R1-ADseries Corecess

Edition: 00
Distribution: May, 2006
Corecess Smart ADSL 2+ DSLAM
R1-AD24A
R1-AD24AN
R1-AD48A
User's Guide
| Copyright |
Copyright ©2006 by Corecess Inc. All rights reserved.
No Part of this book shall be reproduced, stored in a retrieval system, or

transmitted by any means, electronic, mechanical, photocopying,
recording, or otherwise, without written permission from the publisher.
The specifications and information regarding the products in this manual

are subject to changed without notice.
| Trademark Credit |
Corecess R1-AD series is registered trademark of Corecess Inc.
Other product names or company names mentioned in this manual are

registered trademarks of the appropriate company.
Corecess Inc.
500-2, Sangdaewon-dong, Jungwon-ku, Sungnam-city,
Kyungki-do, Korea, 462-120
TEL:+82-31-739-6600 FAX: :+82-31-739-6622
http://www.corecess.com
Manual Contents
This manual is organized as follows concerning the Corecess R1-AD series:
y Introduction to functions and features
y Name and function of each part
y How to install on a rack and connect cable to each port
y How to configure the Corecess R1-AD series
Careful reading of this manual before using the Corecess R1-AD series will alleviate the
complexity of manipulating the system. The user should read the chapters 1~3 to become
acquainted with the functions of the product, name and function of each part, and the
precautions before installation. Understanding chapters 1~3 will help a great deal for safety in
installing and using the product.
9 This manual can also be downloaded from Corecess website www.corecess.com.
9 If you have any problems or questions during installation or while using the product,
contact your equipment provider or visit our website at www.corecess.com and leave
a message in Q&A.
Audience
This manual is designed for the users with basic knowledge in Ethernet and ADSL. Thus, this
manual assumes that the reader is knowledgeable of basic concepts and terminology about
Ethernet and ADSL and does not provide separate explanations for these topics. If you feel that
the contents of this manual are difficult and require more detailed explanations, refer to other
network related books.
Revision History
Edition Date Description
00 May, 2006 First Draft
III III
Notations
This manual uses the notations explained below for assisting readers in understanding the
contents of this manual.
Notations in Console Screen

When indicating text displayed on the console screen, the following indications are used:
y Text displayed on console screen is shown in Courier New.
y Values entered by user are displayed in bold Courier New.
Notations in Command Syntax

In this manual, the following indications are used to explain the syntax of console commands:
y Console commands are indicated in bold Courier New.
y Parameters that need to be entered are indicated in Courier New.
y Parameters in [ ] are parameters that can be ignored.
y { A | B | C } means that one entry among A, B, and C must be selected and entered.
y [A | B | C] means that one entry among A, B, and C may or may not be selected and
entered.
IV R1-AD Series User’s Manual

Conventions
This manual uses the following conventions:
Recommendation: Introduces recommendatory item for the use of product..
Note: Introduces useful item for the use of product, reference, and its related materials
Caution: Explains possible situations or conditions of improper operation and possibility of

losing data and provides suggestions how to deal with those cases.
Warning: Explains situtations in which product can be damaged or danger can be imposed
to users physically, and informs you how to respond to those situations.
V V
Organization
The chapters of this manual are organized as follows:
Chapter 1 Overview
This chapter introduces functions and features of the Corecess R1-AD series and describes several kinds of
network examples configurable with the Corecess R1-AD series.
Chapter 2 Hardware Description

This chapter introduces the structures of the Corecess R1-AD series and describes the function and
appearance of the uplink modules provided for the Corecess R1-AD series.
Chapter 3 Before Installation

This chapter describes the precautions for the Corecess R1-AD series installation and installation
environment for the normal operation. It also describes the way to unpack box of the Corecess R1-AD
series and verify the contents.
Chapter 4 Installation
This chapter describes how to mount the Corecess R1-AD series on a rack, connect the cables to the ports,
and connect the power.
Chapter 5 Basic Configuration

This chapter briefs general configuration method of the Corecess R1-AD series.
Chapter 6 Configuring Ports

