to complete the alarm profile binding at
one time.
MA5300(config-board-vdsl4)#alarm-config
{ all<K>|INTEGER<U><0,23> }:all //Bind all ports of the VDSL board in
slot 4.
{ INTEGER<U><1,16> }:1 //Bind alarm profile 1.
MA5300(config-board-vdsl4)#alarm-config
{ all<K>|INTEGER<U><0,23> }:0 //Bind the port 0 of the VDSL board in
slt 4.
{ INTEGER<U><1,16> }:1 //Bind alarm profile 1
In global mode, you can use the command vdsl alarm-config to bind the VDSL port list
and the VDSL port of specified board, or the command vdsl alarm-config all to bind all
ports at one time.
MA5300(config)#vdsl alarm-config
{ all<K>|INTEGER<U><0,15>|Vdsl<K> }:all //Bind all ports of VDSL boards.
{ INTEGER<U><1,16> }:1 //Bind alarm profile 1.
MA5300(config)#vdsl alarm-config
{ all<K>|INTEGER<U><0,15>|Vdsl<K> }:4 //Bind ports of the VDSL board in slot
4.
{ INTEGER<U><1,16> }:1 //Bind alarm profile 1.
MA5300(config)#vdsl alarm-config
{ all<K>|INTEGER<U><0,15>|Vdsl<K> }:vdsl4/0/0
{ INTEGER<U><1,16>|to<K>|Vdsl<K> }:to
{ Vdsl<K> }:vdsl4/0/12 //Bind ports vdsl4/0/0 vdsl4/0/12.
{ INTEGER<U><1,16>|Vdsl<K> }:1 //Bind alarm profile 1.
In board mode, you can use the command no alarm-config to unbind a VDSL port, or
the command no alarm-config all to unbind all ports of a board at one time.
MA5300(config-board-vdsl4)#no alarm-config all //Unbind all ports of the VDSL
board in slot 4.
MA5300(config-board-vdsl4)#no alarm-config 0 //Unbind port 0 of the VDSL board
in slot 4.
In global mode, you can use the command no vdsl alarm-config to unbind the VDSL
port list or VDSL ports of a designated board, or the command no vdsl alarm-config
all to unbind all ports at one time.
MA5300(config)#no vdsl alarm-config //Unbind all VDSL board ports.
2-17
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 2 VDSL Port Configuration
An activated VDSL port can perform performance monitoring and statistics collection
for a line. Upon the occurrence of threshold crossing, it will inform the equipment of the
event, and send alarm to the log host and the NMS.
Several Ethernet ports can be aggregated so that the input /output load can be
distributed among them.
The MA5300 supports up to six aggregated groups, one of which can have up to 4
Ethernet ports of the same rate. These member ports must be numbered successively
and the start port number needs to be smaller than the end port number. Aggregation of
ports at different slots is not supported.
Ports to be aggregated should have the same rate, and work in the duplex mode
simultaneously.
MA5300(config-if- Vdsl4/0/0)#duplex full
MA5300(config-if- Vdsl4/0/0)#speed 100
MA5300(config-if- Vdsl4/0/1)#duplex full
MA5300(config-if- Vdsl4/0/1)#speed 100
Use the command link-aggregation to set the VDSL port aggregation, or the
command no link-aggregation to delete it.
MA5300(config)#link-aggregation vdsl4/0/0 to vdsl4/0/0 ingress-egress
Use the command show link-aggregation to view the aggregated ports related
information. The display may include the name of the master port, names of other
member ports, and working mode of the aggregated ports.
MA5300(config)#show link-aggregation vdsl4/0/0
Master port: Vdsl4/0/0
2-18
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 2 VDSL Port Configuration
Other sub-ports:
Vdsl4/0/1
Mode: ingress
The MA5300 also features remote management of the VDSL equipment. Remote
management includes remote equipment binding, automatic upgrade of VDSL remote
equipment parameters, automatic upgrade of VDSL remote equipment patch.
To enable the binding with the VDSL remote equipment, the system may assign IDs to
the MA5300 and the remote equipment respectively. As a result, the port can only work
with the bound remote equipment.
Replacemetn of the remote VDSL Modem, or mismatch of IDs between the MA5300
and the remote VDSL Modem will result in failure in port activation.
Use the command vdsl bind cpe to enable the binding of the MA5300 with the remote
equipment (VDSL Modem), or the command no vdsl bind cpe to disable the binding.
By default, no binding exist between the port and the user terminal.
Note:
When you use commands to enable a binding, the associated port should be activated (with exception of
the command vdsl bind cpe bind-id local).
When using the command vdsl bind cpe, which requires no parameter entering, you
should enter the randomly designated binding IDs in the MA5300 and the remote user
terminal.
MA5300(config-if-Vdsl4/0/0)#vdsl bind cpe
When using the command vdsl bind cpe bind-id, you should enter the designated
binding IDs in the MA5300 and the remote user terminal simultaneously to bind them.
MA5300(config-if-Vdsl4/0/0)#vdsl bind cpe 12
2-19
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 2 VDSL Port Configuration
Use the command show interface to see whether the remote user terminal is bound
and view the binding ID.
MA5300(config)#show interface vdsl4/0/23
In board mode, you can use the command port state to view the port binding
information.
MA5300(config-board-vdsl4)#show port state 23
In board mode, you can also use the command port cpe-info to view port binding
information.
MA5300(config-board-vdsl4)#show port cpe-info 23
The MA5300 supports automatic upgrade of parameters and patch version of VDSL
remote equipment. After the automatic upgrade is enabled, programs can automatically
monitor the patch version and parameters of the VDSL remote Modem. If the patch
version is inconsistent with the version of the MA5300 or the parameters are not the
latest, the system will upgrade them. If the upgrade succeeds, the system will offer the
success message. Otherwise, it will offer the failure message.
If using the remote VDSL Modem certified by the MA5300, you do not have to upgrade
the parameters and patch version of the remote VDSL Modem. If using other remote
VDSL Modem not certified by the MA5300, you have to upgrade them. By default, the
automatic upgrade of the parameters and patch version of the user terminal equipment
is disabled.
In global mode, you can upgrade the parameters of remote equipment connected to
multiple ports:
MA5300(config)#vdsl auto-upgrade remote-parameter vdsl4/0/0 to vdsl4/0/23
In port mode, you can upgrade the parameters of a remote device connected to a port:
MA5300(config-if-Vdsl4/0/0)#vdsl auto-upgrade remote-parameter
2-20
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 2 VDSL Port Configuration
Use the command vdsl auto-upgrade remote-patch to enable the automatic upgrade
of the patches of remote equipment, or the command no vdsl auto-upgrade
remote-patch to disable it.
In global mode, you can upgrade the patches of a remote device connected to multiple
ports.
MA5300(config)#vdsl auto-upgrade remote-patch vdsl4/0/0 to vdsl4/0/23
In port mode, you can upgrade the patches of a remote device connected to a port.
MA5300(config-if-Vdsl4/0/0)#vdsl auto-upgrade remote-patch
When a fault occurs in a VDSL port, you can use the command port reset to reset the
port.
MA5300(config-board-vdsl4)#port reset 23
When a fault occurs in a VDSL chipset, you can use the command chipset reset to
reset the VDSL chip.
MA5300(config-board-vdsl4)#chipset reset 1
In board mode, you can use the command port state to view all information on a VDSL
port, or the command port state all to view the brief information on the port. In global
mode, you can use the command show vdsl port state to obtain the same information.
MA5300(config-board-vdsl4)#show port state 23
Vdsl4/0/23 is up
The VDSL link is active
Bind template No.1 LINE-PROFILE-1
Hardware is Fast Ethernet, Hardware address is 00e0.fc00.0009
Auto-duplex(Full), Auto-speed(100M), _VDSL_TX
Flow control is disabled
Broadcast suppression ratio is 15%
PVID is 1
2-21
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 2 VDSL Port Configuration
Priority is 0
Max mac-address learning count: 2
Max multicast group count: 2
Bound with CPE of No.1647403999
Port mode: access
Tagged VLAN ID: none
Untagged VLAN ID: 1
212 packets output, 0 packets/sec, 52 bytes/sec
92624 bytes, 112 multicasts, 0 broadcasts, 0 pauses
100 packets input, 0 packets/sec, 0 bytes/sec
50400 bytes, 0 multicasts, 0 broadcasts, 0 pauses
0 CRC errors
0 long frames
MA5300(config-board-vdsl4)#show port state all
Interface PortState LinkState Line-Profile Alarm-Profile
--------------------------------------------------------------------
Vdsl4/0/0 down Activating 1 1
Vdsl4/0/1 down Activating 1 1
Vdsl4/0/2 admin down Deactive 1 1
Vdsl4/0/3 down Activating 1 1
Vdsl4/0/4 down Activating 1 1
Vdsl4/0/5 down Activating 1 1
Vdsl4/0/6 down Activating 1 1
Vdsl4/0/7 down Activating 1 1
Vdsl4/0/8 down Activating 1 1
Vdsl4/0/9 down Activating 1 1
Vdsl4/0/10 down Activating 1 1
Vdsl4/0/11 down Activating 1 1
Vdsl4/0/12 down Activating 1 1
Vdsl4/0/13 down Activating 1 1
Vdsl4/0/14 down Activating 1 1
Vdsl4/0/15 down Activating 1 1
Vdsl4/0/16 down Activating 1 1
Vdsl4/0/17 down Activating 1 1
Vdsl4/0/18 down Activating 1 1
Vdsl4/0/19 down Activating 1 1
---- More (Press CTRL+C break) ---
In global mode, you can use the command show interface to view all information on a
port, which is the same as the information displayed using the command port state.
MA5300(config)#show interface vdsl4/0/23
Vdsl4/0/23 is down
The VDSL link is active
2-22
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 2 VDSL Port Configuration
In board mode, you can use the command show line config to view the settings of a
port line profile.
In global mode, you can obtain the same information by using the command show vdsl
line config.
MA5300(config-board-vdsl4)#show line config 23
Interface Profile Name DownStream UpStream DownSnr UpSnr AutoTrain
Rate(Kbps) Rate(Kbps) Margin(dB) Margin(dB)
--------------------------------------------------------------------------
Vdsl4/0/23 LINE-PROFILE-1 12500 12500 6.0 6.0 enable
Use the command show line state to view the information on an activated port,
including the port state, upstream/downstream rate, upstream/downstream interleave
depth, office-end/remote-end transmit power, upstream/downstream SNR margin,
office-end/ remote-end mean square deviation, office-end/remote-end bit error count,
and deactivation count.
In global mode, you can obtain the same information by using the command show vdsl
line state.
MA5300(config-board-vdsl0)#show line state 0
vdsl link status : active
The actual down-stream rate(Kbps) : 12500
2-23
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 2 VDSL Port Configuration
Use the command port version to query the version of a VDSL office-end/remote-end
Modem, including the hardware version, software version and patch version.
MA5300(config-board-vdsl4)#show port version 23
-----------Local--------------------Remote----------
Interface Hw Sw Patch Hw Sw Patch
--------------------------------------------------------------------
Vdsl4/0/23 0x81 0x2 0x0 0x32 0xb4 0x50
2-24
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 2 VDSL Port Configuration
0 LateCollisionFrames
0 ExcessiveCollisionFrames
0 ReceiveErrors
0 CarrierErrors
0 TooLongErrors
0 SequenceErrors
0 TransmitOctets
1616 ReceiveOctets
0 ReceiveBroadcastFrames
0 ReceivePauseFrames
0 TransmitPauseFrames
0 TransmitFrames
4 ReceiveFrames
The Ethernet statistics in remote vdsl link:
0 AlignmentErrors
0 SingleCollisionFrames
0 MultipleCollisionFrames
0 DeferredTransmissions
0 LateCollisionFrames
0 ExcessiveCollisionFrames
0 ReceiveErrors
0 CarrierErrors
0 TooLongErrors
0 SequenceErrors
1616 TransmitOctets
0 ReceiveOctets
0 ReceiveBroadcastFrames
0 ReceivePauseFrames
0 TransmitPauseFrames
4 TransmitFrames
0 ReceiveFrames
2) Query VDSL port performance statistics.
Use the command show statistics performance to view the performance statistics of
a VDSL port, including performance statistics for last 15 minutes and last 24 hours, and
all performance statistics currently available.
MA5300(config-board-vdsl4)#show statistics performance 23 historic-15minutes
15
Interface Vdsl4/0/23:
<VTU-C>
performance lofs : 0
performance loss : 0
performance lprs : 0
2-25
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 2 VDSL Port Configuration
performance ESs : 0
performance inits : 0
channel corrected blocks : 0
channel uncorrected blocks : 0
performance valid intervals : 96
performance invalid intervals : 0
channel performance valid intervals : 96
channel performance invalid intervals: 0
<VTU-R>
performance lofs : 0
performance loss : 0
performance lprs : 6
performance ESs : 0
performance inits : 0
channel corrected blocks : 0
channel uncorrected blocks : 0
performance valid intervals : 96
performance invalid intervals : 0
channel performance valid intervals : 96
channel performance invalid intervals: 0
Line test refers to the test of parameters and indexes in a VDSL line. The MA5300
allows you to perform VDSL out-line test by connecting meter with the test port on the
backplane. You can also perform internal line test, which aims at testing the internal line
of VDSL chipset, and external line test, which aims at testing the line from the office end
to the remote end.
Use the command meter-test to activate the port out-line test. Only one port can be
activated for the internal test or external test at a time. The internal line test activation is
only allowed for the first port of a board. However, the external line test activation is
allowed for every port.
After the test completes, you can use the command no meter to disable the port
out-line test. By default, the port out-line test is disabled.
MA5300(config-if-Vdsl4/0/0)#meter-test out-line
When a port is set with loopback, the Ethernet frames sent from the port will be sent
back. By comparing the transmitted frames with the received ones, you can determine
2-26
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 2 VDSL Port Configuration
In the case of office-end loopback, you only need to test the switch chips and the
office-end VDSL, without setting up any VDSL link. However, the office-end loopback
can be set only when the link is deactivated.
In the case of remote-end loopback, you have to test the whole link (including the
remote-end Modem), and set up a VDSL link. Meanwhile, the loopback be set only
when the link is activated.
Use the command loopback to set office-end/remote-end loopback for a VDSL port.
After a port is set with loopback, it is no longer able to forward data packets correctly. If
not properly isolated, this may cause multicast storm. Therefore, when the test
completes, you should disable the loopback immediately using the command no
loopback. By default, port loopback is disabled.
MA5300(config-if-Vdsl4/0/0)#loopback remote
The command loopback is just used to set loopback for a port. CPU alone cannot send
test frames. To enable the CPU to send test frames, it should coordinate with the ports
of the auxiliary equipment.
2-27
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 3 ADSL Port Configuration
3.1 Overview
The MA5300 delivers the ADSL access service. It supports 14 EADA boards. Each
EADA board provides 48 ADSL ports. Each frame offers access for 672 channels of
ADSL services. The EADA board can reside in any of the 14 service board slots in the
MA5300 frame.
You can set the ADSL port in ADSL port mode or the ADSL board mode.
z ADSL port mode
The ADSL port mode is for setting ADSL port on individual basis. You can enter the
desired ADSL port mode by running the command interface in global mode. The ADSL
port is numbered using the format of slot number/subslot number/port number. The slot
number ranges 0 6 and 9 15; the sub-slot number is 0; the port number ranges 0
47.
This example shows how to enter ADSL port mode for port 3/0/0.
MA5300(config)#interface adsl3/0/0
MA5300(config-if-Adsl3/0/0)#
z ADSL board mode
The ADSL board mode is for setting ADSL board on batch basis. You can enter the
desired ADSL board mode by running the command board-adsl in global mode.
For example, to enter the ADSL board mode for the board in slot 3:
MA5300(config)#board-adsl 3
MA5300(config-board-adsl3)#
The ADSL port supports eight priority levels and two forwarding queues. Distribution of
packets in the queues is based on their corresponding priority levels: packets assigned
with the priority levels 0 3 are sent to the low priority queue; packets assigned with the
priority levels 4 7 are sent to the high priority queue. By doing so, packets assigned
with different priority levels are treated with different QoS guarantees. The default port
priority level is 0.
Use the command priority to set the priority level of a port, or the command no priority
to restore the default setting.
3-1
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 3 ADSL Port Configuration
MA5300(config-if-Adsl4/0/0)#priority 0
The MA5300 supports 255 multicast groups. By controlling the number of multicast
groups allowed to be added to a port, the system can effectively avoid malicious attacks.
By default, two multicast groups are supported.
The MA5300 is capable of limiting the address number involved in ADSL port address
learning so as to control the total number of users allowed to access it. You can
enable/disable the MAC address learning limitation, set the maximum number of MAC
addresses allowed to be learned, and view the port configuration.
Enabling MAC address learning limitation for all ports of specified ADSL board in global
mode:
MA5300(config)#no mac-address-table max-mac-count no-limit slot 4
Enabling MAC address learning limitation for a specified ADSL port in ADSL port mode:
MA5300(config-if-Adsl4/0/0)#no mac-address-table max-mac-count no-limit
When the MAC address learning limitation is enabled, you can use the command
mac-address-table max-mac-count to set the number of MAC addresses allowed to
be learned, or the command no mac-address-table max-mac-count to restore the
default setting. The default value is 2.
However, you can also configure an individual port in ADSL port mode:
3-2
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 3 ADSL Port Configuration
MA5300(config-if-Adsl4/0/0)#mac-address-table max-mac-count 2
If you do not want to impose limitation on the ADSL port address learning, use the
command mac-address-table max-mac-count no-limit to disable MAC address
learning limitation for ports of a specified ADSL board or a specified port.
Disabling the MAC address learning limitation for all ports of the specified ADSL boards
in global mode:
MA5300(config)#mac-address-table max-mac-count no-limit slot 4
Disabling MAC address learning limitation for a specified ADSL port in ADSL port
mode:
MA5300(config-if-Adsl4/0/0)#mac-address-table max-mac-count no-limit
Using the command show atm-terminated, you can view the configurations for
PPPoA/IPoA, including source MAC address and destination MAC address.
MA5300(config)#show atm-terminated
Source MAC Address : None
Destination MAC Address for PPPoA : None
Destination MAC Address for IPoA : None
When setting up PPPoA or IPoA PVC connections, you need to configure the source
MAC addresses. To enable ADSL board to replace upstream PPPoA or IPoA packet's
ATM header with Ethernet header, you need to configure the source MAC address.
3-3
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 3 ADSL Port Configuration
Using the command atm-terminated source-mac in global mode, you can configure
the source MAC address of PPPoA or IPoA packet:
MA5300(config)#atm-terminated source-mac 0000.1111.2222
When setting up PPPoA or IPoA PVC connections, you need to configure the
destination MAC addresses. To enable ADSL board to replace upstream PPPoA or
IPoA packet's ATM header with Ethernet header, you need to configure the destination
MAC address.
Using the command atm-terminated dest-mac in global mode, you can configure the
destination MAC address of PPPoA or IPoA packet:
MA5300(config)#atm-terminated dest-mac pppoa 0000.1111.2222
When setting up PPPoA connection, you need to configure SessionID area for every
slot. To enable ADSL board to convert the upstream PPPoA packets into PPPoE
packets, you are required to assign a unique SessionID area for every slot.
Using the command show atm-terminated session-id, you can view the SessionID
areas of the system. The number of Session-id areas ranges from 1 to 16. Every area
contains 128 SessionIDs. The default settings are as follows:
MA5300(config)#show atm-terminated session-id
slot area start session-id end session-id
--------------------------------------------------------
0 1 2048 2175
1 2 2176 2303
2 3 2304 2431
3 4 2432 2559
4 5 2560 2687
5 6 2688 2815
6 7 2816 2943
9 8 2944 3071
10 9 3072 3199
11 10 3200 3327
12 11 3328 3455
13 12 3456 3583
14 13 3584 3711
15 14 3712 3839
--------------------------------------------------------
Free session-id area: 15 16
3-4
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 3 ADSL Port Configuration
Using the command atm-terminated session-id in global mode, you can assign a new
SessionID area for every slot. You can adopt a null value for slot without PPPoA
connection.
MA5300(config)#atm-terminated session-id
{ INTEGER<U><0,15> }:0
{ INTEGER<U><1,16>|null<K> }:null
In single-PVC mode, each ADSL port has a fixed Permanent Virtual Circuit (PVC),
which must be consistent with the remote Modem PVC in terms of VPI and VCI settings.
When Modem PVC properties change, you should also modify ADSL port properties.
By default, the VPI is 0 and VCI is 35.
1) Set VPI and VCI using the command adsl pvc.
In port mode:
MA5300(config-if-Adsl11/0/0)#adsl pvc vpi 0 vci 35
In global mode:
MA5300(config)#adsl pvc vpi 0 vci 35
2) Query the settings using the command show adsl line config or show line
config.
MA5300(config-if-Adsl11/0/0)#show adsl line config adsl11/0/0
MA5300(config-board-adsl11)#show line config 0
3) Restore the default VPI and VCI value using the command no adsl pvc.
In port mode:
MA5300(config-if-Adsl11/0/0)#no adsl pvc
In global mode:
MA5300(config)#no adsl pvc all
To set the packet type supported by an ADSL port, use the command adsl
connect-type. auto represents automatic packet identification and enables the ports to
transmit packets of all types; 1483b, pppoa-llc, pppoa-vcmux, or ipoa-llc means that
the ports can only transport packets of a specified type, and packets different from the
specified type will be discarded. The default setting is 1483b. In general circumstances,
auto is recommended.
In port mode:
MA5300(config-if-Adsl1/0/0)#adsl connect-type
3-5
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 3 ADSL Port Configuration
{ 1483b<K>|pppoa-llc<K>|pppoa-vcmux<K>|ipoa-llc<K>|auto<K> }:auto
Failed! Not set dest mac address for ipoa!
In global mode:
MA5300(config)#adsl connect-type
{ 1483b<K>|pppoa-llc<K>|pppoa-vcmux<K>|ipoa-llc<K>|auto<K> }:auto
{ all<K>|INTEGER<U><0,15>|Adsl<K> }:all
Failed! Not set dest mac address for ipoa!
Caution:
z This command cannot function when a port is configured with multiple PVCs.
z When a port adopts such connection type as auto, pppoa-llc, pppoa-vcmux, or ipoa-llc, you need to
configure the destination MAC address for the PPPoA/IPoA packets and the SessionID domain for the
involved slot. For details, refer to 3.5.1 PPPoA/IPoA Configuration.
You can create multiple PVCs on an ADSL port and configure PVCs to deliver
priority-based traffics. This is to enable traffic classification and packet prioritization on
that ADSL port.
Up to 8 PVCs can be established between an RTU and an ADSL board. The 8 PVCs
can support packets of various types, including PPPoEoA, IPoEoA, IPoA and PPPoA.
By default, a port can only be configured with a single PVC. To enable a port to support
multiple PVCs, you need to use the command multipvc enable. After the multiple
PVCs function is enabled for a port, No. 1 PVC is the default one. It can be added and
deleted, but cannot be modified.
In port mode:
MA5300(config-if-Adsl3/0/0)#multipvc enable
In global mode:
MA5300(config)#multipvc enable
{ Adsl<K>|all<K>|INTEGER<U><0,15> }:adsl
{ <3-3> }:3/0/0
{ <cr>|to<K>|Adsl<K> }:
3-6
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 3 ADSL Port Configuration
To disable the multi-PVC function, use the command multipvc disable. When the
multi-PVC function is disabled, the connection attribute settings will be copied to the
single PVC mode configuration.
In port mode:
MA5300(config-if-Adsl3/0/0)#multipvc disable
In global mode:
MA5300(config)#multipvc disable
{ Adsl<K>|all<K>|INTEGER<U><0,15> }:adsl
{ <3-3> }:3/0/0
{ <cr>|to<K>|Adsl<K> }:
After the configurations, you can use the command show multipvc to show global
configuration about the multi-PVC. The information displayed includes the source MAC
address, destination MAC address, and the ports on which the multi-PVC function is
enabled.
MA5300(config)#show multipvc
{ <cr>|config<K> }:
Source MAC Address : 00e0.fc20.3c00
Destination MAC Address for PPPoA : None
Destination MAC Address for IPoA : None
Enabled multi-pvc function port(s):
Adsl3/0/0
Use the command show multipvc config to show the multi-PVC configuration about
the ADSL port.
When the multi-PVC function is enabled, the port has a default PVC, whose default
settings are shown in this example.
MA5300(config)#show multipvc config adsl 3/0/0
{ <cr>|to<K>|Adsl<K> }:
Adsl3/0/0:
Multi-Pvc mode: enable
PVC 1: enable
PVC connect type: 1483B
PVC : vpi is 0, vci is 35
CAR : ds-band is 255, us-band is 255
PVID : 1
Priority : 0
Support Down MultiCast Stream: enable
Support IGMP packet : enable
Output : 0 packets, 0 cells
3-7
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 3 ADSL Port Configuration
To add a PVC on an ADSL port, run the multipvc add command, as illustrated in this
example.
In port mode:
MA5300(config-if-Adsl3/0/0)#multipvc add
{ pvcindex<K> }:pvcindex
{ INTEGER<U><1,8> }:2
{ vpi<K> }:vpi
{ INTEGER<U><0,255> }:1
{ vci<K> }:vci
{ INTEGER<U><0,511> }:25
{ connect-type<K> }:connect-type
{ 1483b<K>|pppoa-llc<K>|pppoa-vcmux<K>|ipoa-llc<K>|auto<K> }:1483b
{ vlan<K> }:vlan
{ INTEGER<U><0,4000> }:2
In global mode:
MA5300(config)#multipvc add
{ all<K>|INTEGER<U><0,15>|Adsl<K> }:adsl
{ <3-3> }:3/0/0
{ pvcindex<K>|to<K>|Adsl<K> }:pvcindex
{ INTEGER<U><1,8> }:2
{ vpi<K> }:vpi
{ INTEGER<U><0,255> }:1
{ vci<K> }:vci
{ INTEGER<U><0,511> }:25
{ connect-type<K> }:connect-type
{ 1483b<K>|pppoa-llc<K>|pppoa-vcmux<K>|ipoa-llc<K>|auto<K> }:1483b
{ vlan<K> }:vlan
{ INTEGER<U><1,4000> }:2
These conditions should be met for executing the multipvc add command:
z The multi-PVC function should be enabled already.
3-8
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 3 ADSL Port Configuration
z Since each ADSL port supports up to 8 PVCs, and each ADSL board supports up
to 128 PVCs, the total number of PVCs on all ports cannot exceed 128.
z Each PVC on an ADSL port should belong to a different VLAN, in other words,
multiple PVCs must not belong to the same VLAN.
z The VPI and VCI settings should be consistent with those of the remote Modem.
z To create PVCs whose connection type is AUTO, PPPoA or IPoA, you have to set
the destination MAC address of the PPPoA and IPoA, as well as the SessionID of
the associated slot. Otherwise, the system prompts the failure. For details, refer to
3.5.1 PPPoA/IPoA Configuration.
z The PVC with index as 1 is the default PVC. It exists automatically once the
multi-PVC function is enabled. You cannot add, delete or modify it.
To modify the multi-PVC configuration of an ADSL port, use the command multipvc
modify.
This example modifies the VPI, VCI settings of PVC 2 on adsl3/0/0 in port mode.
MA5300(config-if-Adsl3/0/0)#multipvc modify
{ pvcindex<K> }:pvcindex
{ INTEGER<U><1,8> }:2
{ vpi<K>|connect-type<K>|vlan<K>|car<K>|priority<K>|support-down-mcast-str
eam<K>
|support-igmp-pkt<K> }:vpi
{ INTEGER<U><0,255> }:5
{ vci<K> }:vci
{ INTEGER<U><0,511> }:55
This example modifies the VPI, VCI settings of PVC 2 on adsl3/0/0 in global mode.
MA5300(config)#multipvc modify
{ all<K>|INTEGER<U><0,15>|Adsl<K> }:adsl
{ <3-3> }:3/0/0
{ pvcindex<K>|to<K>|Adsl<K> }:pvcindex
{ INTEGER<U><1,8> }:2
{ vpi<K>|connect-type<K>|vlan<K>|car<K>|priority<K>|support-down-mcast-str
eam<K>
|support-igmp-pkt<K> }:vpi
{ INTEGER<U><0,255> }:5
{ vci<K> }:vci
{ INTEGER<U><0,511> }:55
To delete a PVC on an ADSL port, use the command multipvc delete. PVC 1 cannot
be deleted.
3-9
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 3 ADSL Port Configuration
To set multicast support on a PVC of an ADSL port, use the command multipvc
modify. On an ADSL port, only one PVC is allowed to support multicast data downlink
transmission, and only one PVC is allowed to support transmission of IGMP packets.
In port mode:
MA5300(config-if-Adsl3/0/0)#multipvc modify
{ pvcindex<K> }:pvcindex
{ INTEGER<U><1,8> }:2
{ vpi<K>|connect-type<K>|vlan<K>|car<K>|priority<K>|support-down-mcast-str
eam<K>
|support-igmp-pkt<K> }:support-down-mcast-stream
In global mode:
MA5300(config)#multipvc modify
{ all<K>|INTEGER<U><0,15>|Adsl<K> }:adsl
{ <3-3> }:3/0/0
{ pvcindex<K>|to<K>|Adsl<K> }:pvcindex
{ INTEGER<U><1,8> }:2
{ vpi<K>|connect-type<K>|vlan<K>|car<K>|priority<K>|support-down-mcast-str
eam<K>
|support-igmp-pkt<K> }:support-down-mcast-stream
To avoid data loss, the ADSL port is required to transmit data at the rate specified by the
EADA side. This rate is Committed Access Rate (CAR). By default, the
3-10
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 3 ADSL Port Configuration
2) Query the settings using the command show adsl line config or the command
show line config.
MA5300(config-if-Adsl11/0/0)#show adsl line config adsl11/0/0
MA5300(config-board-adsl11)#show line config 0
3) Restore the default settings using the command no adsl car.
MA5300(config-if-Adsl11/0/0)#no adsl car
IP address binding means to bind an IP address with a port so that only user with this IP
address is allowed to log in. This helps you to avoid illegal use of the port, (thus)
improving the security of the equipment.
To enable the IP address binding of a port, use the command static-user in ADSL port
mode; to disable the IP address binding of the port, use the command no static-user in
ADSL port mode or global mode.
MA5300(config-if-Adsl1/0/0)#static-user 10.71.53.2
Use the command show to view the IP address binding information on a port:
MA5300#show static-user adsl 1/0/0
The static user info:
Adsl1/0/0 : 10.71.53.2
When operating in the deactive state, a port cannot transmit data and is not allowed to
be operated. If a port is unblocked, you need to run the no block command to unblock
it before you can activate it and set up service channels. After the port is unblocked, it is
still in the deactive state. It will not be in the active state until you run the activate
command to activate it.
By default, all ports of the MA5300 ADSL boards are in the deactive state without
additional unblocking operation.
Use the command (no) block to unblock/block an ADSL port (provided this command
is executable to all these ports). Next, you can use the command port state to view the
status of the ADSL port, which is supposed to be in the deactive state at the moment.
3-11
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 3 ADSL Port Configuration
Note:
An ADSL port can be in any of blocked state, activating state, active state, deactivating state, or deactive
state. You can use the command show interface state to view its current state. Figure 3-1 illustrates the
relations of these states.
no block activate
blocked deactive active
block deactivate
block
Note:
The MA5300 system is designed with two ADSL line profiles. One of them is called LINE-PROFILE-1 and
used in the Fast channel mode; the other is called LINE-PROFILE-2 and used in interleave channel mode.
By default, the system adopts the LINE-PROFILE-1 profile for port activation.
Figure 3-2 shows the parameters involved in setting an ADSL line profile. In practice,
the system offers the interactive prompts which can help you to configure the ADSL line
profile easily.
3-12
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 3 ADSL Port Configuration
Configuring an ADSL
line profile
N
Whether to perform basic setting
Manual configuration
Auto configuration
N
Whether to set line rate
3-13
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 3 ADSL Port Configuration
You can enter a profile number. or press <Enter> to enable the system to allocate a
profile number. As the profile number is unique, you can delete or modify an ADSL line
profile by its profile number.
2) Enable/Disable basic setting.
During input, press 'CTRL+C' to quit, and then settings at this time are
neglected.
> Will you set basic configuration for modem? (y/n)[n]:y
This option is used to prompt you whether to proceed with the basic setting. If not, enter
n; if yes, enter y. The system prompts you to:
3) Set ADSL working mode.
> ADSL operating mode:
> 0: All(G992.1, G992.2, T1.413)
> 1: Full rate(G992.1 or T1.413)
> 2: G992.2(g.lite)
> 3: T1.413
> 4: G992.1(g.dmt)
> 5: g.hs(G992.1 and G992.2, G992.1 is prior)
> Please select (0 5) [0]:0
This option is used to select the ADSL working mode. There are three ADSL working
modes available, which are in compliance with G992.1, G992.2 and T1.413
respectively. The frequency specified in G992.2 is just half of that specified in G992.1
and T1.413. The rate specified in G992.2 is 1536kbps downstream and 512kbps
upstream. The rate specified in G992.1 is the same as that in T1.413: 6144kbps
downstream, and 640kbps upstream.
The MA5300 equipment and the ATU-R (namely the ADSL Modem) should work in the
same mode. Otherwise, the connection between them cannot be established. As
ATU-R may adopt any of the three working modes, you are recommended to set the
MA5300 ADSL working mode with full compatibility. This is to enable the MA5300 to
support G992.1, G992.2 and T1.413 simultaneously.
The specific working mode is determined by the ATU-R. If you enter "0", the system will
prompt you to:
4) Enable/Disable trellis coding.
> Trellis coding 1-enable 2-disable (1 2) [1]:1
This option allows you to enable or disable trellis coding. The trellis coding is an
algorithm, which helps to improve Signal-to-Noise Ratio (SNR) and the ADSL
3-14
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 3 ADSL Port Configuration
connection stability. The trellis coding is usually enabled. You can enter "1" to enable
trellis coding. Next, the system will prompt you to:
5) Enable/Disable upstream channel bit swap.
> Upstream channel bit swap 1-enable 2-disable (1 2) [2]:2
This option is used to enable or disable the upstream channel bit swap.
When an ADSL channel change, the signal-to-noise ratio (SNR) of some sub-carriers
may deteriorate, resulting in failures in bearing the allocated bits. The bit swap function
can swap the allocated bits from one sub-carrier to another sub-carrier to avoid
possible disconnection due to the variation in characteristics of twisted pair channel.
Note:
To enable the bit swap function, supports from both the EADA board and the ATU-R are needed. This
function is disabled by default since it is not supported by the EADA board.
This option allows you to enable or disable downstream channel bit swap. For more
details, refer to above relevant description.
7) Enable/Disable channel working mode selection.
> Will you set channel mode? (y/n)[n]:y
The option is used to prompt you whether to set the channel working mode. If not, the
system will adopt the default mode. If yes, the system will prompt you to:
8) Select channel working mode.
> Please select channel mode 0-interleaved 1-fast (0 1) [1]:0
This option allows you to set the channel working mode. There are two channel modes
available: the interleave mode and the fast working mode. The fast working mode is the
default channel mode. Compared with the fast working mode, the interleave mode is
characterized by stable ADSL connection, and longer transmission delay. For common
Internet access service, the interleave mode is recommended. For services which are
delay sensitive, such as Voice On Demand (VOD), the fast mode is recommended.
You can press <0> to select the interleave mode, or <1> to select the fast working mode.
If you press <0>, the system will prompt you whether to:
9) Set interleave depth.
Will you set interleave depth? (y/n) [n]: Y
This option is used to prompt you whether to set the interleave depth. The interleave
depth is deeply related to the stability of ADSL connection and transmission delay: the
3-15
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 3 ADSL Port Configuration
larger the interleave depth, the higher the ADSL connection stability, and the longer the
transmission delay.
If you select "Y" to set the interleave depth, the system will prompt you to:
10) Set the maximum downstream interleave depth.
Maximum downstream interleaved depth 2,4,8,16,32,64,128 DMT (2 128) [64]:64
This option is used to prompt you to select the maximum downstream interleave depth.
The available options are 2, 4, 8, 16, 32, 64 and 128. The larger the interleave depth,
the higher the ADSL connection stability, and the longer the transmission delay. The
depth of 64 is recommended.
11) Set the maximum upstream interleave depth.
Maximum upstream interleaved depth 2,4,8,16,32,64,128 DMT (2 128) [64]:64
This option allows you to set the maximum upstream interleave depth. The depth of 64
is recommended. For detailed setting process, refer to the above descriptions.
12) Set whether to set the noise margin for Modem.
Will you set noise margin for modem? (y/n) [n]: Y
This option determines whether to set noise margin for Modem. The noise margin
refers to the tolerable additional noise which does not lead to the deteriorating of
current line rate and Bit Error Rate (BER). The noise margin is divided into the target
noise margin and the minimum noise margin.
The Modems noise margin is proportional to the ADSL connection stability. The larger
the Modem noise margin, the higher the connection stability. Modem noise margin is
inversely proportional to the line rate. The larger the Modem noise margin, the lower
the line rate. The default value is recommended.
To skip the setting, select "N". If you select "Y" to set the noise margin of Modem, and
the system will prompt you to:
13) Set the minimum downstream noise margin.
> Minimum noise margin in downstream (0 15 dB) [0]:0
This option allows you to set the minimum downstream noise margin. In the process of
setting up ADSL connection, if the calculated target noise margin of an ADSL
connection is lower than the set minimum noise margin, the ADSL port can not be
activated.
It is recommended that you set the minimum noise margin to 0. If you enter 0, the
system will prompt you to:
14) Set the maximum downstream noise margin.
> Maximal noise margin in downstream (0 31 dB) [31]:31
This option allows you to set the maximum downstream noise margin. In the process of
setting up ADSL connection, if the calculated target noise margin of an ADSL
3-16
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 3 ADSL Port Configuration
connection is higher than the set maximum noise margin, the system will limit the
downstream maximum noise margin to the set value.
It is recommended that you set the maximum downstream noise margin to 31dB. If you
enter "31", the system will prompt you to:
15) Set downstream target noise margin.
Target noise margin in downstream (0 15 dB) [12]: 12
This option allows you to set the target downstream noise margin. The target noise
margin is the preserved noise margin to ensure normal communication in the case of
line noise deterioration. The larger the target noise margin, the higher the chance of
occurrence of the line error, and the safer the system may be. Conversely, the larger
the target nose margin, the smaller the traffic, and the lower the data transmission rate.
Therefore, the target noise margin should be adjusted based on the actual line
conditions. For high-quality lines, you can set the target noise margin to a lower value to
ensure higher line rate. While for poor-quality lines, you can set the target noise margin
with a larger value to ensure higher line stability.
The target noise margin determines the ADSL connections and line rate. A downstream
target noise margin of 12dB is recommended.
This option allows you to set the minimum upstream noise margin. The setting process
involved in similar to section 13).
When the the setting process completes, the system will prompt you to:
17) Set the maximum upstream noise margin.
> Maximal noise margin in upstream (0 31 dB) [31]:
This option allows you to set the maximum upstream noise margin. The setting process
involved is similar to section 14).
When the the setting process completes, the system will prompt you to:
18) Set upstream target noise margin.
> Target noise margin in upstream (0 15 dB) [12]:
This option allows you to set the upstream target noise margin. The setting process
involved is similar to section 15).
When the the setting process completes, the system will prompt you whether to:
19) Set the bit rate parameters.
> Will you set parameters for rate? (y/n)[n]:y
3-17
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 3 ADSL Port Configuration
This option allows you to determine whether to modify ADSL line rate parameters. The
rate setting is deeply related to the stability of ADSL connection. To skip the setting,
enter "N". If you enter Y to modify the rate parameters, the system will prompt you to:
20) Set the minimum downstream bit rate.
> If you want the fixed rate, set the Minimum value equal to Maximum value.
> Minimum bit rate in downstream (32 8160 Kbps) [32]:32
The system will prompt if you want a fixed rate, set the minimum value equal to the
maximum value. You are recommended to neglect such a suggestion, because if the
minimum value is equal to the maximum value and the rate is set too high to be
unachievable, it will result in ADSL connection failure.
This option allows you to set the minimum downstream bit rate. In the process of setting
up ADSL connection, if the calculated downstream rate is lower than the set minimum
downstream bit rate, the ADSL port can not be activated. It is recommended that you
set the downstream minimum bit rate at 32Kbps.
This option allows you to set the maximum downstream bit rate. In the process of
setting up ADSL connection, if the line is in good condition, and the calculated
downstream rate of an ADSL line is lower than the set maximum value, the bit rate will
be limited to the set value. Meanwhile, the downstream noise margin will increase.
If the line is in poor condition, and the calculated downstream bit rate is lower than the
set maximum bit rate, the system will set up the ADSL connection at the calculated bit
rate, while maintaining the target downstream noise margin.
To ensure ADSL connection stability, you are recommended to set the maximum
downstream rate at 6144Kbps. If you enter 6144, the system will prompt you to:
22) Set the minimum upstream bit rate.
> Minimum bit rate in upstream (32 896 Kbps) [32]:32
This option allows you to set the minimum upstream bit rate. In the process of setting up
ADSL connection, the port will not be activated if the calculated upstream rate is
smaller than the set minimum bit rate. It is recommended that you set the minimum
upstream rate at 32kbps. If you enter 32, the system will prompt:
23) Set the maximum upstream bit rate.
> Maximum bit rate in upstream (32 896 Kbps) [640]:640
This option allows you to set the maximum bit rate in upstream. In the process of setting
up ADSL connection, if the line is in good conditions, and the calculated upstream rate
of an ADSL line is more than the maximum value set, the bit rate will be limited to the
set value. Meanwhile, the upstream noise margin will increase.
3-18
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 3 ADSL Port Configuration
If the line is in poor condition, and the upstream calculated bit rate is lower than the set
maximum bit rate, the system will set up the ADSL connection at the calculated bit rate,
while maintaining the upstream target noise margin. To ensure ADSL connection
stability, you are recommended to set the maximum upstream rate at 640Kbps.
After you enter 640, when the above settings are successful, the system will prompt
you with the message indicating the success of setting:
Add profile 2 successfully
The profile number, which is 2 in this example, is also included in the message. You can
quote or delete a profile by its number.
To delete a specified ADSL line profile, use the command adsl line-profile delete.
Note:
The default ADSL line profile (numbered 1 or 2) cannot be deleted.
To modify a specified ADSL line profile, use the command adsl line-profile modify.
The detailed procedures involved are similar to those of setting an ADSL line profile.
MA5300(config)#adsl line-profile modify 3
Start modifing profile 3.
During input, press 'CTRL+C' to quit, and then settings at this time are
neglected.
> Will you set basic configuration for modem? (y/n)[n]:y
> ADSL operating mode:
> 0: All(G992.1, G992.2, T1.413)
> 1: Full rate(G992.1 or T1.413)
> 2: G992.2(g.lite)
> 3: T1.413
> 4: G992.1(g.dmt)
> 5: g.hs(G992.1 and G992.2, G992.1 is prior)
3-19
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 3 ADSL Port Configuration
When the profile configuration completes, the system will ask you if you want to
validate the profile configurations immediately. If yes, the system will interrupt all ADSL
ports using this profile for several minutes; if not, you can validate it by deactivating the
ports first and then activating them. Board resetting can also validate a modified profile.
To show a specified ADSL line profile, use the command show adsl line-profile. This
example shows the default ADSL line profile.
MA5300(config)#show adsl line-profile 1
3-20
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 3 ADSL Port Configuration
Note:
The line profile shown in this example is the default one.
3-21
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 3 ADSL Port Configuration
For an online Customer Premises Equipment (CPE), the activation process ends upon
the completion of the training. When the CPE gets offline, the communication
terminates, and the ATU-C is in listening state. Once the CPE gets online, the training
process begins automatically. When the training succeeds, the port is activated.
In board mode, you can use the command activate to activate an ADSL port, or the
command activate all to activate all ports in the board. If no line profile number is
entered, the system will activate the port using the profile which is bound with the port
last time.
MA5300(config-board-adsl11)#activate
{ all<K>|INTEGER<U><0,47> }:all //Activate all ports in the ADSL board in
slot 11.
{ <cr>|INTEGER<U><1,16> }:1 //Bind the line profile 1.
MA5300(config-board-adsl11)#activate
{ all<K>|INTEGER<U><0,47> }:0 //Activate the number 0 port in the ADSL
board in Slot 1.
{ <cr>|INTEGER<U><1,16> }:1 //Bind the line profile 1.
In global mode, you can use the command adsl activate to activate ADSL ports in a
specified board, or the command adsl activate all to activate all boards at one time.
MA5300(config)#adsl activate
{ all<K>|INTEGER<U><0,15>|Adsl<K> }: all //Activate ADSL ports in an board.
{ <cr>|INTEGER<U><1,16> }:1 //Bind the line profile 1.
MA5300(config)#adsl activate
{ all<K>|INTEGER<U><0,15>|Adsl<K> }:11 //Activate all ADSL ports in the board
in slot 4.
{ <cr>|INTEGER<U><1,16> }:1 //Bind the line profile 1.
MA5300(config)#adsl activate
{ all<K>|INTEGER<U><0,15>|Adsl<K> }:adsl11/0/0
{ <cr>|to<K>|Adsl<K>|INTEGER<U><1,16> }:to
{ Adsl<K> }:adsl11/0/2 //Activate ports adsl11/0/0 adsl11/0/2.
{ <cr>|Adsl<K>|INTEGER<U><1,16> }:1 //Bind the line profile 1.
In board mode, you can use the command deactivate to deactivate an ADSL port, or
the command deactivate all to deactivate all ports in the board at one time.
MA5300(config-board-adsl4)#deactivate all //Deactivate all ADSL ports in the
board in slot 4
MA5300(config-board-adsl4)#deactivate 0 //Deactivate the number 0 ADSL port
in the board in slot 4.
In global mode, you can use the command adsl deactivate to deactivate the ADSL
port list and ADSL ports of a specified board, or the command adsl deactivate all to
deactivate all ports at one time.
3-22
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 3 ADSL Port Configuration
When an ADSL port is deactivated, the communication between ATU-R and ATU-C
terminates. To enable service transmission, you should re-activate the port first.
The ADSL alarm profile is used to set alarm thresholds, count and supervise the
performances of an active ADSL line. Once threshold crossing occurs, the MA5300 will
inform the equipment of the event, and send alarms to the log host and the NMS. In
practice, as most of the ports share the same settings, the ADSL alarm profile is
provided in the MA5300 system. When the profile is set successfully, it can be used to
activate a port directly.
Use the command adsl alarm-profile add to add an ADSL alarm profile.
Note:
The MA5300 is designed with an ADSL alarm profile. It is named as ALARM-PROFILE-1, and numbered 1.
By default, the system uses this profile for port activation.
To add an ADSL alarm profile, you need to set the downstream/upstream alarm
threshold parameters.
3-23
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 3 ADSL Port Configuration
You can enter a profile number or press <Enter> to enable the system to designate a
number for it. As the profile number is unique, all ADSL alarm profiles are deleted and
modified by their respective number.
2) Enable/Disable downstream line alarm threshold parameter setting.
During input, press 'CTRL+C' to quit, and then settings at this time are
neglected.
> Will you set threshold for modem at near end of line? (y/n)[n]:y y
You can select n to disable downstream line alarm threshold setting and turn to 13).
If you select y to enable this setting, the system will prompt you to:
3) Set the threshold for number of loss of frame seconds within 15 minutes in the
downstream direction.
> [atuc thresh-15-min-lofs] The number of loss of frame seconds within any given
15-minute performance data collection period (0 900) [0]:
Within any given 15-minute performance data collection period, the threshold-crossing
of downstream frame second loss will result in alarm reporting. By far, you are not
required to set this parameter as setting for it is disabled.
4) Set the threshold for number of loss of signal seconds within 15 minutes in the
downstream direction.
> [atuc thresh-15-min-loss] The number of loss of signal seconds within any
given 15-minute performance data collection period (0 900) [0]:
Within any given 15-minute performance data collection period, the threshold-crossing
of downstream signal second loss will result in alarm reporting.
5) Set the threshold for number of loss of link seconds within 15 minutes in the
downstream direction.
> [atuc thresh-15-min-lols] The number of loss of link seconds within any given
15-minute performance data collection period (0 900) [0]:
Within any given 15-minute performance data collection period, the threshold-crossing
of downstream link second loss will result in alarm reporting. By far, you are not
required to set this parameter as such setting is disabled.
6) Set the threshold for number of loss of power seconds within 15 minutes at the
office end.
> [atuc thresh-15-min-lprs] The number of loss of power seconds within any given
15-minute performance data collection period (0 900) [0]:
Within any given 15-minute performance data collection period, the threshold-crossing
of office-end power second loss will result in alarm reporting. By far, you are not
required to set this parameter as this setting is disabled
7) Set the threshold for loss of errored seconds within 15 minutes in the downstream
direction.
3-24
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 3 ADSL Port Configuration
> [atuc thresh-15-min-ess] The number of loss of errored seconds within any
given 15-minute performance data collection period (0 900) [0]:
Within any given 15-minute performance data collection period, the threshold-crossing
of downstream errored second loss will result in alarm reporting
8) Set the threshold for downstream fast-channel rate increase.
> [atuc thresh-fast-rate-up] The threshold for fast channels, if the difference
between the current Tx rate and the previous Tx rate larger than it (0 8160
Kbps) [0]:
Within any given 15-minute performance data collection period, the crossing of the
threshold for downstream fast-channel line rate increase will result in alarm reporting.