This chapter describes how to change port configuration settings.
Chapter 7 Configuring VLAN

This chapter overviews Virtual LAN and describes how to configure VLAN using several examples. The
tagged VLAN and overlapped VLAN are described in this chapter.
Chapter 8 Configuring SNMP and RMON

This chapter describes how to configure SNMP and RMON on the Corecess R1-AD series.
Chapter 9 Configuring QoS

This chapter describes how to configure QoS (Quality of Service) on the Corecess R1-AD series.
VI R1-AD Series User’s Manual

Chapter 10 Configuring Security
This chapter describes how to configure security features on the Corecess R1-AD series.
Chapter 11 Configuring IGMP Snooping

This chapter describes how to configure IGMP snooping for the Corecess R1-AD series to manage the
multicast traffic.
Chapter 12 Configuring DHCP & ARP Snooping

This chapter describes how to configure DHCP snooping for the Corecess R1-AD series to manage the
DHCP traffic and ARP traffic.
Chapter 13 Configuring STP

This chapter describes how to configure STP (Spanning Tree Protocol) on the Corecess R1-AD series.
Appendix A Technical Specifications

Appendix A describes on hardware and software specifications of the Corecess R1-AD series.
Appendix B Connector and Cable Specifications

Appendix B describes the specifications of the ports on the Corecess R1-AD series and various cards
provided by the Corecess R1-AD series. In addition, the types and specifications of cables needed for the
connection of each port.
VIIVII
Table of Contents
Manual Contents ............................................................................ III

Audience....................................................................................................... III
Revision History .......................................................................................... III
Notations........................................................................................IV
Notations in Console Screen ...................................................................... IV
Notations in Command Syntax ................................................................. IV
Conventions ...................................................................................................V
Organization...................................................................................VI
Table of Contents...........................................................................VI
List of Tables..................................................................................VI
Chapter 1 Overview 1-6

Introduction .................................................................................. 1-6
Hardware Features..................................................................................... 1-6
Memories ............................................................................................................ 1-6
Supported Line Interfaces ................................................................................ 1-6
Flexible Uplink Interfaces................................................................................. 1-6
Software Features ....................................................................................... 1-6
ADSL ................................................................................................................... 1-6
Switch .................................................................................................................. 1-6
VLAN (Virtual LAN) ........................................................................................ 1-6
Multicasting........................................................................................................ 1-6
Powerful Manageability ................................................................................... 1-6
Security................................................................................................................ 1-6
QoS (Quality of Service) ................................................................................... 1-6
Subscriber Management ................................................................................... 1-6
Applications.................................................................................. 1-6
Corecess R1-AD series Network .............................................................. 1-6
Chapter 2 Hardware Description 2-6

System Chassis ........................................................................... 2-6
Ground Connector............................................................................................. 2-6
Power Device ..................................................................................................... 2-6
Uplink Slots ([A], [B])........................................................................................ 2-6
Reset Switch (RST)............................................................................................. 2-6
Console Port (CONSOLE) ................................................................................ 2-6
LEDs .................................................................................................................... 2-6
ADSL Ports ......................................................................................................... 2-6
PSTN Port (R1-AD24A only) ........................................................................... 2-6
VIII R1-AD Series User’s Manual

Uplink Modules ............................................................................ 2-6
OPT-N2CD .................................................................................................. 2-6
Gigabit Ethernet Combo Port (A, B) ............................................................... 2-6
Gigabit Ethernet Port LED (A, B) .................................................................... 2-6
OPT-N2CS ................................................................................................... 2-6
Gigabit Ethernet Combo Port (A, B) ............................................................... 2-6
Gigabit Ethernet Port LED (A, B) .................................................................... 2-6
OPT-N1ES1CD............................................................................................ 2-6
Gigabit Ethernet PON Port LED (A)............................................................... 2-6
Gigabit Ethernet PON Port (A)........................................................................ 2-6
Gigabit Ethernet Combo Port (B) .................................................................... 2-6
Gigabit Ethernet Port LED (B) ......................................................................... 2-6
OPT-N1EL1CD ........................................................................................... 2-6
Gigabit Ethernet PON Port LED (A)............................................................... 2-6
Gigabit Ethernet PON Port (A)........................................................................ 2-6
Gigabit Ethernet Combo Port (B) .................................................................... 2-6
Gigabit Ethernet Port LED (B) ......................................................................... 2-6
Chapter 3 Before Installation 3-6

Precautions .................................................................................. 3-6
General Precautions ................................................................................... 3-6
Power Considerations................................................................................ 3-6
DC Power............................................................................................................ 3-6
AC Power............................................................................................................ 3-6
Spare Power........................................................................................................ 3-6
Preventing ESD........................................................................................... 3-6
Installing and Servicing the System......................................................... 3-6
Disconnecting Power ........................................................................................ 3-6
Grounding the System ...................................................................................... 3-6
Connecting Cables............................................................................................. 3-6
Working with Lasers ......................................................................................... 3-6
Preventing EMI .................................................................................................. 3-6
Covering Blank Slots ......................................................................................... 3-6
Rack-Mounting the System....................................................................... 3-6
Lifting the System....................................................................................... 3-6
Disposing of the System ............................................................................ 3-6
Installation Place .......................................................................... 3-6
Environmental Requirements................................................................... 3-6
Power Supply.............................................................................................. 3-6
Unpacking .................................................................................... 3-6
Chapter 4 Installation 4-6

Installation Procedure .................................................................. 4-6
Rack-Mounting ............................................................................. 4-6
IX IX
Required Tools and Equipment ............................................................... 4-6
Mounting the System on a Rack............................................................... 4-6
Connecting Ports.......................................................................... 4-6
Connecting Gigabit Ethernet Uplink Port .............................................. 4-6
Connecting RJ-45 Connector ............................................................................ 4-6
Connecting LC Connector on SFP Module .................................................... 4-6
Connecting Gigabit Ethernet PON Uplink Port..................................... 4-6
Connecting PSTN Port (R1-AD24A only)............................................... 4-6
Connecting ADSL Port .............................................................................. 4-6
Connecting the Console Port .................................................................... 4-6
Connecting Power........................................................................ 4-6
Connecting AC Power ...................................................................................... 4-6
Connecting DC-Input Power ........................................................................... 4-6
Starting the Corecess R1-AD series ............................................ 4-6
Chapter 5 Basic Configuration 5-6

Before Configuration .................................................................... 5-6
Accessing the CLI ....................................................................................... 5-6
Command Modes ....................................................................................... 5-6
Entering Privileged Mode ................................................................................ 5-6
Entering Global Configuration Mode............................................................. 5-6
Returning to Previous Command Mode ........................................................ 5-6
Logging out From CLI ...................................................................................... 5-6
Prompt.......................................................................................................... 5-6
Getting Help................................................................................................ 5-6
Command Usage Basics ............................................................................ 5-6
Entering Commands ......................................................................................... 5-6
Specifying Ports ................................................................................................. 5-6
Editing Commands ........................................................................................... 5-6
Configuring Basic System Parameters......................................... 5-6
Configuring the IP Address and Default Gateway ............................... 5-6
Configuring System Name and Setting System Date and Time.......... 5-6
Configuring the System Name ........................................................................ 5-6
Setting the System Date and Time .................................................................. 5-6
User Management........................................................................ 5-6
Adding a New User ................................................................................... 5-6
Changing a User Password....................................................................... 5-6
Deleting a User............................................................................................ 5-6
Configuration File Management ................................................... 5-6
Displaying and Saving the Current Running Configuration............... 5-6
Displaying the Current Running Configuration........................................... 5-6
Saving the Current Running Configuration .................................................. 5-6
Restoring Default Configuration.............................................................. 5-6
Upgrading Software ..................................................................... 5-6
X R1-AD Series User’s Manual