By far, you are not required to set this parameter as this setting is disabled.
9) Set the threshold for downstream fast-channel rate decrease.
> [atuc thresh-fast-rate-down] The threshold for fast channels, if the
difference between the current Tx rate and the previous Tx rate litter than
it (0 8160 Kbps) [0]:
Within any given 15-minute performance data collection period, the crossing of the
threshold for downstream fast-channel line rate decrease will result in alarm reporting.
By far, you are not required to set this parameter as this setting is disabled.
10) Set the threshold for downstream interleave-channel rate increase.
> [atuc thresh-interleave-rate-up] The threshold for interleave channels, if
the difference between the current Tx rate and the previous Tx rate larger than
it (0 8160 Kbps) [0]:
You can set it as enable to enable the line initialization failure reporting.
13) Enable/Disable upstream alarm threshold parameter.
> Will you set threshold for modem at remote end of line? (y/n)[n]:y
You can select n to disable the upstream alarm profile configuration and turn to 22). If
you select y to enable this setting, the system will prompt you to:
14) Set the threshold for number of loss of frame seconds within 15 minutes in the
upstream direction.
3-25
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 3 ADSL Port Configuration
> [atur thresh-15-min-lofs] The number of loss of frame seconds within any given
15-minute performance data collection period (0 900) [0]:
3-26
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 3 ADSL Port Configuration
After all the above settings are completed, the system will prompt you about the
success in adding an ADSL alarm profile:
Add profile 2 successfully
By far, the MA5300 allows you to set the upstream/downstream signal second loss
threshold, upstream/downstream errored second threshold and initialization failure
reporting.
To delete a specified ADSL alarm profile, use the command adsl alarm-profile delete.
Note:
The default ADSL alarm profile (numbered 1) cannot be deleted.
To modify a specified ADSL alarm profile, use the command adsl alarm-profile modify.
The procedure involved is similar to that of setting an ADSL alarm profile.
MA5300(config)#adsl alarm-profile modify 3
Start modifing profile 3.
During input, press 'CTRL+C' to quit, and then settings at this time are
neglected.
> Will you set threshold for modem at near end of line? (y/n)[n]:y
> [atuc thresh-15-min-lofs] The number of loss of frame seconds within any given
15-minute performance data collection period (0 900) [0]:
> [atuc thresh-15-min-loss] The number of loss of signal seconds within any
given 15-minute performance data collection period (0 900) [0]:
> [atuc thresh-15-min-lols] The number of loss of link seconds within any given
15-minute performance data collection period (0 900) [0]:
> [atuc thresh-15-min-lprs] The number of loss of power seconds within any given
15-minute performance data collection period (0 900) [0]:
> [atuc thresh-15-min-ess] The number of loss of errored seconds within any
given 15-minute performance data collection period (0 900) [0]:
3-27
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 3 ADSL Port Configuration
> [atuc thresh-fast-rate-up] The threshold for fast channels, if the difference
between the current Tx rate and the previous Tx rate larger than it (0 8160
Kbps) [0]:
> [atuc thresh-fast-rate-down] The threshold for fast channels, if the
difference between the current Tx rate and the previous Tx rate litter than
it (0 8160 Kbps) [0]:
> [atuc thresh-interleave-rate-up] The threshold for interleave channels, if
thedifference between the current Tx rate and the previous Tx rate larger than
it (0 8160 Kbps) [0]:
> [atuc thresh-interleave-rate-down] The threshold for interleave channels,
if the difference between the current Tx rate and the previous Tx rate litter
than it (0 8160 Kbps) [0]:
> [atuc init failure trap]Enables and disables the InitFailureTrap 1-enable
2-disable (1 2) [2]:
> Will you set threshold for modem at remote end of line? (y/n)[n]:y
> [atur thresh-15-min-lofs] The number of loss of frame seconds within any given
15-minute performance data collection period (0 900) [0]:
> [atur thresh-15-min-loss]The number of loss of signal seconds within any
given 15-minute performance data collection period (0 900) [0]:
> [atur thresh-15-min-lprs] The number of loss of power seconds within any given
15-minute performance data collection period (0 900) [0]:
> [atur thresh-15-min-ess] The number of loss of errored seconds within any
given 15-minute performance data collection period (0 900) [0]:
> [atur thresh-fast-rate-up] The threshold for fast channels, if the difference
between the current Tx rate and the previous Tx rate larger than it (0 8160
Kbps) [0]:
> [atur thresh-fast-rate-down] The threshold for fast channels, if the
difference between the current Tx rate and the previous Tx rate littler than
it (0 8160 Kbps) [0]:
> [atur thresh-interleave-rate-up] The threshold for interleave channels, if
the difference between the current Tx rate and the previous Tx rate larger than
it (0 8160 Kbps) [0]:
> [atur thresh-interleave-rate-down] The threshold for interleave channels,
if the difference between the current Tx rate and the previous Tx rate littler
than it (0 8160 Kbps) [0]:
Modify profile 3 successfully
Attention: To effect the modification will disconnect the ADSL interface
which use this profile for a few seconds!
Do you want to make it effect? (y/n)[n]:n
It will take effect after ADSL interface deactive and active again!
Upon the completion of profile modification, the system will prompt you whether to
validate the profile modification immediately. If yes, the system will interrupt all ADSL
3-28
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 3 ADSL Port Configuration
ports using this profile for several minutes; if not, you can validate it by deactivating the
ports first and then activating them. Board resetting can also validate a modified profile.
To query a specified ADSL alarm profile, use the command show adsl alarm-profile.
This example shows the default ADSL alarm profile.
MA5300(config)#show adsl alarm-profile 1
After setting an ADSL line profile, you should bind an alarm profile with an ADSL port.
By default, the port is bound with alarm profile 1.
1) In board mode, you can use the command alarm-config to bind an alarm profile
with an ADSL port, or the command alarm-config all to complete the alarm profile
binding at one time.
MA5300(config-board-adsl4)#alarm-config all 1 //Bind alarm profile 1 with
all interfaces of the ADSL board in slot 4.
MA5300(config-board-adsl4)#alarm-config 0 1 //Bind alarm profile 1 with
port 0 of the ADSL board in slot 4.
3-29
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 3 ADSL Port Configuration
2) In global mode, you can use the command adsl alarm-config to bind the ADSL
port list and the ADSL port of specified board or the command adsl alarm-config
all to bind all ports at one time.
MA5300(config)#adsl alarm-config all 1 //Bind alarm profile 1 with all ports
of ADSL boards.
MA5300(config)#adsl alarm-config 4 1 //Bind alarm profile 1 with all ports
of the ADSL board in slot 4.
MA5300(config)#adsl alarm-config adsl4/0/0 to adsl4/0/12 1 //Bind alarm
profile 1 with adsl4/0/0 adsl4/0/12.
3) In board mode, you can use the command no alarm-config to unbind an ADSL
port, or the command no alarm-config all to unbind all ports at one time.
MA5300(config-board-adsl4)#no alarm-config all //Unbind all ports of the ADSL
board in slot 4.
MA5300(config-board-adsl4)#no alarm-config 0 //Unbind port 0 of the ADSL board
in slot 4.
4) In global mode, you can use the command no adsl alarm-config to unbind the
ADSL port list or ADSL ports of designated board, or the command no adsl
alarm-config all to unbind all ports at one time.
MA5300(config)#no adsl alarm-config //Unbind all ADSL board ports.
MA5300(config)#no adsl alarm-config 4 //Unbind all ports of the ADSL board
in slot 4.
MA5300(config)#no adsl alarm-config adsl4/0/0 to adsl 4/0/12 //Unbind ports
adsl4/0/0 adsl 4/0/12
If an ADSL port is already in the active state before being bound with a profile, upon the
completion of binding, the profile is valid without reactivation of the port. If an ADSL port
is in the deactive state before being bound with a profile, the profile will not be valid
upon the completion of binding until the port is reactivated.
An activated ADSL port can perform performance monitoring and collect statistics for a
line. Upon the occurrence of threshold crossing, it will inform the equipment of the fault
and send an alarm to the log host and the NMS.
In the event of a fault in the ADSL port, you can use the command chipset reset to
reset the ADSL chipset.
MA5300(config-board-adsl4)#chipset reset 1
3-30
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 3 ADSL Port Configuration
In board mode, you can use the command port state to view all information on an
ADSL port, or the command port state all to view the brief information on the port. In
global mode, you can use the command show adsl port state to obtain the same
information.
MA5300(config-board-adsl11)#show port state 23
Adsl11/0/23 is down
The ADSL link is activating
Bind Line-profile No.1 LINE-PROFILE-1
Bind alarm-profile No.1 ALARM-PROFILE-1
Hardware is Ethernet over ATM over ADSL, Hardware address is 00e0.fc00.0009
Encapsulation type is 1483B
Line coding type is DMT
Local-Tx-Rate 0 Kbps, Remote-Tx-Rate 0 Kbps, _ADSL_TX
PVC: vpi is 0, vci is 35
CAR: ds-band is 255, us-band is 255
PVID is 1
Priority is 0
Max mac-address learning count: 2
Max multicast group count: 2
Port mode: access
Tagged VLAN ID: none
Untagged VLAN ID: 1
Output: 0 packets, 0 cells
Input: 0 packets, 0 cells
To CPU: 0 packets
Discard: 0 packets
MA5300(config-board-adsl11)#show port state all
Interface PortState LinkState Line-Profile Alarm-Profile
--------------------------------------------------------------------
Adsl11/0/0 down Activating 1 1
Adsl11/0/1 down Activating 1 1
Adsl11/0/2 down Activating 1 1
Adsl11/0/3 down Activating 1 1
Adsl11/0/4 down Activating 1 1
Adsl11/0/5 down Activating 1 1
Adsl11/0/6 down Activating 1 1
Adsl11/0/7 down Activating 1 1
Adsl11/0/8 down Activating 1 1
3-31
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 3 ADSL Port Configuration
In global mode, you can use the command show interface to view all information on a
port, which is the same as the information available when using the command port
state.
MA5300(config)#show interface adsl11/0/23
Adsl11/0/23 is down
The ADSL link is activating
Bind Line-profile No.1 LINE-PROFILE-1
Bind alarm-profile No.1 ALARM-PROFILE-1
Hardware is Ethernet over ATM over ADSL, Hardware address is 00e0.fc00.0009
Encapsulation type is 1483B
Line coding type is DMT
Local-Tx-Rate 0 Kbps, Remote-Tx-Rate 0 Kbps, _ADSL_TX
PVC: vpi is 0, vci is 35
CAR: ds-band is 255, us-band is 255
PVID is 1
Priority is 0
Max mac-address learning count: 2
Max multicast group count: 2
Port mode: access
Tagged VLAN ID: none
Untagged VLAN ID: 1
Output: 0 packets, 0 cells
Input: 0 packets, 0 cells
To CPU: 0 packets
Discard: 0 packets
Use the command show line config to view the line settings of a port.
MA5300(config-board-adsl11)#show line config 23
3-32
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 3 ADSL Port Configuration
Use the command show line state to view information about an activated port,
including the port state, upstream/downstream rate, upstream/downstream interleave
depth, office-end/remote-end transmit power, upstream/downstream SNR margin,
office-end/ remote-end mean square deviation, office-end/remote-end bit error count,
and deactivation count.
MA5300(config-board-adsl11)#show line state 23
Interface Adsl11/0/23
Current Link Status : active
Atuc
Current Snr Margin(dB) : 24
Current Chan Attenuation(dB) : 0
Current Output Power(dBm) : 10
Current Attainable Rate(Kbps) : 9408
Current Transmission Mode : G.DMT
Channel Interleave Delay(ms) : 0
Channel Current tx-Rate(Kbps) : 6144
Channel Previous tx-Rate(Kbps) : 0
Channel Crc-block Length : 0
Atur
Current Snr Margin(dB) : 21
Current Chan Attenuation(dB) : 4
Current Output Power(dBm) : 10
Current Attainable Rate(Kbps) : 992
Channel Interleave Delay(ms) : 0
Channel Current tx-Rate(Kbps) : 640
Channel Previous tx-Rate(Kbps) : 0
Channel Crc-block Length : 0
3-33
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 3 ADSL Port Configuration
--------------------------------------------------------------------
Adsl11/0/23 TSTC 4 0 -
Use the command show statistics to view the performance statistics for an ADSL port,
including performance statistics for last 15 minutes and last 24 hours, and all
performance statistics currently available.
MA5300(config-board-adsl11)#show statistics performance 23
historic-15minutes 15
Interface Adsl11/0/23:
<ATU-C>
IntervalNumber : 15
IntervalValidData : INVALID
performance lofs : 0
performance loss : 0
performance lprs : 0
performance ESs : 0
performance lols : 0
performance inits : 0
channel IntervalNumber : 15
channel IntervalValidData : INVALID
channel received blocks : 0
channel transmitted blocks : 0
channel corrected blocks : 0
channel uncorrected blocks : 0
<ATU-R>
IntervalNumber : 15
IntervalValidData : INVALID
performance lofs : 0
performance loss : 0
performance lprs : 0
performance ESs : 0
performance lols : 0
performance inits : 17153832
channel IntervalNumber : 15
channel IntervalValidData : INVALID
channel received blocks : 0
channel transmitted blocks : 0
channel corrected blocks : 0
channel uncorrected blocks : 0
3-34
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 3 ADSL Port Configuration
The MA5300 allows you to perform port out-line test by connecting a meter with the test
port on the backplane. Y ou can also perform internal line test and external line test.
The internal line test tests the internal line of ADSL chipset; and the external line test
tests the line from the office-end to the remote end.
Use the command meter-test to activate the port out-line test. Only one port can be
activated for internal test or external test at a time. The internal line test activation is
only allowed for the first port of a board. However, the external line test activation is
allowed for every port. After the completion of a test, you can use the command no
meter to disable the port out-line test. By default, the port out-line test is disabled.
MA5300(config-if-Adsl4/0/0)#meter-test out-line
When a port is set with loopback, the Ethernet frames sent from the port will be sent
back. By comparing the transmitted frames with the received ones, you can determine
whether the link is normal. The MA5300 supports office-end loopback for an ADSL port.
When performing office-end test, you only need to test the switch chips and the
office-end ADSL without setting up any ADSL link. Meanwhile, the office-end loopback
can be set only when the link is deactivated.
Use the command loopback to set office-end loopback for an ADSL port. After a port is
set with loopback, it is no longer able to forward data packets correctly. If not properly
isolated, it may cause multicast storm. Therefore, upon the completion of test, you
should disable the loopback immediately using the command no loopback. By default,
port loopback is disabled.
MA5300(config-if-Adsl11/0/0)#loopback local
The command loopback is just used to set loopback for a port. To enable the CPU to
send test frames, you need the port of an auxiliary equipment to send test frames.
3-35
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 3 ADSL Port Configuration
z Stop sending data packets and verify the number of received data packets. If the
number of the received packets equals that of the transmitted packets, the link is in
normal state.
z Use the command no loopback to disable the port loopback setting.
3-36
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 4 ADSL2+ Port Configuration
Commands used for ADSL2+ port configuration are almost the same as those used for
basic ADSL configuration. For details about general ADSL2+ port configuration
commands, refer to the chapter ADSL Port Configuration, which will no longer be
detailed in the following sections.
The operations involved in configuring ADSL2+ port are roughly the same as those for
basic ADSL port configuration. Therefore, this chapter will only focus on the differences
between these two types of configuration.
In the configuration, note that the EADA board supports the basic ADSL attributes,
while the EADB board supports ADSL2+ attributes.
This table lists the configuration items of the default ADSL2+ line configuration profile
(namely ADSL2+ line configuration profile 100).
4-1
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 4 ADSL2+ Port Configuration
This table lists the configuration items of an ADSL2+ line configuration profile in the
interactive configuration.
4-2
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 4 ADSL2+ Port Configuration
Table 4-2 Configuration items of an ADSL2+ line configuration profile in the interactive configuration
1:adsl(default)
Add a profile type
2: adsl2+
The following lists the configuration items
The following lists the values for the configuration items of the
for the selected ADSL2+ line configuration
selected ADSL2+ line configuration profile.
profile.
Profile index 3 99
0: All(G992.1,G992.2,G992.3,G992.4,G992.5,T1.413) ( default)
1: Full rate(G992.1,G992.3,G992.5 or T1.413)
2: G992.2(g.lite) G992.4(g.lite.bis)
3: T1.413
4: G992.1(g.dmt) G992.3(g.dmt.bis) G992.5
Working mode 5: g.hs(G992.5,G992.3,G992.1,G992.4,G992.2,G992.5 is prior)
6: G992.1
7: G992.2
8: G992.3
9: G992.4
10: G992.5
1: enabled(1) enabled(default)
Trellis coding
2: disabled(2) disabled
1: enabled(1) enabled(default)
Upstream channel bit swap
2: disabled(2) disabled
1: enabled(1) enabled(default)
Downstream channel bit swap
2: disabled(2) disabled
1: interleavedOnly (1) (default)
2: fastOnly(2)
Channel mode 3: fastAndInterleaved (3)
4: fastOrInterleaved(4)
5: noChannel (5)
Downstream rate channel ratio (0 100,0-fast,100-interleaved) default[100]
Upstream rate channel ratio (0 100,0-fast,100-interleaved) default[100]
y: Indicates to set interleave delay.
Will you set interleave delay? (y/n) [n]:y
n: Indicates not to set interleave delay.
You need to set this parameter when the channel mode is
Maximum downstream interleave delay
interleavedOnly. ms(0-255) default [4]
4-3
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 4 ADSL2+ Port Configuration
Will you set noise margin for modem? y: indicates to set the noise margin for modem.
(y/n)[n]:y n: indicates not to set the noise margin for modem.
Maximum downstream SNR margin (0 15 dB) default[0]
Maximum downstream SNR margin (0 31 dB) default[31]
Target downstream SNR margin (0 15 dB) default[6]
Rate downshift in downstream (0 31dB)[0]
Rate upshift in downstream (0 31dB)[0]
Minimum time of rate upshift in
(0 16383)[0]
downstream
Minimum time of rate downshift in
(0 16383)[0]
downstream
Minimum upstream SNR margin (0 15 dB) default[0]
Maximum upstream SNR margin (0 31 dB) default[31]
Target upstream SNR margin (0 15 dB) default[12]
Rate downshift in upstream (0 31dB)[0]
Rate upshift in upstream (0 31dB)[0]
Minimum time of rate upshift in
(0 16383)[0]
upstream
Minimum time of rate downshift in
(0 16383)[0]
upstream
Will you set parameters for rate? To adopt a fixed value for the rate, you set the maximum rate
(y/n)[n]:y equal to the minimum rate.
Adapt mode in downstream (0-fixed 1-adaptAtStartup 2-daptAtRuntime)[1]
Adapt mode in upstream (0-fixed 1-adaptAtStartup 2-daptAtRuntime)[1]
Minimum downstream rate (32 28800Kbps) default[32]
Maximum downstream rate (32 28800 Kbps) default[24544]
Minimum upstream rate (32 1560 Kbps) default[32]
Maximum upstream rate (32 1560 Kbps) default[1024]
The following items are for the selected channel mode. For
example, if you select fast channel mode, you only need to set
Remark fast channel rate. If you select fast and (or) interleave channel
modes, you will have to set all of the eight parameters listed
below.
Minimum fast channel downstream rate (32 28800Kbps) default[32]
Minimum interleave channel
(32 28800Kbps) default[32]
downstream rate
4-4
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 4 ADSL2+ Port Configuration
4-5
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 4 ADSL2+ Port Configuration
Compared with the ADSL alarm profile, the ADSL2+ alarm profile contains these
additional items:
z ATUC retrain failure count threshold
z ATUC serious errored second threshold
z ATUC unusable second threshold
z ATUR serious errored second threshold
z ATUR unusable second threshold
This table lists the configuration items of an ADSL2+ alarm profile in interactive mode.
4-6
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 4 ADSL2+ Port Configuration
Ranges 0 900.
Atuc-15min-Ess-threshold(second)
(default) 0: Indicates that no alarm will be
ATUC 15-minute errored second threshold
generated.
Ranges 0 900.
Atuc-15min-lols-threshold(second)
(default) 0: Indicates that no alarm will be
ATUC 15-minute link loss second threshold
generated.
Ranges 0 900.
4-7
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 4 ADSL2+ Port Configuration
Ranges 0 900.
This section only describes commands which are different from those used for
configuring ADSL port. For information about the common commands, refer to Chapter
3, ADSL Port Configuration.
To set the downstream/upstream rate limit for an ADSL port, use the command adsl
car.
MA5300(config-if-Adsl11/0/0)#adsl car ds-band 300 us-band 450
Upon the completion of configuration, you can use the command show adsl line
config or show line config to view the configurations.
MA5300(config-if-Adsl11/0/0)# show adsl line config adsl11/0/0
MA5300(config-board-adsl11)#show line config 0
4-8
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 5 SHDSL Port Configuration
5.1 Overview
The MA5300 supports Single-pair High-speed Digital Subscriber Line (SHDSL) service.
An MA5300 frame is inserted with 14 ESHA boards. Each ESHA board offers
24-channel SHDSL ports. This means a total of 336-channel SHDSL ports in a frame.
ESHA board can be inserted in any of the 14 slots in the MA5300 frame.
You can configure SHDSL port in both SHDSL port mode and SHDSL board mode:
z SHDSL port mode
SHDSL port mode is intended for configuring SHDSL port on individual basis. To enter
SHDSL port mode, use the command interface in the global mode.
This example shows how to enter the SHDSL port 5/0/0 mode.
MA5300(config)#interface shdsl 5/0/0
MA5300(config-if-Shdsl5/0/0)#
z SHDSL board mode
SHDSL board mode is intended for configuring the ports of an SHDSL board on batch
basis. To enter SHDSL board mode, use the command board-shdsl in global
configuration.
This example shows how to enter the board mode for SHDSL board in slot 3.
MA5300(config)#board-shdsl 3
MA5300(config-board-shdsl3)#
An SHDSL port can be assigned with any of 8 priority levels, and allocated to one of 2
forward queues based on the assigned priority level. Packets falling within levels 0 3
are allocated to the queue of lower priority, while packets falling within levels 4 7 are
assigned to the queue of higher level. In this way, packets of different priority are
treated with different QoS. By default, the priority level of a port is 0.
5-1
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 5 SHDSL Port Configuration
MA5300(config-if-Shdsl9/0/2)#priority 0
The MA5300 supports 255 multicast groups. By limiting the number of multicast groups
allowed for a port, the system can protect the port from malicious attacks. By default, a
port is allowed to join up to two multicast groups.
To set the maximum number of multicast groups allowed for a port, use the command
multicast max-group-count; to restore the default setting, use the command no
multicast max-group-count. Upon the completion of the setting, you can run the
show interface to view the setting.
MA5300(config-if-Shdsl9/0/2)#multicast max-group-count 3
Set max-group number of Shdsl9/0/2 to:3 successfully.
The MA5300 limits the number of addresses an SHDSL port is allowed to learn so as to
limit the number of subscribers allowed to access the port. The MA5300 allows you to
disable a ports MAC address learning, set the number of MAC address allowed to be
learned, and view the settings of a pot.
1) Disable a ports MAC address learning.
To disable a ports MAC address learning, use the command mac-address-table
mac-learning disable; to enable a ports MAC address learning, use the command no
mac-address-table mac-learning disable. By default, a ports MAC address learning
is enabled.
MA5300(config-if-Shdsl9/0/2)#mac-address-table mac-learning disable
MA5300(config-if-Shdsl9/0/2)#show interface shdsl 9/0/2
Shdsl9/0/2 is administratively down
The SHDSL link is defective
Bind Line-profile No.1 LINE-PROFILE-1
Bind alarm-profile No.1 ALARM-PROFILE-1
Hardware is Ethernet over ATM over SHDSL, Hardware address is 00e0.fc00.0009
Last UP time: 0000-00-00 00:00:00.0
Last DOWN time: 0000-00-00 00:00:00.0
Line coding type is TC-PAM
PVC: vpi is 0, vci is 35
CAR: ds-band is 36, us-band is 36
PVID is 1
Priority is 0
Mac-address learning status is disable
Max multicast group count: 3
5-2
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 5 SHDSL Port Configuration
In SHDSL port mode, you can only perform settings for a single port.
MA5300(config-if-Shdsl9/0/2)#mac-address-table max-mac-count 6
3) View a ports settings.
5-3
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 5 SHDSL Port Configuration
After the port configuration is completed, you can use the command show interface to
verify the setting.
MA5300(config-if-Shdsl9/0/2)#show interface shdsl 9/0/2
Shdsl9/0/2 is administratively down
The SHDSL link is defective
Bind Line-profile No.1 LINE-PROFILE-1
Bind alarm-profile No.1 ALARM-PROFILE-1
Hardware is Ethernet over ATM over SHDSL, Hardware address is 00e0.fc00.0009
Last UP time: 0000-00-00 00:00:00.0
Last DOWN time: 0000-00-00 00:00:00.0
Line coding type is TC-PAM
PVC: vpi is 0, vci is 35
CAR: ds-band is 36, us-band is 36
PVID is 1
Priority is 0
Max mac-address learning count: 2
Max multicast group count: 3
Port mode: access
Tagged VLAN ID: none
Untagged VLAN ID: 1
Output: 0 packets, 0 cells
Input: 0 packets, 0 cells
To CPU: 0 packets
Discard: 0 packets
Each SHDSL port has a fixed Permanent Virtual Circuit (PVC), which must be
consistent with the PVC of remote Modem in terms of Virtual Path Identifier (VPI) and
Virtual Channel Identifier (VCI) settings. When Modem PVC properties change, you
should also modify SHDSL port properties accordingly. By default, the VPI is 0 and VCI
is 35.
This example shows how to set VPI and VCI using the command shdsl pvc.
MA5300(config-if-Shdsl9/0/2)#shdsl pvc vpi 0 vci 39
In global mode:
MA5300(config)#shdsl pvc vpi 0 vci 39 shdsl 9/0/2
This example shows how to view the settings using the command show shdsl port
state after the setting completes.
In global mode:
MA5300(config)#show shdsl port state shdsl 9/0/2
5-4
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 5 SHDSL Port Configuration
{ <cr>|to<K>|Shdsl<K> }:
interface Line- Alarm- --Pvc-- --Car-- enable blocked loopback power-
Profile Profile vpi/vci up/down type backoff
-------------------------------------------------------------------
Shdsl9/0/2 1 1 0/39 36/36 No No No enhanced
This example shows how to restore the default values of VPI and VCI using the
command no shdsl pvc:
In port mode:
MA5300(config-if-Shdsl9/0/2)#no shdsl pvc
In global mode:
MA5300(config)#no shdsl pvc shdsl 9/0/2
To avoid data loss, it is required that a port transmit data at a specified rate. This rate is
referred to as Committed Access Rate (CAR). By default, SHDSL ports
upstream/downstream is limited to 255 at the step of 64kbit/s.
1) Set an SHDSL ports upstream/downstream rate limit using the command shdsl
car.
MA5300(config-if-Shdsl9/0/2)#shdsl car ds-band 10 us-band 35
2) View the settings using the command show interface or show shdsl port state.
MA5300(config-if-Shdsl9/0/2)#show interface shdsl 9/0/2
Shdsl9/0/2 is administratively down
The SHDSL link is defective
Bind Line-profile No.1 LINE-PROFILE-1
Bind alarm-profile No.1 ALARM-PROFILE-1
Hardware is Ethernet over ATM over SHDSL, Hardware address is 00e0.fc00.0009
Last UP time: 0000-00-00 00:00:00.0
Last DOWN time: 0000-00-00 00:00:00.0
Line coding type is TC-PAM
PVC: vpi is 0, vci is 35
CAR: ds-band is 10, us-band is 35
PVID is 1
Priority is 0
Max mac-address learning count: 9
Max multicast group count: 3
Port mode: access
Tagged VLAN ID: none
Untagged VLAN ID: 1
Output: 0 packets, 0 cells
5-5
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 5 SHDSL Port Configuration
Or:
MA5300(config)#show shdsl port state shdsl 9/0/2
{ <cr>|to<K>|Shdsl<K> }:
interface Line- Alarm- --Pvc-- --Car-- enable blocked loopback power-
Profile Profile vpi/vci up/down type backoff
-------------------------------------------------------------------
Shdsl9/0/2 1 1 0/39 10/35 No No No enhanced
IP address binding is intended to bind an IP address with a port so that only user with
this IP address is allowed to log in. This practice can avoid illegal use of the port, and
boosts the system security.
To enable the IP address binding of a port, use the command static-user in SHDSL
port mode; to disable the IP address binding of the port, use the command no
static-user in SHDSL port mode or global mode.
MA5300(config-if-Shdsl9/0/2)#static-user 10.11.53.9
5-6
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 5 SHDSL Port Configuration
When operating in the deactive state, a port cannot transmit data, and is not allowed to
be operated. To operate the port, you need to unblock the port first. After the port is
unblocked, it is still in the deactive state. It will not be in the active state until you run the
activate command to activate it.
If a port is in blocked state, you need to unblock it first before you can activate it and set
up service connection. By default, the MA5300 SHDSL ports work in deactive state
without being unblocked.
Use the command (no) block to unblock/block an SHDSL port. To block/unblock all
ports of a board, use the command (no) block all. Next, you can use the command
show interface to view the status of the SHDSL port, which is supposed to be in the
deactive state at the moment.
Note:
An SHDSL port can be in any of blocked state, activating state, active state, deactivating state, or deactive
state. You can use the command show interface to view its current state. Figure 5-1 illustrates the
relations of these states.
no block activate
blocked deactive active
block deactivate
block
To activate an SHDSL line, the system should have a group of parameters for local
Modem training. Such a group of parameters is called configuration profile. The system
is designed with a configuration profile table, which consists of multiple configuration
profile. You can add a line profile as required. By default, the configuration profile table
contains a profile established with empirical data.
5-7
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 5 SHDSL Port Configuration
Each SHDSL line is associated with a specific channel mode, and is bound with a
configuration profile. A configuration table can accommodate up to 16 configuration
profiles. You can activate a port by referencing a profile so that the activated port is
configured with desirable parameters. The default profile is numbered as 1.
You can use the command shdsl line-profile add to add an SHDSL line profile.
Note:
The MA5300 system is designed with an ADSL line profile. It is called LINE-PROFILE-1, and numbered 1.
By default, the system adopts the LINE-PROFILE-1 profile for port activation.
To configure an SHDSL profile involves the setting of multiple parameters. The system
can prompt the user in an interactive manner. This helps you to finish the configuration
easily and conveniently.
You can enter a profile number or press <Enter> to enable the system to allocate a
profile number. As the profile number is unique, you can delete or modify a VDSL line
profile by its profile number. The profile number ranges 2 16.
2) Set whether to use the data of default profile.
During input, press 'CTRL+C' to quit, and then settings at this time are
neglected.
> Do you use the default data to create a line profile?(y/n)[y]:y
This option prompts you whether to adopt the parameters of the default profile to create
an SHDSL line profile. You can press N to create a line profile with new parameters, or
press Y or <Enter> to accept the systems suggestion, namely adopting the default
line profile to create a new SHDSL line profile. In this case, the system will skip steps
below to Step 13, and prompt that add profile 3 successfully.
Note: to proceed with the steps below, you need to press N in Step 2.
3) Set G.SHDSL minimum line rate.
> G.SHDSL minimum line rate:(192 2304 kbps)[2048]:
You can enter an integer falling within 192 2304, or press <Enter> to adopt the default
value 2048 kbps for the parameter.
5-8
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 5 SHDSL Port Configuration
You can enter an integer falling within 192 2304, or press <Enter> to adopt the default
value 2048 kbps for parameter.
5) Set power spectral density mode.
>Power Spectral Density mode (1--symmetric 2--asymmetric)[1]:
You can enter 1 or press <Enter> to select symmetric as the PSD mode, or enter 2
as asymmetric as the PSD mode.
6) Set transmission mode.
>Transmission mode
(1--G.991.2 Annex A 2--G.991.2 Annex B 3--support Annex A&B)[2]:
If you input 1, it means that the selected transmission mode complies with G.991.2
Annex A.
If you input 2, it means that the selected transmission mode complies with G.991.2
Annex B.
If you input 3, it means that the selected transmission mode complies with both
G.992.1 Annex A and G.991.2 Annex.
7) Enable/disable remote management.
>Remote enable (1--enabled 2--disabled)[1]:
This option prompts you whether to set the target SNR margin. You can enter n or
press <Enter> to cancel the setting by adopting the default value, or enter y to
proceed with Steps 9, 10, 11 and 12.
9) Set downstream target SNR margin.
>Downstream current target SNR margin(0 10 dB)[0]:
Enter the desired downstream target SNR margin, which ranges 0 10 dB. If you press
<Enter> to select 0dB, the system will prompt the following information after you
pressing <Enter>:
Do you want to use it?(y/n)[y]:
You can press n to invalidate the input so that you can enter a new one, or y (or
pressing <Enter>) to acknowledge the input.
10) Set downstream worst case target SNR margin.
>Downstream worst case target SNR margin(0 10 dB)[0]:
5-9
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 5 SHDSL Port Configuration
Enter the desired downstream worst case target SNR margin, which ranges 0 10 dB.
You can press <Enter> to select 0dB. After you press <Enter>, the system prompts:
Do you want to use it?(y/n)[y]:
You can press n to invalidate the input so that you can enter a new one, or y (or
pressing <Enter>) to acknowledge the input.
11) Set upstream target SNR margin.
>Upstream current target SNR margin(0 10 dB)[0]:
Enter the desired upstream current target SNR margin, which ranges 0 10 dB. You
can also press <Enter> to select 0dB. After you press <Enter>, the system prompts:
Do you want to use it?(y/n)[y]:
You can press n to invalidate the input so that you can enter a new one, or y (or
pressing <Enter>) to acknowledge the input.
12) Set upstream worst case target SNR margin.
>Upstream worst case target SNR margin(0 10 dB)[0]:
Enter the desired upstream worst case target SNR margin, which ranges 0 10 dB.
You can also press <Enter> to select 0dB. After you press <Enter>, the system
prompts:
Do you want to use it?(y/n)[y]:
You can press n to invalidate the input so that you can enter a new one, or y (or
pressing <Enter>) to acknowledge the input
When the new line profile is added successfully with the above settings, the system
prompts:
Add profile 3 successfully
To delete a designated SHDSL profile, use the command shdsl line-profile delete.
Note:
The default SHDSL line profile (numbered 1) cannot be deleted.
5-10
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 5 SHDSL Port Configuration
To modify a specified SHDSL line profile, use the command shdsl line-profile modify.
The procedure for modifying an SHDSL line profile is similar to that for adding an
SHDSL line profile.
MA5300(config)#shdsl line-profile modify 2
Start modifing profile 2.
During input, press 'CTRL+C' to quit, and then settings at this time are
neglected.
>G.SHDSL minimum line rate:(192 2304 kbps)[1856]:1900
>G.SHDSL maximum line rate:(192 2304 kbps)[2240]:2300
>Power Spectral Density mode (1--symmetric 2--asymmetric)[2]:1
>Transmission mode
(1--G.991.2 Annex A 2--G.991.2 Annex B 3--support Annex A&B)[3]:3
>Remote enable (1--enabled 2--disabled)[2]:
>Do you config the target SNR margin?(y/n)[n]:y
>Downstream current target SNR margin(0 10 dB)[4]:5
Do you want to use it?(y/n)[n]:y
>Downstream worst case target SNR margin(0 10 dB)[6]:5
Do you want to use it?(y/n)[y]:n
>Upstream current target SNR margin(0 10 dB)[5]:43
Invalid input
>Upstream current target SNR margin(0 10 dB)[5]:4
Do you want to use it?(y/n)[y]:y
>Upstream worst case target SNR margin(0 10 dB)[7]:5
Do you want to use it?(y/n)[y]:n
To effect the modification will disconnect the SHDSL port which use this prifle
for a few seconds!
Do you want to make it effect? (y/n)[n]:y
Effect profile 2 successfully
Modify profile 2 successfully
Upon the completion of the profile configuration, the system will prompt you whether to
validate the profile configurations immediately. If yes, the system will interrupt all
SHDSL ports using this profile for several minutes; if not, you can validate it by
deactivating the ports first and then activating them. Board resetting can also validate a
modified profile.
To show a specified SHDSL line profile, use the command show shdsl line-profile.
5-11
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 5 SHDSL Port Configuration
Note:
This profile is the default one of the system. The default values of the profile are shown above.
To enable an SHDSL port to function, you need to activate it using the specified line
profile first. If you intend to adopt new parameters for an activated port, you need to
deactivate it first, and then activate it using the profile with the desired parameters.
In board mode, you can use the command activate to activate an SHDSL port, or the
command activate all to activate all ports in the board. If no line profile number is
entered, the system uses the profile which was bound with the port last time to activate
the port.
5-12
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 5 SHDSL Port Configuration
MA5300(config-board-shdsl9)#activate
{ all<K>|INTEGER<U><0,23> }:all //Activate all ports in the SHDSL board in
slot 9.
{ <cr>|INTEGER<U><1,16> }:1 //Bind the line profile 1.
MA5300(config-board-shdsl9)#activate
{ all<K>|INTEGER<U><0,23> }:2 //Activate the port 2 of the SHDSL board
in slot 2
{ <cr>|INTEGER<U><1,16> }:1 //Bind the line profile 1
In global mode, you can use the command shdsl activate to activate the SHDSL port
list and VDSL ports of a specified board, or the command shdsl activate all to activate
all ports at one time.
MA5300(config)#shdsl activate
{ all<K>|INTEGER<U><0,15>|Shdsl<K> }: all //Activate all ports of SHDSL
boards.
{ <cr>|INTEGER<U><1,16> }:1 //Bind the line profile 1.
MA5300(config)#shdsl activate
{ all<K>|INTEGER<U><0,15>|Shdsl <K> }:11 //Activate all SHDSL ports of the
board in slot 11.
{ <cr>|INTEGER<U><1,16> }:1 //Bind the line profile 1.
MA5300(config)#shdsl activate
{ all<K>|INTEGER<U><0,15>|Shdsl <K> }:shdsl9/0/2
{ <cr>|to<K>|Shdsl <K>|INTEGER<U><1,16> }:to
{ Shdsl<K> }:shdsl9/0/9 //Activate ports shdsl9/0/2 shdsl9/0/9.
{ <cr>|Shdsl <K>|INTEGER<U><1,16> }:1 //Bind the line profile 1.
In board mode, you can use the command deactivate to deactivate an SHDSL port, or
the command deactivate all to deactivate all ports in the board at one time.
MA5300(config-board-Shdsl9)#deactivate all //Deactivate all SHDSL ports in
the board in slot 9.
MA5300(config-board-Shdsl9)#deactivate 2 //Deactivate the SHDSL port 2 in the
board in slot 9.
In global mode, you can use the command shdsl deactivate to deactivate the SHDSL
port list and SHDSL ports of a specified board, or the command shdsl deactivate all to
deactivate all ports at one time.
MA5300(config)#shdsl deactivate all //Deactivate ports of all SHDSL boards.
MA5300(config)#shdsl deactivate 9 //Deactivate all ports of the SHDSL board
in slot 9.
MA5300(config)#shdsl deactivate shdsl9/0/2 to shdsl 9/0/9 //Deactivate port
shdsl9/0/2 shdsl9/0/9.
When an SHDSL port is deactivated, the communication between ATU-R and ATU-C
terminates. To enable service transmission, you should re-activate the port first.
5-13
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 5 SHDSL Port Configuration
The SHDSL alarm profile is used to set alarm thresholds, count and supervise the
performances of an active SHDSL line. Upon the occurrence of threshold crossing, it
will inform the equipment of the event, and send alarms to the log host and the NMS. In
practice, as most of the ports share the same settings, the SHDSL alarm profile is
provided in the MA5300 system. When the profile is set successfully, it can be used to
activate a port directly.
Use the command shdsl alarm-profile add to add an SHDSL alarm profile.
Note:
The MA5300 is designed with an SHDSL alarm profile. It is named as ALARM-PROFILE-1, and numbered
1. By default, the system uses this profile for port activation.
To establish an SHDSL alarm profile, you need to set the downstream/upstream alarm
threshold parameters.
You can enter a profile number or press <Enter> to enable the system to designate a
number for it. As the profile number is unique, all ADSL alarm profiles are deleted and
modified by their respective number. The input profile number should fall within 2 16.
2) Set whether to use the default data.
During input, press 'CTRL+C' to quit, and then settings at this time are
neglected.
> Do you use the default data to create an alarm profile?(y/n)[y]:
5-14
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 5 SHDSL Port Configuration
This option prompts you whether to adopt the parameters of the default alarm profile to
create an SHDSL alarm profile. You can press N to create an alarm profile with new
parameters, or press Y or <Enter> to accept the systems suggestion, namely
adopting the default line profile to create a new SHDSL alarm profile. In this case, the
system will skip to Step 13, and prompt that add profile 3 successfully.
Note: to proceed with the steps below, you need to press N in Step 2.
3) Set loop attenuation alarm threshold.
> Loop attenuation threshold (0 127 dB)[0]:
The system collects performance data generated within any 15-minute period. If the
loop attenuation exceeds the threshold, the system will report an alarm.
4) Set SNR margin threshold.
> SNR margin threshold (0 10 dB)[0]:
The system collects SNR related performance data generated within any 15-minute
period. If the SNR margin exceeds the threshold, the system will report an alarm.
5) Set Errored Seconds (ES) threshold.
> ES threshold (0 900 second)[0]:
The system collects ES related performance data generated within any 15-minute
period. If the accumulative ES exceeds the threshold, the system will report an alarm.
6) Set Severely Errored Seconds (SES) threshold.
> SES threshold (0 900 second)[0]:
The system collects SES related performance data generated within any 15-minute
period. If the accumulative SES exceeds the threshold, the system will report an alarm.
7) Set CRC abnormality threshold.
> CRC anomalies number threshold (0 58981500)[0]:
The system collects CRC related performance data generated within any 15-minute
period. If the accumulative CRC exceeds the threshold, the system will report an alarm.
8) Set Loss of SYNC Failure (LOSW) threshold.
> LOSWS threshold (0 900 second)[0]:
The system collects LOSW related performance data generated within any 15-minute
period. If the LOSW exceeds the threshold, the system will report an alarm.
9) Set Unavailable Seconds (UAS) threshold.
> UAS threshold (0 900 second)[0]:
The system collects UAS related performance data generated within any 15-minute
period. If the UAS exceeds the threshold, the system will report an alarm.
After the alarm profile is added successfully with the above settings, the system
prompts the follows:
Add profile 2 successfully
5-15
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 5 SHDSL Port Configuration
To delete a specified SHDSL alarm profile, use the command shdsl alarm-profile
delete.
Note:
The default SHDSL alarm profile (numbered 1) cannot be deleted.
To modify a specified SHDSL alarm profile, use the command shdsl alarm-profile
modify. The procedure involved is similar to that of setting an SHDSL alarm profile.
MA5300(config)#shdsl alarm-profile modify 2
Start modifing profile 2.
During input, press 'CTRL+C' to quit, and then settings at this time are
neglected.
> Loop attenuation threshold (0 127 dB)[0]:50
> SNR margin threshold (0 10 dB)[0]:5
> ES threshold (0 900 second)[0]:10
> SES threshold (0 900 second)[0]:10
> CRC anomalies number threshold (0 58981500)[0]:60
> LOSWS threshold (0 900 second)[0]:10
> UAS threshold (0 900 second)[0]:10
Profile 2 has no binded port.
Modify profile 2 successfully.
MA5300(config)#
Upon the completion of profile modification, the system will prompt you whether to
validate the profile modification immediately. If yes, the system will interrupt all SHDSL
ports using this profile for several minutes; if not, you can validate it by deactivating the
ports first and then activating them. Board resetting can also validate a modified profile.
5-16
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 5 SHDSL Port Configuration
To query a specified SHDSL alarm profile, use the command show shdsl
alarm-profile. This example shows the default SHDSL alarm profile.
MA5300(config)#show shdsl alarm-profile 1
Alarm profile index :1
Alarm profile name :ALARM-PROFILE-1
Loop attenuation threshold (unit:dB) :0
SNR margin threshold (unit:dB) :0
ES threshold (unit:second) :0
SES threshold (unit:second) :0
CRC anomalies number threshold :0
LOSWS threshold (unit:second) :0
UAS threshold (unit:second) :0
Note:
The profile is the default alarm profile, whose parameters are shown above.
After setting an SHDSL alarm profile, you should bind an alarm profile with an SHDSL
port. By default, the port is bound with the alarm profile used last time.
1) In board mode, you can use the command alarm-config to bind an alarm profile
with an SHDSL port, or the command alarm-config all to complete the alarm
profile binding at one time.
5-17
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 5 SHDSL Port Configuration
2) In global mode, you can use the command shdsl alarm-config to bind the
SHDSL port list or an SHDSL port of specified board, or the command shdsl
alarm-config all to bind all ports at one time.
MA5300(config)#shdsl alarm-config all 1 //Bind ports of all SHDSL boards
with the alarm profile 1.
MA5300(config)#shdsl alarm-config 9 1 //Bind ports of the SHDSL board in
slot 9 with alarm profile 1.
MA5300(config)#shdsl alarm-config shdsl9/0/2 to shdsl9/0/9 1 //Bind alarm
profile 1 with shdsl9/0/2 shdsl9/0/9
3) In board mode, you can use the command no alarm-config to unbind an SHDSL
port, or the command no alarm-config all to unbind all ports at one time.
MA5300(config-board-shdsl9)#no alarm-config all //Unbind all ports of the
SHDSL board in slot 9.
MA5300(config-board-shdsl9)#no alarm-config 0 //Unbind port 0 of the SHDSL
board in slot 9.
4) In global mode, you can use the command no shdsl alarm-config to unbind the
SHDSL port list or SHDSL ports of designated, or the command no shdsl
alarm-config all to unbind all ports at one time.
MA5300(config)#no shdsl alarm-config //Unbind ports of all SHDSL board
MA5300(config)#no shdsl alarm-config 9 //Unbind all ports of the SHDSL board
in slot 9.
MA5300(config)#no shdsl alarm-config shdsl9/0/2 to shdsl 9/0/9 //Unbind
ports shdsl9/0/2 shdsl 9/0/9
If an SHDSL port is in active state before being bound with a profile, such a profile takes
effect immediately without port reactivating. If an SHDSL port is in deactive state before
being bound with a profile, such a profile binding will not take effect until the SHDSL
port is activated.
After an SHDSL port is activated, it will monitor and count the performance of the line.
When a performance statistics exceeds the threshold, the system will send alarm report
to the log host and the NMS.
5-18
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 5 SHDSL Port Configuration
Upon the occurrence of fault on an SHDSL port, you can use the command chipset
reset to reset SHDSL chipset.
MA5300(config-board-shdsl9)#chipset reset 1
In board mode, you can use the command show port state to view all information on
an SHDSL port, or the command show port state all to view the brief information on
the port.
In global mode, you can use the command show shdsl port state to obtain the same
information.
MA5300(config)#board-shdsl 9
MA5300(config-board-shdsl9)#show port state 2
interface Line- Alarm- --Pvc-- --Car-- enable blocked loopback power-
Profile Profile vpi/vci up/down type backoff
-------------------------------------------------------------------
Shdsl9/0/2 1 1 0/35 36/36 No No No enhanced
MA5300(config-board-shdsl9)#show port state all
Interface Line- Alarm- --Pvc-- --Car-- enable blocked loopback power-
Profile Profile vpi/vci up/down type backoff
-------------------------------------------------------------------
Shdsl9/0/0 1 1 0/35 36/36 No No No enhanced
Shdsl9/0/1 1 1 0/35 36/36 No No No enhanced
Shdsl9/0/2 1 1 0/35 36/36 No No No enhanced
Shdsl9/0/3 1 1 0/35 36/36 No No No enhanced
Shdsl9/0/4 1 1 0/35 36/36 No No No enhanced
Shdsl9/0/5 1 1 0/35 36/36 No No No enhanced
Shdsl9/0/6 1 1 0/35 36/36 No No No enhanced
Shdsl9/0/7 1 1 0/35 36/36 No No No enhanced
Shdsl9/0/8 1 1 0/35 36/36 No No No enhanced
Shdsl9/0/9 1 1 0/35 36/36 No No No enhanced
Shdsl9/0/10 1 1 0/35 36/36 No No No enhanced
Shdsl9/0/11 1 1 0/35 36/36 No No No enhanced
Shdsl9/0/12 1 1 0/35 36/36 No No No enhanced
Shdsl9/0/13 1 1 0/35 36/36 No No No enhanced
Shdsl9/0/14 1 1 0/35 36/36 No No No enhanced
Shdsl9/0/15 1 1 0/35 36/36 No No No enhanced
5-19
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 5 SHDSL Port Configuration
In global mode, you can use the command show interface to view all information on a
port, which is the same as the information made available when using the command
show port state.
MA5300(config)#show interface shdsl 9/0/2
Shdsl9/0/2 is administratively down
The SHDSL link is defective
Bind Line-profile No.1 LINE-PROFILE-1
Bind alarm-profile No.1 ALARM-PROFILE-1
Hardware is Ethernet over ATM over SHDSL, Hardware address is 00e0.fc00.0009
Last UP time: 0000-00-00 00:00:00.0
Last DOWN time: 0000-00-00 00:00:00.0
Line coding type is TC-PAM
PVC: vpi is 0, vci is 35
CAR: ds-band is 36, us-band is 36
PVID is 1
Priority is 0
Max mac-address learning count: 9
Max multicast group count: 3
Port mode: access
Tagged VLAN ID: none
Untagged VLAN ID: 1
Output: 0 packets, 0 cells
Input: 0 packets, 0 cells
To CPU: 0 packets
Discard: 0 packets
To view the line status of a port, use the command show line state in the board mode:
MA5300(config-board-shdsl9)#show line state 2
interface repeaternum max_rate act_rate mode LinkStatus
(kbps) (kbps)
5-20
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 5 SHDSL Port Configuration
-------------------------------------------------------------------
Shdsl9/0/2 0 0 0 G.991.2 annex B defective
MA5300(config-board-shdsl9)#
Use the command show statistics performance to view the performance statistics of
an SHDSL port, including performance statistics for last 15 minutes and last 24 hours.
MA5300(config-board-shdsl9)#show statistics performance 2 current
When a port is set with loopback, the Ethernet frames sent from the port will be sent
back. By comparing the transmitted frames with the received ones, the system can
determine whether the link is normal. The MA5300 supports setting
office-end/remote-end loopback for an SHDSL port. In office-end loopback, you only
need to test the switch chips and the office-end VDSL, without setting up any VDSL link.
However, the office-end loopback be set only when the link is deactivated.
5-21
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 5 SHDSL Port Configuration
Use the command loopback to set office-end/remote-end loopback for an SHDSL port.
After a port is set with loopback, it is no longer able to forward data packets correctly. If
not properly isolated, it may cause multicast storm. Therefore, upon the completion of
test, you should disable the loopback immediately using the command no loopback.
By default, port loopback is disabled.
MA5300(config-if-Shdsl9/0/2)#loopback local
MA5300(config-if-Shdsl9/0/2)#loopback remote
The command loopback is just used to set loopback for a port. CPU alone cannot send
test frames. To enable the CPU to send test frames, it should be assisted with the ports
of auxiliary equipment.
5-22
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 6 VLAN Configuration
6.1 Overview
Virtual Local Area Network (VLAN) is a technology used to form virtual workgroups by
grouping the devices of a LAN logically. IEEE issued the IEEE 802.1Q in 1999, aiming
at standardizing VLAN solutions.
You can define VLANs to divide a physical LAN into different logically broadcast
domains. Each domain is referred to as a virtual LAN, namely, a VLAN. Each VLAN has
a group of workstations with the same attributes. Although a VLAN is similar to a LAN in
effect, it only exists logically. The workstations in a VLAN do not have to belong to the
same physical LAN. The broadcast and unicast traffic within a VLAN will not be
forwarded to other VLANs.
VLAN helps to control network traffic, save the device investment, simplify network
management and improve security.
To configure a VLAN, first create the VLAN, and then configure the VLAN ports and the
associated parameters.
I. Creating/Deleting a VLAN
If the VLAN to be created already exists, enter VLAN mode directly. Otherwise, create
the VLAN first, and then enter VLAN mode.
To create a VLAN, use the vlan command in global mode. By default, the created
VLAN is a general one.
To delete a VLAN, use the no vlan command in global mode. By default, VLAN 1
cannot be deleted.
MA5300(config)#vlan 2
MA5300(config)#no vlan 2
6-1
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 6 VLAN Configuration
Based on the actual networking conditions, you can enable L2 user isolation by
allocating different ports to different VLANs, or enable L2 user interconnection by
allocating different ports to the same VLAN.
By default, the system adds all the ports to a default VLAN (namely VLAN 1).
In VLAN mode, you can use the switchport command to add a port to a VLAN, or the
no switchport command to delete a port from a VLAN.
MA5300(config-vlan2)#switchport vdsl 5/0/0 to vdsl 5/0/23
MA5300(config-vlan2)#no switchport vdsl 5/0/0 to vdsl 5/0/23
When the configuration completes, you can use the show vlan command to query
VLAN interface information.
1) To query the brief VLAN information, use the show vlan command.
MA5300(config)#show vlan
Now, the following vlan exist(s):
1(default), 2
2) To query detailed information on all VLANs, use the show vlan all command.
MA5300(config)#show vlan all
VLAN ID: 1
VLAN Type: static
Route Interface: configured
IP Address: 10.71.53.2
Subnet Mask: 255.255.255.128
Tagged Ports: none
Untagged Ports:
Adsl1/0/0 Adsl1/0/1 Adsl1/0/2
Adsl1/0/3 Adsl1/0/4 Adsl1/0/5
Adsl1/0/6 Adsl1/0/7 Adsl1/0/8
Adsl1/0/9 Adsl1/0/10 Adsl1/0/11
Adsl1/0/12 Adsl1/0/13 Adsl1/0/14
Adsl1/0/15 Adsl1/0/16 Adsl1/0/17
Adsl1/0/18 Adsl1/0/19 Adsl1/0/20
Adsl1/0/21 Adsl1/0/22 Adsl1/0/23
Adsl1/0/24 Adsl1/0/25 Adsl1/0/26
Adsl1/0/27 Adsl1/0/28 Adsl1/0/29
Adsl1/0/30 Adsl1/0/31 Adsl1/0/32
Adsl1/0/33 Adsl1/0/34 Adsl1/0/35
Adsl1/0/36 Adsl1/0/37 Adsl1/0/38
Adsl1/0/39 Adsl1/0/40 Adsl1/0/41
6-2
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 6 VLAN Configuration
VLAN ID: 2
VLAN Type: static
Route Interface: configured
IP Address: 10.71.53.3
Subnet Mask: 255.255.255.0
Tagged Ports: none
Untagged Ports:
Vdsl5/0/0 Vdsl5/0/1 Vdsl5/0/2
Vdsl5/0/3 Vdsl5/0/4 Vdsl5/0/5
Vdsl5/0/6 Vdsl5/0/7 Vdsl5/0/8
Vdsl5/0/9 Vdsl5/0/10 Vdsl5/0/11
Vdsl5/0/12 Vdsl5/0/13 Vdsl5/0/14
Vdsl5/0/15 Vdsl5/0/16 Vdsl5/0/17
Vdsl5/0/18 Vdsl5/0/19 Vdsl5/0/20
Vdsl5/0/21 Vdsl5/0/22 Vdsl5/0/23
Ethernet7/2/3
3) To query detailed information on a specific VLAN, use the command show vlan
id.
MA5300(config)#show vlan 1
VLAN ID: 1
VLAN Type: static
Route Interface: configured
IP Address: 10.71.53.2
Subnet Mask: 255.255.255.128
Tagged Ports: none
Untagged Ports:
Adsl1/0/0 Adsl1/0/1 Adsl1/0/2
Adsl1/0/3 Adsl1/0/4 Adsl1/0/5
Adsl1/0/6 Adsl1/0/7 Adsl1/0/8
Adsl1/0/9 Adsl1/0/10 Adsl1/0/11
Adsl1/0/12 Adsl1/0/13 Adsl1/0/14
Adsl1/0/15 Adsl1/0/16 Adsl1/0/17
Adsl1/0/18 Adsl1/0/19 Adsl1/0/20
Adsl1/0/21 Adsl1/0/22 Adsl1/0/23
Adsl1/0/24 Adsl1/0/25 Adsl1/0/26
Adsl1/0/27 Adsl1/0/28 Adsl1/0/29
Adsl1/0/30 Adsl1/0/31 Adsl1/0/32
Adsl1/0/33 Adsl1/0/34 Adsl1/0/35
6-3
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 6 VLAN Configuration
Before adding a VLAN interface, you should create a VLAN. Up to 32 VLAN interfaces
can be created in the system.
In global mode, you can use the interface vlan-interface command to add a VLAN
interface and enter VLAN interface mode, or use the no interface vlan-interface
command to delete the VLAN interface.
MA5300(config)#interface vlan-interface 2
MA5300(config)#no interface vlan-interface 2
To initiate the L3 functions on a VLAN interface, you should assign an IP address and a
mask for it.
In VLAN interface mode, you can use the ip address command to set the IP address
and mask for the interface, or use the no ip address command to delete the IP address
for the interface.
MA5300(config-if-VLAN-interface2)#ip address 10.71.83.2 255.255.255.128
MA5300(config-if-VLAN-interface2)#no ip address
Enabling or disabling a VLAN interface does not change the state of the Ethernet ports,
VDSL ports and ADSL ports belonging to the VLAN interface, that is to say, the normal
services on these ports are not affected.
In VLAN interface mode, you can use the shutdown command to disable a VLAN
interface, or the no shutdown command to enable a VLAN interface.
MA5300(config-if-VLAN-interface2)#shutdown
6-4
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 6 VLAN Configuration
% 1[2003-07-04 16:23:19]:IFNET-1-UPDOWN:
Line protocol on interface VLAN-interface1, changed state to DOWN
To query the status and configurations of a VLAN interface, use the show interface
vlan-interface command.
MA5300(config-if-VLAN-interface2)#show interface vlan-interface 2
VLAN-interface2 is administratively down, line protocol is down
Description : HUAWEI, Quidway Series, VLAN-interface1 Interface
The Maximum Transmit Unit is 1500
Internet Address is 10.71.53.2/25
IP Sending Frames' Format is PKTFMT_ETHNT_2, Hardware address is
00e0.fc11.19c3
VLAN Trunk refers to the aggregation of multiple VLANs on one interface (group) to
enable interconnection between various devices. With the VLAN Trunk function, one or
more VLAN on a device can interconnect with the same VLAN(s) on the peer device
that is in the same interface (group). To achieve VLAN interconnection within the whole
network, each packet in a VLAN is labeled with an 802.1Q label to differentiate itself
from packets from other VLANs.
An Ethernet port or VDSL port is in either Access mode or Trunk mode. By default, the
port is in Access mode.
In Ethernet or VDSL port mode, you can use the switchport mode trunk command to
set a port as a Trunk port, or the no switchport mode command to restore it to an
access port.
MA5300(config-if-Ethernet7/2/0)#switchport mode trunk
MA5300(config-if-Ethernet7/2/0)#no switchport mode
II. Specifying the VLAN(s) whose traffic is allowed to pass the Trunk port
By specifying the VLAN(s) whose traffic is allowed to pass the Trunk port, you can
enable the interconnection between multiple VLANs on the local device, or with the
same VLAN(s) on the peer device.
6-5
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 6 VLAN Configuration
In Ethernet or VDSL port mode, you can use the switchport trunk allowed command
to specify the VLAN(s) whose traffic is allowed to pass the Trunk port, or use the no
switchport trunk allowed command to delete such VLAN(s).
MA5300(config-if-Ethernet7/2/0)#switchport trunk allowed vlan 2 10 to 15
MA5300(config-if-Ethernet7/2/0)#no switchport trunk allowed vlan 2 10 to 15
Once set with a default VLAN ID, upon receiving an unlabeled packet, the Trunk port
will forward it to the VLAN with the default VLAN ID. Packet receiving and forwarding
comply with IEEE 802.1Q standards.
To validate this setting, make sure the following conditions are met:
z The VLAN with the default VLAN ID already exists.
z The traffic of this VLAN is allowed to pass the Trunk port.
z The default VLAN ID of the local Trunk port is the same as that of the peer Trunk
port.
By default, the default VLAN ID is 1.
In port mode, you can use the switchport trunk native command to specify the default
VLAN ID of the Trunk port, or the no switchport trunk native command to restore the
default VLAN ID of the Trunk port.
MA5300(config-if-Ethernet7/2/0)#switchport trunk native vlan 2
The MA5300 enables the interconnection of two LANs located in different network
segments.
With the LAN interconnection function, you can enable high-speed interconnection
between two remote users by allocating the two users to the same VLAN. In addition, if
the two users obtain access to the Internet through an access device, they can further
enjoy the high-speed leased line services.
6-6
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 6 VLAN Configuration
I. Networking description
CON=>Aux7/0/0
E E ETH=>M-Ethernet7/0/1
MON
V A
GE=>7/1/0
D D GE=>7/1/1
A A
FE=>7/2/0
FE=>7/2/1
FE=>7/2/2
FE=>7/2/3
PC1 PC2
1) PC1 is connected to the 0/0/0 port on the MA5300s EVDA board. The IP address
of PC1 is 10.1.1.1/24.
2) PC2 is connected to the 1/0/0 port on the MA5300s EADA board. The IP address
of PC2 is 10.1.1.2/24.
3) Both PC1 and PC2 belong to VLAN2.
4) The upstream rate for the VDSL user is 1.5M, and the downstream rate is 4M.
5) The upstream rate for the ADSL user is 0.5M, and the downstream rate is 2M. The
working mode is the interleave mode.
6) ADSL RTU works in 1483B mode; VPI/VCI=0/35
This example shows how to create a VLAN and add the ports to this VLAN.
MA5300>enable
MA5300#configure terminal
Enter configuration commands, one per line. End with Ctrl+Z.
MA5300(config)#vlan 2
MA5300(config-vlan2)#switchport vdsl 0/0/0
MA5300(config-vlan2)#switchport adsl 1/0/0
MA5300(config-vlan2)#exit
6-7
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 6 VLAN Configuration
> Signal to noise ratio margin in upstream: precision 0.1dB(0.0 - 31.0 dB)
[6.0]:
> Will you set downstream PSDMask?(y/n)[n]:
> Will you set upstream PSDMask?(y/n)[n]:
Add profile 2 successfully
6-8
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 6 VLAN Configuration
This example shows how to activate port vdsl 0/0/0 and bind it with line profile 2.
MA5300(config)#vdsl activate vdsl 0/0/0 2
6-9
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 6 VLAN Configuration
6-10
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 6 VLAN Configuration
Vdsl0/0/0 Adsl1/0/0
Upon successful completion of the configuration, the two ports vdsl0/0/0 and adsl1/0/0
can interconnect with each other.
The MA5300 supports interconnection between multiple VLANs on the local equipment
or with the same VLANs on the peer device that are in the same interface (group).
To enable such interconnection, one interface (group) should support multiple VLANs
using the VLAN Trunk function.
I. Networking description
CON=>Aux7/0/0
FE=>2/0/0
E E ETH=>M-Ethernet7/0/1 FE=>2/0/1
MON M FE=>2/0/2 N
V A FE=>2/0/3
GE=>7/1/0 GE=>1/0/0
D D
GE=>7/1/1 GE=>1/0/1
P E
A A
FE=>7/2/0 FE=>2/0/12
FE=>7/2/1 U FE=>2/0/13 T
FE=>7/2/2 FE=>2/0/14
FE=>7/2/3 FE=>2/0/15
1) PC1 is connected to the 0/0/0 port on the MA5300s EVDA board. The IP address
of PC1 is 10.1.1.1/24; the IP address of the gateway 10.1.1.254.
2) PC2 is connected to the 1/0/0 port on the MA5300s EADA board. The IP address
of PC2 is 10.1.1.2/24.
3) The IP address of the server is 10.1.3.1/24; the IP address of the gateway is
10.1.3.254.
4) Port 0/0/0 belongs to VLAN 10, and port 1/0/0 belongs to VLAN 20.
5) MA5300 is connected to an S8016 through a GE port (Trunk mode) that allows the
traffic of VLAN 10 and VLAN 20.
6) The upstream/downstream rates for the VDSL user are 1.5M and 4M respectively.
6-11
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 6 VLAN Configuration
7) The upstream/downstream rates for the ADSL user are 0.5M and 2M respectively.
The working mode is fast mode.
8) ADSL RTU works in 1483B mode; VPI/VCI = 0/35.
9) VLAN 10, VLAN 20, VLAN 100 and VLAN 200 are configured on the S8016. VLAN
100 is the Super VLAN, which includes two sub VLANsVLAN 10 and VLAN
20.The IP address of VLAN 100 is 10.1.1.254/24, and the IP address of VLAN 200
is 10.1.3.254/24.
6-12
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 6 VLAN Configuration
> Signal to noise ratio margin in upstream: precision 0.1dB(0.0 - 31.0 dB)
[6.0]:
> Will you set downstream PSDMask?(y/n)[n]:
> Will you set upstream PSDMask?(y/n)[n]:
Add profile 2 successfully
6-13
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 6 VLAN Configuration
This example shows how to activate port vdsl 0/0/0 and bind it with line profile 2.
MA5300(config)#vdsl activate vdsl 0/0/0 2
Upon successful completion of the configuration, the two ports vdsl0/0/0 and adsl1/0/0
can interconnect with each other.
6-14
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 7 Smart VLAN Configuration
7.1 Overview
Smart VLAN is a new feature of the MA5300. It is applied in residential area to provide
access to Internet. With this technology, multiple downstream ports (VDSL/ADSL users)
and one upstream port can be grouped into a Smart VLAN. Meanwhile, the system
creates internal mapping between the upstream port and downstream ports, thus
allowing the isolation of L2 messages of different users.
Smart VLAN does not hamper the implementation of general VLAN. In the MA5300, it is
still achievable to implement the L2 message isolation for some ports while realizing the
L2 message interconnection for others. You can add the user ports into a Smart VLAN
for L2 message interconnection through the mapping created by the system, or add
them into a general VLAN for L2 message exchange.
In global mode, use the vlan command to create a VLAN. By default, the VLAN to be
created is a general one.
MA5300(config)#vlan 12
MA5300(config-vlan12)#
To specify a VLAN as a Smart VLAN, use the svlan-type smart command in VLAN
mode. The MA5300 can be configured with 255 Smart VLANs, with VLAN IDs ranging
from 2 to 4000. However, you cannot define the default VLAN (namely VLAN 1) as a
Smart VLAN. When a Smart VLAN is created, ports included in the original VLAN serve
as the downstream ports of the Smart VLAN.
MA5300(config-vlan12)#vlan-type smart
7-1
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 7 Smart VLAN Configuration
In VLAN mode, use the no vlan-type smart command to cancel the setting of Smart
VLAN. Before canceling the VLAN as a Smart one, you must delete its upstream port
and downstream ports.
MA5300(config-vlan12)#no vlan-type smart
The above command can turn Smart VLAN 12 into a general VLAN, without deleting all
upstream/downstream ports included in Smart VLAN 12. Meanwhile, the system
cancels the original isolation state, allowing these ports to be included in the general
VLAN 12.
To perform the following configurations, you need to first set the VLAN type as the
Smart VLAN in VLAN mode.
In VLAN mode, use the svlan-upport command to add an upstream port to the Smart
VLAN. You can add multiple upstream ports to a Smart VLAN.
There is no limitation on the mode of the upstream port. An upstream port of a Smart
VLAN can be a master PA port (namely master aggregated port), Trunk port or access
port. However, it cannot be the access port (regardless of upstream or downstream port)
of any other Smart VLAN, or the downstream port of its own. Besides, the upstream
port must be the FE/GE port of the ESM board rather than the port of service boards
(such as VDSL port, ADSL port or SHDSL port).
z To set the upstream port of the Smart VLAN as an aggregated port, you have to
enable port aggregation first. Next, you need to use the number of the master port
in the aggregation group to specify the aggregated port as the upstream port of the
Smart VLAN.
MA5300(config)#link-aggregation ethernet 7/2/0 to ethernet 7/2/1 ingress
MA5300(config)#vlan 12
MA5300(config-vlan12)#svlan-upport ethernet 7/2/0
z To set the upstream port of the Smart VLAN as a Trunk port, you have to add the
upstream port to the Smart VLAN first, and then specify this port as a Trunk port.
MA5300(config-vlan10)#svlan-upport e7/2/0
MA5300(config-vlan10)#exit
MA5300(config)#interface ethernet 7/2/0
MA5300(config-if-Ethernet7/2/0)#switchport mode trunk
In VLAN mode, you can use the no svlan-upport command to delete the upstream
port from the Smart VLAN.
MA5300(config-vlan1000)#no svlan-upport ethernet 7/2/0
It is not allowed to delete the upstream ports of a Smart VLAN by running the command
switchport in any other VLAN mode to add these upstream ports to the mentioned
VLAN. However, this method is applicable to a general VLAN.
7-2
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 7 Smart VLAN Configuration
In VLAN mode, you can use the svlan-downport command to add downstream ports
to the Smart VLAN, or the no svlan-downport command to delete downstream ports
from the Smart VLAN. You can add multiple downstream ports to a Smart VLAN.
The downstream ports of a Smart VLAN can be the ports of ESM boards (namely FE
ports or GE ports), or the ports of service boards (namely FE ports, ADSL ports, VDSL
ports, or SHDSL ports). There is no limitation on the mode of downstream ports. A
downstream port can be a Trunk port, access port or PA port. In the case of PA port, it
can only be the port of the ESM board (namely FE or GE port).
This example shows how to add the downstream port adsl 1/0/0 to SVLAN 12.
MA5300(config-vlan2)#switchport adsl 1/0/0
MA5300(config-vlan2)#no switchport adsl 1/0/0
MA5300(config-vlan12)# svlan-downport adsl 1/0/0
Through the above operation, you can add the access ports of a general VLAN to a
smart VLAN. However, you cannot add the access ports (both upstream and
downstream) of other Smart VLANs or the upstream ports of the Smart VLAN itself to
the Smart VLAN.
This example shows how to delete port adsl 1/0/0 from SVLAN 12.
MA5300(config-vlan12)# no svlan-downport adsl 1/0/0
It is not allowed to delete the downstream ports of a Smart VLAN by running the
command switchport in any other VLAN mode to add these downstream ports to the
mentioned VLAN. However, this method is applicable to a general VLAN.
You can also run the command svlan-downport in port mode. However, when this
command is executed in port mode, its form is different from that in VLAN mode. You
need to specify the VLAN in port mode, whereas you need to specify the port in VLAN
mode.
This example shows how to add downstream port Ethernet7/1/0 to SVLAN 12 in port
mode.
MA5300(config-if-Ethernet7/1/0)# svlan-downport vlan 12
Note:
z If the downstream ports of a Smart VLAN are set as Trunk ports, these ports cannot communicate with
each other in any other general VLAN.
z If ports of two interface boards belong to the same Smart VLAN, other ports of these interface boards
cannot communicate with each other in any VLAN.
7-3
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 7 Smart VLAN Configuration
VLAN ID: 3
VLAN Type: static,Smart
Route Interface: not configured
Up Ports:
Ethernet7/1/1
Down Ports:
Adsl1/0/0
VLAN ID: 5
VLAN Type: static,Smart
Route Interface: not configured
Up Ports:
Ethernet7/1/3
Down Ports:
Vdsl5/0/2
3) Display detailed information on a Smart VLAN
MA5300(config)#show vlan smart 2
VLAN ID: 2
VLAN Type: static,Smart
Route Interface: not configured
Up Ports:
Ethernet7/1/3
Down Ports:
Ethernet7/1/2
7-4
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 7 Smart VLAN Configuration
I. Networking description
CON=>Aux7/0/0
FE=>2/0/0
E E ETH=>M-Ethernet7/0/1 FE=>2/0/1
MON M FE=>2/0/2 N
V A FE=>2/0/3
GE=>7/1/0 GE=>1/0/0
D D
GE=>7/1/1 GE=>1/0/1
P E
A A
FE=>7/2/0 FE=>2/0/12
FE=>7/2/1 U FE=>2/0/13 T
FE=>7/2/2 FE=>2/0/14
FE=>7/2/3 FE=>2/0/15
1) PC1 is connected to the 0/0/0 port on the MA5300s EVDA board. The IP address
of PC1 is 10.1.1.1/24; the IP address of the gateway 10.1.1.254.
2) PC2 is connected to the 1/0/0 port on the MA5300s EADA board. The IP address
of PC2 is 10.1.1.2/24; the IP address of the gateway 10.1.1.254.
3) The IP address of the server is 10.1.3.1/24; the IP address of the gateway is
10.1.3.254.
4) Set VLAN 100 as the Smart VLAN. The upstream port of Smart VLAN is
GigabitEthernet 7/1/0, and the packets sent by the upstream port are not labeled
with VLAN tags. The downstream ports include vdsl0/0/0 and adsl1/0/0.
5) VDSL and ADSL users use the default profile for port activation.
6) ADSL RTU works in 1483B mode; VPI/VCI = 0/35.
7) VLAN 100 and VLAN 200 are configured on the S8016. The IP address of VLAN
100 is 10.1.1.254/24. The IP address of VLAN 200 is 10.1.3.254/24.
7-5
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 7 Smart VLAN Configuration
This example shows how to activate port vdsl 0/0/0 and bind it with the default line
profile.
MA5300(config)#vdsl activate vdsl 0/0/0 1
This example shows how to activate port adsl1/0/0, and bind it with the default line
profile.
MA5300(config)#adsl activate adsl 1/0/0 1
I. Networking description
CON=>Aux7/0/0
FE=>2/0/0
E E ETH=>M-Ethernet7/0/1 FE=>2/0/1
MON M FE=>2/0/2 N
V A FE=>2/0/3
GE=>7/1/0 GE=>1/0/0
D D
GE=>7/1/1 GE=>1/0/1
P E
A A
FE=>7/2/0 FE=>2/0/12
FE=>7/2/1 U FE=>2/0/13 T
FE=>7/2/2 FE=>2/0/14
FE=>7/2/3 FE=>2/0/15
1) PC1 is connected to the 0/0/0 port on the MA5300s EVDA board. The IP address
of PC1 is 10.1.1.1/24; the IP address of the gateway 10.1.1.254.
7-6
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 7 Smart VLAN Configuration
2) PC2 is connected to the 1/0/0 port on the MA5300s EADA board. The IP address
of PC2 is 10.1.1.2/24; the IP address of the gateway 10.1.1.254.
3) The IP address of the server is 10.1.3.1/24; the IP address of the gateway is
10.1.3.254.
4) Set VLAN 100 as the Smart VLAN. The upstream port of Smart VLAN is
GigabitEthernet 7/1/0. The downstream ports include vdsl0/0/0 and adsl1/0/0.
5) VLAN 200 is the management VLAN.
6) VDSL and ADSL users use the default profile.
7) ADSL RTU works in 1483B mode; VPI/VCI = 0/35.
8) VLAN 100 and VLAN 200 are configured on the S8016. The IP address of VLAN
100 is 10.1.1.254/24, and the IP address of VLAN 200 is 10.1.3.254/24.
IV. Enabling traffic of the management VLAN to pass the upstream port
This example shows how to enable traffic of the management VLAN to pass the
upstream port.
MA5300(config)#interface GigabitEthernet 7/1/0
MA5300(config-if-GigabitEthernet7/1/0)#switchport mode trunk
MA5300(config-if-GigabitEthernet7/1/0)#switchport trunk allowed vlan 200
7-7
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 7 Smart VLAN Configuration
MA5300(config-if-Adsl1/0/0)#exit
This example shows how to activate port vdsl 0/0/0 and bind it with the default line
profile.
MA5300(config)#vdsl activate vdsl 0/0/0 1
To activate port adsl1/0/0, and bind it with the default line profile.
MA5300(config)#adsl activate adsl 1/0/0 1
7-8
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 8 MUX VLAN Configuration
8.1 Overview
MUX VLAN is a new feature of the MA5300. It is applied in residential area to offer
Internet access. With the MUX VLAN function, the system can automatically designate
VLANs to the ports on various interface boards when:
z The upstream port and the range of the MUX VLANs have been specified, or
z The cascading port and the range of the cascaded MUX VLANs have been
specified.
This eventually helps simplify the data configuration.
The system supports up to 4K VLANs. MUX VLAN cannot coexist with a general VLAN
and/or a Smart VLAN.
To configure MUX VLAN, you have to enable the MUX VLAN function first. By default,
the MUX VLAN is disabled.
When MUX VLAN is enabled using the global command mux-vlan, the system will
back up the configuration files in common mode. Then at the next startup, the system
will use the configuration files in MUX VLAN mode.
MA5300(config)#mux-vlan
When MUX VLAN is disabled using the no mux-vlan command, the system will back
up the configuration files in MUX VLAN mode. Then at the next startup, the system will
use the configuration files in common mode.
MA5300(config)#no mux-vlan
8-1
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 8 MUX VLAN Configuration
MUX VLAN configuration profile specifies the start MUX VLAN ID, the number of
VLANs in a group (or a slot), as well as the maximum number of MUX VLAN groups for
the device. This profile sets limits on parameter settings of the uplink port and the
cascading port of the MUX VLAN.
To configure the MUX VLAN configuration profile, use the command mux-vlan
config-profile.
Parameters specification:
start-vlanid: Specifies the start MUX VLAN ID for the device, which is a multiplier of 96,
ranging from 8 to 3976.
vlan-num-per-group: Specifies the number of VLANs in each group or slot. The options
are 24, 48 and 64, and the default is 48.
vlan-group-num: Specifies maximum number of MUX VLAN groups allowed for the
device, including the VLAN groups configured for this device and those for the
cascading port. It is in range of 1 166, and the default is 80. This parameter is optional.
When it is not specified, the value will be the maximum number of MUX VLAN groups
allowed in full configuration.
The example shows how to set the start MUX VLAN ID to 128, the number of VLANs in
each group to 48, and the maximum number of MUX VLAN groups to 80.
MA5300(config)#mux-vlan config-profile 128 48 80
This section introduces how to specify the upstream port and the range of local MUX
VLAN.
If the upstream port and the range of the local MUX VLAN are specified, the system will
automatically allocate VLANs to all the ports (including ADSL ports and VDSL ports) of
the interface boards. As a result, it simplifies the data configuration.
The upstream port of the MUX VLAN can only be on the ESM board, namely, an FE
port or a GE port.
8-2
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 8 MUX VLAN Configuration
The start VLAN ID and the number of VLAN groups of the MUX VLAN set a limit on the
range of the local VLAN.
In global mode, use the mux-vlan uplink-port command to set the upstream port and
the range of the local MUX VLAN; use the no mux-vlan uplink-port command to
cancel the setting.
MA5300(config)#mux-vlan config-profile 32 48 95
MA5300(config)#mux-vlan uplink-port
{ interface<K> }:interface
{ Ethernet<K>|GigabitEthernet<K> }:ethernet
{ <7-7> }:7/2/0 //Specify the upstream port as ethernet7/2/0.
{ local-vlan<K> }:local-vlan //Specify the local VLAN.
{ INTEGER<U><32,3976> }:128 //Set the start VLAN ID.
{ INTEGER<U><0,95> }:14 //Set the number of VLAN groups.
Please wait... Done.
Now, the system will automatically allocate VLANs for the 14 interface boards. The start
VLAN ID is 128. Each board, namely one VLAN group, has 48 VLANs.
The first board contains VLANs from VLAN 128 to VLAN 175. The second board
contains VLANs from VLAN 176 to VLAN 223. The same rule applies to the rest
interface boards.
8-3
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 8 MUX VLAN Configuration
If multiple MA5300s are cascaded, you can enable the system to automatically allocate
VLANs for those MA5300s by specifying the cascading port and the range of the
cascaded MUX VLANs.
The cascading port of the MUX VLAN must be on the ESM board, namely, it should be
a FE port or a GE port. The start VLAN ID and the number of VLAN groups determine
the range of the cascaded MUX VLANs, that is, the range of the VLANs of the
cascaded devices. Each VLAN group has 48 VLANs.
I. Specifying the cascading port and range of the cascaded MUX VLANs
In global mode, use the mux-vlan cascading-port command to specify the cascading
port and range of the cascaded MUX VLANs, or use the no mux-vlan cascading-port
command to cancel the setting.
MA5300(config)#mux-vlan cascading-port
{ interface<K> }:interface
{ Ethernet<K>|GigabitEthernet<K> }:ethernet
{ <7-7> }:7/2/1 //Specify the cascading port as ethernet7/2/1.
{ cascading-vlan<K> }:cascading-vlan //Set the range of the VLANs of the
cascading devices.
{ INTEGER<U><128,3872> }:800 //Set the start VLAN ID for the cascading
devices.
{ INTEGER<U><2,80> }:14 //Set the number of VLAN groups for the
cascading devices.
Please wait... Done.
8-4
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 8 MUX VLAN Configuration
Interface Ethernet7/2/1
Mux-vlan ID: 800 - 1471
VLAN group(s) number: 14
Mux-VLAN(s) number: 672
You can use the default MUX VLAN setting for an interface board or set the port
manually as desired.
Modifying the start VLAN ID of an interface board will change the MUX VLAN settings
of that board. After the modified start VLAN ID is used, the system will automatically
delete the previous settings.
8-5
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 8 MUX VLAN Configuration
In global mode, use the mux-vlan slot command to set MUX VLAN for a specified
interface board.
MA5300(config)#mux-vlan slot
{ INTEGER<U><0,15> }:1 //Specify the board.
{ idle<K>|start-vlanid<K> }:start-vlanid //Set the start VLAN ID of the
board.
{ INTEGER<U><128,3920 }:128
Please wait... Done.
Specify that the board in slot 1 includes MUX VLANs ranging from VLAN 128 to VLAN
175.
If this MUX VLAN setting of the board conflicts with that of the board in slot 0, cancel the
MUX VLAN setting of the board in slot 0, and keep the settings of other boards
unchanged.
MA5300(config)#show mux-vlan
Mux-vlan is enabled.
Uplink port: interface Ethernet7/2/0
Local mux-vlan ID: 128 - 799
VLAN-group(s) number: 14
Mux-vlan(s) number: 672
Interface Ethernet7/2/1
Mux-vlan ID: 800 - 1471
VLAN group(s) number: 14
Mux-VLAN(s) number: 672
8-6
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 8 MUX VLAN Configuration
Use the idle keyword to cancel the MUX VLAN setting of a specified interface board.
MA5300(config)#mux-vlan slot
{ INTEGER<U><0,15> }:2 //Specify the board.
{ idle<K>|start-vlanid<K> }:idle //Cancel the MUX VLAN setting of
the board.
Please wait... Done.
MA5300(config)#show mux-vlan
Mux-vlan is enabled
Uplink port: interface Ethernet7/2/0
Local mux-vlan ID: 128 - 799
VLAN-group(s) number: 14
Mux-vlan(s) number: 672
Interface Ethernet7/2/1
Mux-vlan ID: 800 - 1471
VLAN group(s) number: 14
Mux-VLAN(s) number: 672
8-7
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 8 MUX VLAN Configuration
You can use the default MUX VLAN setting for a port or set the port manually as desired.
The specified VLAN ID should be within the range of the MUX VLAN group of the board
where the port is located.
In global mode, use the mux-vlan command to set the MUX VLAN or modify the
existing MUX VLAN configuration for a port. In ADSL port mode or VDSL port mode,
use the mux-vlan vlan-id command to set the MUX VLAN or modify the existing MUX
VLAN configuration for a port.
MA5300(config)#mux-vlan interface
{ Vdsl<K>|Adsl<K> }:adsl 1/0/0 //Specify the port.
{ idle<K>|vlan-id<K> }:vlan-id //Set the VLAN of the port.
{ INTEGER<U><128,3967> }:129
MA5300(config-if-Adsl1/0/0)#mux-vlan vlan-id 129 //Set the VLAN of the port.
To query the MUX VLAN information, use the command show mux-vlan or show
vlan.
MA5300(config-if-Adsl1/0/0)#show mux-vlan
Mux-vlan is enabled
Uplink port: interface Ethernet7/2/0
Local mux-vlan ID: 128 - 799
VLAN-group(s) number: 14
Mux-vlan(s) number: 672
Interface Ethernet7/2/1
Mux-vlan ID: 800 - 1471
VLAN group(s) number: 14
Mux-VLAN(s) number: 672
8-8
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 8 MUX VLAN Configuration
Use the idle keyword to cancel the MUX VLAN setting of a specified port.
MA5300(config)#mux-vlan interface
{ Vdsl<K>|Adsl<K> }:Adsl 1/0/0 //Specify the port.
{ idle<K>|vlan-id<K> }:idle //Delete the VLAN of the port.
MA5300(config-if-Adsl1/0/0)#mux-vlan idle //Delete the VLAN of the port.
8-9
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 8 MUX VLAN Configuration
I. Networking description
CON=>Aux7/0/0
E E ETH=>M-Ethernet7/0/1 BAS
MON
V A
D D
A A
FE=>7/2/0
FE=>7/2/1
FE=>7/2/2
FE=>7/2/3
PC1 PC2
1) PC1 is connected to the 0/0/0 port on the MA5300s EVDA board; PC2 is
connected to the 1/0/0 port on the MA5300s EADA board.
2) Both PC1 and PC2 access the Internet by obtaining IP address dynamically.
3) Each port of the EVDA board or the EADA boards belongs to a different VLAN.
The VLANs range from 128 to 799.
4) MA5300s inband NMS IP address is 10.1.1.100/24; the management VLAN ID is
100.
5) The MA5300 communicates with the ISU board through the backplanes GE
interface.
6) The default profile is used for the ADSL/VDSL users.
7) ADSL RTU works in 1483B mode; its VPI/VCI is 0/35.
8) Both PC1 and PC2 are considered by the ISU as the subscribers of a specific
VLAN. ISU board adopts the built-in DHCP Server function. The Virtual Terminal
(VT) IP address of the ISU is 10.1.1.254/24.
9) Port Ethernet7/1/1 of MA5300 A is connected to port Ethernet7/1/1 of MA5300 B.
10) With the MUX VLAN function enabled, the system automatically allocates VLANs
for the ports of MA5300 A and MA5300 B.
8-10
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 8 MUX VLAN Configuration
MA5300(config)#mux-vlan
{ <cr>|uplink-port<K>|cascading-port<K>|slot<K>|interface<K> }:
System will be restarted.
Turn to mux mode?[Y/N]:y
//Log in to the system after the system restarts.
Username:root
Password:
MA5300>enable
{ <cr>|level-value<U><1,15> }:
MA5300#configure terminal
MA5300(config)#board confirm 0
//Define the upstream ports of MUX VLAN and the scope of the local MUX VLAN.
MA5300(config)#mux-vlan uplink-port interface gigabitEthernet 7/1/1
{ local-vlan<K> }:local-vlan
{ INTEGER<U><128, 3872> }:128
{ INTEGER<U><0,80> }:14
Please wait... Done.
//Enable the GE port which connects the ESM board with ISU board, and set the
parameters of the GE port.
MA5300(config)#inner-isu 15
GigabitEthernet7/1/5 will be connected to inner-isu, continue?[Y/N]y
Inner-isu in slot 15 is enabled.
GigabitEthernet7/1/5 has been connected to inner-isu.
//Activate VDSL/ADSL port.
MA5300(config)#vdsl activate vdsl 0/0/0 1
MA5300(config)#adsl activate adsl 1/0/0 1
//Add a management VLAN100, and set the management IP address.
MA5300(config)#vlan 100
MA5300(config-vlan100)#exit
MA5300(config)#interface vlan-interface 100
MA5300(config-if-VLAN-interface100)#ip address 10.1.1.100 255.255.255.0
MA5300(config-if-VLAN-interface100)#exit
//Add a route.
MA5300(config)#ip route 0.0.0.0 0.0.0.0 10.1.1.1
{ <cr>|preference<K>|reject<K>|blackhole<K> }:
MA5300(config)#
//Set the working mode for the upstream port, and enable the management VLAN
to pass through the port.
MA5300(config)#interface gigabitEthernet 7/1/5
MA5300(config-if-GigabitEthernet7/1/5)#switchport mode trunk
MA5300(config-if-GigabitEthernet7/1/5)#switchport trunk allowed vlan 100
{ <cr>|INTEGER<U><2,4000>|to<K> }:
Please wait... Done.
8-11
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 8 MUX VLAN Configuration
MA5300(config-if-GigabitEthernet7/1/5)#exit
//Configure the ISU board.
MA5300ISU#configure terminal
MA5300ISU(config)#interface ethernet 10
MA5300ISU(config-if-ethernet-10)#side user
MA5300ISU(config-if-ethernet-10)#send-frame-type 802.1Q
MA5300ISU(config-if-ethernet-10)#mode gigaethernet 1000full
MA5300ISU(config-if-ethernet-10)#no shutdown
MA5300ISU(config-if-ethernet-10)#exit
MA5300ISU(config)#interface virtual-template 1
MA5300ISU(config-if-virtual-template-1)#ip address 10.1.1.254 255.255.255.0
MA5300ISU(config-if-virtual-template-1)#bind vlan 128 799
MA5300ISU(config-if-virtual-template-1)#dhcp server ip pc 127.0.0.1
MA5300ISU(config-if-virtual-template-1)#exit
MA5300ISU(config)#ip local pool huawei
MA5300ISU(config-ip-pool-huawei)#router-ip 10.1.1.254 255.255.255.0
MA5300ISU(config-ip-pool-huawei)#section 0 10.1.1.1 10.1.1.253
MA5300ISU(config-ip-pool-huawei)#exit
MA5300ISU(config)#vlan port 128 672 authpolicy bind vlan
MA5300ISU(config)#aaa
MA5300ISU(config-aaa)#vlan-batch local user 128 672 vlan vlan
MA5300ISU(config-aaa)#vlan-batch set local-user state active 256 1792 vlan
MA5300ISU(config-aaa)#domain vlan
MA5300ISU(config-aaa-vlan)#set state active
MA5300ISU(config-aaa-vlan)#exit
MA5300ISU(config-aaa)#exit
MA5300ISU(config)#
8-12
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 8 MUX VLAN Configuration
IV. Verification
1) Run the command winipcfg on PC1 and PC2 to obtain their IP addresses
allocated by DHCP Server.
2) PC1 (or PC2) can successfully ping the VT.
3) PC1 can ping PC2, and vice versa.
4) If PC1 and PC2 cannot ping each other, you can use the command proxy-arp
enable for the ISU to enable the switch of ARP proxy.
8-13
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 8 MUX VLAN Configuration
I. Networking description
CON=>Aux7/0/0 CON=>Aux7/0/0
D D D D
A A A A
FE=>7/2/0 FE=>7/2/0
FE=>7/2/1 FE=>7/2/1
FE=>7/2/2 FE=>7/2/2
FE=>7/2/3 FE=>7/2/3
1) PC1 and PC3 are connected to the 0/0/0 port on the EVDA boards of two MA5300
devices. PC2 and PC4 are connected to the 1/0/0 port on the EADA boards of two
MA5300 devices.
2) Each of PC1, PC2, PC3 and PC4 accesses the Internet by obtaining IP address
dynamically.
3) All MA5300 devices, both master node and slave node, adopt MUX VLAN. Each
port of EVDA and EADA boards belongs to a different VLAN. The MA5300_As
VLANs range between 128 - 799; the MA5300_Bs VLANs range between 800 -
1471.
4) The MA5300_A communicates with the ISU through the backplanes GE interface.
5) The default profile is used for the ADSL/VDSL users.
6) ADSL RTU works in 1483B mode; its VPI/VCI is 0/35.
7) PC1, PC2, PC3 and PC4 are considered by the ISU as the subscribers of a
specific VLAN. ISU board adopts the built-in DHCP Server function. The ISU
boards VT IP address is 10.1.1.254/24.
8-14
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 8 MUX VLAN Configuration
8-15
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 8 MUX VLAN Configuration
MA5300(config)#board confirm 0
//Configure the upstream port of the MUX VLAN and the range of local MUX VLAN.
MA5300(config)#mux-vlan uplink-port interface gigabitEthernet 7/1/1
{ local-vlan<K> }:local-vlan
{ INTEGER<U><128,3872> }:128
{ INTEGER<U><0,80}:14
Please wait... Done.
//Configure the cascading port of MUX VLAN and the range of the cascading MUX
VLAN.
MA5300(config)#mux-vlan cascading-port interface Ethernet 7/2/0
{ cascading-vlan<K> }:cascading-vlan
{ INTEGER<U><128,3872> }:800
{ INTEGER<U><2,80> }:14
Please wait... Done.
//Enable the GE port connecting the ESM board and ISU board, and configure the
parameters of the GE port.
MA5300(config)#inner-isu 15
GigabitEthernet7/1/5 will be connected to inner-isu, continue?[Y/N]y
Inner-isu in slot 15 is enabled.
GigabitEthernet7/1/5 has been connected to inner-isu.
//Activate VDSL/ADSL port.
MA5300(config)#vdsl activate vdsl 0/0/0 1
MA5300(config)#adsl activate adsl 1/0/0 1
//Add the management VLAN100, and configure its IP address as IP10.1.1.100.
MA5300(config)#vlan 100
MA5300(config-vlan100)#exit
MA5300(config)#interface vlan-interface 100
MA5300(config-if-Vlan-interface100)#ip address 10.1.1.100 255.255.255.0
MA5300(config-if-Vlan-interface100)#exit
//Add a route.
MA5300(config)#ip route 0.0.0.0 0.0.0.0 10.1.1.254
//Add VLAN101, which is the management VLAN ID for MA5300_B.
MA5300(config)#vlan 101
MA5300(config-vlan101)#exit
//Configure the working mode of the downstream port, and allow the management
VLAN101 to pass through.
MA5300(config)#interface ethernet 7/2/0
MA5300(config-if-Ethernet7/2/0)#switchport mode trunk
Please wait... Done.
MA5300(config-if-Ethernet7/2/0)#switchport trunk allowed vlan 101
Please wait... Done.
//The PVIDs for ports connecting MA5300_A and MA5300_B must be different.
MA5300(config-if-Ethernet7/2/0)#exit
8-16
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 8 MUX VLAN Configuration
//Configure the work mode of the upstream port, and allow the management VLANs
(VLAN100 and VLAN101) to pass through.
MA5300(config)#interface gigabitEthernet 7/1/5
MA5300(config-if-GigabitEthernet7/1/5)#switchport mode trunk
Please wait... Done.
MA5300(config-if-GigabitEthernet7/1/5)#switchport trunk allowed vlan 100 to
101
Please wait... Done.
MA5300(config-if-GigabitEthernet7/1/5)#exit
//Configure the ISU board.
MA5300ISU#configure terminal
MA5300ISU(config)#interface ethernet 10
MA5300ISU(config-if-ethernet-10)#side user
MA5300ISU(config-if-ethernet-10)#send-frame-type 802.1Q
MA5300ISU(config-if-ethernet-10)#mode gigaethernet 1000full
MA5300ISU(config-if-ethernet-10)#no shutdown
MA5300ISU(config-if-ethernet-10)#exit
MA5300ISU(config)#interface virtual-template 1
MA5300ISU(config-if-virtual-template-1)#ip address 10.1.1.254 255.255.255.0
MA5300ISU(config-if-virtual-template-1)#bind vlan 128 1471
MA5300ISU(config-if-virtual-template-1)#dhcp server ip pc 127.0.0.1
MA5300ISU(config-if-virtual-template-1)#exit
MA5300ISU(config)#ip local pool huawei
MA5300ISU(config-ip-pool-huawei)#router-ip 10.1.1.254 255.255.255.0
MA5300ISU(config-ip-pool-huawei)#section 0 10.1.1.1 10.1.1.253
MA5300ISU(config-ip-pool-huawei)#exit
MA5300ISU(config)#vlan port 128 1344 authpolicy bind vlan
MA5300ISU(config)#aaa
MA5300ISU(config-aaa)#vlan-batch local user 128 1344 vlan vlan
MA5300ISU(config-aaa)#vlan-batch set local-user state active 128 1344 vlan
MA5300ISU(config-aaa)#domain vlan
MA5300ISU(config-aaa-vlan)#set state active
MA5300ISU(config-aaa-vlan)#exit
MA5300ISU(config-aaa)#exit
MA5300ISU(config)#
8-17
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 8 MUX VLAN Configuration
VLAN-group(s) number: 14
Mux-vlan(s) number: 672
Interface Ethernet7/2/0
Mux-vlan ID: 800 - 1471
VLAN group(s) number: 14
Mux-VLAN(s) number: 672
IV. Verification
1) Run the command winipcfg on PC1, PC2, PC3 and PC4 to obtain their IP
addresses allocated by DHCP Server.
2) PC1, PC2, PC3 and PC4 can ping the VTs IP address.
3) Any two PCs can ping each other.
4) If PC1 and PC2 cannot ping each other, you can use the command proxy-arp
enable for the ISU board to enable the switch of ARP proxy.
8-18
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 8 MUX VLAN Configuration
I. Networking description
CON=>Aux7/0/0 CON=>Aux7/0/0
D D D D
A A A A
FE=>7/2/0 FE=>7/2/0
FE=>7/2/1 FE=>7/2/1
FE=>7/2/2 FE=>7/2/2
FE=>7/2/3 FE=>7/2/3
1) PC1 and PC3 are connected to the 0/0/0 port on the EVDA boards of two MA5300
devices. PC2 and PC4 are connected to the 1/0/0 port on the EADA boards of two
MA5300 devices.
2) PC1 and PC2 access the Internet by obtaining IP address dynamically; PC3 and
PC4 access the Internet through PPP dial-up.
3) The master node MA5300 does not use MUX VLAN, and all of its subscribers
belong to VLAN10; the slave node MA5300 uses MUX VLAN; all ports of EVDA
board and EADA board belong to a VLAN; the VLAN IDs range between 128 -
799.
4) The MA5300_As management VLAN is VLAN100, and its management IP
address is 10.1.1.100/24. The MA5300_Bs management VLAN is 101, and the
management IP is 10.1.1.101/24.
5) The MA5300_A communicates with ISU board through the backplanes GE
interface.
6) The default profile is used for the ADSL/VDSL users.
7) ADSL RTU works in 1483B mode; its VPI/VCI is 0/35.
8) PC1 and PC2 are considered by ISU as the subscribers of a specific VLAN. PC3
and PC4 are considered by ISU as PPP dial-up subscribers. ISU board adopts the
built-in DHCP Server function. The ISU boards VT IP address is 10.1.1.254/24.