System Log Management ............................................................ 5-6
Specifying Event Level .............................................................................. 5-6
Specifying Screen to Display Log............................................................. 5-6
Configuring to Display Log Messages to Console Screen ........................... 5-6
Configuring to Display Log Messages to a Remote Server ......................... 5-6
Configuring to Display Log Messages to a Telnet Sessions ........................ 5-6
Saving Log Message in Log File ............................................................... 5-6
Displaying Contents of Log File............................................................... 5-6
Clearing System Log .................................................................................. 5-6
Monitoring the System ................................................................. 5-6
Checking Network Connectivity ............................................................. 5-6
Displaying System Module Equipment Status ...................................... 5-6
Displaying System Module Information................................................. 5-6
Displaying Memory Usage ....................................................................... 5-6
Chapter 6 Configuring Ports 6-6

Configuring Gigabit Ethernet Ports .............................................. 6-6
Default Gigabit Ethernet Configurations................................................ 6-6
Configuring Gigabit Ethernet Ports......................................................... 6-6
Disabling or Enabling the Gigabit Ethernet Port .......................................... 6-6
Setting the Port Speed and Duplex Mode ...................................................... 6-6
Setting Port Name ............................................................................................. 6-6
Setting Port Trap................................................................................................ 6-6
Displaying Gigabit Ethernet Port Information ...................................... 6-6
Displaying Gigabit Ethernet Port Information.............................................. 6-6
Configuring ADSL Ports ............................................................... 6-6
Default ADSL Configurations .................................................................. 6-6
Configuring ADSL Ports ........................................................................... 6-6
Disabling or Enabling the ADSL Port............................................................. 6-6
Setting ADSL Line Operating Mode............................................................... 6-6
Setting ADSL Link Speed ................................................................................. 6-6
Setting ADSL Data Transmission Mode......................................................... 6-6
Setting Interleave Delay.................................................................................... 6-6
Specifying Target, Maximum, and Minimum SNR Margin........................ 6-6
Setting SRA......................................................................................................... 6-6
Setting pwrmng ................................................................................................. 6-6
Specifying Bit Swapping................................................................................... 6-6
Specifying Trellis Encoding ............................................................................. 6-6
Configuring the Impulse Noise Protection .................................................... 6-6
Resetting ADSL Port ......................................................................................... 6-6
Configuring Multiple PVCs ...................................................................... 6-6
Creating a PVC................................................................................................... 6-6
Assigning PVID to a PVC................................................................................. 6-6
Configuring VLAN Tag for a PVC.................................................................. 6-6
Multiple PVCs Configuration Example ......................................................... 6-6
XI XI
Displaying ADSL Port Information ......................................................... 6-6
Displaying ADSL Port Information ................................................................ 6-6
Displaying ADSL Line Configuration Information...................................... 6-6
Displaying ADSL Line Status Information .................................................... 6-6
Displaying ADSL Performance Information ................................................. 6-6
Displaying Information of ADSL Port Configuration.................................. 6-6
Displaying ADSL Bitmap ................................................................................. 6-6
Displaying ADSL Link Speed .......................................................................... 6-6
Displaying Information of Impulse Noise Protection Configuration ........ 6-6
Displaying information of Line Attenuation ................................................. 6-6
Displaying the Output Power Information.................................................... 6-6
Chapter 7 Configuring VLAN 7-6

VLAN (Virtual LAN) ...................................................................... 7-6
Types of VLAN ........................................................................................... 7-6
Port-Based VLAN .............................................................................................. 7-6
Default VLAN .................................................................................................... 7-6
Tagged VLAN .................................................................................................... 7-6
Configuring VLAN ........................................................................ 7-6
Default VLAN Configuration................................................................... 7-6
VLAN Configuration Procedure .............................................................. 7-6
Creating a VLAN ............................................................................................... 7-6
Assigning Ports to a VLAN.............................................................................. 7-6
Assigning IP Address to a VLAN ................................................................... 7-6
Assigning Secondary IP address to a VLAN ................................................. 7-6
Saving VLAN Configuration ........................................................................... 7-6
VLAN Configuration Example........................................................................ 7-6
Tagged VLAN Configuration................................................................... 7-6
Displaying VLAN Configuration.................................................... 7-6
Displaying VLAN Configuration............................................................. 7-6
Displaying VLAN Tagging Configuration ............................................. 7-6
VLAN Configuration Commands .................................................. 7-6
Chapter 8 Configuring SNMP and RMON 8-6