8-19
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 8 MUX VLAN Configuration
MA5300(config)#mux-vlan
{ <cr>|uplink-port<K>|cascading-port<K>|slot<K>|interface<K> }:
System will be restarted.
Turn to mux mode?[Y/N]:y
//Log in to the system after the system resets.
Username:root
Password:
MA5300>enable
{ <cr>|level-value<U><1,15> }:
MA5300#configure terminal
MA5300(config)#board confirm 0
//Configure the upstream port of the MUX VLAN and the range of local MUX VLAN.
MA5300(config)#mux-vlan uplink-port interface ethernet 7/2/0
{ local-vlan<K> }:local-vlan
{ INTEGER<U><128, 3872> }:128
{ INTEGER<U><0,80> }:14
Please wait... Done.
//Activate VDSL/ADSL ports.
MA5300(config)#vdsl activate vdsl 0/0/0 1
MA5300(config)#adsl activate adsl 1/0/0 1
//Add the management VLAN101, and configure its IP address as IP10.1.1.101.
MA5300(config)#vlan 101
MA5300(config-vlan101)#exit
MA5300(config)#interface vlan-interface 101
MA5300(config-if-VLAN-interface101)#ip address 10.1.1.101 255.255.255.0
MA5300(config-if-VLAN-interface101)#exit
//Add a route
MA5300(config)#ip route 0.0.0.0 0.0.0.0 10.1.1.1
{ <cr>|preference<K>|reject<K>|blackhole<K> }:
MA5300(config)#
//Configure the working mode of the downstream port, and allow the management
VLAN101 to pass through.
MA5300(config)#interface ethernet 7/2/0
MA5300(config-if-Ethernet7/2/0)#switchport mode trunk
MA5300(config-if-Ethernet7/2/0)#switchport trunk allowed vlan 101
{ <cr>|INTEGER<U><2,4000>|to<K> }:
Please wait... Done.
MA5300(config-if-Ethernet7/2/0)#exit
2) Configure the parameters of the master node (namely the MA5300_A).
//Enable the GE port which connects the ESM board with ISU board, and configure
the data of GE port.
MA5300(config)#inner-isu 15
GigabitEthernet7/1/1 will be connected to inner-isu, continue?[Y/N]y
8-20
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 8 MUX VLAN Configuration
8-21
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 8 MUX VLAN Configuration
8-22
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 8 MUX VLAN Configuration
MA5300ISU(config)#vpdn-group 1
MA5300ISU(config-vpdn1)#accept dialin pppoe authentication chap
MA5300ISU(config-vpdn1)#exit
MA5300ISU(config)#aaa
MA5300ISU(config-aaa)#domain huawei
MA5300ISU(config-huawei)#set ip-pool huawei
MA5300ISU(config-huawei)#set state active
MA5300ISU(config-huawei)#exit
MA5300ISU(config-aaa)#add user hw@huawei -p hw -c active enable A 0 -al enable
10
MA5300ISU(config-aaa)#exit
MA5300ISU(config)#
III. Verification
1) Run winipcfg on PC1 and PC2 respectively to obtain the IP addresses allocated
by the DHCP server.
2) Start the dialup software on PC2 and PC4 respectively to obtain the IP addresses
allocated by the DHCP server.
3) Ping the VT on PC1, PC2, PC3 and PC4 respectively, and you should be able to
ping the IP address of the VT.
4) Ping a PC from another PC, and you should be able to perform the operation
successfully.
8-23
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 8 MUX VLAN Configuration
5) If you cannot ping a PC from another PC, run the command proxy-arp enable to
enable the ARP proxy function.
8-24
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 9 STP Configuration
9.1 Overview
Spanning Tree Protocol, or STP for short, is applied in loop network to block some
undesirable redundant paths through certain algorithms and prune the network into a
loop-free tree, thereby avoiding the proliferation and infinite cycling of the packet in
the loop network.
The fundamental of STP is that the switches exchange a kind of special protocol
packet (namely configuration Bridge Protocol Data Units, or BPDU according to IEEE
802.1D) to decide the topology of the network. The configuration BPDU contains
sufficient information to ensure the switches to compute the spanning tree.
MA5300 A
vdsl 3/0/7
MA5300 B
vdsl 3/0/4
vdsl 3/0/5
MA5300C
vdsl 3/0/1
LAN
9-1
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 9 STP Configuration
For a single device, the designated device is the device that directly connects to and
forwards packets to the local device through a port called the designated port.
However, for a LAN, the designated device is the device in charge of forwarding
packets to the network segment through a port called the designated port. As
illustrated in Figure 9-1, MA5300 A forwards data to MA5300 B through port Ethernet
0/1. So in the configuration BPDU of MA5300 B, the designated device is MA5300 A
and the designated port is vdsl3/0/1 of MA5300 A. Also in Figure 9-1, MA5300 B and
MA5300 C are connected to the LAN and MA5300 B forwards packets to LAN.
Therefore, the designated device of LAN is MA5300 B and the designated port is vdsl
3/0/4 of MA5300 B.
z The specific calculation process of STP algorithm.
The following example illustrates the calculation process of STP. Figure 9-2 shows the
network topology.
MA5300 A
vdsl 3/0/4
4 vdsl 3/0/1 vdsl 3/0/5
MA5300 C
To simplify the descriptions, only the first four items of the configuration BPDU are
given in the example. They are root ID (expressed with device priority), path cost to
the root, designated switch ID (expressed with device priority) and the designated port
ID (expressed with port number). As illustrated in Figure 9-2, the priority levels of
MA5300 A, B and C are 0, 1 and 2 respectively, and the path costs of their links are 5,
10 and 4 respectively.
1) Initial state.
When initialized, every port of a device will generate the configuration BPDU, in which
the device itself serves as the root; root path cost is 0; the ID of the device is the ID of
the designated device; and the local port is the designated ports.
MA5300 A:
MA5300 B:
9-2
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 9 STP Configuration
MA5300 C:
Other ports with configuration BPDU updated in step 2 will be blocked and not allowed
to forward any data. In addition, these ports will only receive configuration BPDU, and
their configuration BPDU will remain the same.
The port whose configuration BPDU is not updated in step 2 will be the designated
port. Its configuration BPDU will be modified as follows:
z Substitute the root ID with the root ID in the configuration BPDU of the root port.
z Substitute the root path cost with the root path cost in the configuration BPDU of
the root port plus the path cost corresponding to the root port.
z Substitute the designated device ID with the local device ID.
z Substitute the designated port ID with the local port ID.
9-3
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 9 STP Configuration
MA5300 A:
Port vdsl 3/0/1 receives the configuration BPDU from MA5300 B and finds out that the
local configuration BPDU priority is higher than that of the received one, so it discards
the received configuration BPDU. So it is with port vdsl 3/0/2.
Then MA5300 A finds itself to be both the root and the designated device in the
configuration BPDU of every port; so MA5300 A regards itself as the root, and retains
the configuration BPDU of each port. After that it will transmit configuration BPDU to
others regularly.
MA5300 B:
Port vdsl 3/0/7 receives the configuration BPDU from MA5300 A and finds that the
received BPDU has a higher priority than that of the local one, so it updates its
configuration BPDU.
Port vdsl 3/0/4 receives the configuration BPDU from MA5300 C and finds that priority
of the local BPDU is higher than that of the received one, so it discards the received
BPDU.
MA5300 B compares the configuration BPDUs of the ports and selects port vdsl 3/0/7
BPDU as the optimum one. Therefore, vdsl 3/0/7 is elected as the root port, and the
configuration BPDUs of MA5300 B ports are updated as follows.
z The configuration BPDU of the root port vdsl 3/0/7 retains as {0, 0, 0, vdsl3/0/1}.
z Port vdsl 3/0/4 updates root ID with that in the optimum configuration BPDU, the
path cost to root with 5, sets the designated device as the local device ID and the
designated port ID as the local port ID. Thus the configuration BPDU becomes {0,
5, 1, vdsl3/0/4}.
After that, all the designated ports of MA5300 B transmit the configuration BPDUs
regularly.
MA5300 C:
9-4
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 9 STP Configuration
Port vdsl 3/0/1 receives from port vdsl 3/0/4 of MA5300 B the configuration BPDU {1,
0, 1, vdsl3/0/4} that has not been updated. This triggers the updating. As a result, the
configuration BPDU is updated to {1, 0, 1, vdsl3/0/4}.
Port vdsl 3/0/5 receives the configuration BPDU {0, 0, 0, vdsl3/0/2} from MA5300 A.
This triggers the updating. As a result the configuration BPDU is updated to {0, 0, 0,
vdsl3/0/2}.
After the above comparison process, configuration BPDU of port vdsl 3/0/5 is elected
as the optimum one, and port vdsl 3/0/5 is thus designated as the root port. Its
configuration BPDU will remain unchanged then.
However, vdsl 3/0/1 will be blocked, but its BPDU also remains same. It will not
receive the data (excluding the STP packet) forwarded from MA5300 B before
spanning tree calculation is triggered again by some new events. For example, the
link from MA5300 B to MA5300C is down, or the port receives a better configuration
BPDU.
Then port vdsl 3/0/1 will receive the updated configuration BPDU, {0, 5, 1, vdsl3/0/4},
from MA5300 B. Since this configuration BPDU is better then the old one, the old
BPDU will be updated to {0, 5, 1, vdsl3/0/4}.
Meanwhile, port vdsl 3/0/5 receives the configuration BPDU from MA5300 A, but its
configuration BPDU will not be updated and remain {0, 0, 0, vdsl3/0/2}.
By comparison, the configuration BPDU of vdsl 3/0/1 is elected as the optimum one,
and port vdsl 3/0/1 is elected as the root port, whose BPDU will not change. While port
vdsl 3/0/5 will be blocked and retain its BPDU, but it will not receive the data forwarded
from MA5300 A until spanning tree calculation is triggered again by some changes.
For example, the link from MA5300 B to MA5300 C is down.
By now, the spanning tree becomes stable. Figure 9-3 illustrates the tree in which
MA5300 A is the root.
MA5300 A
vdsl 3/0/1
5
vdsl 3/0/7
MA5300 B
MA5300 C
9-5
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 9 STP Configuration
Many things are simplified in this example for the ease of description. For example,
the root ID and the designated device ID in actual calculation should comprise both
device priority and device MAC address. Designated port ID should comprise port
priority and port MAC address. In the updating process of a configuration BPDU, other
configuration BPDUs besides the first four items will make modifications according to
certain rules. However, the process of calculations is basically the same like this.
z Configuration BPDU forwarding mechanism in STP.
Upon the initiation of the network, all the devices regard themselves as the roots. The
designated ports send the configuration BPDUs of local ports at a regular interval of
HelloTime. If it is the root port that receives the configuration BPDU, the system will
enable a timer to time the configuration BPDU as well as increase MessageAge
carried in the configuration BPDU by certain rules.
If a path goes wrong, the root port on this path will not receive configuration BPDUs
any more and the old configuration BPDUs will be discarded due to timeout. Hence,
recalculation of the spanning tree will be initiated to generate a new path to replace
the failed one and thus restore the network connectivity.
However, the recalculated new configuration BPDU will not be propagated throughout
the network right away, so the old root ports and designated ports that have not
detected the topology change will still forward the data through the old path. If the new
root port and designated port begin to forward data immediately after they are elected,
a temporary loop may be caused.
To achieve the rapid transition of the root port state, the following requirement should
be met: the old root port on this switch has stopped data forwarding and the
designated port in the upstream has begun forwarding data.
The conditions for rapid state transition of the designated port are:
z The port is an edge port. Edge port means a port that does not connect with any
switch directly or indirectly. If the designated port is an edge port, it can enter the
forwarding state directly.
z The port is connected with the point-to-point link. That is, it is the master port in
aggregation ports or full duplex port. You can also onfigure it as a point-to-point
9-6
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 9 STP Configuration
To validate configurations of RSTP, you have to start RSTP first. Before starting RSTP,
you can set the associated parameters for the device and ports. The parameters you
have configured are still preserved even after RSTP is disabled. When RSTP is
enabled next time, the parameters will take effect again.
To Use
Enable/Disable system RSTP spanning-tree { enable | disable }
Reset RSTP state to the default value no spanning-tree
Note that some network resource will be occupied after RSTP is enabled.
9-7
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 9 STP Configuration
To flexibly control the RSTP operations, after RSTP is enabled on Ethernet ports and
VDSL ports, you can disable it again to forbid the ports to participate in the spanning
tree calculation.
To Use
Enable/Disable RSTP on a specific port spanning-tree { enable | disable }
Restore the RSTP of a port to the default value no spanning-tree
Note that ADSL ports do not support STP/RSTP and that redundancy routes may be
generated after RSTP is disabled on Ethernet ports and VDSL ports.
By default, RSTP on all the ports will be enabled after it is enabled on the device.
Any two hosts in the switching network can be connected to each other through a
series of bridges. Network diameter refers to the path with the most bridges among
these paths. It is expressed by the number of bridges on the path.
To Use
Set network diameter spanning-tree bridge-diameter bridgenum
Reset network diameter to the default value no spanning-tree bridge-diameter
The diameter of the switching network is recommended not to exceed 7. You can
configure this parameter according to the actual networking.
9-8
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 9 STP Configuration
RSTP can interwork with STP. If the switching network contains bridges which run
STP, you can configure RSTP in STP-compatible mode.
To Use
Set the working mode of RSTP as STP-compatible or RSTP
spanning-tree mode { stp | rstp }
mode
Restore the working mode of RSTP to the default value no spanning-tree mode
Normally, if there is a bridge running STP in the switching network, the port (running
RSTP), which connects to another port (running STP), can automatically transfer to
STP compatible mode from RSTP mode.
This example shows how to set the working mode of RSTP as RSTP mode.
MA5300(config)# spanning-tree mode stp
Whether a bridge can be selected as the root of the spanning tree depends on its
priority. Therefore, by configuring a bridge with a lower priority, you can specify it as
the root of the spanning tree.
To Use
Set the priority of a specified bridge spanning-tree priority bridge-priority
Restore the priority of the bridge to the default value no spanning-tree priority
Note that if the priority levels of all the bridges in the switching network are the same,
the bridge with the smallest MAC address will be selected as the root. When RSTP
9-9
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 9 STP Configuration
is enabled, configuring priority for a bridge will lead to the recalculation of the
spanning tree.
Link failure will cause recalculation of the spanning tree and its structure. However,
the newly calculated configuration BPDU cannot be propagated throughout the
network immediately.
If the newly selected root port and designated port begin to forward data frame right
away, it can cause temporary loop. Accordingly, the protocol adopts the state
transition mechanism. That is, the root port and the designated port must undergo a
transition state for a certain period (as long as the defined Forward Delay) before they
switch to the forwarding state and resume data frame forwarding. This delay ensures
that the new configuration BPDU has been propagated throughout the network before
the data frame forwarding is resumed.
The bridge Forward Delay is related to network diameter. So generally, you should set
the Forward Delay to a larger value for a larger network diameter.
To Use
Set Forward Delay of a specified bridge spanning-tree forward-time centiseconds
Restore the Forward Delay of the bridge to the default
no spanning-tree forward-time
value
Note that if the Forward Delay is configured to be too short, temporary redundant
paths redundancy may be generated. If the Forward Delay is configured to be too long,
the recovery of network connection may take a long time. It is recommended to use
the default setting.
This example shows how to set the Forward Delay of a bridge to 1500 seconds.
MA5300(config)#spanning-tree forward-time 1500
9-10
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 9 STP Configuration
An appropriate value of Hello Time ensures timely detection of line failure without
occupying too much network resources.
To Use
Set Hello Time of a bridge spanning-tree hello-time centiseconds
Restore the Hello Time of the bridge to the default value no spanning-tree hello-time
Too long Hello Time will result in the spanning tree recalculation, because the bridge
mistakes the frame loss of the link for link failure. On the other hand, too short Hello
Time will force the bridge to frequently send configuration BPDUs. This can increase
the burden of the switch and wasting network resource. The default value is
recommended.
This example shows how to set the Hello Time of a bridge to 200 seconds.
MA5300(config)# spanning-tree hello-time 200
Max. Age is a parameter to judge whether the configuration BPDU is outdated. You
can configure it according to the actual network situation.
To Use
Set Max. Age of a bridge spanning-tree max-age centiseconds
Restore Max. Age of the bridge to the default value no spanning-tree max-age
Too short Max. Age will result in frequent calculation of spanning tree and mistaking
network congestion for link fault. On the other hand, too long Max. Age may make the
bridge unable to find link failure in time, weakening the network auto-sensing ability. It
is recommended to use the default setting.
9-11
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 9 STP Configuration
This example shows how to set the Max. Age of a bridge to 2000 seconds.
MA5300(config)# spanning-tree max-age 2000
The maximum transmission speed of the Ethernet port and VDSL port is related to its
physical state and network structure. You can configure it according to the actual
network situation.
To Use
Set maximum transmission speed of a bridge spanning-tree transit-limit packetnum
Restore the maximum transmission speed to the default
no spanning-tree transit-limit
value
By default, the maximum transmission speed is 3 (a counter value without unit) on all
the Ethernet ports and VDSL ports of the bridge.
This example shows how to set the maximum transmission speed of a bridge to 3.
MA5300(config-if-Ethernet7/2/0)# spanning-tree transit-limit 3
If an Ethernet port or VDSL port is not connected to the Ethernet or VDSL port of
another bridge, you can configure the port as an Edge port, as the Edge port can
switch to the forwarding state directly, consequently reducing the unnecessary
transition time. If the Ethernet port or VDSL port is set as Edge port while it is
connected to the port of another bridge, RSTP will automatically detect it and
reconfigure it as a non-Edge port.
To Use
Set specified port as an Edge port spanning-tree portfast { enable | disable }
Restore port type to the default value no spanning-tree portfast
9-12
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 9 STP Configuration
When an Ethernet port or VDSL port switches from non-Edge port to Edge port, you
are recommended to configure it as Edge port manually because RSTP cannot detect
this kind of transition.
Configure the port which directly connects to the terminal as an Edge port, so that it
can switch to the forwarding state fast.
The path cost of Ethernet port is related to the speed of a link connected to the port.
The larger the link speed, the smaller the path cost. RSTP can recognize link speed
and convert it into the appropriate path cost.
To Use
Set Path Cost of a specified port spanning-tree cost cost
Restore path cost to the default value no spanning-tree cost
Note that configuring path cost for the Ethernet port or VDSL port will cause
recalculation of spanning tree. It is recommended to use the default value and let
RSTP calculate the path cost on the current Ethernet port.
By default, the bridge gets the path cost of a port according to the link speed directly.
This example shows how to set the Path Cost of a specified port to 200.
MA5300(config-if-Ethernet7/2/0)#spanning-tree cost 200
By setting the priority of an Ethernet port or VDSL port, you can enable a specified
Ethernet port or VDSL port to be included in the final spanning tree. Generally, the
lower the set value is, the higher priority the port has, and the more likely it is for this
Ethernet port to be included in the spanning tree. If all the Ethernet ports or VDSL
ports of the bridge adopt the same priority, then the priority of these ports will be
decided by the port index number.
9-13
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 9 STP Configuration
To Use
Set priority of a specified port spanning-tree port-priority port-priority
Reset port priority to the default value no spanning-tree port-priority
Note that any change of priority for an Ethernet port or VDSL port will cause
recalculation of the spanning tree.
By default, the priority for all the Ethernet ports or VDSL ports is 128.
This example shows how to set the priority of a specified port to 128.
MA5300(config-if-Ethernet7/2/0)# spanning-tree port-priority 128
Two ports that are Point-to-Point connected can enter the forwarding state rapidly by
transmitting synchronous packets. As a result, the unnecessary forwarding delay can
be reduced. If this parameter is configured with auto, RSTP can automatically
detect whether the Point-to-Point link is enabled on the current Ethernet port or VDSL
port.
To Use
Enable Point-to-Point link on a specified port spanning-tree point-to-point forcetrue
Disable Point-to-Point link on a specified port spanning-tree point-to-point forcefalse
Set the connection mode as auto spanning-tree point-to-point auto
Restore the parameter to the default value no spanning-tree point-to-point
The aforementioned operations are only effective to aggregated Ethernet (or VDSL)
ports or those working in full duplex mode. The auto mode is recommended.
9-14
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 9 STP Configuration
In a relatively stable network, though the bridge running STP has been removed, the
port may still run in STP-compatible mode. You can use the following command to
force the port to work in RSTP mode.
Run the following operation in Ethernet port mode or VDSL port mode.
To Use
Run mCheck spanning-tree mcheck
The command can be used when the bridge runs RSTP in RSTP mode, but it cannot
be used when the bridge runs RSTP in STP-compatible mode.
Perform these operations in privilege mode. The show command can also be used in
any mode other than common user mode.
To Use
Show system or port RSTP information show spanning-tree [ interface interface-list ]
Enable RSTP debug switch (packet, event or error) debug stp { error | event | packet }
Clear RSTP statistics clear spanning-tree [ interface interface-list ]
This example shows how to view RSTP information on port ethernet 7/2/0.
MA5300(config)#show spanning-tree interface ethernet 7/2/0
Spanning tree protocol is disabled
The bridge has priority 32768, MAC address: 00e0.fc11.19c2
9-15
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 9 STP Configuration
This example shows how to clear RSTP information on port ethernet 7/2/0.
MA5300(config)#clear spanning-tree interface ethernet 7/2/0
9-16
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 10 IGMP Snooping Configuration
10.1 Overview
The MA5300 can act as a pure Layer 2 device to implement Layer 2 multicast
through Internet Group Management Protocol (IGMP) Snooping. IGMP Snooping is
the restriction mechanism running on Layer 2 devices. It is used to manage and
control the multicast group.
IGMP Snooping runs on the link layer. When the MA5300 receives the IGMP
messages transmitted between the host and the router, IGMP Snooping will analyze
the information carried by IGMP message. When it detects the IGMP host report
message sent by the host, the MA5300 will add this host into the corresponding
multicast table. When it detects the IGMP leave message sent by the host, the
MA5300 will delete the corresponding item from the multicast table.
Through incessant monitoring of IGMP packets, the device can establish and
maintain MAC multicast address table at Layer 2. After that, the MA5300 can
forward the multicast messages issued from the router, according to the MAC
multicast address table.
Video stream
VOD Server
Video stream
MA5300
Figure 10-1 Transmission of multicast messages when IGMP Snooping is not running
10-1
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 10 IGMP Snooping Configuration
Video stream
VOD Server
Video stream
MA5300
10-2
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 10 IGMP Snooping Configuration
response to the query. The maximum time to respond the query is the time set
on the timer. During the set time, if no ICMP report message is received, the
MA5300 will delete this port from the ports of multicast members.
Running IGMP Snooping, the MA5300 can detect IGMP messages, and establish
the mapping relation between the host, its port and the corresponding multicast
address.
Figure 10-3 shows the way in which the MA5300 processes IGMP messages.
Internet
Router running
IGMP
IGMP message
MA5300 running
IGMP Snooping
IGMP message
The following introduces how IGMP Snooping processes the received IGMP
messages.
z IGMP general query message
It is the message sent from multicast router to the multicast group member, querying
which multicast groups have members. When it receives IGMP general query
messages on the original port connecting the router, the MA5300 will reset the
aging-time timer of a router port. When it receives IGMP general query messages
on a new port, the MA5300 will inform the multicast router that a host will join a
multicast group and start the aging timer for this router port.
z IGMP specific group query message
This message is sent by the multicast router to the multicast group member. It is
used to query whether a member exists in a specific multicast group. When the
10-3
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 10 IGMP Snooping Configuration
MA5300 receives an IGMP specific group query message, it will send the query to
the queried IP multicast group.
z IGMP report message
It is the report message sent by the host to the multicast router. It is used to apply
for joining a multicast group or respond to an IGMP query message.
When the MA5300 receives an IGMP report message, it will first judge the existence
of the MAC multicast group to which the message will join.
If the corresponding MAC multicast group does not exist, and it only informs the
router that a member will join a broadcast group. A new MAC multicast group will be
established, the port receiving report message will be added into the MAC multicast
group, and the aging timer of this port will be started. All the router ports existing in
the VLAN, to which this port belongs, will be added into this MAC multicast
forwarding table. Meanwhile, a new IP multicast group will be established, to which
the port receiving the report message will be added.
If the MAC multicast group corresponding to the report message exists but the port
receiving report message is not in it, this port will be added into the MAC multicast
group and start the aging timer for it. Then judge whether the IP multicast IP group
corresponding to the message exists. If not, an IP multicast group will be created
and the port receiving report message will be added into it. If yes, the port receiving
report message will be added into the IP multicast group.
If the MAC multicast group corresponding to the message exists, and the port
receiving report message exists in the MAC multicast group, the aging timer on the
port receiving report message will be reset.
z IGMP leave message
It is the message sent by multicast group member to the multicast router, aiming at
informing the router that the host has left a multicast group.
When the MA5300 receives the leave message of an IP multicast group, it will send
specific group query message to the port which received this leave message, so as
to confirm if there exists other members of this multicast group among the hosts
connected with the port. At the same time, a response query timer will be started.
If no report message of this multicast group is received before the timer times out,
the port will be deleted from the corresponding MAC multicast group. If MAC
multicast group has no multicast member ports, the MA5300 will inform the multicast
router to delete the branch from the multicast tree.
10-4
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 10 IGMP Snooping Configuration
To Use
Enable/disable IGMP Snooping igmp-snooping { enable | disable }
Restore the default settings no igmp-snooping
GMRP and IGMP Snooping cannot run at the same time. You can use the show
gmrp status command to see if GMRP is running before enabling IGMP Snooping.
MA5300(config)#igmp-snooping enable
If the multicast group report message is not received within the set aging time, a
query message will be sent to the port.
To Use
Setting aging time of the multicast member port igmp-snooping host-aging-time seconds
Restore the default setting no igmp-snooping host-aging-time
By default, the aging time of the multicast member port is 260 seconds.
10-5
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 10 IGMP Snooping Configuration
This example shows how to set the aging time of the multicast member port to 260
seconds.
MA5300(config)#igmp-snooping host-aging-time 260
The goal of setting aging time of the router port is to remove the port from the MAC
multicast group once the general query message is not received from the router
within this aging time.
To Use
Set aging time of the router port igmp-snooping router-aging-time seconds
Restore the default settings no igmp-snooping router-aging-time
This example shows how to set the aging time of the router port to 260 seconds.
Maximum response time to the query is set to remove the port from the multicast
group if the report message has not been received within this response time.
To Use
Set the maximum response time igmp-snooping max-response-time milliseconds
Restore the default settings no Igmp-snooping max-response-time
This example shows how to set the maximum response time to 1000 milliseconds.
10-6
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 10 IGMP Snooping Configuration
In some multicast applications, such as the video on demand (VOD) application, the
user needs to be able to switch the program source channel quickly. This requires
that the MA5300 can quickly delete a multicast group immediately after it receives
the leave request from the user, rather than to delete a multicast group only after it
sends a specific query packet and gets the confirmation response.
Table 10-5 Enabling a user under the port to leave an multicast quickly
To Use
Enable a user under the port to leave an multicast quickly
igmp-snooping quick-leave
(FE/GE/VDSL/ADSL port mode)
Enable a user under the port to leave an multicast quickly igmp-snooping quick-leave
(Global mode) interface [ to interface ]
Make sure that the IGMP Snooping has been enabled globally before you run the
command igmp-snooping quick-leave.
This example shows how to enable the users under port adsl2/0/1 to leave a
multicast group quickly.
MA5300(config)#igmp-snooping enable
Enable IGMP-Snooping ok.
MA5300(config)#interface adsl 2/0/1
MA5300 (config-ifadsl2/1/0)# igmp-snooping quick-leave
! Or do as follows:
MA5300(config)#igmp-snooping enable
Enable IGMPSnooping ok.
MA5300 (config)# igmp-snooping quick-leave adsl2/0/1
10-7
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 10 IGMP Snooping Configuration
The port connecting to the user and the ports connecting downstream to the
cascading devices are not allowed to be set as the router port, for fear that the user
port becomes a router port by sending IGMP query packets, which will affect the
normal multicast service.
The command igmp-snooping router-port allowed is used to set the router port. A
router port refers to a port that connects to the upstream router. The no form of this
command is used to restore the default setting. By default, the GE and FE ports are
allowed to serve as the router port, and the VDSL port is not allowed to serve as the
router port. However, the command cannot be executed in ADSL port mode since an
ADSL port cannot be set as a router port.
To Use
Set an port as a router port
igmp-snooping router-port allowed
(FE/GE/VDSL port mode)
Set an port as a router port
igmp-snooping router-port allowed interface [ to interface ]
(Global mode)
Make sure that the IGMP Snooping has been enabled globally before you run the
command igmp-snooping router-port allowed.
For example:
MA5300(config)#igmp-snooping enable
Enable IGMP-Snooping ok.
MA5300(config)#interface ethernet 7/2/1
MA5300(config-if-Ethernet7/2/1)#igmp-snooping router-port allowed
! Or do as follows:
MA5300(config)#igmp-snooping enable
Enable IGMP-Snooping ok.
MA5300(config)# igmp-snooping router-port allowed ethernet 7/2/1
10-8
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 10 IGMP Snooping Configuration
After the above configuration, command show can be used to query the running
status of IGMP Snooping or verify whether the configurations are correct.
To Use
Show the statistics information on IGMP Snooping show igmp-snooping statistics
Show the configuration information on IGMP Snooping show igmp-snooping configuration
Show the information on IP multicast group and MAC show igmp-snooping group [ vlan
multicast group in VLAN vlan-id ]
This command can be used to diagnose IGMP Snooping when it does not set up
MAC multicast group as expected.
For example:
MA5300# show igmp-snooping statistics
Received IGMP general query packet(s) number:0.
Received IGMP specific query packet(s) number:0.
Received IGMP V1 report packet(s) number:0.
Received IGMP V2 report packet(s) number:0.
Received IGMP leave packet(s) number:0.
Received error IGMP packet(s) number:0.
Sent IGMP specific query packet(s) number:0.
The above information shows that IGMP Snooping has not received these
messages:
z IGMP general query message
z IGMP specific query message
z IGMP V1 report message
z IGMP V2 report message
z IGMP leave message
z IGMP error message
In addition, no IGMP specific query message is sent.
10-9
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 10 IGMP Snooping Configuration
You can use this command to verify whether the configuration is correct after IGMP
Snooping is configured.
For example:
MA5300 show igmp-snooping configuration
Disable IGMP-Snooping.
The router port timeout is 260 second(s).
The max response timeout is 10 second(s).
The member port timeout is 260 second(s).
The information above shows: IGMP Snooping is disabled, aging time of the router
port is 260 seconds, maximum response time to the query is 10 seconds, and aging
time of multicast group member port is 260 seconds.
For example:
MA5300# show igmp-snooping group
***************Multicast group table***************
Vlan(id):1.
Router port(s): Gigabitethernet7/1/0
IP group(s):the following ip group(s) match to one mac group.
IP group address:224.1.2.3
Member port(s):vdsl4/0/3
MAC group(s):
MAC group address:01-00-5e-01-02-03
Member port(s):vdsl4/0/3
10-10
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 10 IGMP Snooping Configuration
Note:
The router port is not displayed together with IP/MAC multicast group members. Instead, it is displayed
separately before all multicast groups under the local VLAN.
I. Networking requirements
To implement the MA5300 multicast on Layer 2 (namely, MAC multicast), you should
perform corresponding configurations on the equipment. The networking is as
shown in Figure 10-4, where the upstream port of the MA5300 acts as the router
port and connects with the router, and other non-router ports connect to the PC of
the user.
Internet
Router
Multicast
MA5300
10-11
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 10 IGMP Snooping Configuration
Troubleshooting 1:
1) Input show igmp-snooping configuration to view IGMP Snooping status.
2) If IGMP Snooping is disabled, input igmp-snooping enable in the global mode
to enable IGMP Snooping.
3) Continue with diagnosis 2 if the first reason is excluded.
Diagnosis 2: Multicast forwarding table set up by IGMP Snooping is wrong.
Troubleshooting 2:
1) Input the command show igmp-snooping group to view if the multicast group
is correct.
2) If the multicast group created by IGMP Snooping is not correct, you can turn to
professional maintenance personnel for help.
3) Continue with diagnosis 3 if the second reason is excluded.
Diagnosis 3: Multicast forwarding table set up by the bottom layer is wrong.
Troubleshooting 3:
1) Enable IGMP Snooping group debugging switch by executing command debug
igmp-snooping groups in privilege mode, and then input the command show
igmp-snooping group to check if MAC multicast forwarding table in the
bottom layer and that created by IGMP Snooping are consistent.
2) Use the command show mac vlan in the privileged user mode to check if the
MAC multicast forwarding table created by the bottom layer under VLAN ID and
that created by IGMP Snooping are consistent.
3) If they are not consistent, turn to the maintenance personnel for help.
10-12
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 11 IGMP Proxy Configuration
11.1 Overview
The MA5300 supports the IGMP proxy function. With the IGMP proxy function, the
upstream multicast router, rather than the MA5300 Series, performs the routing.
From the perspective of a multicast user, the MA5300 is the multicast router
responsible for implementing the functions of a router as defined in the IGMP. The
MA5300 collects and maintains membership information on the downstream ports in
two ways: it accepts the downstream users requests for joining or leaving a
multicast group, and periodically queries whether there is member belonging to the
multicast group on a downstream port.
The IGMP proxy function provided by the MA5300 Series supports unidirectional
delivery of the multicast packets. That is, the multicast router sends data to the
multicast user, while the multicast user is not able to send multicast data. The
MA5300 can control the group ordered by the user through the CLI or NMS, and
then forward the multicast from the upstream port to the downstream port based on
its group membership information. The upstream and the downstream ports may not
belong to the same VLAN. However, the upstream port cannot forward the multicast
data received from the downstream port, or forward multicast data to other upstream
ports.
To enable the IGMP Proxy function, use the command igmp-proxy enable.
For example:
MA5300(config)#igmp-proxy enable
Enable IGMP-Proxy ok.
MA5300(config)#
The IGMP Proxy feature is not compatible with these functions: IGMP Snooping, L3
muticast routing and multicast VLAN. However, the IGMP Proxy function is
11-1
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 11 IGMP Proxy Configuration
compatible with such functions as Smart VLAN and MUX VLAN. Therefore, make
sure IGMP Snooping, L3 muticast routing and multicast VLAN have all been
disabled before you enable IGMP Proxy. Otherwise, the system will prompt failure in
enabling the IGMP Proxy function as long as any of the three functions is enabled.
To disable the IGMP Proxy function, use the command igmp-proxy disable.
For example:
MA5300(config)#igmp-proxy disable
This will disable IGMP-Proxy. Continue? [Y/N] y
Disable IGMP-Proxy ok.
MA5300(config)#
The upstream port determines the ingress of the multicast data traffic, as well as the
port and VLAN ID used by the IGMP packets sent by the IGMP Proxy to the
upstream equipment. If the multicast data traffic has a VLAN tag, the tagged VLAN
ID refers to the VLAN ID for the upstream port. If the multicast data traffic does not
have a VLAN tag, the VLAN ID should be the PVID of the upstream port.
The MA5300 can have multiple upstream ports, which are identified by Port +
VLAN ID uniquely. The upstream port can be either a Trunk port or an Access port.
However, it must be on the ESM board. Up to 100 upstream ports are supported by
the MA5300.
Two concepts about the MA5300 need to be made clearmaster upstream port and
slave upstream port. When you have not designated the upstream port which the
program is bound to, the program will be bound to the master upstream port by
default.
The port (namely interface) is numbered in the form of interface type slot/card/port.
This port must be an Ethernet or GigabitEthernet port on the ESM board, and the
port must belong to the designated VLAN.
For example:
MA5300(config)#igmp-proxy enable
Enable IGMP-Proxy ok.
MA5300(config)#igmp-proxy upstream-port ethernet 7/1/0 vlan 2
MA5300(config)#
11-2
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 11 IGMP Proxy Configuration
To delete the current master upstream port, use the command no igmp-proxy
upstream-port interface vlanid.
For example:
MA5300(config)#no igmp-proxy upstream-port ethernet 7/1/0 vlan 2
This will delete Forward Table of program bound to this upstream-port.
Continue? [Y/N] y
MA5300(config)#
IGMP Proxys upstream port is identified with port number and VLAN ID. The
upstream port should belong to a specified VLAN or allow the packets with specified
VLAN ID to pass through. Otherwise, the associated multicast forwarding will fail.
To facilitate maintaining the programs, the MA5300 provides a program library and
supports relative maintenance means. You are entitled to make further maintenance
operations only after you have added programs to the library. For example, you add
a program to an authority profile to enable program demanding. Otherwise, a
subscriber will not be able to demand the program. You can also perform other
operations for maintaining the program library, for example, setting a program to be
in pre-join state.
A program library can have up to 255 programs, which are numbered 1255
respectively. Five commands are available for maintaining a program library, as
described in the following sections.
This example shows how to add the program NetTV to the program library.
MA5300(config)#igmp-proxy program add name NetTV ip 224.1.1.1 bind
default host enable prejoin enable
MA5300(config)#
11-3
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 11 IGMP Proxy Configuration
This example shows how to delete the program NetTV from the program library.
MA5300(config)#igmp-proxy program delete name NetTV
This will delete Forward Table of program. Continue? [Y/N] y
MA5300(config)#
This example shows how to rename the program NetTV in the program library to
NetTV-1.
MA5300(config)#igmp-proxy program rename NetTV NetTV-1
MA5300(config)#
This example shows how to modify the program NetTV-1 in the program library.
MA5300(config)#igmp-proxy program modify name NetTV-1 bind ethernet
7/1/1 vlan 1 host enable prejoin disable
MA5300 (config)#
This example shows how to show the brief information on the programs in a
program library.
MA5300# show igmp-proxy program all
Total:5
-------------------------------------------------------------------
------
Index Name Ip Upport Host Pre- Multicast-source
-index join
11-4
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 11 IGMP Proxy Configuration
This example shows how to show the detailed information on the programs in a
program library.
MA5300(config)#show igmp-proxy program all detail
Total:1
-------------------------------------------------------------------
Index: 1
Program name: NetTV-1
IP: 224.1.1.1
Upport: Ethernet7/1/1 Vlan 3
Host function: No
Prejoin: No
User references: 0
Profile references list(Total:0):
-------------------------------------------------------------------
MA5300(config)#
11-5
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 11 IGMP Proxy Configuration
program is bound to the master port, host function is enabled, and pre-join function
is disabled.
bind { interface vlanid | default }: specifies the upstream port to which the program
is bound. default indicates to bind the program to the default port, namely, the
master upstream port. The system sends IGMP packets to the bound upstream port,
in which case the IP address used is that of the transmit port.
When the pre-join function is enabled, the MA5300 regards that a virtual subscriber
is demanding the program; but for the upstream device, it seems that a real
subscriber was demanding the program. That is, in the case of enable, the MA5300
will send a membership Report packet to the upstream device, and will then respond
with a Report packet when it gets a Query packet from the upstream device. Now
the data traffic of the program can reach the MA5300, but the MA5300 will not
forward it to any subscriber because there is no real forwarding table entry in the
system.
However, the MA5300 will generate a real forwarding table entry and forward the
program data traffic to the subscriber immediately after a subscriber joins the
program. This will shorten the delay in program demanding.
When the pre-join function is disabled, the MA5300 will send a Leave packet to the
upstream device and will not respond an IGMP query from the upstream device.
After one or more subscriber joins the MA5300, the MA5300 will then send an IGMP
membership Report packet to the upstream device and will respond with an IGMP
membership Report packet after having received an IGMP Query from the upstream
device.
11-6
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 11 IGMP Proxy Configuration
For a downstream user, the MA5300 running IGMP Proxy is equal to a multicast
router. It receives the Report packet and Leave packet from a downstream device.
In addition, it queries the group/member relationship, and generates/maintains the
multicast forwarding table.
IGMP robustness variable specifies the times of allowed IGMP packet losses. For
example, when the robustness variable is set to 2, the IGMP querier will decide
whether to delete member entries after querying the common groups or special
groups for two times. 1 is not recommended for the setting.
11-7
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 11 IGMP Proxy Configuration
II. Setting the source IP address for the IGMP packets sent from the system
to the user
To set the source IP address for the IGMP packets sent from the system to the user,
use these commands:
The default value is 0.0.0.1. The no form of the command is used to restore the
default settings.
IGMP querier uses source IP address in compliance with the following rule:
1) First, it uses the IP address of the VLAN interface at the transmit end.
2) If the VLAN interface is not configured with an IP address, you can use the
command to configure a source IP address for the interface.
This example shows how to set the source IP address for the IGMP packets sent
from the system to the user to 1.2.1.1.
MA5300(config)#igmp-proxy router querier-ip 1.2.1.1
To set the igmp-proxy router query-interval, namely, the interval for sending the
IGMP Proxy query packet to users, use these commands:
time specifies the interval of IGMP Proxy query packet. It ranges1065535s, and the
default is 125s.
This example shows how to set the query-interval of the igmp-proxy router to 120s.
MA5300(config)#igmp-proxy router query-interval 120
To configure the gen-response-time, namely the maximum time for the IGMP host to
response the general group query, use these commands:
time ranges 100 25500ms. It is an integer multiple of 100. The default is 10000ms.
11-8
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 11 IGMP Proxy Configuration
To set the sp-response-time, namely the maximum time for the IGMP host to
response the specific group query, use these commands:
time ranges 100 25500ms, and is an integer multiple of 100. The default is
10000ms.
The no form of the command is used to restore the default setting, that is, to disable
the quick leave function.
This example shows how to enable the user on a port to leave quickly.
MA5300(config)#igmp-proxy router quick-leave ethernet 7/1/0 to ethernet
7/1/3
no
To define the relations between the static multicast members of an IGMP Proxy
group, run this command in global mode.
11-9
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 11 IGMP Proxy Configuration
-------------------------------------------------------------------
Default-multicast-source: 20.0.0.1
Unsolicited-report-interval: 0 second(s)
Robustness-variable: 5
Query-interval: 120 second(s)
General-query-response-time: 5000 millisecond(s)
Specific-query-response-time: 3000 millisecond(s)
Querier-ip: 0.0.0.1
MA5300(config)#
For example:
MA5300(config)#show igmp-proxy group interface ethernet 7/1/2
********************Multicast group table*******************
Port Ethernet7/1/2 have joined 1 group(s):
NetTV-1(224.1.1.1) static
------------------------------------------------------------
11-10
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 11 IGMP Proxy Configuration
11-11
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 11 IGMP Proxy Configuration
A port is exclusively bound to one authority profile. Users associated with the port
are only allowed to access the multicast programs assigned to the mentioned
authority profile. Any request to access programs beyond the profile will be rejected.
The system supports up to 128 authority profiles. By default, a port is not bound to
any authority profile.
For example:
MA5300(config)#igmp-proxy profile add name tvb-profile
MA5300(config)#igmp-proxy program add name tvb-1 ip 224.1.1.2
{ <cr>|bind<K>|host<K>|prejoin<K> }:
MA5300(config)#igmp-proxy profile modify name tvb-profile join program
ip 224.1.1.2
MA5300(config)#show igmp-proxy profile all
{ <cr>|detail<K> }:
Total:2
-------------------------------------------------------------------
Index Profile name Program number User references
-------------------------------------------------------------------
1 nettv-profile 0 0
2 tvb-profile 1 0
-------------------------------------------------------------------
The number of displayed profile(s) is: 2
11-12
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 11 IGMP Proxy Configuration
For example:
MA5300(config)#igmp-proxy profile delete name tvb-profile
Are you sure to delete the profile? (y/n)[n]:y
MA5300(config)#show igmp-proxy profile all
{ <cr>|detail<K> }:
Total:1
-------------------------------------------------------------------
Index Profile name Program number User references
1 nettv-profile 0 0
-------------------------------------------------------------------
The number of displayed profile(s) is: 1
For example:
MA5300(config)#show igmp-proxy profile all
{ <cr>|detail<K> }:
Total:1
-------------------------------------------------------------------
Index Profile name Program number User references
-------------------------------------------------------------------
1 nettv-profile 0 0
The number of displayed profile(s) is: 1
MA5300(config)#igmp-proxy profile rename index 1 new-name nettv
MA5300(config)#show igmp-proxy profile all
{ <cr>|detail<K> }:
Total:1
-------------------------------------------------------------------
11-13
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 11 IGMP Proxy Configuration
This example shows how to display all programs of the program library.
MA5300(config)#show igmp-proxy program all
{ <cr>|detail<K> }:
Total:2
-------------------------------------------------------------------
Index Name Ip Upport Host Pre- Profile- User-
-index join references references
1 NetTV-1 224.1.1.1 2 No No 0 0
2 tvb-1 224.1.1.2 none Yes No 0 0
-------------------------------------------------------------------
This example shows how to add two programs, NetTV-2 and NetTV-3, to the profile.
MA5300(config)#igmp-proxy program add name nettv-2 ip 224.1.1.3 bind
default host enable prejoin enable
MA5300(config)#igmp-proxy program add name nettv-3 ip 224.1.1.5 bind
ethernet 7/1/0 vlan 2
This example shows how to display all programs of the program library.
MA5300(config)#show igmp-proxy program all
{ <cr>|detail<K> }:
Total:4
-------------------------------------------------------------------
11-14
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 11 IGMP Proxy Configuration
-------------------------------------------------------------------
This example shows how to add two programs, NetTV-2 and NetTV-3, to profile 1.
MA5300(config)#igmp-proxy profile modify index 1 join program name
nettv-2
MA5300(config)#igmp-proxy profile modify index 1 join program name
nettv-3
-------------------------------------------------------------------
The number of displayed profile(s) is: 1
This example shows how to delete the program NetTV-2 from the profile.
MA5300(config)#igmp-proxy profile modify index 1 remove program name
nettv-2
Are you sure to remove the multicast program? (y/n)[n]:y
11-15
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 11 IGMP Proxy Configuration
Note:
z Before specifying an authority profile, make sure that the profile is an existing one.
z The programs to be added to a profile must already exist in the library.
z The system will prompt nothing if the program to be deleted does not exist in the profile.
This example shows how to display the brief information of all profiles.
MA5300# show igmp-proxy profile all
Total : 2
Index Profile name Program number User references
0 VIP 2 2
1 COMMON 1 3
-------------------------------------------------------------------
11-16
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 11 IGMP Proxy Configuration
NetTV-1 NetTV-2
User references(Total:2) :
adsl 2/0/0 adsl2/0/1
Index: 1
Profile name : COMMON
Programs(Total:1):
SZTV-1 SZTV-2
User references(Total:3) :
adsl 2/0/5 adsl2/0/6 adsl2/0/7
-------------------------------------------------------------------
Use the command below to cancel the authorization settings for a user port:
11-17
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 11 IGMP Proxy Configuration
Use the command below to restore the setting of maximum program number to the
default value (namely 2):
noauth: Specifies that no authorization is needed for the user. This type of user is
entitled to access any program.
delete: Deletes the authorization settings for a user port. This can disable a user
from viewing any program. To enable the user to access programs, you need to bind
the user with a profile.
block: Blocks a user port. When a port is blocked, the associated users will be
disabled from viewing the on-going program, and will be no longer allowed to
access any program until it is unblocked using no form of the command.
This example shows how to bind a user with a profile by profile index.
MA5300(config)#igmp-proxy user adsl 2/0/0 bind profile index 12
max-program-number 6
This example shows how to bind a user with a profile by profile name.
MA5300(config)#igmp-proxy user adsl 2/0/0 bind profile name vip_user
max-program-number 8
This example shows how to authorize a user port with unlimited authorizations.
MA5300(config)#igmp-proxy user adsl 2/0/0 to adsl 2/0/10 bind noauth
max-program-number 8
11-18
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 11 IGMP Proxy Configuration
This example shows how to delete the authorities of multiple user ports.
MA5300(config)#igmp-proxy user adsl 2/0/0 to adsl 2/0/10 delete
This example shows how to set the maximum number of programs accessible for a
user port.
MA5300(config)#igmp-proxy user adsl 2/0/0 max-program-number 4
This example shows how to set the maximum number of programs accessible for
multiple user ports.
MA5300(config)#igmp-proxy user adsl 2/0/0 to adsl 2/0/10 max-program-number
4
This example shows how to restore the settings of maximum program number for
multiple user ports to the default value.
MA5300(config)#no igmp-proxy user adsl 2/0/0 to adsl 2/0/10 max-program-number
This example shows how to display the brief authority information of a user.
MA5300(config)#show igmp-proxy user ethernet 7/1/0
{ <cr>|to<K>|Ethernet<K>|GigabitEthernet<K>|Shdsl<K>|detail<K> }:
Total:1
-------------------------------------------------------------------
User Profile(Program number) Max Program Number Block
-------------------------------------------------------------------
Ethernet7/1/0 profile-1(1) 2 No
-------------------------------------------------------------------
The number of displayed user(s) is: 1
11-19
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 11 IGMP Proxy Configuration
Total:1
-------------------------------------------------------------------
User: Ethernet7/1/0
Profile: profile-1 (1)
Program:
nettv-3
Max Program Number: 2
Block: No
-------------------------------------------------------------------
The number of displayed user(s) is: 1
[noauth]: Indicates that the authorization for the user is not required, and the user is
entitled to access any program.
profile-1 (1): Represents the profile named profile-1. The profile is entitled to
access one program.
The igmp-proxy log command is used to display the log-in duration and log
information of a specific port within certain period, or the information of ports
belonging to a multicast IP group.
Parameters description:
start-time: Specifies the start query time (in the form of hh:mm MM-DD-YYYY).
end-time: Specifies the end query time (in the form of hh:mm MM-DD-YYYY).
11-20
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 11 IGMP Proxy Configuration
To clear IGMP Proxy logs, run the global command clear igmp-proxy log.
This example shows how to clear IGMP Proxy logs for Ethernet ports 7/1/0 7/1/3.
MA5300(config)#clear igmp-proxy log ethernet 7/1/0 to ethernet 7/1/3 all
11-21
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 12 Multicast VLAN Configuration
12.1 Overview
With the multicast VLAN function, the MA5300 can effectively cooperate with
various upstream devices in implementing multicast, even though the received
messages from the upstream devices do not contain any VLAN label.
The MA5300 networks with upstream devices. When the MA5300 receives a
multicast message without a VLAN label from an upstream device, the receiving port
will send this message to the VLAN to which the port belongs. When the
corresponding multicast port is not found in the multicast address table of that VLAN,
the device will discard the response message and the multicast will fail.
Multicast VLAN includes the upstream port and the downstream port. The upstream
port refers to the port connected to the upstream device, while the downstream port
refers to the port connected to the user. On the same port, multicast VLAN is
incompatible with Smart VLAN, but compatible with normal VLAN.
Upstream port of multicast VLAN is the port connected with the upstream device.
12-1
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 12 Multicast VLAN Configuration
To Use
Add/Delete the upstream port of multicast VLAN [ no] mvlan-upport interface interface-list
A multicast VLAN can have multiple upstream ports, but its upstream ports must be
on the main control board. A port cannot act as both the upstream port and the
downstream port at the same time.
This example shows how to add port GigabitEthernet 7/1/0 as the upstream port.
MA5300(config)# mvlan-upport interface GigabitEthernet 7/1/0
The downstream port of multicast VLAN is the port connected with the user.
To Use
Add/Delete the downstream port of multicast VLAN [ no] mvlan-downport interface interface-list
Multicast VLAN can have multiple downstream ports, but its upstream ports must be
on the main control board. A port cannot act as both the upstream port and the
downstream port at the same time.
This example shows how to add port vdsl2/0/0 as the down port.
MA5300(config)# mvlan-downport interface vdsl2/0/0
After finishing the above configurations, you can use command show multivlan to
query the information on the multicast VLAN, including the upstream and
downstream ports. This helps to verify whether the configurations are correct.
To Use
Query the port information on multicast VLAN show multivlan
12-2
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 12 Multicast VLAN Configuration
I. Networking requirements
g7/1/0
MA5300
vdsl2/0/0
vdsl2/0/23
1) Add the gigabit Ethernet port g7/1/0 of the MA5300 as the upstream port of
multicast VLAN.
MA5300(config)# mvlan-upport interface GigabitEthernet 7/1/0
2) Add the ports vdsl2/0/0vdsl2/0/23 of the MA5300 into the multicast VLAN.
MA5300(config)# mvlan-downport interface vdsl2/0/0 to vdsl2/0/23
3) Show the port information on multicast VLAN.
12-3
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 12 Multicast VLAN Configuration
The above information shows that the upstream port of multicast VLAN is
GigabitEthernet7/1/0, and the down stream ports of it include vdsl2/0/0 vdsl2/0/23.
12-4
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 13 Managed Multicast Configuration
13.1 Overview
With multicast authentication, the MA5300 will authenticate a user who intends to
join a multicast group, and decide whether to allow the user to join the multicast
group based on the authentication result.
Multicast accounting indicates to charge a user who has passed the multicast
authentication, according to the multicast group he joins, the traffic of the multicast
group, or the start and end time of joining the multicast group. The multicast device
periodically sends the member query messages to judge whether to continue
charging the user. If it receives the report message from the user, it will continue
charging the user. If the user makes no response, the device will adopt the
mechanism for offline multicast user, and stop charging the multicast user. If the
multicast device receives the offline message from the user, it will also adopt the
mechanism for offline multicast user and stop charging the user. By far, the MA5300
does not support multicast accounting.
13-1
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 13 Managed Multicast Configuration
Note that only when 802.1x is enabled globally on all the ports and the 802.1x
authentication is passed, can the authentication of managed multicast be enabled.
Only the ports under port-based authentication/control can use the managed
multicast function.
To Use
Enable managed multicast ip managed-multicast
Disable managed multicast no ip managed-multicast
After a multicast user has passed the authentication, you can configure the multicast
groups to make them accessible/inaccessible to the multicast user.
To Use
Configure multicast groups to make them accessible multicast user username enable
for the user group-address
Configure multicast groups to make them multicast user username disable
inaccessible for the user { group-address | all }
This example shows how to configure a multicast group to make it accessible for the
user.
MA5300(config)# multicast user 5300 enable 224.0.1.11
This example shows how to configure a multicast group to make it inaccessible for
the user.
MA5300(config)# multicast user 5300 disable 224.0.1.12
13-2
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 13 Managed Multicast Configuration
To Use
Query the debugging information on managed multicast [ no ] debug ip managed-multicast
This example shows how to query the debugging information of managed multicast.
MA5300(config)#show ip managed-multicast user passed
Managed-multicast user passed.
I. Networking requirements
Configure the managed multicasts of the MA5300 to allow the multicast user 5300
to access the multicast group of 224.0.1.11.
Internet
Router
Multicast
MA5300
13-3
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 13 Managed Multicast Configuration
Or
MA5300(config)# igmp-snooping enable
3) Enable managed multicast.
MA5300(config)# ip managed-multicast
4) Configure the reachable multicast group for the multicast group user.
MA5300(config)# multicast user 5300 enable 224.0.1.11
13-4
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 14 ACL Configuration
14.1.1 Overview
ACL classifies data packets through various matching rules, which can be source
address or destination address of the data packets, port number, and so on. ACL is
also applied to the MA5300 ports. The MA5300 can determine whether to forward or
discard certain data packets according to specified rules in ACL.
The matching rules defined by ACL can also be quoted in other cases concerning
traffic classification, for example, the definition of traffic classification rules in QoS.
An access control rule may comprise several sub-rules, the statements of which
specify different ranges of packets. When matching a data packet with the access
control rule, the issue of match order arises. There are two match orders for access
control sub-rules:
z config: indicates to follow the user defined configuration order when formulating
the matching rule.
z auto: indicates to allow the system to sort automatically (in depth-first order)
when formulating the matching rule.
The default setting is config, in which case once the user specifies the match order of
an access control rule, he cannot modify it later, unless he deletes all the content of
the rule and specifies the match order again.
The depth-first principle of auto is to put the statement specifying the smallest range
of packets on the top of the list. This can be implemented through comparing the
wildcards of the addresses. The smaller the wildcard is, the fewer hosts it can specify.
14-1
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 14 ACL Configuration
z For standard ACL, the source address wildcards are compared directly.
If the wildcards are the same, follow the configuration sequence.
z For extended ACL, the source address wildcards are compared first.
If the wildcards are the same, the destination address wildcards are then
compared. If the destination address wildcards are again the same, the ranges of
port numbers will be compared, and the port number with smaller range will be
listed ahead. If the port numbers are still in the same range, follow the
configuration sequence.
14-2
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 14 ACL Configuration
You can use the following command to enter the time-range mode and begin
configuring the time range.
To Use
Enter time range mode time-range time-range-name
There are two kinds of time ranges, absolute and periodic time ranges.
You can use the following commands to set the absolute time range.
14-3
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 14 ACL Configuration
To Use
absolute [ start HH:MM MM-DD-YYYY ] [ end HH:MM
Set the absolute time range
MM-DD-YYYY ]
no absolute [ start HH:MM MM-DD-YYYY ] [ end HH:MM
Delete the absolute time range
MM-DD-YYYY ]
When the start time is not configured, there is no limit on the start time. If the end time
is not configured, it will be the maximum time that can be displayed by the system.
The end time shall be later than the start time.
The absolute time range specifies a broader valid period and also limits the periodic
time range. Up to 12 absolute time ranges can be configured.
You can use the following commands to set the periodic time range.
To Use
Set the periodic time range periodic days-of-the-week hh:mm to [ day-of-the-week ] hh:mm
Delete the periodic time range no periodic days-of-the-week hh:mm to [ day-of-the-week ] hh:mm
The periodic time range expires in a week. Up to 32 periodic time ranges can be
configured.
The MA5300 supports several kinds of ACLs. The following section introduces how to
define these ACLs.
The MA5300 can define up to 99 standard ACLs identified by numbers ranging from 1
to 99, and up to 1000 named standard ACLs. It can also define up to 128 sub-rules for
an ACL (the numbered ACL or named ACL). A maximum of 3000 sub-rules can be
defined. The rules of the standard ACL are defined on the basis of the Layer 3 source
IP address to analyze the data packets.
1) Define numbered standard ACL.
14-4
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 14 ACL Configuration
You can use the following commands to define the numbered standard ACL.
To Use
access-list access-list-number1 { deny | permit
Define numbered standard ACL | } { source-addr source-wildcard | any }
[ fragments ] [ time-range time-range-name ]
During the process of defining the ACL, you can use the access-list command for
several times to define multiple rules for an ACL.
If defined without a specified time-range, the ACL will always function once being
activated.
2) Define named standard ACL.
You can use the following commands to define named standard ACL.
Note:
The named standard ACL shall be defined in the special configuration mode: use the access-list
standard command in global mode, then the command will also specify the match order of the access
list. You can use the exit command to exit the configuration mode.
To Use
Enter the named standard ACL mode access-list standard name [ match order { config |
(global mode) auto } ]
Define standard ACL rules (named { permit | deny } { source-addr source-wildcard | any }
standard ACL mode) [ fragments ] [ time-range time-range-name ]
Delete all the sub-rules or one sub-rule of
no access-list { all | { access-list-number |
the ACL or delete the entire ACL (global
access-list-name } [ subitem ] }
mode)
14-5
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 14 ACL Configuration
During the process of defining the ACL, you can use the { permit | deny } command
for several times to define multiple rules for an ACL.
Besides, once the user specifies the match order of an ACL rule, he cannot modify it
later.
The default match order of ACL is config, namely, following the order configured by
the user.
The MA5300 can define up to 100 extended ACLs identified by numbers ranging from
100 to 199 and up to 1000 named extended ACLs. In total, the MA5300 can define
3000 sub-rules. Also, it can define at most 128 sub-rules for one ACL (either
numbered ACL or named ACL).
The classification rules are defined on the basis of packet attributes such as the
source IP, destination IP, TCP or UDP port number in use and the packet priority. The
extended ACL is able to analyze three kinds of packet priorities, including 802.1p
priority, IP priority and DSCP priority.
1) Define numbered extended ACL.
You can use the following commands to define numbered extended ACL.
To Use
access-list access-list-number2 { permit | deny } [ protocol ]
[ established ] { source-addr source-wildcard | any } [ operator port1
Define numbered extended
[ port2 ] ] { dest-addr dest-wildcard | any } [ operator port1 [ port2 ] ]
ACL
[ icmp-type [ icmp-code ] ] [ fragments ] { [ precedence precedence ]
[ tos tos ] | [ dscp dscp ] } [ time-range time-range-name ]
Define the match order of ACL access-list access-list-number match order { config | auto }
Delete all the sub-rules or one
no access-list { all | { access-list-number | access-list-name }
sub-rule of the ACL or delete
[subitem ] }
the entire ACL
During the process of defining the ACL, you can use the access-list command for
several times to define multiple rules for an ACL.
The extended ACL is identified with the numbers ranging from 100 to 199.
Note that, the port1 and port2 in the access-list command specify the TCP or UDP
ports used by various high-layer applications. For some common port numbers, you
14-6
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 14 ACL Configuration
can use the mnemonic symbols as shortcut. For example, bgp can represent the
TCP number 179 used by BGP.
2) Define named extended ACL.
You can use the following commands to define named extended ACL.
Note:
The named extended ACL shall be defined in the special configuration mode. Use the access-list
extended command in global mode. The command will also specify the match order of the access list.
You can use the exit command to exit the configuration mode.
To Use
Enter the named extended ACL mode (global access-list extended name [ match order { config |
mode) auto } ]
{ permit | deny } [ protocol ] [ established ]
{ source-addr source-wildcard | any } [ operator port1
[ port2 ] ] { dest-addr dest-wildcard | any } [ operator
Define extended ACL rules (named extended
port1 [ port2 ] ] [ icmp-type [ icmp-code ] ]
ACL mode)
{ [ precedence precedence ] [ tos tos ] | [ dscp
dscp ] } [ fragments ] [ time-range
time-range-name ]
Delete all the sub-rules or one sub-rule of the no access-list { all | { access-list-number |
ACL or delete the entire ACL (global mode) access-list-name } [ subitem ] }
During the process of defining the ACL, you can use the { permit | deny } command
for several times to define multiple rules for an ACL.
Besides, once the user specifies the match order of an ACL rule, he cannot modify it
later.
Note that, the port1 and port2 in the above command specify the TCP or UDP ports
used in various high-layer applications. For some common port numbers, you can use
the mnemonic symbols as shortcut. For example, bgp can represent the TCP
number 179 used by BGP.
The default match order of ACL is config. That is, to follow the order configured by the
user.
14-7
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 14 ACL Configuration
The MA5300 can define up to 100 numbered Layer 2 ACLs identified with numbers
ranging from 200 to 299 and up to 1000 named Layer 2 ACLs. In total, the MA5300
can define 3000 sub-rules, and at the same time, it can define up to 128 sub-rules for
one ACL (either numbered ACL or named ACL).
The rules of Layer 2 ACL are defined based on the Layer 2 information such as
source MAC address, source VLAN ID, Layer 2 protocol type, Layer 2 ports receiving
and forwarding the packet and destination MAC address to process the data packets.
1) Define numbered Layer 2 ACL.
You can use the following commands to define the numbered Layer 2 ACL.
To Use
access-list access-list-number3 { permit | deny }
[ protocol ] [ cos vlan-pri ] ingress { { [ source-vlan-id ]
[ source-mac-addr source-mac-wildcard ] [ interface
Define the numbered Layer 2 ACL { interface-name | interface-type interface-num } ] } | any }
egress { { [ dest-mac-addr dest-mac-wildcard ] [ interface
{ interface-name | interface-type interface-num } ] } | any }
[ time-range time-range-name ]
access-list access-list-number match order { config |
Define the match order of ACL
auto }
Delete all the sub-rules or one sub-rule no access-list { all | { access-list-number |
of the ACL or delete the entire ACL access-list-name } [ subitem subitem ] }
In defining the ACL, you can use the access-list command for several times to define
multiple rules for an ACL.
Layer 2 ACL can be identified with numbers ranging from 200 to 299.
2) Define the named Layer 2 ACL.
You can use the following commands to define the named Layer 2 ACL
Note:
The named Layer 2 ACL shall be defined in the special configuration mode: use the access-list link
command in global mode, then the command will also specify the match order of the access list. You can
use the exit command to exit the configuration mode.
14-8
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 14 ACL Configuration
To Use
Enter the Named Layer 2 ACL mode (global access-list link name [ match order { config |
mode) auto } ]
{ permit | deny } [ protocol ] [ cos vlan-pri ] ingress
{ { [ source-vlan-id ] [ source-mac-addr
Define Layer 2 ACL (Named Layer 2 ACL
source-mac-wildcard ] } | any } egress
mode)
{ { dest-mac-addr dest-mac-wildcard } | any }
[ time-range time-range-name ]
Delete all the sub-rules or one sub-rule of the no access-list { all | { access-list-number |
ACL or delete the entire ACL (global mode) access-list-name } [subitem ] }
During the process of defining the ACL, you can use the { permit | deny } command
for several times to define multiple rules for an ACL.
Besides, once the user specifies the match order of an ACL rule, he cannot modify it
later.
The default match order of ACL is config, namely, following the order configured by
the user.
The user defined ACL matches any of the first 80 bytes in Layer 2 data frames and
processes them accordingly. To be able to use the user defined ACL in a proper way,
you are required to understand the composition of Layer 2 data frames very well.
The figure below is the schematic diagram of the first 64 bytes of the Layer 2 data
frames. Every letter represents one hexadecimal, and every two letters represent one
byte.
The description of each letter and their offset values in the above figure are shown in
Table 14-11.
14-9
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 14 ACL Configuration
In Table 14-11, the offset of each field is their offset in the 802.3 data frame of SNAP +
tag. For the user defined ACL, user can use the rule mask and offset parameters to
extract any byte from the first 80 bytes of data frame, and then compare the extracted
byte with user defined rules to filter matched data frames for processing. User defined
rules can be some certain attributes of the data.
For example, to filter all TCP messages, you can define the rule as 06, rule mask
FF and offset 35. Then the rule mask and offset will work together to extract the
contents in the TCP protocol number field of the received data frame to compare with
the rules and then find all the matched TCP messages.
14-10
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 14 ACL Configuration
Note:
At present, user defined ACL is only applicable for filtering snap+tagged data frames, which are
compliant with 802.3 standards.
To Use
access-list access-list-number4 { permit | deny }
Define the numbered user defined ACL { rule-string rule-mask offset }&<1-20> [ time-range
time-range-name ]
access-list access-list-number match order { config |
Define the match order of ACL
auto }
During the process of defining the ACL, you can use the access-list command for
several times to define multiple rules for an ACL.
The self defined ACL are identified with the numbers ranging from 300 to 399.
2) Define the named user defined ACL.
You can use the following commands to define named user defined ACL.
Note:
The named user defined ACL shall be defined in the special configuration mode. Use the access-list
user command in global mode. Then the command will also specify the match order of the access list.
You can use the exit command to exit the configuration mode.
14-11
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 14 ACL Configuration
To Use
Enter the named user defined ACL mode (global access-list user name [ match order { config |
mode) auto } ]
Define the user defined ACL (named user defined { permit | deny } { rule-string rule-mask
ACL mode) offset }&<1-20> [ time-range time-range-name ]
Delete all the sub-rules or one sub-rule of the ACL no access-list { all | { access-list-number |
or delete the entire ACL (global mode) access-list-name } [subitem ] }
During the process of defining the ACL, you can use the { permit | deny } command
for several times to define multiple rules for an ACL.
Create a user defined ACL named by access-list-name and enter the ACL mode. The
parameter access-list-name is expressed as a character string starting with English
letters (that is [a to z, A to Z]), excluding space and quotation marks. The name cannot
be specified as all. The system does not distinguish the upper and lower case
letters.
Similar to the numbered ACL rule, the following match order clause is also used for
specifying the match order of the rule. If the order is not specified with match order, it
defaults to config. That is the match follows the user defined order. Besides, once the
match order of an ACL rule has been specified, it cannot be modified later.
You can use the following commands to activate the defined ACL.
Perform these configurations in Ethernet port mode, ADSL port mode, VDSL port
mode, SHDSL port mode. However, the rules for the ADSL port and the SHDSL port
are only applicable to the IP packets.
After you have configured the ACL for one port on the ADSL or the SHDSL interface
board, the other ports on that board have the same properties as this one.
To Use
access-group { user-group { access-list-number | access-list-name } [ subitem
subitem ] { in | out } | { [ ip-group { access-list-number | access-list-name }
Activate an ACL
[ subitem subitem ] { in | out } ] [ link-group { access-list-number |
access-list-name } [ subitem subitem ] { in | out } ] } }
14-12
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 14 ACL Configuration
To Use
no access-group { user-group { access-list-number | access-list-name }
Deactivate an [ subitem subitem ] { in | out } | { [ ip-group { access-list-number |
ACL access-list-name } [ subitem subitem ] { in | out } ] [ link-group
{ access-list-number | access-list-name } [ subitem subitem ] { in | out } ] } }
Note:
This command can activate the Layer 2 and Layer 3 ACLs at the same time on the
condition that the actions of the combination items should be consistent. If the actions
conflict (one is permit and the other is deny), they cannot be activated.
MA5300 activates Layer 2 and Layer 3 ACLs by the following means: the sub-rule 1 of
the Layer 2 ACL group combines with the sub-rule 1 of the Layer 3 ACL group, and
the sub-rule 2 of the Layer 2 ACL group combines with the sub-rule 1 of the Layer 3
ACL group, and so on. If the sub-rules of the two ACL groups are not identical, then
the unmatched sub-rules will be activated respectively.
After performing the above configurations, you can use the show command to query
information on configured ACLs or to authenticate whether the configuration is
correct.
To Use
Query status of time range show time-range { time-range-name | all }
show access-lists config { all | access-list-number |
Show detailed ACL information
access-list-name }
show access-lists runtime { all | { interface
Show runtime information on all ACLs
interface-name | interface-type interface-num } }
I. Networking requirement
14-13
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 14 ACL Configuration
MA5300
Note:
In the following configurations, only the commands related to ACL configurations are listed.
! This example shows how to define the periodic time range from 8:00 to 12:00.
MA5300(config-timerange- time-on-duty)# periodic daily 8:00 to 12:00
2) Define the ACL to access the payment server.
! This example shows how to enter the named extended ACL, named as
traffic-to-payserver.
MA5300(config)# access-list extended traffic-to-payserver
14-14
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 14 ACL Configuration
! This example shows how to define the rules for other department to access the
payment server.
MA5300(config-ext-nacl-traffic-to-payserver)# deny ip any 129.110.1.2
0.0.0.0 time range time-on-duty
! This example shows how to define the rules for the Office of President to access the
payment server.
MA5300(config-ext-nacl-traffic-to-payserver)# permit ip 129.111.1.2 0.0.0.0
129.110.1.2 0.0.0.0
3) Activate ACL.
! This example shows how to apply the ACL traffic-to-payserver to corresponding
MA5300 port.
MA5300(config-if-Vdsl2/0/0)# access-group ip-group traffic-to-payserver in
MA5300(config-if-Vdsl2/0/1)# access-group ip-group traffic-to-payserver in
MA5300(config-if-Vdsl2/0/2)# access-group ip-group traffic-to-payserver in
14-15
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 15 QoS Configuration
15.1 Overview
In the traditional IP network, all the packets are treated without difference. Every
switch/router handles the packets following the First In First Out (FIFO) policy. That is,
it makes best effort to transmit the packets to the destination, instead of making any
commitment to the transmission liability, delay or other performances.
With the rapid development of computer network, the requirements on network are
becoming increasingly high, and the network is being used to deliver more and more
traffic of voice, image and important data, which are sensitive to the bandwidth, delay
and jitter. This enriches the network sources. On the other hand, the network
congestion occurs more frequently. As a result, people require higher quality of
service (QoS) for the transmission over the network.
The Ethernet technology is the most widely used network technology nowadays.
Ethernet has been the dominant technology of various independent Local Area
Networks (LANs), and many LANs in the Ethernet form have been part of the Internet.
Moreover, with the continuous development of the Ethernet technology, Ethernet is
becoming one of the major ways for common users to access the Internet. In order to
implement the end-to-end QoS solution on the whole network, how to guarantee the
Ethernet QoS service has to be taken into consideration.
This requires the Ethernet switching devices to apply the Ethernet QoS technology to
the traffic of different types with QoS guarantees at different levels, especially for
those having higher-requirements on the time delay and jitter.
Traffic classification means identifying the packets with certain characteristics, using
the matching rule called classification rule, set by the configuration administrator
based on the actual requirements. The rule can be very simple.
For example, the traffic with different priority levels can be identified according to the
ToS field in IP packet header. There are also some complex rules. For example, the
information over the integrated link layer (Layer 2), network layer (Layer 3) and
transport layer (Layer-4), such as MAC address, IP protocol, source IP address,
15-1
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 15 QoS Configuration
destination IP address and the port number of application, can be used for traffic
classification.
Generally, the classification standards are encapsulated in the header of the packets.
The packet content is seldom used as the classification standard.
Packet filtering aims to filter the traffic. For example, the operation deny discards the
traffic matching the traffic classification rule, while allowing other traffic to pass
through. With the complex traffic classification rules, the MA5300 enable the filtering
of various information carried in Layer 2 traffic and discards useless, unreliable or
doubtful traffic, thereby enhancing the network security.
These are the two key steps for implementing the frame filtering.
Step 2: Filter the identified traffic, namely performing the deny operation (also the
default access control operation).
In order to deliver better service with the limited network resources, QoS regulates the
traffic of the specified user at the input port, so that it can make a better use of the
assigned resource.
The port rate limit is the limit imposed on the rate of a port so as to limit the general
speed of output packets passing through the port.
15.1.5 Redirection
You can specify a new port to forward the packets according to your requirements on
the QoS policy.
The MA5300 can deliver priority tag service for certain packets. These tags include
TOS, DSCP and 802.1p, which can be used and defined in different QoS modules
respectively.
The following section will introduce the priority levels of IP, TOS, DSCP and 802.1p.
15-2
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 15 QoS Configuration
You may already be quite familiar with the definition of the TOS domain in the header
of IP message (refer to RFC791). As shown in above figure, the TOS field of IP
header has 8 bits, the first 3 bits of which represent IP priority, ranging 0 7 (see
RFC1122), whereas the 4th 7th bits represent TOS priority, ranging 0 15 (see
RFC1349).
RFC2474 has redefined the TOS domain of IP packet header as DS domain, of which
the first 6 bits (0-5) represent DSCP priority, ranging 0 63 and the later 2 bits (6 7)
are reserved bits.
As shown in Figure 15-2, each host that supports 802.1Q protocol will add a 4-byte
802.1Q flag head after the source address in previous Ethernet frame header when
sending data packets.
This 4-byte 802.1Q flag header includes a 2-byte Tag Protocol Identifier (TPID) whose
value is 8100 and a 2-byte Tag Control Information (TCI). TPID is new type defined by
IEEE. It indicates that the message has been added an 802.1Q flag. The following
figure shows the detailed contents of 802.1Q header.
15-3
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 15 QoS Configuration
As shown in Figure 15-3, the Priority field in TCI refers to 802.1p priority, which
consists of 3 bits with range 0 7. These 3 bits indicate the priority of the frame.
There are 8 priorities altogether, mainly used to determine in what order the packets
will be sent in case of equipment congestion.
It is called 802.1p priority because such priorities are defined in detail in 802.1p
standards.
When congestion occurs, several packets will compete for the resources. To settle the
problem, they are generally queued. The following section will introduce three queue
scheduling algorithms, strict Priority Queue (PQ), Weighted Round Robin (WRR) and
delay-bounded WRR.
1) PQ
Queue
High
Dequeue
Medium
Classify
Packets to be sent Packets left
via this interface Normal the interface
Low
The PQ is specially designed for the key service application. A significant feature of
the key service is the demand for service priority to reduce the response delay when
congestion occurs. The PQ divides all messages into up to 4 kinds, namely,
high-priority, medium-priority, normal-priority and low-priority queues (which are
indicated as the Queue 3, 2, 1 and 0 in turn), whose priorities reduce one by one.
15-4
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 15 QoS Configuration
The queue dispatching strictly obeys the high-to-low priority order. The PQ gives
preference to and forwards the packets in the higher-priority queue first. When the
higher-priority queue is empty, it will send the packets in the lower-priority group. In
this way, the key service packets are put in the higher-priority queue and the non-key
service packets, like E-mail, are put in the lower-priority queue. This ensures that the
key service packets are transmitted first, while the non-key service packets are
transmitted during the idle gaps of key service traffic processing.
The PQ also has a drawback. When congestion occurs, if there are many packets
queuing in the higher-priority queue, which will take a long time to transmit, the
messages in the lower-priority queue will be starved without service.
2) WRR
WRR defines 4 or 8 egress queues for each port (MA5300 has 4 queues on each port,
which are queue 3, 2, 1 and 0 with descending priorities). The round scheduling
ensures every queue gets some time of service. WRR gives every queue a weight
(w3, w2, w1, and w0 respectively) for resource obtaining.
For example, you can configure the weight value of the WRR algorithm for 100M port
as 50, 30, 10 and 10 (corresponding to the w3, w2, w1 and w0 respectively). Thus the
low-priority queue can be guaranteed to get the minimum bandwidth of 10Mbps,
avoiding the case in PQ scheduling that the messages in the lower-priority queues
may not get any service for long time. Another advantage of WRR queue is that the
service time is assigned to each queue flexibly, although it is the round multiple queue
scheduling. When a queue is empty, it will switch to the next queue immediately,
thereby making good use of the bandwidth resource.
3) Delay bounded WRR
Compared with common WRR, the Delay bounded WRR is special in that it
guarantees packets in the highest-priority queue to be forwarded before the specified
delay times out.
The traffic mirroring function is to copy the specified data packets to the observing port
for network diagnosis and troubleshooting.
The port mirroring function is to copy data packets of specified ports to the observing
port for network diagnosis and troubleshooting.
15-5
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 15 QoS Configuration
With the traffic-based traffic statistics, you can count and analyze the packets at your
requirements.
The MA5300 uses ACL to implement the QoS services including traffic policing, port
line rate, packet redirection, priority tag, queue scheduling, traffic mirroring and traffic
statistics.
The MA5300 uses ACL quotation to complete the QoS functions such as traffic
policing, port rate limit, redirection, priority tag, queue scheduling, traffic mirroring,
traffic counting.
Traffic policing is the traffic-based rate restriction. Once the traffic flow exceeding the
specified rate, corresponding actions will be taken, such as discarding the packets or
lowering the priority.
Perform these configurations in Ethernet port mode, ADSL port mode, VDSL port
mode, SHDSL port mode. However, the rules for the ADSL port and the SHDSL port
are only applicable to the IP packets. After you have configured the ACL for one port
on the ADSL or the SHDSL interface board, the other ports on that board have the
same properties as this one.
15-6
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 15 QoS Configuration
To Use
rate-limit input { user-group { access-list-number | access-list-name }
Configure the [ subitem subitem ] | { [ ip-group { access-list-number | access-list-name }
traffic-based rate limit [ subitem subitem ] ] [ link-group { access-list-number | access-list-name }
[ subitem subitem ] ] } } target-rate [ exceed-action action ]
no rate-limit input { user-group { access-list-number | access-list-name }
Cancel the
[ subitem subitem ] | { [ ip-group { access-list-number | access-list-name }
configuration of the
[ subitem subitem ] ] [ link-group { access-list-number | access-list-name }
traffic-based rate limit
[ subitem subitem ] ] } }
You have to define the corresponding ACL before performing this configuration task.
The purpose of this configuration task is to implement traffic policing over the data
traffic matching the ACL. The traffic beyond the limit will be dealt with in other way,
such as being discarded.
The port rate limit is the port-based line rate used for limiting the general speed of
packet output on the port.
You can use the following commands to configure port rate limit.
Perform these configurations in Ethernet port mode, ADSL port mode, VDSL port
mode, SHDSL port mode. However, the rules for the ADSL port and the SHDSL port
are only applicable to the IP packets. After you have configured the ACL for one port
on the ADSL or the SHDSL interface board, the other ports on that board have the
same properties as this one.
To Use
Configure the port rate limit line-rate target-rate
Cancel the configuration port rate limit no line-rate
You can configure the rate limit for a single port of the MA5300.
Packet redirection is to redirect the packets to the CPU or a specified output port.
You can use the following commands to configure the packet redirection.
15-7
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 15 QoS Configuration
To Use
traffic-redirect { input | ouput } { user-group { access-list-number |
access-list-name } [ subitem subitem ] | { [ ip-group { access-list-number |
Configure redirection access-list-name } [ subitem subitem ] ] [ link-group { access-list-number |
access-list-name } [ subitem subitem ] ] } } { cpu | { interface interface-name
| interface-type interface-num } }
no traffic-redirect { input | ouput } { user-group { access-list-number |
access-list-name } [ subitem subitem ] | { [ ip-group { access-list-number |
Cancel the redirection
access-list-name } [ subitem subitem ] ] [ link-group { access-list-number |
access-list-name } [ subitem subitem ] ] } }
Note that the configuration of redirection only takes effects on the rules with action
permit. After the packets are redirected to the CPU, they will not be forwarded any
longer.
The priority tag configuration is a policy to tag the priority for the packets matching the
ACL. The new priority is filled in the priority field of the packet header.
You can use the following commands to configure the priority marking.
Perform these configurations in VDSL port mode, Ethernet port mode, SHDSL port
mode, or ADSL port mode. Note that the ACL which are configured in ADSL port
mode and SHDSL port mode are applicable to IP packets only. After you have
configured the ACL for one port in ADSL port mode or SHDSL port mode, the other
ports on the same interface board will have the same settings.
To Use
traffic-priority { input | ouput } { user-group { access-list-number |
access-list-name } [ subitem subitem ] | { [ ip-group { access-list-number |
Configure the packet access-list-name } [ subitem subitem ] ] [ link-group { access-list-number |
priority tag access-list-name } [ subitem subitem ] ] } } { [ dscp dscp-value ]
[ ip-precedence { pre-value | from-cos } ] [ cos { pre-value | from-ipprec } ]
[ local-precedence pre-value ] }
no traffic-priority { input | output } { user-group { access-list-number1 |
Cancel the packet access-list-name } [ subitem subitem ] | { [ ip-group { access-list-number2 |
priority tag access-list-name } [ subitem subitem ] ] [ link-group { access-list-number3 |
access-list-name } [ subitem subitem ] ] } }
15-8
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 15 QoS Configuration
Note that packet priority tag function only takes effects on the rules with action permit.
Queue scheduling is commonly used to resolve the problem that multiple messages
compete with resource when the network congestion happens.
You can use the following commands to configure the queue scheduler.
To Use
queue-scheduler { strict-priority | wrr queue1-weight
queue2-weight queue3-weight queue4-weight |
Configure queue scheduling algorithm
wrr-max-delay queue1-weight queue2-weight
queue3-weight queue4-weight maxdelay }
Restore the default queue scheduling
no queue-scheduler
algorithm
MA5300 supports 3 kinds of queue schedulers, namely strict priority queuing, WRR
and delay bounded WRR.
The function of traffic mirroring is to copy the traffic matching ACL rule to the
designated observing port to analyze and monitor the packets.
You can use the following commands to configure the traffic mirroring.
Perform these configurations in Ethernet port mode, ADSL port mode, VDSL port
mode, SHDSL port mode. However, the rules for the ADSL port and the SHDSL port
15-9
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 15 QoS Configuration
are only applicable to the IP packets. After you have configured the ACL for one port
on the ADSL or the SHDSL interface board, the other ports on that board have the
same properties as this one.
To Use
mirrored-to { input | output } { user-group { access-list-number |
access-list-name } [ subitem subitem ] | { [ ip-group { access-list-number |
Configure traffic
access-list-name } [ subitem subitem ] ] [ link-group { access-list-number |
mirroring
access-list-name } [subitem subitem ] ] } } [ interface interface-name |
interface-type interface-num ]
The traffic statistics function is used for counting the data packets of the specified
traffic.
Perform these configurations in Ethernet port mode, ADSL port mode, VDSL port
mode, SHDSL port mode. However, the rules for the ADSL port and the SHDSL port
are only applicable to the IP packets. After you have configured the ACL for one port
on the ADSL or the SHDSL interface board, the other ports on that board have the
same properties as this one.
To Use
traffic-statistic { input | output } { user-group { access-list-number |
Configure traffic access-list-name } [ subitem subitem ] | { [ ip-group { access-list-number |
statistics access-list-name } [ subitem subitem ] ] [ link-group { access-list-number |
access-list-name } [ subitem subitem ] ] } }
clear traffic-statistic { input | output } { all | user-group
Cancel the traffic { access-list-number | access-list-name } [ subitem subitem ] | { [ ip-group
statistics function { access-list-number | access-list-name } [ subitem subitem ] ] [ link-group
{ access-list-number | access-list-name } [ subitem subitem ] ] } }
no traffic-statistic { input | output } { user-group { access-list-number |
access-list-name } [ subitem subitem ] | { [ ip-group { access-list-number |
Clear traffic statistics
access-list-name } [ subitem subitem ] ] [ link-group { access-list-number |
access-list-name } [ subitem subitem ] ] } }
15-10
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 15 QoS Configuration
Note that the traffic statistics function only takes effects on the rules with action
permit.
After the above configuration, you can use the show command to query information
on configured QoS or authenticate whether the configuration is correct.
To Use
show qos-interface [ interface-name |
Display parameter setting of traffic mirroring
interface-type interface-num ] mirrored-to
Display queue scheduling mode and
show queue-scheduler
parameters
show qos-interface [ interface-name |
Display QoS setting of all ports
interface-type interface-num ] all
show qos-interface [ interface-name |
Display parameter setting of traffic limit
interface-type interface-num ] rate-limit
show qos-interface [ interface-name |
Display parameter setting of port rate limit
interface-type interface-num ] line-rate
show qos-interface [ interface-name |
Display parameter setting of priority tag
interface-type interface-num ] traffic-priority
show qos-interface [ interface-name |
Display parameter setting of redirection
interface-type interface-num ] traffic-redirect
show qos-interface [ interface-name |
Display parameter setting of traffic statistics
interface-type interface-num ] traffic-statistic
I. Networking requirements
15-11
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 15 QoS Configuration
#3 #4
#1 #2
MA5300
Connected to a router
Note that in the following configurations, only the commands related to QoS/ACL
configurations are listed.
1) Define the traffic accessing the payment query server.
! This example shows how to enter the named extended ACL, identified as
traffic-to-payserver.
MA5300(config)# access-list extended traffic-to-payserver
15-12
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 16 Cluster Management Configuration
16.1 Overview
The managing device is called command device and the managed devices are called
member devices. Generally, you are not required to assign public IP addresses for the
member devices. The management and maintenance over the member devices are
implemented through redirection of the command device. A command device and
several member devices compose a cluster.
69.110.1.100
Network management
device
network
69.110.1.1
Command device
Member device
Cluster
Member device
Member device
Candidate
device
16-1
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 16 Cluster Management Configuration
z Saves IP address.
z Allows simultaneous software upgrade and parameter configuration for multiple
devices.
z Independent of network topology.
The devices in a cluster have different statuses and functions and play different roles.
You can specify the role of a specified device. The devices can also change their roles
based on predefined rules.
The roles that a device can play in a cluster include the command device, member
device and candidate device.
z Command device
It refers to the device configured with a public network IP address and used to
providing management interface for all devices in the cluster. The management
commands are sent to the command device first, which will process these commands.
If the command is destined to a member device, the command device will forward it to
the member device.
16-2
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 16 Cluster Management Configuration
Candidate device
Ad
dd s
ice
Re
a n ed a
de
ev
ter
mo
dt
mm n at
lu s
oa
ve
si g
ac
clu
fro
De
ro m
s
m
ter
co
ac
df
ve
lus
mo
ter
Re
z Each cluster shall have one, but only one command device. The command
device will identify and discover the candidate device by collecting Huawei
Discovery Protocol / Huawei Topology Protocol (HDP/HTP) information. You can
specify a candidate device as a member device of the cluster.
z A candidate device becomes a member device after it is added to a cluster. If a
member device is removed from the cluster, it becomes a candidate device
again.
16.1.2 Functions
Member identification is used to locate every member device in the cluster, so that the
command device can identify them and deliver the management commands to them.
16-3
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 16 Cluster Management Configuration
Also note that, when configuring the cluster functions, you shall configure the
following in the command devices:
z Enabling the HDP on the devices and ports
z Configuring HDP parameters
z Enabling the HTP on the devices and ports
z Configuring HTP parameters
z Enabling cluster functions
z Configuring cluster parameters
In addition, you shall configure the following for member devices and candidate
devices:
z Enabling the HDP on the devices and ports
z Enabling the HTP on the devices and ports
z Enabling cluster functions
The following sections introduce the specific operations.
HDP is the proprietary protocol of Huawei Technologies Co., Ltd. for discovering
related information on adjacent points. Running on the data link layer, HDP supports
systems of different network layer protocols.
HDP is used for discovering the information on the directly connected neighbors,
including device type, software/hardware version, and connected ports. It can also
provide the information on device ID, port address, device capability and hardware
platform. Its functions are as follows:
z Provides information about which devices are connected with local device and
basic information on the neighboring devices. The information is useful for
debugging and query.
z Provides support for the cluster and HTP module. Modules managed by the
cluster include cluster/stack, HTP, HDP.
An HDP information table exists on all the devices that support HDP. A table entry will
expire and be deleted by HDP automatically when the aging timer expires. The aging
time is controlled by the transmitting end and stored in HDP message or TTL field.
You can also clear the current HDP information to collect new adjacent information.
The device running HDP broadcasts the packets carrying HDP data to all the
16-4
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 16 Cluster Management Configuration
activated ports regularly. The packet carries the holdtime, indicating how long the
receiving device has to keep the updating data.
The receiver only keeps the information in the HDP packet. It will not forward the
information. The receiver will update the corresponding data entry in the HDP table
based on the received information. If the new information is the same as the old one,
the receiver updates the holdtime.
Note:
For the command device, you shall enable HDP on the device and the port, and configure the HDP
parameters. While for member device and candidate device, you only need to enable HDP on the device
and relevant ports. When HDP operates, they will use the HDP parameters sent by the command device.
To collect HDP information on the adjacent device of any port, enable HDP globally.
With global HDP enabled, the system collects HDP information periodically and
supports user query.
With global HDP disabled, all the HDP information on the device will be cleared and
the system will no longer process any HDP packets.
To Use
16-5
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 16 Cluster Management Configuration
Perform these configurations in VDSL port, ADSL port or Ethernet port mode.
To Use
MA5300(config-if-Ethernet7/2/1)#hdp enable
The HDP holdtime specifies how long the adjacent node can keep the local node
information. The adjacent device obtains the holdtime contained in the received HDP
packet and will discard the packet when it expires.
To Use
16-6
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 16 Cluster Management Configuration
Note that HDP holdtime is supposed to be longer than the HDP timer. Otherwise, the
HDP information table will be unstable.
This example shows how to set the HDP holdtime to 180 seconds.
MA5300(config)#hdp holdtime 180
The HDP information on the adjacent nodes shall be updated frequently to guarantee
the timely updating for local information. You can use the following commands to
decide how often the HDP information will be updated.
To Use
Note that HDP timer is supposed to be shorter than the HDP holdtime. Otherwise,
HDP information table will be unstable.
After completing the above configuration, you can use the show command to query
the operation status of the configured HDP or check whether the configuration is
correct.
To Use
16-7
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 16 Cluster Management Configuration
To Use
This example shows how to view information on the neighboring devices discovered
by HDP.
MA5300(config)#show hdp neighbors
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater
Device-Mac Local-Interface Hdtm Capab Platform Port-ID
00e0.fc00.0020 Ethernet7/2/1 123 TS Quidway S2016 Ethernet0/14
Based on the adjacent table information provided by HDP, HTP transmits and
forwards HTP topology collection request to collect HDP information and neighboring
connection information on every device in a certain network. After collecting the
information, the command device or the network administrator can perform some
functions accordingly.
When the HDP on the member device finds changes of neighbor, it will advertise the
changes to the command device by handshake message. The command device can
run HTP to collect the specified topology and show the network topology changes in
time.
16-8
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 16 Cluster Management Configuration
Note:
For the command device, you shall enable HDP on the device and port and configure the HDP
parameters. While for the member device and candidate device, you only need to enable HDP on the
device and relevant ports and then they will use the HDP parameters sent by command device during
the protocol operation.
To enable the system to process HTP packets, you should enable the global HTP first.
If global HTP is disabled, all the HTP information on the device will be cleared, and the
device will discard all the HTP packets and stop transmitting HTP requests.
To Use
You can use the following commands to enable/disable HTP on a specified port to
decide to transmit/receive and forward HTP packet through which port. After the
global HTP and port HTP have been enabled, the HTP packets can be transmitted,
16-9
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 16 Cluster Management Configuration
received and forwarded through the port. After the HTP is disabled on the port, the
port will not process HTP packet.
Perform these configurations in VDSL port, ADSL port or Ethernet port mode.
To Use
By default, HTP is enabled on the ports supporting HDP. If you enable HTP on a port
not supporting HDP, HTP cannot be run.
Note that, in some occasions, it only needs collecting the topology connected to the
Downlink ports, without caring about the topology connected to the Uplink. In this
case, HTP is supposed to be disabled on the Uplink ports.
You can set a limit to the hops for topology collection, so that only the topology
information on the devices within the specified hops will be collected and infinite
collection can be avoided. You can set a hop limit for discovery.
For example, if you set a limit of 2 on the hop count, only the devices that are two hops
away from the first device transmitting the topology collection request will be
collected.
To Use
By default, the topology information on the devices 3 hops away from the collecting
device is collected.
16-10
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 16 Cluster Management Configuration
Note that the setting is only valid on the first device transmitting the topology collection
request. The broader the collection scope is, the more memory of the
topology-collecting device is required.
This example shows how to set the hop count for topology collection to 3.
MA5300(config)#htp hop 3
After a topology request packet is advertised in the network, many devices will get it at
the same time and respond at the same time. This may result in network congestion
and busy state of topology collection the device.
To solve the problem, you can configure each device to delay response for a certain
period after receiving the topology request. The first port will forward the topology
request packet when the delay timer times out.
Table 16-9 Setting delay for collected device to forward topology collection request
To Use
Set delay for collected device to forward topology collection request htp hop-delay time
Restore the default delay for collected device to forward topology
no htp hop-delay
collection request
By default, the device to be collected forwards the topology request after delaying for
200ms.
This example shows how to set the delay to 200ms for the collected device to forward
topology collection request.
MA5300(config)#htp hop-delay 200
After a topology request packet is advertised in the network, many devices will get it at
the same time and respond at the same time. This may result in network congestion
and busy state of topology collection the device.
To solve the problem, you can configure every port of the device to delay response for
a certain period after receiving the topology request, before the next port forwards the
topology request packet. The ports transmit packets in turn, consistent with the
sequencing of the devices in the topology response.
16-11
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 16 Cluster Management Configuration
Table 16-10 Setting delay for collected port to forward topology collection request
To Use
Set delay for the port to forward topology collection request htp port-delay time
Restore the default delay for the port to forward topology collection request no htp port-delay
By default, the port forwards the topology collection request after a delay of 20ms.
This example shows how to set the delay to 200ms for the port to forward topology
collection request.
MA5300(config)# htp port-delay 20
After the cluster function is started, once the command device detects any change in
member devices, it will inform HTP to perform partial topology collection. Such partial
collection cannot reflect the global change in topology. In order to learn the topology
changes in time, it is necessary to periodically collect the topology information on all
devices within the specified scope.
To Use
By default, the value of topology collection is 0, that is, the periodical topology
collection will not be performed.
This example shows how to the set topology collection interval to 20 minutes.
MA5300(config)# htp timer 20
After the topology collection interval is defined, HTP will automatically collect the
topology information within the entire range based on the interval.
HTP also provides commands for manual topology information collection, which allow
users to collect network topology information at any time for performing device
management and monitoring.
16-12
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 16 Cluster Management Configuration
To Use
After the above settings completes, you can use the show htp command to query the
HTP configuration or a list of devices collected by HTP. By doing so, you can check
whether the configurations are correct.
To Use
This example shows how to view the devices list collected by HTP.
MA5300(config)#show htp device-list
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater
MAC HOP PLATFORM IP CAPABILITY
00e0.fc00.0020 1 Quidway S2016 TS
00e0.fc11.19c2 0 SmartAX MA5300 RTS
16-13
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 16 Cluster Management Configuration
Note:
z For command device, you shall enable the cluster function and configure cluster parameters.
z For member devices and candidate devices, you only need to enable the cluster function so that the
command device can manage them.
You have to enable the cluster function before carrying out other cluster functions.
16-14
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 16 Cluster Management Configuration
To Use
After the no cluster run command is executed on the command device, the cluster
and all its members will be deleted, the command device function and cluster function
of the device will be disabled, and the device cannot be a candidate device of any
other cluster.
After the no cluster run command is executed on a member device, the device will
exit the cluster and the cluster function of the device will be disabled, and the device
cannot be a candidate device.
After the no cluster run command is executed on a switch not belonging to any
cluster, the cluster function will be disabled, and the device cannot be a candidate
device.
Before setting up a cluster, you need to configure a private IP address pool first.
Then when a candidate device is added to the cluster, the command device will
dynamically assign it with a private IP address that can be used for communication
inside the cluster. By doing so, you can use the command device to manage and
maintain the member devices.
To Use
16-15
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 16 Cluster Management Configuration
By default, the IP address of the command device is at 172.16.0.1 and the mask is
255.255.240.0, that is, the length of the mask is 20.
Note that you can only perform the above configuration before creating a cluster. If the
cluster has already been created, then the IP address pool of the existing cluster
cannot be modified.
This example shows how to configure IP address pool of the command device at
10.11.116.8, and the mask length to 24.
MA5300(config)# cluster ip-pool 10.11.116.8 24
Every cluster has a name. Since a cluster can only have one command device, the
command device shall be designated first when you create a cluster. Then the
external network is able to access, configure, manage or monitor members of the
cluster through the command device. That is, the command device functions as the
entrance and exit for accessing cluster members.
The command device can identify and control all the member devices in the cluster,
regardless where they are and how they are connected with each other. Moreover, the
command device collects topology for information on candidate devices and network
topology necessary. This information is helpful when you are creating a cluster.
To Use
Set the cluster name and command device name cluster enable name
Delete all member devices from the cluster and configure the
no cluster enable
command device as a candidate device
After you use the cluster enable command to set the cluster name for the device to
be designated as the command device, this device will become the command device.
By default, the device is not a command device and no cluster name has been
specified.
Note that the cluster enable command can only be used on a device to be
designated as the command device, rather than a device of any other cluster. Also,
when executed on a command device belonging to another cluster, and has been
configured a different cluster name, the command will rename that cluster.
16-16
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 16 Cluster Management Configuration
This example shows how to set the cluster name and command device name to
huawei.
MA5300(config)#cluster enable huawei
% 1[2003-07-29 17:39:32]:CLST-1-LOG:
ip addr 10.11.116.8 255.255.255.0 se, set by cluster
% 1[2003-07-29 17:39:32]:CLST-1-LOG:
community string public@cm0, set by cluster
% 1[2003-07-29 17:39:32]:CLST-1-LOG:
community string private@cm0, set by cluster
% 1[2003-07-29 17:39:32]:CLST-1-LOG:
hostname huawei_0.MA5300, set by cluster
To Use
It is not necessary to assign a number for the newly added member device, since the
command device will automatically assign a number for the member device. The
system will also automatically set the privileged user password of the new member
device the same as that of the command device.
This example shows how to add a cluster member. The number of the member is 2, its
AMC address is 00E0.fc00.2222, and its password to enter the privileged mode as
grandkey.
huawei_0. MA5300(config)# cluster member 2 mac-address 00E0.fc00.2222
password grandkey
16-17
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 16 Cluster Management Configuration
Besides manual adding members into a cluster, the cluster auto-setup function is also
provided. You can use the cluster setup command to set up a cluster.
During cluster setup, the system will prompt you to enter a cluster name. Then a list of
all the candidate devices discovered within the specified hops will be provided. You
can confirm whether to add these devices into the cluster. After your make a
confirmation, all the listed candidates can be added to the new cluster.
During the process, you can press <Ctrl+C> to cancel the current operation. However,
such action will only stop adding new members, but the devices already added will
remain in the cluster.
To Use
Note that you can only execute the cluster auto setup command on a command
device.
Candidate list:
16-18
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 16 Cluster Management Configuration
After setting up a cluster, communication may fail due to network problems or switch
reboots. If the failure exceeds three times of the handshaking message interval+ the
effective holdtime specified by the device, then the member device becomes down.
When the communication recovers, the corresponding member device will be added
to the cluster again automatically.
If the failure is removed within the holdtime, the status of member device will remain
normal and there is no need for system to add the member device.
To Use
Note that the above command can only be executed on the command device, which
will advertise the holdtime value to other member devices. holdtime is usually set to
be several times of the handshaking message interval. It indicates for how many
times after no handshaking message from the member device is received will the
device be considered faulty.
Inside a cluster, the member devices and command device communicate with each
other through sending handshaking messages. Regular handshaking can help
monitoring member status and link status.
After joining a cluster, the member device begins transmitting handshaking messages
actively and regularly to the command device. When receiving regular handshaking,
both the command device and member device will consider current communication
normal.
If the member device has not received 3 consecutive responses from the command
device, it will consider there is communication failure. Similarly, if the command
16-19
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 16 Cluster Management Configuration
device fails to receive 3 consecutive handshaking requests from the member device,
it will also consider there is communication failure.
In addition, when a member device learns some change of the topology, it will report
the topology change to the command device with a handshaking message. Then the
command device will handle the situation.
To Use
Note that the above command can only be executed on the command device, which
will advertise the time to the member devices.
This example shows how to set the handshaking message interval to 8 seconds.
MA5300(config)#cluster timer 8
Communication between the command device and the member device may fail due to
some mis-operation on the member device. Then you can control the member device
remotely on the command device.
For example, you can delete the booting configuration file on the member device and
reset it. This help to recover the normal communication between command device
and member device.
Generally, messages within a cluster can only be forwarded in VLAN1. If user has
performed any wrong configuration on a member device, such as setting the port (on
the member device) connected with the command device as a VLAN2 port,
communication between the command device and member device will fail.
To solve the problem, user can configure the VLAN checking function on a command
device. Then messages sent by the command device to the member devices within
the cluster will carry such information. When a member device receives the message,
it will automatically add a port into VLAN1 if it finds that the port of received message
does not belong to VLAN1. This helps to guarantee normal communication with the
command device.
16-20
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 16 Cluster Management Configuration
To Use
Note that the above command can only be executed on the command device.
When using the cluster reset member command, you can decide whether to delete
the configuration file with the eraseflash parameter.
This example shows how to reset member device 2 on the command device.
huawei_0.MA5300# cluster reset member 2
This example shows how to prohibit VLAN security check for communication inside
the cluster.
huawei_0.MA5300# cluster reset member 2
16.4.10 Configuring FTP/TFTP Server, SNMP and Log Hosts for a Cluster
After setting up a cluster, you can configure the FTP/TFTP server, SNMP and log
hosts for the cluster on a command device. Member devices can then access the
configured server through the command device.
All configuration information on the member devices will be output to the log host
configured for the cluster. The member devices will directly output their log messages
to the command device. The command device will then perform address translation
and finally output the log messages of the member device to the configured log host.
Similarly, all trap messages of the member devices will be output to the NM host
configured for the cluster.
You shall first set the IP address of the FTP or TFTP server. Then the member devices
within the cluster will be able to access FTP or TFTP server through the command
device.
16-21
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 16 Cluster Management Configuration
Table 16-22 Configuring FTP/TFTP Servers and Logging/SNMP hosts for a cluster
To Use
Configure FTP server for the cluster cluster ftp server ip-address
Delete the FTP server from the cluster no cluster ftp server
Configure TFTP server for the cluster cluster tftp server ip-address
Delete the TFTP server from the cluster no cluster tftp server
Configure the logging host for the cluster cluster logging host ip-address
Delete the logging host from the cluster no cluster logging host
Configure the SNMP host for the cluster cluster snmp host ip-address
Delete the SNMP host from the cluster no cluster snmp host
Note that the above command can only be executed on the command device.
This example shows how to configure the TFTP server for the cluster.
MA5300(config)#cluster ftp server 164.23.1.100
After you have configured HDP, HTP and cluster correctly, the command device can
then manage all member devices in a cluster. You can operate on a command device
and switch to a specified member device for managing or operating on a member
device. You can also switch back to a command device.
Authorization is required when you switch from the command device to a member
device. You can perform the switchover after you pass the authorization. However, if
the privileged user password of the member device is different from that of the
command device, the switchover will be rejected.
The user level will be inherited from the command device after you switch to the
member device. For example, the privileged user will retain as a privileged user after
you switch from the command device to a member device.
Authorization is also required when you switch from a member device to the
command device. After passing the authorization, the system will enter common user
mode automatically.
16-22
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 16 Cluster Management Configuration
To Use
Note that, when running this command on the command device, if member-number
does not exit, there will be error prompts. To cancel the switchover operation, enter
exit.
This example shows how to switch to the member device from the command device.
huawei_0.MA5300(config)#rcommand
{ commander<K>|INTEGER<U><1,2047>|mac-address<K> }:1
huawei_0.MA5300(config)#rcommand 1
Press CTRL_] to quit telnet mode.
Trying ...
Connected to ...
huawei_1.Quidway#
This example shows how to switch back to the command device from the member
device.
huawei_1.Quidway#exit
The connection was closed by the remote host!
huawei_0.MA5300(config)#
After the above configuration completes, you can use the show command to query
operation of the newly added cluster or check whether the configuration is correct.
To Use
This example shows how to view the cluster status and statistics.
huawei_0.MA5300(config)#s cluster
Command device for cluster "huawei".
Total members:2
16-23
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 16 Cluster Management Configuration
I. Networking description
Assume that three MA5300s form a cluster and the command device manages two
member devices.
z The command device is connected to the two member devices through ports
Ethernet7/1/1 and Ethernet7/1/2. It is connected to the external network through
port Ethernet7/1/0, which belongs to VLAN2.
z The IP address of VLAN2 interface is 163.172.55.1.
z The same FTP server and TFTP server are used within the entire cluster and the
IP address of the FTP/TFTP server is 63.172.55.1.
z The IP address of NM server and log host is 69.172.55.4.
16-24
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 16 Cluster Management Configuration
SNMP host/
logging host
69.172.55.4
FTP server/TFTP
Network
server
63.172.55.1
E7/1/0 VLAN2 interface IP
163.172.55.1
Command device
E7/1/1 E7/1/2
Member Member
device MAC address device MAC address
00e0.fc01.0011 00e0.fc01.0012
! Enable HTP on the device and HTP on ports E7/1/1 and E7/1/2.
MA5300(config)#htp run
16-25
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 16 Cluster Management Configuration
MA5300(config)#interface ethernet7/1/1
MA5300(config-if-Ethernet7/1/1)# htp enable
MA5300(config)#interface ethernet7/1/2
MA5300(config-if-Ethernet7/1/2)# htp enable
! Configure the IP address pool within the cluster, with the start address 172.16.0.1.
There are eight addresses in total.
MA5300(config)#cluster ip-pool 172.16.0.1 255.255.255.248
! Configure the FTP Server, TFTP Server, log host and SNMP host within the cluster.
huawei_0.MA5300(config)#cluster ftp server 63.172.55.1
huawei_0.MA5300(config)#cluster tftp server 63.172.55.1
huawei_0.MA5300(config)#cluster snmp host 69.172.55.4
huawei_0.MA5300(config)#cluster logging host 69.172.55.4
By now, you can switch to member device configuration mode by using the
rcommand command. Then you will be able to manage the member devices on the
command device. You can also reset the member device on the command device.
To return to the command device configuration mode, use the exit command.
16-26
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 17 802.1x Configuration
17.1 Overview
IEEE 802.1x (hereinafter simplified as 802.1x) is a port based network access control
protocol. IEEE issued it in 2001 and suggested the related manufacturers should use
the protocol as the standard protocol for LAN user access authentication. The 802.1x
originated from the IEEE 802.11 standard, which is the standard for wireless LAN user
access. The initial purpose of 802.1x was to implement the wireless LAN user access
authentication. Since its principle is commonly applicable to all the LANs complying
with the IEEE 802 standards, the protocol finds wide application in wired LANs.
In the LANs complying with the IEEE 802 standards, the user can access the devices
and share the resources in the LAN through connecting the LAN access control
device like the MA5300. However, in telecom access, commercial LAN (a typical
example is the LAN in the office building) or mobile office, the LAN providers generally
hope to control the users access. In these cases, the requirement on the
above-mentioned Port Based Network Access Control originates.
As the name implies, Port Based Network Access Control means to authenticate
and control all the accessed devices on the port of LAN access control device. If the
users device connected to the port can pass the authentication, the user can access
the resources in the LAN. Otherwise, the user cannot access the resources in the
LAN. In other words, the user is physically disconnected.
802.1x defines port based network access control protocol and only defines the
point-to-point connection between the access device and the access port. The port
can be either physical or logical. The typical application environment is as follows:
Each physical port of the LAN Switch only connects to one user workstation (based on
the physical port) and the wireless LAN access environment defined by the IEEE
802.11 standard (based on the logical port).
The system using 802.1x is the typical C/S (Client/Server) system architecture. It
contains three entities, which are illustrated in the following figure: Supplicant System,
Authenticator System and Authentication Sever System.
17-1
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 17 802.1x Configuration
The LAN access control device needs to provide the Authenticator System of 802.1x.
The devices at the user side such as the computers need to be installed with the
802.1x client Supplicant software, for example, the 802.1x client provided by Huawei.
(or by Microsoft Windows XP). The 802.1x Authentication Sever system normally
stays in the carriers AAA center.
There are two types of ports for the Authenticator. One is the Uncontrolled Port, and
the other is the Controlled Port. The Uncontrolled Port is always in bi-directional
connection state. The user can access and share the network resources any time
through the ports. The Controlled Port will be in connecting state only after the user
passes the authentication. Then the user is allowed to access the network resources.
EAPOL
LAN
802.1x configures EAP frame to carry the authentication information. The Standard
defines the following types of EAP frames:
z EAP-Packet: Authentication information frame, used to carry the authentication
information.
17-2
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 17 802.1x Configuration
Access Blocked
EAPoL RADIUS
EAPoL_Start
EAP_Request/Identity
EAP_Response/Identity RADIUS_Access_Request
EAP_Request RADIUS_Access_Challenge
EAP_Response(cretentials) RADIUS_Access_Request
EAP_Success RADIUS_Access_Accept
Access Allowed
From the above introduction, we can see that 802.1x provides a solution to
authentication based on user ID. However, 802.1x itself is not enough to implement
the plan. The administrator of the accessed device should configure the AAA scheme
by selecting RADIUS or local authentication so as to assist 802.1x to implement the
authentication based on user ID. For detailed description of AAA, refer to 18.2
Configuring AAA.
17-3
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 17 802.1x Configuration
The MA5300 supports the port access authentication scheme regulated by 802.1x. In
addition, it also extends and optimizes the scheme by:
z Connecting several End Stations in the downstream through a physical port.
z Supporting either port-based or MAC-based access control (or the user
authentication scheme).
In global mode or port mode, use the command (no) dot1x to enable/disable 802.1x
on globally or on a specified port. By default, 802.1x is disabled both globally and on
any port.
Note:
z You can configure 802.1x on a single port, but it will take effect only right after 802.1x is enabled
globally.
z Do not enable 802.1x and RSTP at the same time. Otherwise the normal operation of MA5300 may
not be guaranteed.
17-4
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 17 802.1x Configuration
You can set the port access control mode to any of the following based on the actual
requirements:
z auto: Automatic identification mode.
In this mode, the initial state of the port is unauthorized. The user is only allowed to
receive or transmit EAPoL packets but not to access the network resources. If the
user passes the authentication flow, the port will switch over to the authorized state
and then the user is allowed to access the network resources. This is the most
common case and the default setting.
z force-auth: Forced authorized mode.
In this mode, the port always stays in authorized state and the user is allowed to
access the network resources without authentication/authorization
(authentication/authorization for short).
z force-unauth: Forced unauthorized mode.
In this mode, the port always stays in non-authorized mode and the user is not
allowed to access the network resources.
In global mode or port mode, use the command dot1x port-control to set the 802.1x
access control mode on a specified port; or use the to restore the default setting.
When the setting completes, you can use the command show dot1x to view the
802.1x configurations and current operation.
This example shows how to set the access control mode to auto on all port.
MA5300(config)#dot1x port-control auto
This example shows how to set the access control mode to auto on port vdsl 1/0/0.
MA5300(config)#dot1x port-control auto interface vdsl 1/0/0
In global mode or port mode, use the command dot1x port-method to set the access
control method on a specified port, namely, the basis for user authentication; or use
the command no dot1x port-method to restore the default setting.
17-5
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 17 802.1x Configuration
This example shows how to enable MAC-based authentication on port vdsl 1/0/0.
MA5300(config)# dot1x port-method macbased interface vdsl 1/0/0
The MA5300 can access up to 1024 users. By default, each port is allowed to access
up to 256 users.
In global mode or port mode, use the command dot1x max-user to set the number of
access users allowed on a specified port; or use the no dot1x max-user to restore
the default setting.
This example shows how to set the number of access users allowed to 256 on all
ports.
MA5300(config)#dot1x max-user 256
This example shows how to set the number of access users allowed to 256 on port
vdsl 1/0/0.
MA5300(config)#dot1x max-user 256 interface vdsl 1/0/0
To be compatible with some devices that cannot forward EAPoL messages, you can
set to enable DHCP trigger authentication. Also, if Windows XP client is used, the
DHCP trigger authentication must be enabled.
In global mode, use the command dot1x dhcp-launch to, in 802.1x, enable the
MA5300 to trigger user ID authentication when the user runs DHCP and applies for
dynamic IP addresses. The no form of this command is used to disable the DHCP
trigger authentication.
MA5300(config)#no dot1x dhcp-launch
In global mode, use the command dot1x max-req to set the frame-retry times from
Authenticator to Supplicant. By default, 3 retry times are allowed.
MA5300(config)#dot1x max-req 3
In the operation, 802.1x will start many timers in order to control the interworking
among Supplicant, Authenticator and Authenticator Server.
17-6
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 17 802.1x Configuration
In global mode, use the command dot1x timeout to change some of the timer values
to adjust the interworking process. This can be necessary under special or worse
network conditions. Generally, take the default values of the timers.
I. Networking requirements
17-7
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 17 802.1x Configuration
z Set the encryption key as name when the system exchanges packets with the
authentication RADIUS server and money when the system exchanges
packets with the accounting RADIUS server.
z Configure the system to retransmit packets to the RADIUS server if no response
received in 5 seconds.
z Retransmit the packet no more than 5 times in all.
z Configure the system to transmit a realtime accounting packet to the RADIUS
server every 15 minutes.
z The system is instructed to transmit the user name to the RADIUS server after
removing the user domain name.
For the local access user:
z The user name of the local 802.1x access user is localuser, the domain name is
huawei163.net and the password is localpass (input in plain text).
z The idle cut function is enabled.
Authenticator Servers
(RADIUS Server Cluster
IP Addr: 10.11.1.1
10.11.1.2)
vdsl2/0/1
Internet
Supplicant
MA5300
Figure 17-3 Enabling 802.1x and RADIUS to perform AAA on the access user
Note:
z The following examples involve most of the AAA/RADIUS configuration commands. For details, refer
to the chapter AAA and RADIUS Configuration.
z The configurations of accessing user workstation and the RADIUS server are omitted.
17-8
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 17 802.1x Configuration
! Create the RADIUS group radius1 and entering its configuration mode.
MA5300(config)#radius-server host radius1
! Set the encryption key when the system exchanges packets with the authentication
RADIUS server.
MA5300(config-radius-radius1)#key auth name
! Set the encryption key when the system exchanges packets with the accounting
RADIUS server.
MA5300(config-radius-radius1)#key acct money
! Set the timeouts and times for the system to retransmit packets to the RADIUS
server.
MA5300(config-radius-radius1)#timeout 5
MA5300(config-radius-radius1)#retransmit 5
! Set the interval for the system to transmit realtime accounting packets to the
RADIUS server.
MA5300(config-radius-radius1)#realtime-acct-timeout 15
! Set the system to transmit user name to the RADIUS server after removing its
domain name.
MA5300(config-radius-radius1)#username-format without-domain
MA5300(config-radius-radius1)#exit
! Create the user domain huawei163.net and enters its configuration mode.
MA5300(config)#b huawei163.net
17-9
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 17 802.1x Configuration
MA5300(config-isp-huawei163.net)#acct-scheme charge
! Specify radius1 as the RADIUS server group for users in domain huawei163.net.
MA5300(config-isp-huawei163.net)#radius-scheme radius1
! Set the idle cut parameter and enable idle cut function for users in domain
huawei163.net.
MA5300(config-isp-huawei163.net)#idle-cut data 20 2000
MA5300(config-isp-huawei163.net)#user-template idle-cut enable
! Set the domain huawei163.net as global default domain and no domain name is
added to the access user.
MA5300(config)#global setting domain-default enable huawei163.net no
! Add a local access user and sets its password and idle cut property.
MA5300(config)#user localuser@huawei163.net password 0 localpass
service-type 8021x idle-cut enable
17-10
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 18 AAA and RADIUS Configuration
I. What is AAA
The network security mentioned here refers to access control and includes:
z Which user can access the network server?
z Which service can the authorized user enjoy?
z How to keep accounts for the user who is using network resource?
Accordingly, AAA shall provide the following services:
z Authentication: authenticates if the user can access the network sever.
z Authorization: authorizes the user with specified services.
z Accounting: traces network resources consumed by the user.
Generally AAA framework uses the Client/Server architecture, in which the clients run
as managed sources and the servers centralize and store user information. AAA
framework has these advantages:
z Excellent scalability.
z Able to use standard authentication schemes.
z Easy to control and convenient for centralized management of user information.
z Supporting multiple-level backup system to enhance the security of the whole
framework.
18-1
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 18 AAA and RADIUS Configuration
I. What is RADIUS
Remote Authentication Dial-In User Service, RADIUS for short, is a kind of distributed
information switching protocol in Client/Server architecture. RADIUS can prevent the
network from interruption of unauthorized access and it is often used in the network
environments requiring both high security and remote user access. For example, it is
often used for managing a large number of scattering dial-in users who use serial
ports and modems. RADIUS system is the important auxiliary part of Network Access
Server (NAS).
After RADIUS system starts up, the user may want to access other network or use
some network resources through connection to the NAS (a dial-in access server in
PSTN environment). In that case, NAS, namely the RADIUS client, will transmit user
AAA request to the RADIUS server.
RADIUS server has a user database which records all information on user
authentication and network service access. When receiving a users request from the
NAS, the RADIUS server performs AAA through user database query and update.
The RADIUS server also returns the configuration information and accounting data to
the NAS.
Here, the NAS controls access user and corresponding connections, while RADIUS
protocol determines how to transmit configuration and accounting information
between the NAS and RADIUS server.
The NAS and RADIUS exchange the information through UDP packets. During the
interaction, both sides encrypt the packets with keys before uploading user
configuration information (like password). This is to avoid the information from being
intercepted or stolen.
RADIUS server generally uses proxy function of the devices like access server to
perform user authentication. The operation process is as follows:
1) Send client username and encrypted password to RADIUS server.
2) User will receive from RADIUS server one of the following response messages:
z ACCEPT: Indicates that the user has passed the authentication
z REJECT: Indicates that the user has not passed the authentication and needs to
input username and password again; otherwise he will be rejected to access.
18-2
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 18 AAA and RADIUS Configuration
Accounting server
PC user1
MA5300 Accounting server 1
PC user2
L2
PC user3 MA5300
Ethernet
L2
Ethernet
18-3
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 18 AAA and RADIUS Configuration
When the system quotes the radius authentication/authorization scheme, you need
to configure the RADIUS server. For details, refer to 18.3 Configuring RADIUS. The
remote RADIUS server shall have been configured with relevant user information.
When the system quotes the local authentication/authorization scheme, you need to
add local users to the system and set the attributes.
When the system quotes the simple authentication/authorization scheme, once there
exists a local user using that scheme, that user only needs to input the user name to
enjoy the network service.
18-4
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 18 AAA and RADIUS Configuration
Note:
z The second-time authentication/authorization method is a policy used for a second
authentication/authorization when there is no result from the first authentication/authorization, (for
example, when the remote RADIUS server has not given any response). The second-time
authentication/authorization method is optional and not configured by default.
z If the first-time authentication/authorization gives the result explicitly, (for example, a rejection
response from RADIUS), there will be no need to perform the authentication/authorization for the
second time.
z In addition, local and simple are considered as similar authentication/authorization methods. Note
that the first and second authentication/authorization methods cannot be configured as two identical
or similar methods.
By default, the system has an accounting scheme named default, which keeps
accounting on the users and disconnects them from with the network if the accounting
fails.
MA5300(config)#aaa accounting
{ WORD<S><1,16> }:charge
{ disable<K>|enable<K> }:enable //Enable accounting on the user.
{ online<K>|offline<K> }:offline //Disconnect the user when the accounting
fails.
Here,
z disable indicates to disable accounting on the user.
z enable indicates to enable accounting on the user.
z offline indicates to disconnect the user when the accounting fails.
z online indicates to keep the user online (namely connected to the network) when
the accounting fails.
What is ISP domain? To make it simple, ISP domain is a group of users belonging to
the same Internet service provider (ISP). Generally, for a username in the format of
userid@isp-name, taking gw20010608@huawei163.net as an example, the isp-name
18-5
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 18 AAA and RADIUS Configuration
(namely, huawei163.net) following the @ is the ISP domain name. When the MA5300
controls user access, as for an ISP user whose username is in userid@isp-name
format, the system will take the userid part as username for identification and take
isp-name part as domain name.
The purpose for introducing ISP domain settings is to support the multiple ISPs
application. In such application, one access device might access users of different
ISPs.
Because the attributes of ISP users, such as username and password formats,
service types/authorities, or accounting methods, may be different, it is necessary to
differentiate them through setting ISP domain. In the ISP domain mode of MA5300,
you can configure a complete set of exclusive ISP domain attributes on a per-ISP
domain basis, including the AAA policy (authentication/authorization method,
accounting method, or the RADIUS server group used).
For the MA5300, each access user belongs to one ISP domain. Up to 16 domains can
be configured in the system. If a user has not reported its ISP domain name, the
system will put it into the default domain. For the detail, refer to Specifying the default
ISP domain.
In global mode, use the domain command to create an ISP domain and enter its
configuration mode; or use the no domain command to delete an ISP domain. By
default, there is no ISP domain in the system.
MA5300(config)#domain huawei163.net
In ISP domain mode, use the command acct-scheme to set the accounting scheme
used by the ISP domain. Then this scheme will be applied to all users under this ISP.
18-6
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 18 AAA and RADIUS Configuration
The accounting scheme should already be configured. Then it can be quoted in the
ISP domain. For details on the accounting scheme configuration, refer to 18.2.2
Setting Accounting Scheme.
MA5300(config-isp-huawei163.net)#acct-scheme charge
IV. Specifying the RADIUS server group used by the ISP domain
The RADIUS server group should already be configured. Then it can be quoted in the
ISP domain. For details on the RADIUS server group configuration, refer to 18.3
Configuring RADIUS.
MA5300(config-isp-huawei163.net)# radius-scheme radius1
Use the state command to set the state of the ISP domain as either in active or block
state.
If an ISP domain is in active state, its users can request for network service. Whereas
in block state, its users cannot request for any network service; yet this will not affect
the users already online.
An ISP is in block state when it is created. That is, no user in the domain is allowed to
request for network service.
MA5300(config-isp-huawei163.net)#state active
VI. Setting the number of access users allowed in the ISP domain
Use the command access-limit to specify how many access users are allowed in the
ISP.
By default, there is no limit on the number of access users for any ISP domain.
However, since a maximum of 1024 access users are supported by the MA5300, this
sets a limit on the number of access users in an ISP domain.
MA5300(config-isp-huawei163.net)#access-limit enable 30
18-7
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 18 AAA and RADIUS Configuration
Use the idle-cut command to set the idle-cut period and the traffic limit. By default,
the maximum idle time-range is 30 minutes and the minimum traffic is 3000 bytes.
Whether to enable this function is based on the configurations on the user side and
the RADIUS side.
MA5300(config-isp-huawei163.net)#idle-cut data 20 2000
A user template refers to a set of default user attributes. If a user requesting for the
network service does not have all the required attributes, the corresponding attributes
in the template will be adopted as default ones.
At present, the user template only provides the user idle-cut attribute. After a user is
authenticated, if neither the user nor the RADIUS server has specified whether to
enable or disable the idle-cut, the idle-cut setting of the user is the same as that in the
template.
Because a user template only works in one ISP domain, it is necessary to configure
user template attributes for users from different ISP domain respectively.
In ISP domain mode, use the user-template command to set the idle-cut switch in the
template. By default, idle-cut is disabled.
MA5300(config-isp-huawei163.net)#user-template idle-cut enable
For the MA5300, each access user belongs to a certain ISP domain. Generally, a user
will report its username and ISP domain names in the userid@isp-name format. If a
user does not report its ISP domain name while logging in, the system will assign the
user with the default ISP domain.
By default, the system does not have a default ISP domain. You can use the
command global setting domain-default in global mode to specify an existing ISP
domain as the default one.
Here,
18-8
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 18 AAA and RADIUS Configuration
no indicates that, for users not reporting its ISP domain name. the system will put
them to the default domain, without adding that name to the user names.
yes indicates that, for users not reporting its ISP domain name. the system will put
them to the default domain and add that name to the user names.
Note:
If the system is not configured with a default ISP domain, the access users who have not reported the
domain name are not allowed to obtain any network service.
A local user is a group of users set on NAS. The username is the unique identifier of a
user. To make it possible for a user with network service request to be authenticated
locally, it is required to add the corresponding local user to the NAS and set relevant
attributes.
In global mode, use the command user to add a local user and set relevant attributes.
By default, there is no local user in the system.
18-9
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 18 AAA and RADIUS Configuration
{ INTEGER<U><1,1024> }:3
{ <cr>|state<K> }:state //Set the user state.
{ active<K>|block<K> }:active
The attributes of a local 802.1x user include access-limit, idle-cut, password and
state.. In global mode, use the command set user to set these attributes.
z access-limit: Several users can use one local user account to access network
service. The number of access users will be determined by the access limit
attribute.
z idle-cut: Enables/Disables the idle-cut function for local users. The specific data
of idle-cut is determined by user configuration in ISP domain.
z password: User password during the local authentication.
z state: Similar to ISP domain configuration, a local user also has active and
block states. If the state is specified as block, the user is not allowed to request
for any network service.
This example shows how to modify a local user.
MA5300(config)#set user
{ WORD<S><1,32> }:aaa
{ password<K>|state<K>|service-type<K> }:service-type
{ 8021x<K>|ftp<K> }:8021x
{ <cr>|password<K>|state<K>|access-limit<K>|idle-cut<K> }:access-limit
{ disable<K>|enable<K> }:enable
{ INTEGER<U><1,1024> }:3
{ <cr>|idle-cut<K>|password<K>|state<K> }:password
{ 0<K>|7<K>|disable<K> }:0
{ WORD<S><1,16> }:aaa
{ <cr>|state<K> }:state
{ active<K>|block<K> }:active
By default, the system does not disconnect online users by force. In certain cases, it is
necessary to disconnect a user or one type of users by force.
In global mode, use the command cut connect to disconnect a user or one type of
users by force.
MA5300(config)#cut connection
{ ucibindex<K>|username<K>|domain<K>|mac<K> }:username
{ WORD<S><1,32> }: localuser@huawei163.net
18-10
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 18 AAA and RADIUS Configuration
For the MA5300, the RADIUS is configured on each RADIUS server group. In real
networking environment, a RADIUS server group can be an independent RADIUS
server or a set of primary/secondary RADIUS servers with the same configuration but
two different IP addresses. Accordingly, attributes of every RADIUS server group
include IP addresses of primary and secondary servers, shared key and RADIUS
server type.
Actually, RADIUS configuration only defines some necessary parameters using for
information interaction between the NAS and RADIUS Server. To make these
parameters effective, it is necessary to configure, in the configuration mode, an ISP
domain to use the RADIUS server group and specify it to use RADIUS AAA schemes.
For more about the configuration commands, refer to 18.2 Configuring AAA
RADIUS configurations are performed on the basis of each RADIUS server group,
one RADIUS server group can be used by several ISP domains at the same time. So
it is required to create a RADIUS server group and enter its configuration mode before
can make other RADIUS configurations.
By default, the system has a RADIUS server group named default, whose attributes
all adopt default values.
In global mode, use the command radius-server host to create a RADIUS server
group and enter its configuration mode; or use the command no radius-server host
to delete a RADIUS server group.
18-11
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 18 AAA and RADIUS Configuration
MA5300(config)#radius-server host
{ WORD<S><1,32> }:radius1 //Create a RADIUS server group.
After creating a RADIUS server group, you are supposed to set IP addresses and
UDP port numbers for the RADIUS servers, including primary/secondary
authentication/authorization servers and accounting servers. Each type of servers
can be specified with the role of primary or secondary server. So you can configure up
to four groups of IP addresses and UDP port numbers.
At least you have to set one group of IP address and UDP port number for each pair of
primary/secondary servers to ensure the normal AAA operation.
In RADIUS server group mode, use the command primary auth to set IP address
and port number of the primary RADIUS authentication/authorization server; or use
the command primary acct to set IP address and port number of the primary RADIUS
accounting server.
MA5300(config-radius-radius1)# primary auth 10.11.1.1
MA5300(config-radius-radius1)# primary acct 10.11.1.2
In RADIUS server group mode, use the command second auth to set IP address and
port number of the secondary RADIUS authentication/authorization server; or use the
command; or use the command second acct to set IP address and port number of
the secondary RADIUS accounting server.
MA5300 (config-radius-radius1)# second auth 10.11.1.2
MA5300 (config-radius-radius1)# second acct 10.11.1.1
In a real networking environment, you need to set the above parameters based on the
actual requirements.
For example, you may specify four groups of different data to map four RADIUS
servers, or specify two servers as the primary and secondary
authentication/authorization/account server to each other. Also, you may set four
groups of same data so that each server functions as both the primary and secondary
server.
To guarantee the normal interaction between the NAS and RADIUS server, you shall
ensure the normal routes between the RADIUS server and the NAS before setting the
IP address and UDP port of the RADIUS server.
18-12
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 18 AAA and RADIUS Configuration
In addition, because RADIUS protocol uses different UDP ports to receive ro transmit
authentication/authorization/account packets, you shall set two different ports
accordingly. Suggested by RFC2138/2139, the authentication/authorization port
number is 1812 and the accounting port number is 1813. However, you may use
values other than the suggested ones. (Especially for some earlier RADIUS Servers,
authentication/authorization port number is often set to 1645 and accounting port
number is 1646.)
Make sure that settings of the RADIUS service port on the MA5300 are consistent
with those on RADIUS server.
RADIUS client (or the MA5300 and RADIUS server) uses MD5 algorithm to encrypt
the exchanged packets. The two ends verify the packet through setting the encryption
key. Only when the keys are identical can both ends to accept the packets from each
other end and give response.
In RADIUS server group mode, use the command key auth to set the RADIUS
authentication/authorization packet key; or use the command key acct to set the
RADIUS accounting packet key.
MA5300(config-radius-radius1)# key auth money
MA5300(config-radius-radius1)# key acct money
In RADIUS server group mode, use the command timeout to set the timeout timer of
RADIUS server.
MA5300(config-radius-radius1)#timeout 3
Since RADIUS protocol uses UDP packet to carry the data, the communication
process is not reliable. If the RADIUS server has not responded the NAS before the
predefined response timeout, the NAS has to retransmit RADIUS request packet.
18-13
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 18 AAA and RADIUS Configuration
If it transmits the packet for more than the given retransmit times (retry-time), but
RADIUS server still has not given any response, the NAS will regard the
communication with the current RADIUS server has been disconnected. the NAS will
then transmit the request packet to other RADIUS servers.
In RADIUS server group mode, use the command retransmit to set the retransmit
times of RADIUS request packet.
MA5300(config-radius-radius1)#retransmit 3
To enable real time accounting on the user, you need to set the realtime accounting
interval. After the setting, the NAS will transmit the accounting information about
online users to the RADIUS server regularly.
The realtime accounting interval is related to the performance of the NAS and
RADIUS server. The smaller the value is, the higher the performances of the NAS and
RADIUS are required. When there are a large number of users (equal to or more than
1000), we suggest a larger value.
Table 18-1 lists the recommended ratios between the realtime accounting interval and
the number of users.
In RADIUS server group mode, use the command realtime-acct-timeout to set the
realtime accounting interval.
MA5300(config-radius-radius1)#realtime-acct-timeout 12
18-14
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 18 AAA and RADIUS Configuration
The RADIUS server usually checks if a user is online by way of timeout timer. If the
RADIUS server has not received the realtime accounting packet from the NAS for a
certain period of time, it will regard that there is device failure and stop accounting.
Accordingly, it is necessary to disconnect the user at the NAS end and on the RADIUS
server synchronously when some unpredictable failure exists. In the MA5300, you
can set the maximum failure count of in receiving response to the realtime accounting
request. Then, the NAS will disconnect the user if it has not received realtime
accounting response from the RADIUS server for the specified times.
How to calculate the value of count? Suppose that the RADIUS server connection will
timeout in T and the realtime accounting interval of the NAS is t, then the integer part
of the result from dividing T by t is the value of count. Therefore, when applied, T is
suggested the numbers which can be divided exactly by it.
By default, it is allowed that the realtime accounting request fails to be responded for
no more than 5 times.
In RADIUS server group mode, use the command permit-failed-count to set the
maximum failure count of realtime accounting request.
MA5300(config-radius-radius1)#permit-failed-count 5
Account-stop request is of vital importance to user and ISP, since it involves bill
settlement and affects the amount of charging. So the NAS shall try its best to send
the message to the RADIUS accounting server.
Accordingly, if the RADIUS accounting server does not respond to the request from
the MA5300, the MA5300 will save the request in its local buffer and retransmit it to
obtain the response from the RADIUS server. But it will discard the request after the
resending times exceed the specified value.
Use the command resend-acctstop-pkt to set whether to allow a buffer for the
account-stop request; and if buffer is allowed, the maximum times for resending the
account-stop request.
By default, the account-stop request will be saved in the buffer and the request can be
retransmitted for up to 500 times.
For example:
MA5300(config-radius-radius1)#resend-acctstop-pkt
{ disable<K>|enable<K> }:enable //Allow a buffer for the account-stop
request.
18-15
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 18 AAA and RADIUS Configuration
The MA5300 supports both the standard RADIUS protocol and the extended RADIUS
service platforms independently developed by Huawei, such as IP Hotel, 201+ and
Portal. The following command can be used for selecting the supported RADIUS
server type.
Use the command server-type to specify the RADIUS server type. At present, valid
RADIUS server types are huawei and standard. The default RADIUS server type is
standard.
For example:
MA5300(config-radius-radius1)#server-type
{ standard<K>|iphotel<K>|portal<K>|huawei<K> }:standard
However, after the primary one recovers, the NAS will not resume the communication
with it at once. Instead, it continues communicating with the secondary one. The NAS
will turn to the primary one again only when the secondary one also fails.
Use the command state to set the primary server state to up, so that the
communication between the NAS and the primary server can recover right after a fault
is removed.
By default, the state of each server in a RADIUS server group is down. After
configuring the IP address of each server, its state will become up.
When the primary and secondary servers are both up or down at the same time, the
NAS will send the packets to the primary server only.
18-16
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 18 AAA and RADIUS Configuration
Since the access users are generally named in userid@isp-name format. The part
following @ is the ISP domain name. The MA5300 will assign users into different
ISP domains based on their domain names.
However, some earlier RADIUS servers reject the username including ISP domain
name. In this case, you have to remove the domain name before sending the
username to the RADIUS server.
By default, the username sent to it the RADIUS server group carries the ISP domain
name.
MA5300(config-radius-radius1)#username-format
{ with-domain<K>|without-domain<K> }:with-domain
Note:
If it is specified that a RADIUS server group does not allow usernames carrying ISP domain names, the
RADIUS server group shall not be at the same time used in more than one domains. Otherwise, the
RADIUS server will mistake the two users in different domains as the same user since they have the
same username.
After the above configurations complete, you can use the show command to query
operation of the configured AAA and RADIUS and check whether the configuration is
correct. You can also use the debug command to debug AAA and RADIUS in
privileged mode.
To Use
Display relevant AAA information show aaa
Display relevant information about the
show aaa authentication [ authen-scheme-name ]
authentication/authorization scheme table
Display relevant information about the
show aaa accounting [ acct-scheme-name ]
accounting scheme table
Display AAA statistics information show aaa statistic
18-17
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 18 AAA and RADIUS Configuration
To Use
Clear AAA statistics information clear aaa statistic
Display related parameters and state of
display domain
current ISP domain (ISP domain mode)
Display relevant information about ISP
show domain [ isp-name ]
domain
Since AAA/RADIUS commands are generally used together with 802.1x commands,
refer to the configuration examples in Chapter 17 802.1x Configuration.
18-18
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 18 AAA and RADIUS Configuration
RADIUS protocol of TCP/IP protocol suite is located on the application layer. It mainly
specifies how to exchange user information between the NAS and RADIUS server of
ISP. So it is very likely to be invalid.
Troubleshooting:
1) ISP domain of the NAS may be configured improperly, which will make
authentication/authorization method not found.
To avoid this, check ISP domain configurations carefully including the adopted
authentication/authorization scheme and accounting scheme and RADIUS
server group.
2) The username may not be in the userid@isp-name format or the NAS has not
been configured with a default ISP domain.
To avoid this, use the usernames in proper format or configure the default ISP
domain on NAS.
3) The user may have not been configured in the RADIUS server database.
To avoid this, check the database and make sure that the configuration
information about the user does exist in the database.
4) The user may have input a wrong password.
To avoid this, make sure that the access user inputs the correct password.
5) The encryption keys of the RADIUS server and NAS may be different.
To avoid this, check carefully and make sure that they are identical.
6) There might be some communication fault between the NAS and RADIUS server,
which can be discovered through running ping RADIUS command server on
NAS.
To avoid this, make sure that the communication between the NAS and RADIUS
is normal.
Troubleshooting:
1) The lines (on physical layer or link layer) connecting the NAS and RADIUS
server may not work well.
To avoid this, make sure the lines work well.
2) The IP address of the corresponding RADIUS server may not have been set on
NAS.
18-19
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 18 AAA and RADIUS Configuration
III. Fault 3: User cannot send charging bill to the RADIUS server after being
authenticated and authorized.
Troubleshooting:
1) If the ISP domain including the user has not adopted the accounting scheme and
the system is configured not to keep accounting by default, the users bill will not
be sent to the RADIUS server.
In this case, make sure that the ISP domain including the user explicitly adopts
RADIUS server for accounting.
2) The accounting port number may be set improperly.
To avoid this, set a proper number.
3) The accounting service and authentication/authorization service are provided on
different servers, but the NAS requires the services to be provided on one server
(by specifying the same IP address).
So make sure the settings of servers are based on the actual conditions.
4) Local accounting and disabling RADIUS accounting may have been configured
in the AAA accounting scheme.
So if accounting by RADIUS server is adopted, you need to enable RADIUS
accounting in AAA accounting scheme explicitly.
18-20
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 19 PITP Configuration
19.1 Overview
The MA5300 supports Policy Information Transfer Protocol (PITP). With PITP, the
MA5300 carries physical user port information in its PPPoE authentication request. In
this way, the MA5300 coordinates with the ISN8850 or the ESR8825 to implement
binding between the user account and the user port. This presents a solution to
broadband user identification.
The MA5300 supports 4k VLANs. Each user belongs to one VLAN, and is identified by
a VLAN ID.
Now if you run the command show pitp config state, the display shows that PITP has
been enabled.
MA5300(config)#show pitp config state
PITP is enable.
Now if you run the command show pitp config state, the display shows that PITP has
been disabled.
MA5300(config)#show pitp config state
PITP is disable.
To set the PITP Ethernet type, namely the type of the Ethernet frames carried in PITP
packets, use the global command pitp ethernet-type.
MA5300(config)#pitp ethernet-type 0x8200
Now if you run the command show pitp config ethernet-type, the display shows that
the Ethernet type is the same as the one you have set.
19-1
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 19 PITP Configuration
Make sure that PITP has been enabled before you set the PITP Ethernet type.
19-2
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 20 ISU Configuration
Besides the IP DSLAM device, the MA5300 also serves as the Intelligent Service Unit
(ISU) to perform the service management, bandwidth management and security
management for commercial subscribers. In this way, the MA5300 offers a commercial
subscriber bypass solution.
ISU can separate the common subscriber related traffic from the commercial
subscriber related traffic. As a result, the two types of traffic have different routes:
z The former passes through the main control system, and then goes upstream to
the convergence layer L3 or BAS for authentication, and finally enters the Internet.
z The later is first processed by ISU, then directly enters the metropolitan access
network through ISU's FE/GE port.
Consisting of the ISU board and related software, ISU supports PPPoE authentication,
VLAN binding authentication, and VLAN+Web (forced Portal, built-in Portal).
Meanwhile, it also supports accounting based on the traffic volume and service
duration.
ISU is located in the MA5300 frame. It can provide various FE/GE IP upstream ports.
There are two types of ISU boards: ISUA board and ISUE board. Each of them provides
two subslots, which can be equipped with various subboards to offer diverse FE/GE
ports.
For the ISUA board, subslot 1 can be equipped with various FE/GE optical boards,
while subslot 2 can be equipped with various FE optical boards. If only one subboard is
needed, the subboard is always mounted to subslot 1.
For the ISUE board, subslot 1 can be equipped with various FE/GE optical boards,
while its subslot 2 is installed with the 4-port FE subboard.
ISU boards GE ports are numbered as 9 10. GE port 10 can connect with the
MA5300s ESM board through the backplane.
The ISU board always resides in slot 14 or 15 (slot 15 is recommended) of the MA5300.
20-1
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 20 ISU Configuration
The connection between ISU board and ESM board can be set up through the
backplane and GE port or external FE/GE cables. To set up the connection through
backplane and GE port, run the command inner-isu in global mode. In this case, the
second GE channel provided by ISU boards subboard 1 serves as the communication
channel between the ISU board and the ESM board.
MA5300(config)#inner-isu 15
To view the information on the connection, run the command show inner-isu in global
mode.
MA5300(config)#show inner-isu
Inner-isu is enabled in slot 15.
MA5300(config)#
For details about ISU board configuration, refer to Broadband Access Service
Processing Unit Operation Manual.
20-2
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 21 Overview of IP Routing Protocol
This chapter introduces the routing function of the MA5300. When the MA5300 runs a
routing protocol, it functions as a router.
Router that is described in this routing protocol module and its icon represents a router
or in general sense a MA5300 running routing protocols. To improve readability, this will
not be described in other parts of the manual.
Routers are used for routing packets in the Internet. A router selects a suitable path
(through a network) according to the destination address contained in a received
packet, and sends the packet to the next router. The last router on the path will send the
packet to the destination host.
The router logically takes the path (from the network ingress to the network egress)
covered by a packet in a certain network as a route unit, which is called one Hop.
For example, as shown in Figure 211, three networks and two routers are traversed
from Host A to Host C and the hop count is three. If one node is connected to another
through a network, there is a segment between them, and they are adjacent in an
interconnected network.
Similarly, adjacent routers mean the two routers are connected to the same network.
The hop count from a router to a host in the local network should be taken as zero.
Figure 211 uses the bold arrow to indicate these route segments. However, the router
is not concerned about what physical links comprise a segment.
R R
A
Segment
R
R
R
C
21-1
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 21 Overview of IP Routing Protocol
As the network may vary greatly in size, the actual length of each route segment is
rather different. Therefore, the path length in different networks can be measured with
the number of route segments multiplied by a weighted coefficient.
Suppose that a router is a node in the networks, and a route segment is a link in the
interconnected networks, the routing in the interconnected networks is similar to that in
a simple network. A route with a minimum of hops may not be the optimal selection. For
example, the route passing three routing hops of LANs may be much faster than that
passing two route segments of WANs.
The routing table is the key for a router to forward packets. Each router keeps a routing
table. Each route entry in the table shows through which physical interface of the router
a packet can be forwarded to a specific subnet or a host so as to reach the next router
along this path; Or the route entry can show that the packet can be sent to the
destination host in a interconnected network without passing other routers.
The routing table includes the following key items:
z Destination address
It is used to label the destination address or destination network of an IP packet.
z Network mask
It is used to identify the network segment address of the destination host or router
together with the destination address. The network segment address of the destination
host or router can be acquired by performing AND operation on the destination address
and the network mask. Suppose there is a host or a router (with the destination address
as 129.102.8.10 and with the mask as 255.255.0.0) is located in a segment with the
address 129.102.0.0. If the mask is comprised of consectutive 1s, it can be written in
dotted decimal format, or the count of consectutive 1s.
z Output interface
It indicates from which interface of the router an IP packet will be forwarded.
z Next hop IP address
It indicates the next router that an IP packet will pass.
z Routing protocol type
It includes local direct, OSPF, RIP, static.
z Route priority
It refers to the priority of a route in the IP routing table. For the same destination, there
may be several routes with different next hops. These routes may be discovered by
different routing protocols, or static routes configured manually. The route with the
highest priority (smallest value) will be the optimal one. Multiple routes with different
21-2
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 21 Overview of IP Routing Protocol
priorities to the same destination can be configured, and only one route is selected for
IP packet forwarding according to the priority.
Based on the destination of a route, the routes can be classified as:
z Subnetwork route, whose destination is a subnetwork.
z Host route, whose destination is a host.
Based on the connection mode between the destination and the router, it can be
classified as:
z Direct routing: network of the destination is directly connected to the router.
z Indirect routing: network of the destination is not directly connected to the router.
To avoide too large a routing table, a default route can be defined. Once a packet fails
to find a route in the routing table, the default route will be selected for forwarding.
For complex interconnected networks as in Figure 212, the digit in each network is the
network address. Router 8 is connected with three networks. It has three IP addresses
and three physical ports. Its routing table is as shown in the diagram.
16.0.0.2 16.0.0.3
Routing table of Router8
16.0.0.0
15.0.0.2 R7 10.0.0.2
R6
Network of the Forward from Via which
16.0.0.2 destination host which router port
15.0.0.0 R5 10.0.0.0
13.0.0.3 10.0.0.0 Directly 2
13.0.0.2 2 11.0.0.0 Directly 1
15.0.0.1 10.0.0.1
3 R8 12.0.0.0 11.0.0.2 1
R2 13.0.0.0
1 13.0.0.0 Directly 3
14.0.0.2 11.0.0.1
13.0.0.4
13.0.0.1 14.0.0.0 13.0.0.2 3
11.0.0.0
14.0.0.0 R3 15.0.0.0 10.0.0.2 2
16.0.0.0 10.0.0.2 2
R1 12.0.0.2 11.0.0.2
14.0.0.1 R4
12.0.0.0
12.0.0.3
12.0.0.1
Different routing protocols (including static routes) may find different routes to the same
destination, while not all the routes are the optimal ones. In fact, the current route to a
specific destination at a specific moment can be determined by one routing protocol
only. Each routing protocol (as well as the static route) is allocated a priority. When
21-3
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 21 Overview of IP Routing Protocol
multiple route information sources exist, the route discovered by the routing protocol
with higher priority will become the current route.
Table 211 lists various routing protocols and their default priorities for route
discovering. The smaller the value, the higher the priority. In this table, "0" indicates the
direct route, and "255" indicates any route from an unknown source.
Except for the direct route (DIRECT) and the BGP (IBGP, EBGP), the priority of each
dynamic routing protocol can be defined as required. Additionally, the priority of each
static route can be different.
Different routing protocols can find different routes as they use different algorithms. So
how to e share the discovered results among various routing protocols becomes a
problem.
The MA5300 is capable of redistributing the route discovered by one routing protocol
into another routing protocol. Each routing protocol has a corresponding route
redistributing mechanism. For details, refer to the relevant description on route
redistribution of each routing protocol.
21-4
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 22 Static Route Configuration
22.1 Overview
22.1.1 Attributes and Function of Static Route
A default route is also a static route. To put it simple, the default route is the route used
when no matched routing table ingress entry is found.
In a routing table, the default route is indicated as the route to network 0.0.0.0 (mask
0.0.0.0). You can use the command show ip route to view whether it has been
configured.
If the destination address of a packet cannot match any entry in the routing table, the
packet will select the default route.
If no default route is found and the destination address of the packet is not in the routing
table, the packet will be discarded. In addition, the router will return an Internet Control
Message Protocol (ICMP) packet to the source, indicating that this destination address
or network is unreachable.
22-1
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 22 Static Route Configuration
The default route is very useful in a network. In a typical network with hundreds of
routers, the dynamic routing protocol may consume large bandwidth. Using default
routes, a link with proper bandwidth can be used to replace a high bandwidth link where
there are a great number of users.
To Use
ip route ip-address { mask | mask-length } { interface-type interface -number |
Add a static route
gateway-address } [ preference preference-value ] [ reject | blackhole ]
no ip route ip-address { mask | mask-length } [ interface-type interface
Delete a static route
-number | gateway-address ] [ preference value ]
Parameter description:
1) IP address and mask
The ip-address is in dotted decimal notation. Since 1s in 32-bit mask must be
consecutive, the mask can be indicated either in the dotted decimal format or in mask
length. (Mask length refers to the number of 1s in a mask).
2) Sending interface or next hop address
In defining a static route, you can specify the sending interface (interface-type interface
number), or the next hop address (gateway-address).
Whether to specify the sending interface or the next hop address depends on the actual
conditions. In the following cases, the sending interface can be specified:
z For an interface supporting resolution from the network address to the link layer
address (such as the Ethernet interface that supports ARP), when ip-address and
mask (or mask-length) together specify a host address, and this destination
address is in the directly connected network, the sending interface can be
specified.
z For a point-to-point interface, the address of the peer interface connected to this
one is that of the next hop of the route. So you can specify the sending interface by
just designating the next hop address.
22-2
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 22 Static Route Configuration
For configuring preference-value, you can apply the routing management policy
flexibly.
z Other parameters
The attributes reject and blackhole respectively indicate the unreachable route and
the blackhole route.
To Use
Configure a default ip route 0.0.0.0 { 0.0.0.0 | 0 } { interface-type interface -number |
route gateway-address } [ preference value ] [ reject | blackhole ]
no ip route 0.0.0.0 { 0.0.0.0 | 0 } [ interface-type interface -number |
Delete a default route
gateway-address ] [ preference value ]
Meanings of the parameter are the same as those of the static route.
The MA5300 supports multiple methods to display the routing table information. This is
helpful for monitoring and maintaining the routing table. After the above configurations,
you can use the show command to display the static route configuration and verify the
configuration.
Perform these operations in any mode except the common user mode.
To Use
Show summary of routing table show ip route
Show details on the routing table show ip route detail
Show information on a specified route show ip route ip-address
Show information on the radix routing table show ip route radix
Show the static routing table show ip route static
22-3
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 22 Static Route Configuration
As shown in Figure 221, the masks of all the IP addresses in the figure are
255.255.255.0. It is required that all the hosts or MA5300s be interconnected in pairs
through static routes.
Host 1.1.5.1
1.1.5.2/24
1.1.2.2/24 1.1.3.1/24
MA5300 C
1.1.2.1/24
1.1.3.2/24
1.1.1.2/24 1.1.4.1/24
MA5300 A MA5300 B
C B
Host 1.1.1.1 Host 1.1.4.2
22-4
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 22 Static Route Configuration
22-5
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 23 OSPF Configuration
23.1 Overview
23.1.1 Introduction to OSPF
Open Shortest Path First (OSPF) is an Interior Gateway Protocol based on the link
state developed by IETF. At present, OSPF version 2 (RFC2328) is used. It has the
following features:
z Application scopeIt supports network of various scales and hundreds of
routers.
z Fast convergence It enables sending an update packet immediately after the
network topology is changed, so that the change can be synchronized in the
Autonomous System (AS).
z Loop-free As OSPF calculates the route with the shortest path tree algorithm
through the collected link state, no loop routes will be generated from the algorithm
itself.
z Area division The network of the AS is divided into areas. The routing
information between the areas becomes more abstract, reducing the bandwidth
occupation in the network.
z Equal route It supports multiple equal routes to the same destination address.
z Routing hierarchy Four types of routes are used in the order of preference:
intra-area routes, inter-area routes, external routes of type 1 and external routes of
type 2.
z Authentication It supports interface-based packet authentication to ensure the
security of route calculation.
z Multicast Packets can be broadcasted on the link layer using the multicast
address.
The whole network can be regarded as consisting of multiple ASs. Information
synchronization of the ASs can be realized through dynamical discovery and
transmission of the AS link status.
Each AS can also be further divided into servreral areas. If the interfaces of a router are
allocated to multiple areas, this router is called an Area Border Router (ABR). An ABR
is located at the area boundary and is connected to multiple areas.
All ABRs and the routers between the ABRs comprise a backbone area. (The
backbone area is identified with 0.0.0.0.) As all areas shall be connected with the
backbone area, the concept of virtual link is introduced to ensure that logical
connectivity remains between in the physically divided areas.
23-1
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 23 OSPF Configuration
The calculating process for the OSPF route can be briefed as follows:
1) Each OSPF-enabled router maintains a Link-State DataBase (LSDB) that
describes the topological structure of the whole AS. Each router generates a
Link-State Advertisement (LSA) based on the topological structure of the
surrounding network and sends LSA to the neighbors in the network. In this way,
each router receives the LSAs from others and stores these LSAs in the LSDB.
2) As LSA describes the topological structure of the surrounding network of a router,
LSDB describes the topological structure of the whole network. It is easy for the
router to translate LSDB into a weighted, directed graph. This digraph shows
exactly the topological structure of the whole network. All routers in the same area
get the same graph.
3) Each router calculates a shortest path tree with the root being itself using the
OSPF algorithm. This tree gives the routes to all the nodes in the AS. External
routing information is the leaf node. An external route can be tagged by the router
that broadcasts it to record additional information of the AS. Each router gets a
different routing table.
In addition, multiple adjacency relations should be set up so that each router can
broadcast the local status information (such as available interface information,
reachable neighbor information) to the whole system. Consequently, the route change
of any router may be transmitted many times, which is unnecessary and wastes the
precious bandwidth resources.
To address the above proble, OSPF adopts the concept of Designated Router (DR). All
routers only send information to the DR. The DR will broadcast the network link state.
Then the number of adjacency relations between the routers on a multi-access network
is greatly reduced.
In OSPF, interface-based packet authentication is used to ensure the security of route
calculation; and packets can be transmitted and received in the IP multicast mode.
23-2
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 23 OSPF Configuration
the routers, since the HEAD of a LSA only occupies a small portion of the overall LSA
traffic. With the HEAD, the peer router can judge whether it has had the LSA.
z Link State Request (LSR) Packet
After exchanging the DD packets, the two routers know which LSAs of the peer routers
do not exist in the local LSDBs. In this case, they will send LSR packets to the peers to
request for the needed LSAs. The packets contain the digests of the needed LSAs.
z Link State Update (LSU) Packet
The packet is used to transmit the needed LSAs to the peer router. It contains a
collection of multiple LSAs (complete contents).
z Link State Acknowledgment (LSAck) Packet
The packet is used for acknowledging the received LSU packets. It contains the
HEAD(s) of LSA(s) requiring acknowledgement. (One packet can acknowledge
multiple LSAs).
I. Router ID
To run OSPF, a router must have a router ID. If no ID is configured, the system will
automatically select an IP address from the current interface IP addresses as the
Router ID.
23-3
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 23 OSPF Configuration
is a backup for DR. DR and BDR are elected in the meantime. The adjacencies are also
set up between the BDR and all the routers on the segment, and routing information is
exchanged between them.
If the DR in use fails, the BDR will become a DR immediately.
III. Area
The network size keeps growing. If all the routers on a huge network are running OSPF,
the large number of routers will result in an enormous LSDB. It will consume an
enormous storage space, complicate the SPF algorithm, and add the CPU load as well.
Furthermore, as a network grows larger, the topology is more likely to change.
As a result, the network is always in turbulence, and a great deal of OSFP packets will
be generated and transmitted in the network. This will lower the network bandwidth
utility. In addition, each change will cause all the routes in the network to compute the
route again.
OSPF solves the above problem by dividing an AS into different areas. Areas logically
group the routers. The borders of areas are some routers. A router connects the
backbone area and a non-backbone area is called Area Border Router (ABR). An ABR
can connect to the backbone area either physically or logically.
z Backbone area
Not all OSPF areas are equal. One area is different from all the other areas. Its area ID
is 0 and it is usually called the backbone area.
z Virtual link
Since all OSPF areas should be connected logically, virtual link is adopted so that the
physically separated areas can still maintain the logic connectivity.
V. Route summary
AS is divided into different areas which are interconnected through OSPF ABRs. The
routing information between areas can be reduced through route summary. This help to
reduce the size of routing table and improve the calculation speed of the router. After
finding an intra-area route of an area, the ABR will look up the routing table and
encapsulate each OSPF route into an LSA and send it outside the area.
The OSPF software implemented on the MA5300 complies with RFC2328. It has the
following features:
z Stub area
Stub area is defined in order to save the overhead on receiving ASE (Autonomous
System External) routes by local routers.
23-4
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 23 OSPF Configuration
23-5
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 23 OSPF Configuration
To Use
Enable OSPF and enter the OSPF mode router ospf
Disable OSPF no router ospf
The OSPF protocol divides the AS into areas. That is, the router is divided into groups
logically.
23-6
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 23 OSPF Configuration
One router may belong to different areas (such router is also called ABR), whereas a
network segment can be in one area only.
In other words, each interface running OSPF must be specified to a specific area. The
area is identified with an area ID. ABR transmits routing information between areas.
In addition, all routers in the same area should comply with the parameter configuration
of this area. Therefore, during the configuration of routers in the same area, most
configuration data should be taken into consideration based on this area. Wrong
configurations will make it impossible for adjacent routers to forward information to
each other, or may even lead to blocking or loop of routing information.
Perform these operations in OSPF mode.
To Use
Specify the interface and area ID network address wildcard-mask area area-id
Disable the running of OSPF on the interface no network address wildcard-mask area area-id
After the OSPF is enabled, you need to specify the interface running OSPF and the
area where the interface is located.
The router ID is a 32-bit unsigned integer, which uniquely identifies a router in the AS.
So the router ID must be configured. In manual router ID configuration, make sure that
the there are no routers having the same ID within the AS. Uusally, the router ID is set
the same as the IP address of one of the routers interface.
Perform these operations in global mode.
To Use
Configure router ID router id router-id
Cancel the router ID no router id
To ensure stability of OSPF, you should determine the division of router IDs and
manually configure them in network planning.
OSPF calculates the route based on the topological structure of the neighboring
network of this router. Each router describes the topology of its neighboring network
and advertises it to all other routers.
23-7
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 23 OSPF Configuration
OSPF divides the network into the following four types based on the link layer protocol
types.
Note:
No link layer protocol is taken as the Point-to-Multipoint type by default. No link layer protocol will be
considered as point-to-multipoint, since it must be forcedly modified from other network types. The most
common practice is to change a non-fully connected NBMA into a point-to-multipoint network.
NBMA refers to Non Broadcast MultiAccess networks. ATM network is a typical NBMA
network. You can specify the transmit interval for the Hello packet between adjacent
routers before the adjacency is set up. The following configurations are recommended:
z The interface can be configured as the non-broadcast mode on the broadcast
network without multi-access capability.
z If direct access is not available to all routers in the NBMA network, the interface
type can be configured as point-to-multipoint.
z If router has only one opposite end in the NBMA network, interface type can be
changed to point-to-point.
The following describes the differences between NBMA and point-to-multipoint:
z In OSPF, NBMA refers fully connected, nonbroadcast and multi-access networks.
In comparison, a point-to-multipoint network does not necessarily require the
network to be fully connected.
z Both DR and BDR should be elected on NBMA. However, there is no DR or BDR
in the point-to-multipoint network.
z NBMA is a default network type. For example, if the link layer protocol is ATM,
OSPF regards the network type is NBMA by default (no matter whether the
network is fully connected or not). However, point-to-multipoint network is not the
default network type. You have to manually change another nework type to
point-to-multipoint. (The most common practice is to change a non-fully connected
NBMA into a point-to-multipoint network.)
z In the NBMA network, packet is unicast. The neighbors must be configured
manually. However, in the point-to-multipoint network, the packet is broadcast.
23-8
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 23 OSPF Configuration
Since the link layer of the MA5300 is Ethernet, OSPF takes the network type as
broadcast. Usually, the network type is not to be changed.
Perform these operations in VLAN interface mode.
To Use
ip ospf network { broadcast | non-broadcast |
Configure interface network type
point-to-multipoint | point-to-point }
Recover the default interface network type no ip ospf network
After the interface has been configured with a new network type, the original network
type of the interface is removed automatically.
You can configure the cost for interface transmit packets. Or, OSPF will automatically
calculate the cost according to the bandwidth of the current interface.
Perform these operations in VLAN interface mode.
To Use
Configure the overhead for interface transmit packets ip ospf cost cost
Restore the default value of the cost for interface transmit packets no ip ospf cost
By default, the system calculates the cost automatically based on the interface
baudrate:
z When the baudrate is smaller than 2,000 bit/s, the default cost for the transmit
packet is: 100,000,000/64,000 = 1562.
z When the baudrate is larger than 100,000,000 bit/s, the default cost for the
transmit packet is: 100,000,000/100,000,000 = 1.
z In other circumstances, the default cost for the transmit packet is:
100,000,000/Interface baudrate.
23-9
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 23 OSPF Configuration
DR is not manually designated. It is elected by all routers in the local network segment.
The routers whose priority is greater than 0 in the local network segment can be used
as the "candidates".
The router with the highest priority will be selected among all routers that claim to be
the DR. If two routers have the same priority, the one with greater Router ID is
selectedc. The ballot is a Hello packet. Each router writes its DR into the Hello packet
and sends it to all other routers in the network segment.
When two routers in the same network segment claim to be the "Designated Router"
(DR), the one with higher priority is selected. If the priorities are the same, the one with
greater router ID is selected. If the priority of a router is 0, it will not be elected as
"Designated Router" (DR) or "Backup Designated Router" (BDR).
If the DR is unavailable due to some fault, a new DR should be elected and be
synchronized. This may be time consuming, and route calculation is incorrect during
the process. To shorten the process, OSPF puts forward the concept of BDR (Backup
Designated Router). BDR is actually a backup of DR and is elected together with DR.
BDR also creates adjacency with all routers in the local network segment and
exchanges routing information with them. When DR fails, BDR will become DR
immediately without re-election. With the adjacency already created, this takeover
process is instant. Of course, a new BDR needs to be elected again. It may take a long
time, but this will not affect the route calculation.
The following shall be noted:
z DR in the network segment is not necessarily the router with the highest priority.
Similarly, BDR is not necessarily the router with the second highest priority. For
example, if a new router is added after the DR and BDR are elected, this new
router will not become the DR of the network segment even it has the highes
priority.
z DR is a concept adopted in a specific network segment, and defined in regard to
the interface of the router. A router may be DR on one interface or BDR or DR
Other on another interface.
z DR will be elected only on a broadcast interface or an NBMA interface. It is
unnecessary for DR election on a point-to-point interface or a point-to-multipoint
interface.
Perform these operations in VLAN interface mode.
To Use
Set interface priority in DR election ip ospf priority priority_num
Restore the default priority of the interface no ip ospf priority
23-10
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 23 OSPF Configuration
By default, the priority of the Interface is 1 in the DR election. The value can be taken
from 0 to 255.
For an NBMA network, some special configurations are required. Since an NBMA
interface on the network cannot discover the adjacent router through broadcasting the
Hello packets, you need to specify an IP address for the adjacent router, and whether
the adjacent router is eligible for election.
The neighbor ip-address command is used to make the settings. If priority_num is not
specified, the adjacent router will be regarded as ineligible.
Perform these operations in OSPF mode.
To Use
Configure the neighbor of NBMA interface neighbor ip-address [ priority priority_num ]
Cancel the neighbor of NBMA interface no neighbor ip-address [ priority priority_num ]
Hello packet is the most common packet. It is sent to the adjacent routers periodically to
find and maintain adjacency, as well as elect the DR and BDR. You can set the value of
Hello interval (namely the interval for sending the Hello packet). The smaller the hello
interval is, the sooner the network change will be discovered, but the more network
resources will be consumed. The Hello interval of routers in the same network segment
must be the same.
When a router is enabled, it sends Hello packets only to adjacent nodes whose
preference is larger than 0.
After the DR and BDR in the network segment are elected, the DR and BDR will then
send Hello packets to all neighbors to set up adjacency.
If an adjacent router fails, the router will periodically send Hello packets based on the
poll interval defined in the command ospf timer poll, until the adjacent router is
available again. The poll interval should at least triple the hello interval.
Perform these operations in VLAN interface mode.
To Use
Set the hello interval of the interface ip ospf hello-interval seconds
23-11
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 23 OSPF Configuration
To Use
Restore the default hello interval of the interface no ip ospf timer hello
Set the poll interval of the NBMA interface ip ospf poll-interval seconds
Restore the default poll interval no ip ospf poll-interval
By default, Hello interval of point-to-point and broadcast interfaces is 10s and that of
point-to-multipoint and nonbroadcast interfaces is 30s.
Dead interval between adjacent routers refers to the period during which the router fails
to receive Hello packet from a neighboring router and then considers the neighboring
router as unavailable.
You can set the value of dead interval, namly the interval upon which the remote router
becomes invalid. The dead interval should be at least four times that of Hello interval,
while dead interval of all routers in the same network segment should be the same.
Perform these operations in VLAN interface mode.
To Use
Configure a dead interval between the adjacent routers ip ospf dead-interval seconds
Restore the default dead interval of the adjacent routers no ip ospf dead-interval
By default, the value of dead interval between adjacent routers on point-to-point and
broadcast interfaces is 40s and that on point-to-multipoint and NBMA
(non-broadcast) interfaces is 120s.
Note that after the network type is modified, hello interval and dead interval are both
restored to the default values.
An LSA expires in the LSDB of the local router (1 is added per second), but not in the
process of network transmission. Therefore, it is necessary to add transmit delay
(namely the LSA transmit interval) to the expiration time before the transmission. This
configuration is very important for low-speed networks.
Perform these operations in VLAN interface mode.
23-12
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 23 OSPF Configuration
To Use
Configure the the LSA transmit interval ip ospf transmit-delay seconds
Restore the default LSA transmit interval no ip ospf transmit-delay
When a router sends an LSA to its neighbor, it should wait for an ACK from them. If no
ACK is received from the neighbor within the retransmit interval, this LSA should be
retransmitted. You can set the value of retransmit interval.
Perform these operations in VLAN interface mode.
Table 2312 Setting the LSA retransmit interval between adjacent routers
To Use
Configure the LSA retransmit interval between adjacent
ip ospf retransmit-interval seconds
routers
Restore the default LSA retransmit interval between
no ip ospf retransmit-interval
adjacent routers
Stub area refers to the type of LSA areas that do not broadcast the received external
routes. In the Stub area, the size of routing table and amount of routing information
transmitted will be greatly reduced.
Stub area is an optional attribute, but not all areas comply with the configuration
condition. Usually, a Stub area is located at the boundary of the autonomous system,
namely a non-backbone area where there is only one ABR.
To ensure that the route outside the area is still reachable, ABR of this area generates a
default route (0.0.0.0) and advertise it to other non-ABR routers in the area.
In Stub area configuration, pay attention to the following points:
23-13
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 23 OSPF Configuration
z The backbone area cannot be configured as a Stub area and virtual link cannot go
through a Stub area.
z To configure an area as a Stub area, all routers in this area must be configured
with this attribute.
z There should be no ASBRs in Stub area. That is, the external routes of AS cannot
be redistributed to the interior of the area.
Perform these operations in OSPF mode.
To Use
Configure an area as a Stub area area area-id stub [ no-summary ]
Cancel the configured Stub area no area area-id stub
Configure the cost of the default route sent to Stub area area area-id default-cost cost
Cancel the cost of the default route sent to Stub area no area area-id default-cost
By default, Stub area is not configured. The cost for sending the route to the Stub area
is 1.
Two configuration commands are available for Stub area: area stub and area
default-cost:
z Use the area stub command to configure all routers in the Stub area with the stub
attribute.
z The area default-cost command only applies to the ABR connected to this area.
This command is used to configure the cost for sending the default route sent by
the ABR to the Stub area.
To reduce LSAs sent to the Stub area, the option no-summary can be configured to
prohibit the ABR to send Type 3 LSAs to Stub area.
In RFC1587, a new area is added NSSA Area; and a new LSA is added NSSA LSA
(also called Type-7 LSA).
NSSA area is actually a deformation of Stub area. It is similar in Stub area in many ways.
Neither of them generates or imports AS-External-LSA (namely Type-5 LSA), and both
of them can generate and import Type-7 LSA.
Type-7 LSA is generated by ASBR of NSSA area, which can only advertise in NSSA
area. When Type-7 LSA reaches ABR of NSSA, ABR will select whether to transform
Type-7 LSA into AS-External-LSA so as to advertise to other areas.
For example, in the networking in Figure 231, the AS running OSPF comprises three
areas: Area 1, Area 2 and Area 0. Among them, Area 0 is the backbone area.
23-14
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 23 OSPF Configuration
Also, there are other two ASs respectively running RIP. Area 1 is defined as an NSSA.
After RIP routes of the Area 1 are propagated to the NSSA ASBR, the NSSA ASBR will
generate Type-7 LSAs which will be propagated in Area 1. When the Type-7 LSAs
reach the NSSA ABR, the NSSA ABR will transform it into Type-5 LSA, which will be
propagated to Area 0 and Area 2.
On the other hand, RIP routes of the AS running RIP will be transformed into Type-5
LSAs that will be propagated in the OSPF AS. However, Type-5 LSAs will not reach
Area 1 because Area 1 is an NSSA. NSSAs and Stub areas have the same approach in
this aspect.
Similar to a Stub area, the NSSA cannot be configured with virtual links.
RIP NSSA
ABR
area 1 NSSA
NSSA ASBR
area 0
area 2
RIP
To Use
area area-id nssa [ default-information-originate ]
Configure an area to be the NSSA area
[ no-redistribute ] [ no-summary ]
Cancel the configured NSSA no area area-id nssa
Configure the default cost value of the
area area-id default-cost cost
route to the NSSA
Restore the default cost value of the
no area area-id default-cost
route to the NSSA area
z All the routers connected to the NSSA should use the nssa command to configure
the area with the NSSA attribute.
z The keyword default-information-originate is used to generate the default
Type-7 LSAs. The default Type-7 LSA route will be generated on an ABR, even
though no default route 0.0.0.0 is in the routing table. On an ASBR, however, the
default Type-7 LSA route can be generated only if the default route 0.0.0.0 is in the
routing table.
z The keyword no-redistribute is used on the ASBR to prevent the external routes
that OSPF imported through the import-route command from advertising to the
23-15
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 23 OSPF Configuration
NSSA. Generally, if an NSSA router is both the ASBR and ABR, this keyword will
be used.
z The keyword no-summary defined on the ABR is used to disable ABRs sending
of summary_net LSAs (Type-3 LSA) to the NSSA. This is to reduce the number of
LSAs sent to the NSSA.
z The keyword default-cost is used on the ABR attached to the NSSA. Using this
command, you can configure the default route cost on the ABR to NSSA.
By default, the NSSA is not configured, and the cost of the default route to the NSSA is
1.
Route summarization means that the ABR summarizes all route information with the
same prefix to one route and then sent it to other areas.
One area can be configured with multiple summarized segments so that OSPF can
summarize multiple network segments. When the ABR sends routing information to
other areas, Sum_net_Lsa (Type 3 LSA) will be generated in the unit of network
segment.
If an area contains a continuous range of network segments, they can be summarized
into one segment through the area range command. Then the ABR only sends one
summarized LSA, and all LSAs within the summarized segment specified by the
command will not be sent out separately. This process downsizes the LSDBs in other
areas.
For example, there are two network segments in an area as follows:
202.38.160.0 255.255.255.0
202.38.180.0 255.255.255.0
They are to be summarized into one network segment: 202.38.0.0 255.255.0.0
Once the summarized network segment of a specific network is added to an area, the
internal routes within this summarized segment of the area will not be broadcast
separately to other areas. Instead, only the route summary of the entire summarized
network segment will be broadcast.
If the network segment range is defined with the key word notadvertise, the route
summary of the network segment will not be broadcast. This network segment is
described with the IP address/mask. Receiving the summarized network segment and
defining the network segment can reduce the volume of the routing information
exchanged between areas.
Note that route summarization is only effective when configured on an ABR.
Perform these operations in OSPF mode.
23-16
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 23 OSPF Configuration
To Use
area area-id range ip_address ip_mask
Cancel the route summarization between areas
[ advertise | notadvertise ]
Cancel the route summarization between areas no area area-id range ip_address ip_mask
After OSPF area division, not all areas are equal. There is a special area called the
backbone area, whose area ID is 0.0.0.0.
OSPF route updating between non-backbone areas is carried out through the
backbone area. OSPF stipulates that all non-backbone areas must be connected with
the backbone area. That is, at least one interface on ABR should be in the area 0.0.0.0.
If there is no physical connection between a non-backbone area and a backbone area,
a virtual link must be set up.
If physical connectivity cannot be ensured due to the limitation of the network
topological structure, setting up a virtual link can address this requirement. A virtual link
is a logic connection created in the internal route area of a non-backbone area between
two ABRs. At both ends of the virtual link are two ABRs. Vitrula link configuration will be
effective only when it is configured at both ends simultaneously. The virtual link is
identified by the peer router ID.
The area providing the internal route in a non-backbone area is called a Transit Area.
Its area ID should also be specified in virtual link configuration.
The virtual link will be activated after the route passing through the Transit Area has
been calculated. This is like a point-to-point connection between two end points. On
this virtual, various interface parameters (such as the transmit interval of the Hello
packet) can be configured, just as the same case on a physical interface.
"Logic Channel" means that multiple routers running OSPF between two ABRs only
function to forward packets (since destination addresses of the protocol packets are not
the routers, the packets are transparent to the routers and are transmitted as ordinary
IP packets.); whereas routing information are transmitted directly between two ABRs.
The synchronization mode of routers in this Transit Area is not changed.
Note that if the AS is divided into more than one area, the following conditions must be
met:
z One of them must be the backbone area.
z Other areas must be connected with the backbone area directly or logically.
z The backbone area itself should be connected.
23-17
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 23 OSPF Configuration
To Use
area area-id virtual-link router-id [hello-interval seconds ]
[retransmit-interval seconds ] [transmit-delay seconds ]
Create and configure a virtual link
dead-interval seconds ][authentication-key key]
[message-digest-key keyid md5 key]
Cancel the created virtual link no area area-id virtual-link router-id
Authentication types of all routers in one area must be consistent. The authentication
types can be any of these:
z Not supporting authentication
z Supporting plaintext authentication
z Supporting MD5 authentication
Authentication passwords of all routers in one segment must be consistent. Use area
area-id authentication-key to configure the plaintext authentication password in this
area, and area area-id message-digest-key to configure MD5 authentication
password in this area.
Perform these operations in OSPF mode.
To Use
area area-id authentication
Configure the area to support MD5 packet authentication
[ message-digest ]
Cancel the MD5 packet authentication supported by the area no area area-id authentication
23-18
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 23 OSPF Configuration
To Use
ip ospf authentication-key
Configure plaintext authentication for packets on the interface
password
Cancel the use of plaintext authentication for packets on the
no ip ospf authentication-key
interface
Configure the use of MD5 authentication for packets on the ip ospf message-digest-key
interface key-id md5 key
Cancel the use of MD5 authentication for packets on the interface no ip ospf message-digest-key
By default, the interface is not configured with any plaintext authentication or MD5
authentication.
Dynamic routing protocols on the routers can share the routing information. Due to
OSPF features, the routes that discovered by other routing protocols are always
regarded as the routes outside the AS in processing. In receiving commands, such
parameters as the cost type of the route, cost and tag can be specified to overwrite
default routing parameters.
OSPF uses four different types of routes, as listed below in the order of their
preferences:
z Intra-area route
z Inter-area route
z External route Type 1
z External route Type 2
The Intra-area route and inter-area route describe the network structure inside the AS.
The external route describes how to select the route to a destination outside the AS.
External route Type 1: indicates that IGP routes are received (such as RIP, STATIC).
Since this type of routes is more credible, the calculated cost of the external route and
the cost of the route inside the AS are in the same numeric level and it is comparable
with the cost of the OSPF route. That is, Cost of Type 1 external route = Cost from the
local router to the corresponding ASBR = Cost from the ASBR to the destination
address of the route.
External route Type 2: indicates that EGP routes are received. Since this type of route
is less credible, OSPF protocol considers that the cost from the ASBR to the outside of
the AS is much greater than that from inside the AS to the ASBR. Only the former cost
is taken into consideration when calculating the routing cost. That is, Cost to external
route Type 2 = Cost from ASBR to the route destination address. If the values are equal,
then also consider the cost from the local router to the corresponding ASBR.
23-19
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 23 OSPF Configuration
To Use
Redistribute route information of other redistribute protocol [ metric metric ] [ tag
protocols tag-value ] [ type 1 | 2 ] [ route-map map-name ]
Cancel redistribution of routing information of
no redistribute protocol
other protocols
When OSPF redistributes routes discovered by other routing protocols as the external
routing information of its own AS, certain parameters are needed, including the default
cost and default tag of the route. Route tag is used to identify protocol-related
information. For example, it is used to differentiate the AS number when OSPF
receives BGP routing information.
Perform these operations in OSPF mode.
To Use
default redistribute interval
Configure the interval when OSPF to redistribute external routes
seconds
Restore the default interval when OSPF redistributes external
no default redistribute interval
routes
Configure the upper limit for the routes that OSPF redistributes
default redistribute limit routes
each time
Restore the default upper limit for the external routes that can be
no default redistribute limit
imported at a time
Configure the cost for the OSPF to redistribute external routes default redistribute metric metric
Restore the default cost for the OSPF to redistribute external
no default redistribute metric
routes
Configure the tag for the OSPF to redistribute external routes default redistribute tag tag
Restore the default tag for the OSPF to redistribute external
no default redistribute tag
routes
Configure the type of external routes that OSPF will redistribute default redistribute type { 1 | 2 }
Restore the default type of the external routes redistributed by
no default redistribute type
OSPF
23-20
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 23 OSPF Configuration
By default:
z Neither cost nor tag value is available when the external routes are being
received.
z Type 2 routes are redistributed.
z The interval for redistributing route is 1 second.
z Up to 1000 routes can be redistributed every time.
Table 2321 Redistributing default routes into the OSPF routing table
To Use
Redistribute default routes into the default-information originate [ always ] [ metric
OSPF routing table metric-value ] [ type type-value ] [ route-map map-name ]
Cancel the redistributed default routes no default-information originate
As multiple dynamic routing protocols may run on the router at the same time, the
problem of information sharing and selection between the routing protocols occurs. The
system sets a preference for every routing protocol. When several protocols find the
same route, the protocol with higher preference will prevail.
Perform these operations in OSPF mode.
To Use
Configure OSPF protocol preference between routing protocols preference [ ase ] preference
Restore default preference of the protocol no preference [ ase ]
By default, OSPF preference is 10, and the preference of the redistributed external
routing protocol is 150.
23-21
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 23 OSPF Configuration
To Use
Configure OSPF filtering of the redistributed distribute-list {access-list-number | prefix-list
route prefix-list-name [gateway prefix-list-name ] }in
Cancel OSPF filtering of the redistributed no distribute-list {access-list-number | prefix-list
route prefix-list-name [gateway prefix-list-name ] }in
To Use
Configure OSPF filtering of the advertised distribute-list {access-list-num| prefix
route prefix-list-name} out [ connected | rip | static]
Cancel OSPF filtering of the advertised no distribute-list {access-list-num| prefix
route prefix-list-name} out [ connected | rip | static]
By default, OSPF does not filter the redistributed or advertised routing information.
OSPF-enabled routers use the Database Description (DD) packets to describe their
own LSDBs when synchronizing the databases.
You can manually specify an interface to fill in the Maximum Transmission Unit (MTU)
field in a DD packet when it transmits the packet. The MTU should be set to the real
MTU on the interface.
Perform these operations in VLAN interface mode.
Table 2325 Configuring whether the MTU field will be filled in for an interface transmiting DD packets
To Use
Enable an interface to fill in the MTU field when transmitting DD packets ip ospf mtu-enable
Disable the interface to fill MTU when transmitting DD packets no ip ospf mtu-enable
By default, the interface does not fill in the MTU field when transmitting DD packets.
That is, MTU in the DD packets is 0.
23-22
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 23 OSPF Configuration
To prevent OSPF routing information from being obtained by the routers on a certain
network, use the passive-interface command to disable the interface to transmit
OSPF packets.
Perform the following configurations in OSPF mode.
To Use
Disable the interface to send OSPF packets passive-interface interface-type interface-number
Enable the interface to send OSPF packets no passive-interface interface-type interface-number
By default, all the interfaces are allowed to transmit and receive OSPF packets.
After an OSPF-enabled interface is set to be in Silent status, the interface can still
advertise its direct route. However, the OSPF Hello packets of the interface will be
blocked, and ajacency cannot be set up on the interface.
This configuration is to enhance OSPFs adaptability to the network and reduce
consumption of system resources.
After the above configurations, you can use the show command to display the OSPF
configuration and verify the configuration. You can also use the debug command to
carry out OSPF debugging in privileged mode.
To Use
Display general information of OSPF routing show ip ospf
Display OSPF statistics show ip ospf cumulative
show ip ospf database [ adv-router ip-address ]
[ asbr-summary | database-summary |external |
Display OSPF LSDB information
network | router | self-originate | summary ]
[ ip-address ][ adv-router ] [ self-originate ]
Display OSPF neighbor information show ip ospf neighbor
Display OSPF next hop information show ip ospf nexthop
Display OSPF routing table information show ip ospf routing
Display OSPF virtual link information show ip ospf virtual-links
Display OSPF request-lists show ip ospf request-list
Display OSPF retransmission-lists show ip ospf retrans-list
23-23
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 23 OSPF Configuration
To Use
Display OSPF ABR and ASBR information show ip ospf border-routers
Display OSPF interface information show ip ospf interface
Display OSPF error information show ip ospf error
debug ip ospf packet [ ack | dd | hello | request I
Enable OSPF packet information debugging
update ]
Enable OSPF event information debugging debug ip ospf event
Enable OSPF LSA information debugging debug ip ospf lsa
Enable OSPF SPF information debugging debug ip ospf spf
I. Networking requirements
Four MA5300s (MA5300 A, MA5300 B, MA5300 C and MA5300 D), which can perform
the router functions and run OSPF, are located on the same segment, as shown in the
Figure 232.
It is required to enable MA5300 A and MA5300 C to be DR and BDR respectively.
Preference of MA5300 A is 100, the highest on the network, so MA5300 A is elected as
the DR. MA5300 C has the second highest preference, so it is elected as the BDR.
Preference of MA5300 B is 0, which means that it cannot be a DR. MA5300 D has no
preference, so its default preference is 1.
DR
192.1.1.1/24 192.1.1.4/24
192.1.1.2/24 192.1.1.3/24
BDR
23-24
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 23 OSPF Configuration
! Configure MA5300 A.
MA5300 A(config)#interface vlan-interface 1
MA5300 A(config-Vlan-Interface1)#ip address 192.1.1.1 255.255.255.0
MA5300 A(config-Vlan-Interface1)#ip ospf priority 100
MA5300 A(config)#router id 1.1.1.1
MA5300 A(config)#router ospf
MA5300 A(config-router-ospf)#network 192.1.1.0 0.0.0.255 area 0
! Configure MA5300 B.
MA5300 B(config)#interface vlan-interface 1
MA5300 B(config-Vlan-Interface1)#ip address 192.1.1.2 255.255.255.0
MA5300 B(config-Vlan-Interface1)#ip ospf priority 0
MA5300 B(config)#router id 2.2.2.2
MA5300 B(config)#router ospf
MA5300 B(config-router-ospf)#network 192.1.1.0 0.0.0.255 area 0
! Configure MA5300 C.
MA5300 C(config)#interface vlan-interface 1
MA5300 C(config-Vlan-Interface1)#ip address 192.1.1.3 255.255.255.0
MA5300 C(config-Vlan-Interface1)#ip ospf priority 2
MA5300 C(config)#router id 3.3.3.3
MA5300 C(config)#router ospf
MA5300 C(config-router-ospf)#network 192.1.1.0 0.0.0.255 area 0
! Configure MA5300 D.
MA5300 D(config)#interface vlan-interface 1
MA5300 D(config-Vlan-Interface1)#ip address 192.1.1.4 255.255.255.0
MA5300 D(config)#router id 4.4.4.4
MA5300 D(config)#router ospf
MA5300 D(config-router-ospf)#network 192.1.1.0 0.0.0.255 area 0
Run show ip ospf neighbor on MA5300 A to show OSPF neighbor. Note that MA5300
A has three neighbors.
MA5300 A(config)#show ip ospf neighbor
Neighbor pri State Address Interface
4.4.4.4 1 full/DRother 192.1.1.4 Vlan-Interface1
3.3.3.3 2 full/BDR 192.1.1.3 Vlan-Interface1
2.2.2.2 0 full/DRother 192.1.1.2 Vlan-Interface1
The status of every neighbor is FULL, which means that MA5300 A has created
adjacency with all neighbors. Only DR and BDR have created adjacency with all
routers on the network. MA5300 A is DR and MA5300 C is BDR on the network. All
other neighbors are DOther, which means that they are neither DR nor BDR.
23-25
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 23 OSPF Configuration
Run show ip ospf neighbor on MA5300 A to show OSPF neighbors. Note that
preference of MA5300 B has been changed to 200, but it is not DR.
MA5300 A(config)#show ip ospf neighbor
Neighbor pri State Address Interface
4.4.4.4 1 full/DRother 192.1.1.4 Vlan-Interface1
3.3.3.3 2 full/BDR 192.1.1.3 Vlan-Interface1
2.2.2.2 200 full/DRother 192.1.1.2 Vlan-Interface1
Only when the existing DR does not exist on the network, will DR be changed. Shut
down MA5300 A and run show ip ospf neighbor on MA5300 D to show neighbors.
Note that MA5300 C, which used to be BDR, now becomes DR; and MA5300 B now
becomes BDR.
MA5300 D(config)#show ip ospf neighbor
Neighbor pri State Address Interface
3.3.3.3 2 full/DR 192.1.1.3 Vlan-Interface1
2.2.2.2 200 full/BDR 192.1.1.2 Vlan-Interface1
If all routers are moved from the network and then added into the network again,
MA5300 B will be chosen as DR (whose preference is 200) and MA5300 A will become
BDR (whose preference is 100). Shut down all MA5300s and reboot them. This
operation will bring about a new election of DR/BDR.
MA5300 D(config)#show ip ospf neighbor
Neighbor pri State Deadtime Address Interface
1.1.1.1 100 full/BDR 00:00:33 192.1.1.1 Vlan-Interface1
3.3.3.3 2 2way/DRother 00:00:33 192.1.1.3 Vlan-Interface1
2.2.2.2 200 full/DR 0:00:30 192.1.1.2 Vlan-Interface1
I. Networking requirements
Area 2 is not directly connected with area 0 in Figure 233. Area 1 serves as the Transit
Area to connect area 2 and area 0. A virtual link is configured between MA5300 B and
MA5300 C in Area 1.
23-26
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 23 OSPF Configuration
MA5300 A
1.1.1.1
Area 0 192.1.1.1/24
192.1.1.2/24
MA5300 B
193.1.1.2/24
2.2.2.2
Virtual
Area 1 Link 193.1.1.1/24
152.1.1.1/24
MA5300 C Area 2
3.3.3.3
1) Configure MA5300 A.
MA5300 A(config)#interface vlan-interface 1
MA5300 A(config-Vlan-Interface1)#ip address 192.1.1.1 255.255.255.0
MA5300 A(config)#router id 1.1.1.1
MA5300 A(config)#router ospf
MA5300 A(config-router-ospf)#network 192.1.1.0 0.0.0.255 area 0
2) Configure MA5300 B.
MA5300 B(config)#interface vlan-interface 7
MA5300 B(config-Vlan-Interface7)#ip address 192.1.1.2 255.255.255.0
MA5300 B(config)#interface vlan-interface 8
MA5300 B(config-Vlan-Interface8)#ip address 193.1.1.2 255.255.255.0
MA5300 B(config)#routerid 2.2.2.2
MA5300 B(config)#router ospf
MA5300 B(config-router-ospf)#network 192.1.1.0 0.0.0.255 area 0
MA5300 B(config-router-ospf)#network 193.1.1.0 0.0.0.255 area 1
MA5300 B(config-router-ospf)#area 1 virtual-link 3.3.3.3
3) Configure MA5300 C.
MA5300 C(config)#interface vlan-interface 1
MA5300 C(config-Vlan-Interface1)#ip address 152.1.1.1 255.255.255.0
MA5300 C(config)#interface vlan-interface 2
MA5300 C(config-Vlan-Interface2)#ip address 193.1.1.1 255.255.255.0
MA5300 C(config)#router id 3.3.3.3
MA5300 C(config)#router ospf
MA5300 C(config-router-ospf)#network 193.1.1.0 0.0.0.255 area 1
MA5300 C (config-router-ospf)#network 152.1.1.0 0.0.0.255 area 2
MA5300 C(config-router-ospf)#area 1 virtual-link 2.2.2.2
23-27
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 23 OSPF Configuration
Firstly, check whether the protocol between two directly connected routers is in normal
operation. The normal sign is the neighbor status machine between the two routers IS
in FULL state. (Note that in the Broadcast and NBMA network, the neighbor status
machine between two DROther routers cannot achieve the FULL state. Rather, it is in 2
way state. But Full State is achieved between the DR, BDR and all the other routers).
Run the show ip ospf neighbor command to view the information about OSPF
neighbors.
MA5300#show ip ospf neighbor
Interface: 202.38.160.1 Area: 0.0.0.2
Neighbors:
RouterID: 2.2.2.2 Address: 202.38.160.2
State:FULL Mode: None Priority: 0
DR: 202.38.160.1 BDR: 202.38.160.1
Last Hello: 14:04 Last Exchange: 0
Run show ip ospf interface command to view the OSPF information in the interface.
Check whether the physical connections and the lower level protocols operate normally.
You can run ping command to test the network connectivity. If the local router cannot
reach the remote router, it indicates that the physical connection and the lower level
protocols cannot operate normally.
If the physical connection and the lower level protocols are normal, then check the
OSPF parameters configured on the interface. Ensure the consistency of parameters
(such as the hello interval, dead interval and authentication mode) on its adjacent router.
The area IDs should be the same, and the network segments and the masks should
also be consistent (but segments and masks of point-to-point network and virtual linked
network can be different).
z Make sure the value of the dead-interval in the same interface is at least four times
the value of the hello-interval.
z If the network type is NBMA, you must manually specify the neighbor.
z If the network type is Broadcast or NBMA, the priority of at least one interface
should be larger than 0.
z If an Area is set as the Stub area, then the area must be set as a Stub area in all
the routers connected to this area.
z The interface types of two adjacent routers should be consistent.
23-28
Operation Manual - Service Configuration
SmartAX MA5300/5303 Broadband Access System Chapter 23 OSPF Configuration
z If more than two areas are configured, then at least one area should be configured
as the backbone area. That is the area ID is 0.
z Ensure the backbone area is connected with all the other areas.
z The virtual links cannot pass through the Stub area.
If the above procedures are correct, but the OSPF still cannot find the remote routes,
check the following configurations.
z If a router is configured with more than two areas, then at least one area should be
configured as the backbone area.
As is shown in the following figure, only an area is configured in RTA and RTD, but two
areas are configured in RTB (area0, area1) and RTC (area1, area2) respectively. In
which, RTB has an area with the ID of 0, so it meets the requirement. But the two areas
in RTC are not 0, so a virtual link should be set up between RTC and RTB so as to
guarantee the connection of area2 and area0 (the backbone area).
z The virtual link cannot pass through the Stub area, and the backbone area (area 0)
cannot be configured as the Stub area, i.e. if a virtual link is set up between RTB
and RTC, then area 1 cannot be configured as the Stub area and area 0 cannot be
configured as the Stub area either. In the above figure, only area 2 can be
configured as the Stub area.
z The router in the Stub area cannot receive external routes.
z Make sure in the backbone area the connections between various nodes are
normal.
23-29
HUAWEI
Maintenance Operations
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Table of Contents
Table of Contents
i
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Table of Contents
ii
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 1 Loading and Backup
1.1 Loading
The MA5300 manages the following program files: host software program files,
multi-language resource file and service board program files.
The storage media used in the MA5300 includes BootRom, SDRAM, SRAM and Flash
memory.
z BootRom stores the BIOS program files which are used to initialize the system.
z SDRAM stores the host software programs.
z SRAM stores the operation logs and alarm information.
z Flash memory stores the host software programs, configuration files and
multi-language resource files.
Note that the BIOS includes the basic BIOS and the extended BIOS. The basic BIOS is
the system boot program, while the extended BIOS is the board initialization program
allowing on-line upgrade.
Upgrade system software refers to loading new program files. You can use the
command load program to load programs for the ESM board and service boards.
1-1
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 1 Loading and Backup
Note:
z To load the ESM programs and configuration files, make selections in the [Boot] menu. When
rebooting the system, press <Ctrl+B> according to the prompt on the serial port maintenance terminal,
and then follow the prompt on the screen to load the programs.
z It is prohibited to load programs and configuration files through the network port of the standby board.
When you are executing the program loading command, the system will prompt you to
enter the following information.
z Specify the protocol used in program loading. The loading can be performed either
through the serial port or the maintenance network port. In loading through the
serial port, Xmodem is used. In loading through network port, TFTP is used.
z In loading through the network port, you need to specify the name of the file to be
loaded and the IP address of the PC where the file is saved, and activate the TFTP
server in the PC.
z In loading through the serial port, you should use the file sending function of
HyperTerminal to send program files. Select Xmodem as the protocol used to
send files.
z Specify the slot number for the board to be loaded. For service boards, you can
enter the keyword all to load all boards of the same type. For the ESM board, you
cannot load the active ESM and standby ESM at the same time.
z Specify the board to be loaded.
Note:
z All service boards of the same type can be loaded simultaneously, except the active/standby ESM
boards.
z The TFTP server and the MA5300 should be set to share the same network segment. Otherwise,
additional setting of gateway is required.
1) Start HyperTerminal.
Connect the serial port of the host with the configuration serial port of the ESM using
serial port cable, and start HyperTerminal. Telnet users are prohibited to load files using
Xmodem protocol.
2) Run the command load program.
Run the global command load program, and select Xmodem as the desired protocol.
1-2
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 1 Loading and Backup
3) Send files.
In HyperTerminal, select [Send/Send Files], select Xmodem as the desired protocol
and select the name of the file to be sent, and then click <Send>.
1-3
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 1 Loading and Backup
Given that the address of the ESM maintenance network port is 10.11.104.142, and the
subnet mask is 255.255.252.0. Therefore, the address of the PC network port can be
set to 10.11.104.141, and the subnet mask to 255.255.252.0. Make sure that the host is
able to ping the IP address of the ESMs network maintenance port.
2) Run TFTP application.
Run the TFTP program in the PC, and click <Settings>. In the pop-up dialog box, enter
the directory in the Base Directory text box for the program file to be loaded.
3) Load programs.
Run the global command load program to load the host program and select TFTP as
the desired protocol.
MA5300#load program tftp 10.11.104.141 0/7
Whether to load other boards of same type ? (y/n):[n]n
1-4
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 1 Loading and Backup
Board name[ESMA]:ESMA
File name [ESMA.bin]: 5300.esm
Whether to start loading? (y/n)[n]:Y
Load (backup, duplicate) begins, please wait and notice the rate of progress.
Any operation such as reboot or switchover will cause failure
and unpredictable result.
MA5300(config)#
! 1[2003-01-06 04:16:39]:ALM-3-AlarmInfo:
By now, the loading complets. If everything goes normal, when the loading completes,
the system will prompt you with the following:
MA5300#
Note: the new database or program will take effect after system is restarted
! 1[2003-01-06 04:19:25]:ALM-3-AlarmInfo:
ALARM 5335 INFO MAJOR 0x0b200002 ----- 2003-01-06 04:19:25
ALARM NAME : Load complete
PARAS INFO : FrameID: 0, SlotID: 7, Load type: Host program
DESCRIPTION : Load complete
REASON : Load complete
ADVICE : Not need to process
--- END
1-5
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 1 Loading and Backup
The above display shows that the program has been successfully loaded and saved in
the Flash memory of the ESM board.
Note:
If the loading fails, you should check these items:
z Whether the address of the TFTP server is correctly entered.
z Whether the TFTP server can ping the address of the ESM Ethernet port.
z Whether the TFTP program in the TFTP server is activated.
z Whether the directory for the TFTP program is correctly set.
z Whether the name of the file to be loaded is correctly entered.
After the loading completes, run the command reboot to reset the system, and then run
the newly loaded program if necessary. If the loaded program is new, you should aslo
load the associated multi-language resource file after it restarts.
Next, use the command show version to query the version of the system and verify
whether the version of the loaded program is correct.
The multi-language resource file is used to output the system information in multiple
languages. Loading multi-language resource file will allow you to update the language
of the system information output.
Note:
z The multi-language resource file to be loaded should match the version of the in-service system.
Otherwise, the loading will fail. If the newly loaded program and configuration file are of a new version,
you should restart them before loading the new multi-language resource file.
z The common language resource file is loaded together with the host programs. So upon completion of
loading the host program, you need only to load the local language resource file.
The multi-language resource file can be loaded either through the serial port or the
network port. The information to be entered in the loading process is similar to that for
loading program file.
1-6
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 1 Loading and Backup
This example shows how to load the multi-language resource file info_loc.res to the
active ESM board through the network port. Assume the IP address of the TFTP server
is 10.105.33.44.
MA5300#load language local tftp 10.105.33.44 info_loc.res active
The procedures involved are similar to that for loading the program of the ESM board
using the network port.
This example shows how to load the multi-language resource file info_loc.res to the
active ESM board through a serial port.
MA5300#load language local xmodem active
The procedures involved are similar to that for loading the program of the ESM board
using the serial port.
You can use the command load program to load program for both the service board
and the ESM board. The information to be entered in the loading process is similar to
that for loading the host program file.
In terms of the internal processing procedure of the host, the loading of the service
board is different from that of the ESM board. The difference is shown as follows.
z The loading process of the ESM board:
1) The file is first loaded from an external PC to the memory of the ESM board
through a serial port or a network port.
2) Then it is saved in Flash memory.
z The loading process of the service board:
3) The file is first loaded from the server to the memory of the ESM board through a
serial port or a network port.
4) It is then sent from the ESM board to the service board.
5) After the program is loaded to the service boards memory, it will be saved in Flash
memory.
6) Finally, resets the service board to validate the new program. This comples the
service board loading.
1-7
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 1 Loading and Backup
Note:
z When loading service boards, you can enter the keyword all to replace f/s. This command enables
you to load all boards of the same type in the system.
z If the service board has a maintenance serial port or network port, you can use either of them (usually
embedded in the board) to load the software of the board. The process involved is similar to that of
loading the host software.
z When the board loading completes, the system will automatically reset to run the new board programs.
This is different from loading the ESM board.
1.2 Backup
To ensure the usability of the system and the security of configuration files, you can to
save and backup the configuration files.
Table 1-1 lists the differences in file saving and file backup.
Table 1-1 The comparison between file saving and file backup.
To Save Backup
Source of the configuration file SDRAM (active/standby board) MA5300 Flash (active board)
Destination Flash (active/standby board) PC or network terminal
Program
Object of management Data Data
Language
In addition, the MA5300 also allows you to erase the configuration file as desired during
the service configuration.
The MA5300 configuration files are saved in Flash memory in the form of text file.
Make sure these requirements for the format of configuration file are met:
z The configuration file is saved in the command format.
z To save space, only the non-default parameters are save. For the default value of
every configuration parameter, refer to the following chapters.
z Commands are organized based on command modes. Commands in the same
mode are organized together, forming a segment. Two segments are usually
separated with a blank line or comment line (beginning with !).
1-8
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 1 Loading and Backup
z The segment is usually arranged in the order of global configuration, physical port
configuration and logical port configuration.
z The configuration file is ended with end.
When powered up, the MA5300 reads the configuration files in Flash Memory for
initialization. These configuration files in Flash Memory are referred to as initializing
configurations. If no configuration file is available in Flash memory, the equipment will
use the default parameters for initializing.
In contrast with the initializing configurations, the configuration files that are serving the
MA5300 operation are referred to as the current configurations.
1-9
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 1 Loading and Backup
The system data are saved in the memory after they have been configured. The system
should save the configuration data in Flash memory to avoid loss of configuration files
due to accidental restarting.
If the system fails to do so, you can use the command write to save the configuration
data.
MA5300#write
The switch configuration will be written to flash.
Are you sure?[Y/N]y
Now writing running configuration to flash memory.
Please wait for a while...
To erase the configuration files in the MA5300s Flash Memory, use the command
erase.
1-10
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 1 Loading and Backup
After a configuration file is erased, the equipment will use the default configuration
parameters for initialization at the next startup.
In either of the following conditions, you can consider to erase the configuration files in
Flash memory:
z Mismatch between the equipment software and the configuration file resulting
probably from the MA5300 software upgrade.
z Damage to the configuration file in Flash memory resulting probably from loading
of a wrong configuration file.
MA5300#erase
Note:
z Run the command erase with caution and under the technicians instructions.
z Before erasing a configuration file, you should back up the system configuration files to avoid loss of
important configuration files.
This example shows how to back up the configuration files using TFTP. The procedures
for backing up program files are the same.
1) Configure IP address of the network port.
Connect the serial port of PC with the configuration serial port of the ESM board, and
then log on to the ESM board through the PC. Next, set the IP address of the PC
network port to enable it to share the same network segment with the maintenance
network port or Ethernet network port of the ESM board.
2) Run TFTP application.
Start the TFTP application, and then click <Settings> to enter the window shown in
Figure 14, where you can set the basic attributes of TFTP. For example, you can enter
the directory where the backup configuration file is to be placed in the Base Directory
text box.
1-11
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 1 Loading and Backup
Figure 14 Selecting the directory for the configuration file using TFTP
This example shows how to back up the configuration files using FTP. The procedures
for backing up program files are the same.
1) Configure IP address of the network port.
1-12
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 1 Loading and Backup
Connect the serial port of the PC with the configuration serial port of the ESM board,
and then log on to the ESM board through the PC. Next, set the IP address of the PC
network port to enable it to share the same network segment with the maintenance
network port or Ethernet network port of the ESM board.
2) Run FTP application.
Start the FTP application, and select [Security/Users/rights] to enter the window
shown in Figure 16. In the pop-up window, you can set the basic attributes of the FTP.
For example, in the Home Directory text box, you can enter the directory for the
backup configuration file to be placed, or select New User] to add an FTP user.
Figure 16 Setting the configuration file directory and user name using FTP
ftp>put vrpcfg.txt
200 PORT command okay
150 "D:\WINDOWS\DESKTOP\LOAD\vrpcfg.txt" file ready to receive in ASCII mode
226 Transfer finished successfully.
FTP: 1956 byte(s) sent in 0.440 second(s) 4.44Kbyte(s)/sec.
At this moment, the FTP application will display the progress of the backup process.
See Figure 17.
1-13
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 1 Loading and Backup
1-14
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 2 Patch Management
2.1 Overview
The MA5300 needs to work for a long time without interruption. When performing
troubleshooting for or adding new functions to the host software, you are required to
load patches to the host software so as to modify the host software without suspending
the services.
Note:
z The running status differs from the Active status only in that patch files in the Running status can be
restored to the Running status after system rebooting, while patch files in the Active status can be
restored to the Deactive status.
z The Active status can be comprehended as running the patch on trial basis. Through the trial running,
you can confirm whether the patch file is up to the expectation in functionality. The patches passing the
trial running can then be put into normal operation.
In the MA5300, the patch files in the active ESM and those in the standby ESM are
managed separately. You can distinguish them with the commands active and
standby. By far, the MA5300 does not support standby ESM patch files.
2-1
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 2 Patch Management
Use the command load patch to load the patch file to the target ESM board. After the
loading succeeds, use the command show patch to view the patch-related
information.
After verifying that the patch is correct, run the activate command to activate it, and
then carry out the patch function test.
When the function test completes, you can use the command patch run to run the
patch. This will enable the patch to restore to the running status automatically after the
system reboots.
The patch source file can be loaded through a serial port or a network interface. The
information to be entered during loading is similar to that for loading program files.
2-2
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 2 Patch Management
This example shows how to query the status of patch files (in running status) for
confirmation.
MA5300(config)#show patch all active
Host version: MA5300V100R002
Patch version: MA5300V100R002SP01
Patch number: 1
Number of formal patch: 1
Number of temporary patch: 0
Number of run patch: 1
Number of active patch: 0
2-3
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 2 Patch Management
By far, the patch files of SP01 have been loaded successfully. They are in the running
status.
2-4
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 3 Logs and Alarms
Logs can serve as major references in system maintenance and fault locating. In the
MA5300 you can query the executed commands recorded in logs or record important
information using the log host.
The MA5300 host can automatically keep logs of the latest 512 operations. A system
administrator can query the latest operation commands using the command show log.
You can obtain the information on operations performed by different users or performed
within different periods of time, by setting the command parameters accordingly. The
operation log information includes user name, commands executed, operation time,
login mode, and the IP address of the login user.
Up to of 512 logs can be stored in the system. When there are more than 512 records,
the old records will be overwritten automatically. Therefore, you should immediately
query the system logs and make records in the case of system failure, for fear that the
logs that may be helpful for fault locating are overwritten. Meanwhile, to correctly record
the operation information, you should make sure that the system time is correct before
performing service configuration.
This example shows how to view operation logs of the user root (indexes 3 5).
MA5300(config)#show log root index 3 to 5
--------------------------------------------------------------------
No. UserName Date&Time LogMode IP-Address
5 root 2003-06-18 08:21:48 AUX --
Cmd: line 1
--------------------------------------------------------------------
No. UserName Date&Time LogMode IP-Address
4 root 2003-06-18 08:21:43 AUX --
Cmd: exit
--------------------------------------------------------------------
No. UserName Date&Time LogMode IP-Address
3 root 2003-06-18 08:03:53 AUX --
Cmd: parity none
--------------------------------------------------------------------
3-1
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 3 Logs and Alarms
The MA5300 can record important operation logs in the UNIX host (also referred to as
log server) of internal network through the syslog mechanism.
The MA5300 features superor alarm function, enabling you to get informed whenever
any abnormal event occurs to the system host or the services.
Alarms may come from various modules in the host, or various service boards.
z By class, alarms can be divided into running alarms, fault alarms and recovery
alarms. Each fault alarm corresponds to a recovery alarm.
z By severity, alarms can be divided into critical alarms, major alarms, minor alarms
and warning alarms (in descending order).
Upon the occurrence of alarms, the system will, based on the configuration of each
terminal, broadcast the information to all terminals (including Network Management
System (NMS) workstation users and Command Line Interface (CLI) users). Whether
an alarm should be reported to a terminal depends on the associated definition for such
an alarm by the alarm control function.
1) Alarm ID.
An alarm ID consists of 4 bytes, and corresponds to only one alarm. It can be queried
using the command show alarm list.
2) Alarm serial number.
It is an integer. Every alarm is assigned with a different serial number. Generally
speaking, the serial number is associated with the sequence of alarm occurrence.
Therefore, it corresponds to one (and only one) alarm specifically.
3) Alarm levels.
The alarm level is used to indicate the severity level of an alarm. Available alarm levels
are: critical, major, minor and warning (in descending order).
z The critical alarm, such as power circuit fault or output clock fault, refers to the
global alarm that affects the normal equipment operation and should be eliminated
immediately.
3-2
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 3 Logs and Alarms
z The major alarm, such as broken fiber or physical line fault, refers to the local
board or line alarm that may lead to abnormality in services if not handled in time.
z The minor alarm refers to the general fault alarm or event alarm which describes
whether every board or line is normal. For example, such alarms may indicate the
occurrence of bit errors in a specific physical line.
z The warning alarm refers to the change of status or occurrence of events that do
not affect the system performance and service running, but may interest the
operators. Some of them are the prompt information concerning the recovery of
the system to normality.
4) Alarm classes.
Alarms can be divided into 3 classes, namely running alarms (event), fault alarms (fault)
and recovery alarms (restore).
5) Alarm types.
Alarms can be divided into 5 types, namely communication alarms, service-quality
alarms, process-error alarms, equipment alarms and environmental alarms.
6) Alarm parameters.
They are included in a reported alarm to describe the location of the alarm. For
example, in the case of board alarm, the parameters mainly include the frame number,
slot number and port number.
7) Reporting alarms to NMS workstations.
The system can support a maximum of 32 NMS workstations. Whether an alarm should
be sent to NMS workstations or not is decided by the associated switch.
8) Reporting alarms to CLI terminals.
You can use relevant commands to set whether some alarms should be sent to the CLI
terminals.
9) Alarm management.
The alarm management function is used to record alarms, set alarms and count alarms.
It helps to maintain the MA5300, making the equipment running efficiently.
3-3
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 3 Logs and Alarms
Alarms are saved in the host and can be queried at any time.
The information in an alarm record includes: time of occurrence, serial number, alarm
level, alarm class, alarm type and alarm parameters.
Up to 1,000 alarms can be saved in the system. If more than that number of alarms
occur, the latest alarm records will overwrite the old ones. Therefore, once a system
fault occurs, you should immediately query the alarm information and make records, for
fear that the alarm that may be helpful for fault locating is overwritten.
It is the most direct method to query alarm records based on the serial number. Each
alarm has a unique serial number based on the sequence of its occurrence.
2) Querying by alarm ID.
show alarm history alarmid id [startnum number]
Use this command if you want to know whether an alarm has occurred.
You can use the command show alarm list to view the names of alarms corresponding
to an alarm ID.
3) Querying by alarm level.
show alarm history alarmlevel level [startnum number]
Use this command if you are only concerned about alarms of a certain level.
4) Querying by alarm type.
show alarm history alarmtype type_value [startnum number]
type_value: It refers to the alarm type. The available values are: communication,
service_quality, process_error, equipment and environmental.
5) Querying by alarm class.
show alarm history alarmclass class [startnum number]
Use this command to query alarms generated during a certain period of time.
3-4
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 3 Logs and Alarms
Note:
The system has saved 1000 history alarms in the host. To view even earlier history alarms, you can resort
to the databases in the NMS.
For the MA5300, the properties of an alarm include: alarm ID, alarm name, alarm level,
default alarm level, alarm class, alarm type, command line output flag, statistics flag,
number of parameters, 15-minute threshold, 24-hour threshold, detailed alarm
description and so on.
To view the settings of an alarm, you can use the command show alarm configuration
alarmid.
Every alarm has its own default alarm level and current alarm level. You can use the
command alarm level alarmid alarmlevel to set a new alarm level or restore it to the
default one.
You can set the alarm level as any of the four levels. In general, the default alarm level
is a reasonable choice. Therefore, you can set the alarm level either by selecting any of
the available levels or by restoring it to the default value.
1) Setting alarm level.
You can use the command alarm level alarmid alarmlevel to set the alarm level.
You can use the command alarm level alarmid default to restore the alarm level to its
default value.
2) Querying command execution result.
To view the alarm level and verify the execution of a command, use the command
show alarm configuration alarmid.
3-5
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 3 Logs and Alarms
Note:
z Care should be taken whenever you set the alarm level. In usual conditions, the default alarm level is a
reasonable one. You can restore the default alarm level if the change in the alarm level proves not
desirable.
z The system can automatically keep a recovery alarm and the corresponding fault alarm at the same
level. That is, when you set the alarm level of a fault alarm, the system will set the alarm level of its
corresponding recovery alarm to the same level. Similarly, when you set the alarm level of a recovery
alarm, the alarm level of the corresponding fault alarm will be the same.
By default, any alarm generated in the system will be reported to the CLI terminal. As
different users have different concerns, the MA5300 provides the alarm output
screening function.
Each type of alarms has an output flag, which not only determines whether to output
the alarms to the CLI, but also decides setting of alarm output.
The system offers four modes for you to set the output of alarms to the CLI, namely
setting by alarm ID, setting by alarm level, setting by alarm type and setting all.
The output flag of recovery alarm is the same as that of fault alarm.
To set whether alarms should be output to CLI, use the (no) alarm output command.
no is optional. You can use no alarm output to disable the output of alarms of specific
category to the CLI, or alarm output to enable the output of alarms of specific category
to the CLI.
If you are not concerned about alarms of a low level, use this command to disable the
output of alarms of a specific level.
3) Setting by alarm type.
(no) alarm output alarmtype type_value
3-6
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 3 Logs and Alarms
Use this command to set the output of alarms based on alarm type.
4) Setting once for all.
(no) alarm output all
After the completion of above settings, you may find it hard to remember all of the alarm
output statuses in the system, and it is also troublesome to query them one by one. The
system provides the (no) alarm output all command allowing you to set the output
flags for all alarms.
5) Viewing the result of the command running.
Using the command show alarm configuration alarmid, you can query whether an
alarm has been output to the CLI and verify the execution of a command.
Note:
z When the output of a specific alarm to the CLI is enabled or disabled, it applies to all of the CLI
terminals.
z The alarm screening function mentioned above is inapplicable for the NM terminal, as the NM terminal
will offer more powerful alarm screening function.
z The alarm output settings have no impact on alarm generation. Alarms generated in the system will
still be recorded and can be traced.
z The modes offered for alarm output setting may affect each other. Whether or not to output an alarm is
determined by the latest setting. Suppose an alarm is both a major alarm and a communication alarm.
If the output for the alarm as major alarms is disabled, but enabled as communication alarms, this
alarm in question will be output as the latter setting is more decisive.
z The system can automatically keep a recovery alarm and the corresponding fault alarm to be of the
same output tag. That is, when you set the output tag of a fault alarm, the system will set the output tag
of its corresponding recovery alarm to the same. Similarly, when you set the output tag of a recovery
alarm, the output tag of the corresponding fault alarm will be the same.
Alarm statistics refer to totalizing and counting the alarms of a specific type generated
within a certain period of time. It can inform you the frequency of alarm occurrence, and
send you the threshold-crossing alarm based on the alarm threshold.
3-7
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 3 Logs and Alarms
Each alarm has a statistics flag indicating whether statistics collection for such an alarm
is required. By default, no alarm is required to be counted. You can enable the statistics
flag for alarms you are concerned about.
Similar to setting alarm output, you can set alarm statistics flag by alarm ID, by alarm
level, by alarm type or once for all.
To set the alarm statistics, use the (no) alarm statistics command.
no is optional. You can use the alarm statistics command to enable statistics
collection for a certain type of alarms, or the no alarm statistics command to disable
the statistics collection for a certain type of alarms.
As alarm ID is unique, this command can be used to set the alarm statistics function for
alarms of a specific class.
2) Setting alarm statistics by alarm level.
(no) alarm statistics alarmlevel level
If you are not concerned about low-level alarms, but interested in high-level alarms, use
this command to enable statistics collection for alarms of a specific level.
3) Setting alarm statistics by alarm type.
(no) alarm statistics alarmtype type_value
Use this command to set the alarm statistics flag based on alarm type
4) Enabling CLI output by all.
(no) alarm statistics all
Similar to setting alarm output, after the above settings complete, you may find it is hard
to remember all of the alarm statistics in the system, and it is also troublesome to query
them one by one. The system provides the (no) alarm statistics all command allowing
you to set the statistics flags for all alarms.
5) Querying command execution result.
show alarm configuration alarmed
Use the command to query alarm statistics flag and verify the execution of a command.
3-8
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 3 Logs and Alarms
Note:
z The modes offered for alarm statistics setting may affect each other. Whether statistics collection for
an alarm is enabled is determined by the latest setting. Suppose an alarm is both a major alarm and a
communication alarm. If the statistics collection for the alarm as major alarms is disabled, but enabled
as communication alarms, statistics collection for this alarm in question will be enabled.
z In practice, the statistics flag of recovery alarm may differ from that of fault alarm. The concerns for
them may also vary. Therefore, the fault alarm and recovery alarm should be set separately.
z It is prohibited to set statistics flag for a threshold-crossing alarm.
When you are concerned about the statistics on alarms of a certain category, you can
enable the alarm statistics flag to allow the system to collect statistics for these alarms
based on various parameters.
There are two threshold values for alarms of each type, namely 15-minute threshold
and the 24-hour threshold. Set the threshold as 0 if you are not concerned about
whether the alarm statistics have exceeded the threshold. Set it as non-0 if you intend
the system to generate a threshold alarm whenever the alarm statistics collected within
a certain period of time exceed the threshold. The default alarm threshold is 0.
Note:
z In practice, the statistics for recovery alarm may differ from that for fault alarm. Their importance may
also be different. Therefore, the fault alarm and recovery alarm should be set separately.
z If you are not concerned about the threshold alarm for certain type of alarms, set the corresponding
threshold as 0 to disable threshold alarm reporting.
3-9
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 3 Logs and Alarms
You may care about the occurrence frequency of some alarms generated within a
certain period of time. These statistics may help you to know the working status of
equipment and locate the potential faults.
You can make statistics for alarms generated within four periods, namely, next 15
minutes, next 24 hours, last 15 minutes and last 24 hours. In other words, the system
can save statistics in two days.
To query the statistics, use the command show alarm statistics alarmid [startnum
number].
If the equipment has been idle for a long time, or the alarm statistics have been
damaged, you can clear manually all statistics collected by using the clear alarm
statistics command.
Note:
The system will automatically clear the associated statistics if alarms of a certain type have not been
generated for a long time (within two days). Therefore, you do not need to clear such statistics in usual
conditions.
To query the basic information about alarms in the system, use the command below:
Using this command you can query information such as alarm ID, alarm output status,
alarm statistics status and alarm name.
Use the command show alarm list all to show the alarm name corresponding to an
alarm ID.
3-10
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 4 File Management
File system is intended to manage the memory devices. It can perform the following:
z Creating a file system.
z Creating/Deleting/Modifying/Renaming files and directories.
z Showing file content.
Note that single-stage directory name or file name can have as much as 64 characters.
File system can create and delete a directory, and show the working directory and the
information on a file or directory. By default, the current directory is flash:, namely the
default working path.
4-1
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 4 File Management
z Moving a file
z Showing the content of a specific file
The following table lists the commands for file-related operations.
Note:
It is recommended to use the command under guidance of supporting technicians.
This example shows how to modify the current path and creates a directory.
MA5300# cd flash:
MA5300# pwd
flash:
MA5300#mkdir test
4-2
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 4 File Management
MA5300# dir
Directory of flash:/
4.2.1 Overview
The MA5300 can serve as an FTP server to support logins by multiple users at the
same time. FTP users send requests to the MA5300, which will perform the
corresponding actions and feed back results. To enable the MA5300 as an FTP server,
run the command ftp server enable, whereas to disable the function, run the no ftp
server command.
4-3
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 4 File Management
Authorization of FTP server refers to authorizing FTP users to access the working
directory. Only the user that has passed the authentication and got the authority can
obtain services from the FTP server (namely the MA5300).
You can use the user command to configure the name, password of an FTP user and
the authorized working directory, or use the no user command to delete an FTP user.
In the following example, FTP username is 5300, password is huawei (in plain-text),
and the authorized working directory is flash:/ftp/Quidway.
MA5300(config)# user 5300 service-type ftp ftp-directory flash:/5300 password
0 huawei
To prevent unauthorized user access, connection between an FTP client and the
MA5300 will be terminated if no request is received from the FTP user for some time.
You can use the ftp timeout command to configure the FTP timeout, or use the no ftp
timeout command to restore the default value, which is 30 minutes.
You can use the following commands to view FTP server running status and online FTP
users.
You can use the show ftp-server command to query the current configuration of the
FTP server, including the maximum number of users supported and FTP timeout. You
can also use the show ftp-user command to query the detailed information on the
online FTP users.
4-4
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 4 File Management
For details about the commands relavant to FTP client, refer to MA5300/5303
Broadband Access System Command Help.
4.3.1 Overview
Compared to FTP, TFTP is simpler, because it does not require complicated interactive
access interface and authentication interface. TFTP is applicable when the interaction
between the client and server is not too complicated. It is implemented based on User
Datagram Protocol (UDP).
TFTP is initiated by the client. To download files from the TFTP server, the client sends
a read request to the server and receives data from the server. When the downloading
completes, the client sends an ACK message to the server.
To upload files, the client sends a write request to the server and transmits data to the
server. When the uploading completes, the client receives an ACK message from the
server. TFTP transfers programs in binary mode, and transfers text files in ASCII code.
TFTP transfers programs in binary mode, and text files in ASCII code mode. By default,
TFTP transfers files in binary mode. You can use the global command tftp { ascii |
binary } to configure the transfer mode.
This example shows how to set the file transfer mode of TFTP to binary mode.
MA5300(config)#tftp binary
4-5
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 4 File Management
When the MA5300 needs to download files from the TFTP server, it sends a read
request to the server as a client, and receives data from the server. When the
downloading completes, the MA5300 sends an ACK message to the server. You can
use the command tftp get to download a file through TFTP.
This example shows how to download the file text.txt through TFTP.
MA5300(config)#tftp get //10.71.53.108/test.txt test.txt
When the MA5300 needs to upload files, it sends a write request to the server as a
client, and transmits data to the TFTP server. When the uploading completes, the
MA5300 receives an ACK message from the server. You can use the global command
tftp put to download a file through TFTP.
4-6
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 5 Environment Monitoring Management
5.1 Overview
The MA5300 can monitor in realtime the various environment parameters. These
parameters show status of power supply, distribution, fan, temperature, humidity,
smoke, water and alarm. It can also generate alarms when faults occur. This can
guarantee the normal environment and high reliability for the device.
The MA5300 supports various envoroment monitor modules, also known as the
Environment Monitor Units (EMUs), inlcuding:
z H303ESC. It monitors the enviorment.
z Other built-in monitor modules. They monitor the associated function modules
respectively.
Fan frame EMU (FAN).
In terms of hardware, the EMU consists of the environment monitoring board and some
outer sensors to perform the data collection and controlling of the environment
parameters (inside and outside the cabinet) and some supply parameters.
In terms of software, various environment data is displayed and configured through the
command line in the environment monitoring mode and the NMS.
The object monitored by the EMU includes the distribution frame, access control,
temperature (inside and outside the cabinet), humidity, smoke, water, fire alarm,
burglary and other environment parameters, as well as the power parameters of power
and battery.
5-1
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 5 Environment Monitoring Management
z Checking the monitor parameters of the power, frame and distribution, and
generating the exception alarm.
z Describing the configuration of environment monitor module and the relevant data.
Note:
A maximum of two EMUs (one FAN and one other EMU) can be configured in one MA5300 cabinet.
After EMU has been connected correctly with the monitor serial port, proceed with the
following configurations on the operation interface of the MA5300.
5-2
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 5 Environment Monitoring Management
I. Adding an EMU
To configure the environment monitoring function, first you need to add an EMU. In the
global mode, use the command emu add emuid emutype frameid subnode com
[name].
emuid: used to add an EMU. The emuid entered should be unused. You can use the
command show emu to query the emuid and state of all EMUs
emutype: EMU type, including FAN, POWER4875, POWER4845, DIS and H303ESC.
subnode: subnode number. When the MA5300 and EMU communicate by means of
subnode, you need set the subnode number when configuring the EMU for the cabinet.
Note:
z The subnode number for H303ESC is always 30.
z The default subnodes for FAN, POWER4875, POWER4845 and DIS are 0. You can configure these
subnodes, but they must be consistent with the DIP settings on the hardware.
z No subnode is allowed to conflict with others when the system monitors multiple EMUs at the same
time.
com: the method for communication between the EMU and the ESM board, which can
be back, fore and random.
back means the EMU shall communicate with the ESM board through the serial
port on the backplane of the cabinet.
fore means the EMU shall communicate with the ESM board through the serial
port on the front panel of the ESM board.
random means the EMU shall use either the back or fore mode to
communicate. It is applicable to the communication between slave frames.
5-3
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 5 Environment Monitoring Management
Note:
Pay attention to the following when selecting the communication method:
z The EMU FAN can only work in back mode.
z Other EMUs can only work in fore mode.
Note:
z The EMU type cannot be changed after the configuration. If you need to change it, first delete the EMU,
and then add a new one.
z If an EMU in the cabinet has been replaced, first delete the original EMU, and then add the new one.
To display the attributes and running states of all EMUs, use the command show emu.
5-4
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 5 Environment Monitoring Management
MA5300(config)#show emu 0
EMU ID: 0
--------------------------------------------------------------------
EMU name : mdpower
EMU type : H303ESC
Used or not : Used
EMU state : Normal
Frame ID : 0
Subnode : 30
COM Port : Fore
--------------------------------------------------------------------
After an EMU has been added successfully, use the command interface emu to enter
the EMU mode of such EMU to query the state of the monitoring device and configure
the relevant environment parameters.
This example shows how to enter the EMU mode of the H303ESC, whose EMUID is 0.
MA5300(config)#interface emu 0
MA5300(config-if-h303esc-0)#
The command esc fan is used to set the status control parameters for the H303ESC
fan frame. The status of the fan frame can be opened, closed or auto.
The default status control is auto. It means that the temperatures for the fan auto-on
and auto-off must be set. The default temperatures for fan auto-on and auto-off are
45C and 30C respectively.
To set the upper and lower thresholds of analog parameters like temperature and
humidity, use the command esc analog.
5-5
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 5 Environment Monitoring Management
To set the digital parameters like MDF state, access control state and normal state of
the digital parameters, use the command esc digital.
To set the extended serial port parameters, including the baudrate and databit, use the
command esc com.
You need to add a power module using the command esc power before configuring
the related parameters. The power module supported at present is the 4810 power
module.
After the power module to be monitored by H303ESC has been added, you can use the
command esc 4810 to set the power parameters.
The command show esc system parameter is used to display the H303ESC system
parameters, which include: fan running mode, analog, digital, extended serial port
parameters and power module parameters.
The command show esc 4810 is used to display the configuration of the 4810 power
module, work status and running information.
The command show esc environment info is used to display the setting of
environment factors like temperature, humidity, access control and fire sensors.
The command show esc alarm is used to display the alarm information on the
environment.
5-6
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 5 Environment Monitoring Management
The following sections introduce how to configure the 4875/4845 power module.
The command power analog-backup is used to set the backup analog of the 4875
power module.
The command power battery is used to set the management and temperature
parameters of the battery that connects with the 4875/4845 power modules.
The command power charge is used to set the charging parameters for the battery
that connects with the 4875/4845 power module, including the charging mode and
charging voltage.
The command power environment is used to set the environment parameters of the
4875/4845 power module, including the temperature and humidity.
The command power module-num is used to set the quantity of 4875/4845 power
module.
The command power module-parameter is used to configure the on/off status control
of the 4875/4845 power module. By default, the power module is on, which means the
power module is supplying power at present.
The power-off occurs in two cases: loading power-off and battery power-off.
When the mains supply is cut off, the MA5300 cabinet will be powered by the batteries.
If the output voltage of the batteries drops under the loading power-off threshold, the
power for the traffic load will be cut off. If the output voltage of the batteries keeps
5-7
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 5 Environment Monitoring Management
dropping and goes below the battery power-off threshold, the batteries will stop
working.
The command power off is used to configure the power-off thresholds for the load and
the batteries. Note that the 4875 power module does not support the loading power-off
function.
The command power digital-backup is used to set the backup digital of the 4875/4845
power module.
The command power temperature-off is used to set the power-off temperature for the
4845 power module.
The command show power alarm is used to display the alarm information on the
4875/4845 power module.
The command show power environment info is used to display the environment
information on the 4875/4845 power module.
5-8
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 5 Environment Monitoring Management
The command show power run info is used to display the running information on the
4875/4845 power module.
The command show power system parameter is used to display the 4875/4845
power system parameters.
To enable or suppress the DIS alarm parameters, use the command distribution
alarmset.
The DIS alarm parameters include: temperature and humidity of the power distribution
frame, -48V input to the frame, internal/external sensors for digital, and sensors for
analog.
To open or close the buzzer on the power distribution frame, use the command
distribution buzzers.
z The command distribution humidity is used to set the upper and lower threshold
of humidity alarm.
z The command distribution temperature is used to set the upper and lower
threshold of temperature alarm.
z The command distribution input is used to set the upper and lower threshold of
-48V input to the power distribution frame.
z The command distribution outside_analog is used to set the parameters of
external sensors of the power distribution frame for analog.
z The command distribution outside_digital is used to set the parameters of
external sensors of the power distribution frame for digital.
z The command distribution lamp is used to set the lamp parameter of the cabinet.
5-9
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 5 Environment Monitoring Management
The following sections are examples on configuring the H303ESC and DIS.
This example shows how to add an EMU connected to the environment monitoring port
of the ESM board for frame 0. The EMU ID is 0 and the EMU type is H303ESC.
MA5300(config)#emu add 0
{ DIS<K>|H303ESC<K>|POWER4845<K>|POWER4875<K>|FAN<K> }:h303ESC
{ frameid<U><0,63> }:0
{ subnode<U><0,31> }:30
{ back<K>|fore<K>|random<K> }:fore
{ <cr>|name<S><1,19> }:
MA5300(config)#emu add 0 h303ESC 0 30 fore
MA5300(config)#
! 1[2003-07-17 17:59:01]:ALM-3-AlarmInfo:
5-10
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 5 Environment Monitoring Management
Note:
The subnode number for EMU-H303ESC is always 30.
Note:
If the state of EMU is Fault, check the following:
z Whether H303ESC works normally.
z Whether the physical connection is correct.
z Whether the EMU type, cabinet ID, subnode number and communication serial port are correct.
5-11
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 5 Environment Monitoring Management
Note:
If there is a temperature alarm and access control alarm when you check the environment state, modify
the temperature threshold and the level of the access control respectively to eliminate these alarms. Too
high a temperature is prompted because the upper threshold for temperature alarm is set to only 20
degrees centigrade; while the access control alarm is generated since the door is not closed.
This example shows how to set the temperature alarm, with the upper and threshold as
55 and 5 centigrade respectively.
MA5300(config-if-h303esc-0)#esc analog
{ analogid<U><0,7> }:0
{ alarm-upper-limit<S><1,4> }:55
{ alarm-lower-limit<S><1,4> }:5
{ <cr>|measure-upper-limit<S><1,4> }:
This example shows how to set the effective level of access control to a high level.
MA5300(config-if-h303esc-0)#esc digital
{ digitalid<U><0,21> }:1
{ low-level<K>|high-level<K> }:high-level
{ <cr>|name<S><0,19> }:
5-12
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 5 Environment Monitoring Management
Now the states of both temperature and access control are normal.
This example shows how to add an EMU, with EMU ID as 1 and type as DIS.
MA5300(config)#emu add 1 dis 0 0 fore
{ <cr>|name<S><1,19> }:
MA5300(config)#
5-13
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 5 Environment Monitoring Management
Frame ID : 0
Subnode : 0
COM Port : Fore
Note:
If the EMU state is Fault, check the following:
z Whether the physical connection is correct.
z Whether the connection line between distribution frame and MA5300 is correct and functions well.
z Whether bits 1 5 of the DIP switch S1 on the DIS has been set to ON.
z Whether the EMU type, frame ID, subnode number and communication serial port are configured
correctly.
The configuration processes for different EMUs are similar, so you can refer to the
above two examples in configuring other EMUs. For related commands, refer to the
previous description in this chapter.
5-14
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 5 Environment Monitoring Management
Note that the key words of configuration commands in the EMU mode are different. For
example, the key word for H303ESC is esc, for FAN is fan, for the power 4875 and
power 4845 is power, and for DIS is distribution.
5-15
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 6 Active/Standby Switchover
6.1 Overview
As a carrier class device, the MA5300 features excellent operation reliability and fault
tolerance. It is capable of making quick response to any occurrence of fault. This can
minimize the negative impact on the ongoing services.
To enable the fault tolerance function, the MA5300 incorporates the active/standby
switchover design.
The active/standby switchover involves two basic elements: data synchronization and
smoothness. They are the preconditions for the realization of active/standby
switchover.
I. Data synchronization
The data that can be synchronized include configuration data, basic running data, and
dynamic service data.
II. Smoothness
The active/standby switchover means changing the standby board to the active one.
Before implementing active/standby switchover, the MA5300 needs to check the
consistency between the data blocks to be synchronized and generate new data. This
process is generally referred to as smoothness.
6-1
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 6 Active/Standby Switchover
Based on the data synchronization mode, the active/standby switchover can be divided
into normal active/standby switchover and forced active/standby switchover.
z Normal active/standby switchover.
Normal active/standby switchover refers to the active/standby switchover which is
implemented on the basis of sufficient data synchronization. It can maintain the
continuity of the ongoing service.
z Forced active/standby switchover.
Forced active/standby switchover refers to the active/standby switchover which is
implemented on the basis of insufficient data synchronization. Insufficient data
synchronization occurs in three circumstances: insufficient configuration data
synchronization, insufficient basic running data synchronization, and insufficient
dynamic service data synchronization. To implement active/standby switchover in
these three circumstances will have different impact on the system.
6-2
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 6 Active/Standby Switchover
MA5300+ double ISUs active/standby switchover supports built-in ISU backup and
double uplinks. It can implement ISU/ESM and uplink redundant backup.
In Figure 61, system 1 comprises ESM1 and ISU1; system 2 comprises ESM2 and
ISU2.
Assume that system 1 (or system 2) is used as the active one, if any uplink interface of
ESM or ISU is faulty, the two systems will exchange their respective active or standby
status. The active one turns into the standby one and the standby one turns into the
active one. In this way, system reliability is greatly improved.
6-3
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 6 Active/Standby Switchover
ISU1
GATEWAY:4.0.0.1/24
IP POOL4.0.0.2-4.0.0.100
ip route-static 0.0.0.0 0.0.0.0 4.0.1.100
ip route-static 0.0.0.0 0.0.0.0 4.0.2.2
preference 200
ISU2
GATEWAY:4.0.0.1/24
IP POOL4.0.0.2-4.0.0.100
ip route-static 0.0.0.0 0.0.0.0 4.0.1.100 PC2
ip route-static 0.0.0.0 0.0.0.0 4.0.2.1
MA5300
ID C
preference 200
4.0.1.100/16
G7/1/1 G8/1/1 G9 G9
A TRUNK E E TRUNK
I I
D S S S S
7x 8x 9x 10x 11x 1 2x 7x 8x 9x 1 0x 1 1x 12 x
Et hernet
C
7 8 9 101 11 2
A 1 2 3 4 5 6 1x 2x 3x 4x 5x 6x 1x 2x 3x 4x 5x 6x
S M M U U
A B
HUB
L 1 2 1 2
4.0.1.1/24 E6 E6 4.0.1.1/24
4.0.2.1/24 E7 E7 4.0.2.2/24
ADSL1/0/0
7 8 14 15
T AL K / D ATA
TAL K R S C S TR R D TD CD
MT800
PC1
Since only one of ESM1 and ESM2 is in active status, you just need to configure the
active ESM. The configuration data will be synchronized to the standby ESM
automatically. The following introduces how to configure the ESM.
1) Configure port Gigabit Ethernet 7/1/1 as Trunk port to allow the pass-through of all
VLANs.
MA5300(config)#interface gigabitEthernet 7/1/1
MA5300(config-if-GigabitEthernet7/1/1)#switchport mode trunk
MA5300(config-if-GigabitEthernet7/1/1)#switchport trunk allowed vlan all
Please wait........................................... Done.
MA5300(config-if-GigabitEthernet7/1/1)#
2) Create VLAN 2, designate port ADSL1/0/0 to VLAN 2 and activate port
ADSL1/0/0.
6-4
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 6 Active/Standby Switchover
MA5300(config)#vlan 2
MA5300(config-vlan2)#switchport adsl1/0/0
MA5300(config-vlan2)#exit
MA5300(config)#adsl activate adsl1/0/0
3) Configure PPPoA and IPOA parameters.
As the two BAS boards are designated with different MAC addresses, you can run
these commands to set the destination MAC addresses for PPPoA and IPOA:
MA5300(config)#atm-terminated dest-mac pppoa support-misu slot7
00e0.fc26.0830 slot8 00e0.fc00.1122
MA5300(config)#atm-terminated dest-mac ipoa support-misu slot7
00e0.fc26.0830 slot8 00e0.fc00.1122
The first MAC address is the MAC address of ISU1 connected with the ESM board
residing in Slot 7; the second MAC address is the MAC address of ISU2 board
connected with the ESM board residing in slot 8.
4) Set the connection type of ADSL1/0/0 as auto.
MA5300(config)#adsl connect-type auto adsl1/0/0
5) Enable the uplink interface of the standby ESM board.
MA5300(config)#interface g7/1/1
MA5300(config-if-GigabitEthernet7/1/1)#slave-up
By default, the GE and FE interfaces of standby ESM board are disabled. You need to
enable these interfaces used for packet transmission manually.
6) Add two ISU boards through the device management function.
MA5300(config)#inner-isu support-misu
If using the command inner-isu, you can only add one ISU board. If using the above
command, you can add two ISU boards at the same time. At this moment, you can see
two ISU board using the command show board.
7) Configure MISU.
MA5300(config)#misu uplink-port slot 7 interface GigabitEthernet7/1/1
MA5300(config)#misu uplink-port slot 8 interface GigabitEthernet7/1/1
MA5300(config)#misu enable
These commands are used to specify a port of the two ESM boards for ISU
active/standby switchover, and then enable double ISUs active/standby switchover.
The ports connecting to the ISU board must be the same on the two ESM boards.
As ISU1 and ISU2 are two independent devices, you need to configure them one by
one manually.
6-5
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 6 Active/Standby Switchover
This configuration can be performed in the same manner as configuring a single ISU.
Designate port Ethernet6 for PPP and VLAN access, and then add several user
accounts. For details, refer to Intelligent Service Unit Processing Unit Operation
Manual.
2) Enable PPPoA function.
[ISU] pppoa enable
ISU2 configuration:
[ISU]inter eth 6.0
[ISU-Ethernet6.0]ip address 4.0.1.1 255.255.255.0
[ISU-Ethernet6.0]quit
[ISU]inter eth 7.0
[ISU-Ethernet7.0]ip address 4.0.2.2 255.255.255.0
[ISU-Ethernet7.0]quit
[ISU]portvlan eth 6 vlan 0
[ISU-ethernet6-6-vlan0-0]access-type interface
[ISU-ethernet6-6-vlan0-0]quit
[ISU]portvlan eth 7 vlan 0
[ISU-ethernet7-7-vlan0-0]access-type interface
[ISU-ethernet7-7-vlan0-0]quit
[ISU]ip route-static 0.0.0.0 0.0.0.0 4.0.1.100
[ISU]ip route-static 0.0.0.0 0.0.0.0 4.0.2.1 preference 200
6-6
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 6 Active/Standby Switchover
To enable NMS devices in the public network to access the two ISU boards at the same
time, you need to add a low-priority default route between the ISUs ports ethernet7.
4) Enable HRP function.
[ISU]hrp uplink Ethernet6
[ISU]hrp downlink GigabitEthernet9
[ISU]hrp enable
The above commands configure the uplink/downlink port needed for the double ISUs
active/standby switchover, and enable the HRP packet reception function.
When the system is in normal status, run the command show misu on the ESM board.
MA5300(config)#show misu
[MISU information]
function status: Enable
shakehand timer: 3 (sec)
upper-port of ESM board in slot 8: GigabitEthernet7/1/1
ESM board in slot 8 is in master status
ISU board status is Normal
upper-port of ISU board is up
upper-port of ESM board in slot 7: GigabitEthernet7/1/1
ESM board in slot 7 is in slave status
ISU board status is Normal
upper-port of ISU board is administratively down
The above shows that the two ISUs are in normal status, the uplink port of the ISU
board connected with the active ESM board is enabled, while the uplink port of the ISU
board connected with standby ESM board is disabled.
When viewing the indicators of the hub, you can find that one of the two ports
connecting the uplink ports of two ISU boards is UP and the other is DOWN.
The following introduces how to view the the indicators of the hub:
1) Configure PPPoA access on the MT800 (an ADSL Modem). The system prompts
success and allocates an IP address.
2) Disconnect the uplink port of ISU board (connected with ESM) with the hub.
Several seconds later, the system starts to implement ESM active/standby
switchover. The original active ESM board prints Master board is ready to reset
for isu connection down. The original standby ESM board becomes the active
one.
3) Interrupt MT800s PPPoA access, and then redial. The PPPoA access is restored.
You can ping PC2 using PC1.
4) View the hubs indicators. You can find that the UP one of the two uplink ports
connected with ISU turns into DOWN, and the other turns into UP.
6-7
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 6 Active/Standby Switchover
Insert two ESM boards in slots 7 and 8, serving as active and standby ESM boards
respectively. While in slot 15, insert an EIUA board.
As an interface board, the EIUA board provides two subboard slots: one for GE
subboard, and the other for EF subboard. Similar to the subboard slot arrangement in
the ESM board, the GE subboard is above the FE subboard.
Before starting the write operation on the active ESM board, you can run the command
standby backup configure to automatically synchronize the configuration data in the
active board with those in the standby board; or you can use the command no standby
backup configure to disable configuration data synchronization.
Once the active/standby data synchronization switch is enabled through the command
standby backup configure, the configuration data saved in active board through the
command write will also be saved in the backup board. To disable the synchronization
switch for active/standby board configuration data, run the command no standby
backup configure. By default, the configuration file synchronization switch for
active/standby board is enabled.
1) Enable the switch for synchronizing configuration files on active/standby boards.
MA5300#standby backup configure
Config file automatic backup to standby board switch status: On.
2) Disable the switch for synchronizing configuration files on active/standby boards.
MA5300#no standby backup configure
Config file automatic backup to standby board switch status: Off.
To maintain the consistency in configuration data between the active board and the
standby board, use the command standby update configure in Privileged mode.
6-8
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 6 Active/Standby Switchover
To switch the active and standby ESM boards manually, run the command system
switch-over in Privileged mode. Unless considered necessary, do not use the
command.
To perform o perform active/standby switchover between the two ESM boards, follow
the steps below strictly:
1) Enable the switch for synchronizing configuration files on active/standby boards
using the command standby backup configure.
2) Synchronize the configuration data in the active board with those in the standby
board using the command standby update configure.
3) Switch the ESM board manually using the command system switch-over.
This example shows how to perform ESM board switchover manually.
MA5300#standby backup configure
Configure file automatic backup to standby board switch status: On
MA5300#standby update configure
The configureuration file will be written to the flash memory of standby board
Are you sure to continue? (y/n)[n]:y
Now synchronizing startup-configure to standby.
Please wait for a while(2 minutes in worst case)...
Synchronize startup-configure to standby successfully.
MA5300#system switch-over
Are you sure to switch over? (y/n)[n]:n
To configure automatic switchover, you only need to run the command standby
backup configure in privileged mode of the active ESM board.
This operation can be omitted, because the switch for synchronizing configuration files
on active/standby boards is enabled by default.
MA5300#standby backup configure
Configure file automatic backup to standby board switch status: On.
After the completion of data configuration in the active ESM board, you can run the
command write to save the configuration data. At the mean time, the system saves the
configuration data in the standby board by synchronizing the active/standby
configuration data.
6-9
Operation Manual - Maintenance Operations
SmartAX MA5300/5303 Broadband Access System Chapter 6 Active/Standby Switchover
When the active ESM board is unplugged or is faulty, the system automatically
switches it to the standby board to ensure normality of the ongoing service.
The first steps for configuring automatic switchover and manual switchover are the
same: That is to run the command standby backup configure in privileged mode of
the active ESM board to enable the switch for synchronizing configuration files on
active/standby boards. This operation can be omitted, because the switch for
synchronizing configuration files on active/standby boards is enabled by default.
MA5300#standby backup configure
Configure file automatic backup to standby board switch status: On.
After the completion of data configuration in the active ESM board, you can run the
command write to save the configuration data. At the mean time, the system saves the
configuration data in the standby board by synchronizing the active/standby
configuration data.
When the active ESM board is unplugged, you can use the command system
switch-over to perform active/standby switchover manually. This can change the
standby board into the active one, ensuring the normality of system running.
MA5300#system switch-over
Are you sure to switch over? (y/n)[n]:n
6-10
HUAWEI
Appendix
Operation Manual - Appendix
SmartAX MA5300/5303 Broadband Access System Table of Contents
Table of Contents
i
Operation Manual - Appendix
SmartAX MA5300/5303 Broadband Access System Appendix A Acronyms and Abbreviations
A
AAA Authentication, Authorization and Accounting
ABR Area Border Router
ACK Acknowledgement
ACL Access Control List
ADSL Asymmetrical Digital Subscriber Loop
APP Application Program
ARP Address Resolution Protocol
AS Autonomous System
ASBR Autonomous System Boundary Router
B
BAS Broadband Access Server
BDR Backup Designated Router
BGP Border Gateway Protocol
C
CAR Committed Access Rate
CLI Command Line Interface
CO Central Office
COS Class of Service
D
DD Database Description
DHCP Dynamic Host Configuration Protocol
DIS Dial in-line Package
DR Designated Router
DSLAM Digital Subscriber Line Access Multiplexer
D-V Distance Vector Routing Algorithm
E
ESM Ethernet Switch Main Control board
EAD Ethernet ADSL access board
ESH Ethernet SHDSL board
A-1
Operation Manual - Appendix
SmartAX MA5300/5303 Broadband Access System Appendix A Acronyms and Abbreviations
A-2
Operation Manual - Appendix
SmartAX MA5300/5303 Broadband Access System Appendix A Acronyms and Abbreviations
A-3
Operation Manual - Appendix
SmartAX MA5300/5303 Broadband Access System Appendix A Acronyms and Abbreviations
A-4