Configuring SNMP ....................................................................... 8-6
SNMP (Simple Network Management Protocol) Overview................ 8-6
SNMP Basic Components................................................................................. 8-6
SNMP Messages ................................................................................................ 8-6
SNMP Community Strings............................................................................... 8-6
Trap...................................................................................................................... 8-6
Configuring SNMP..................................................................................... 8-6
Setting the System Contact and Location Information ................................ 8-6
Configuring Community Strings .................................................................... 8-6
Configuring Trap Type..................................................................................... 8-6
XII R1-AD Series User’s Manual

Configuring Trap Receiver Hosts.................................................................... 8-6
Configuring RMON....................................................................... 8-6
RMON (Remote MONitoring) Overview ............................................... 8-6
Configuring RMON ................................................................................... 8-6
Enabling RMON ................................................................................................ 8-6
Configuring Statistics Groups.......................................................................... 8-6
Configuring History Groups............................................................................ 8-6
Configuring Event Group ................................................................................ 8-6
Configuring Alarm Groups.............................................................................. 8-6
SNMP and RMON Configuration Commands .............................. 8-6
Chapter 9 Configuring QoS 9-6

QoS Overview .............................................................................. 9-6
QoS (Quality of Service) ............................................................................ 9-6
QoS Features ............................................................................................... 9-6
Packet Classification.......................................................................................... 9-6
Broadcast Storm Control .................................................................................. 9-6
Unknown Unicast Storm Control.................................................................... 9-6
Packet Filtering .................................................................................................. 9-6
Configuring QoS........................................................................... 9-6
Configuring QoS Service Policy ............................................................... 9-6
Configuring a Class Map.................................................................................. 9-6
Configuring a Policy Map ................................................................................ 9-6
Configuring Broadcast Suppression........................................................ 9-6
Configuring Unknown Unicast Suppression ......................................... 9-6
Configuring Packet Filtering .................................................................... 9-6
Type of Packet Filtering.................................................................................... 9-6
Filtering DHCP Offer Packets.......................................................................... 9-6
Filtering NetBIOS Packets ................................................................................ 9-6
QoS Configuration Commands .................................................... 9-6
Chapter 10 Configuring Security 10-6

Configuring Password and Session Timeouts............................ 10-6
Configuring Password............................................................................. 10-6
Changing Login Password ............................................................................. 10-6
Setting the Privileged Mode Password ........................................................ 10-6
Password Encryption ...................................................................................... 10-6
Session Timeouts ...................................................................................... 10-6
Configuring Access Lists (Planned) ........................................... 10-6
Access Lists................................................................................................ 10-6
Defining Access Lists ...................................................................................... 10-6
Applying the Access List to Terminal Line.................................................. 10-6
Applying the Access List to SNMP Access .................................................. 10-6
Configuring Filtering Features.................................................... 10-6
XIII
XIII
Types of Filtering...................................................................................... 10-6
PVC Filtering............................................................................................. 10-6
Port Filtering ............................................................................................. 10-6
Filtering DHCP Offer Packets................................................................. 10-6
Filtering NetBIOS Packets ....................................................................... 10-6
CIFS (Cognitive Information Filtering System) - Planned ................. 10-6
Creating Classes............................................................................................... 10-6
Creating a Policy.............................................................................................. 10-6
Security Configuration Commands ............................................ 10-6
Chapter 11 Configuring IGMP Snooping 11-6

Multicast and IGMP.................................................................... 11-6
Multicast Transmission Mode ................................................................ 11-6
IGMP Snooping ........................................................................................ 11-6
Joining a Multicast Group .............................................................................. 11-6
Leaving a Multicast Group............................................................................. 11-6
Fast-Leave Processing ..................................................................................... 11-6
Configuring IGMP Snooping ...................................................... 11-6
Enabling IGMP Snooping........................................................................ 11-6
Enabling IGMP Snooping Globally............................................................... 11-6
Enabling IGMP Snooping on a VLAN.......................................................... 11-6
Enabling IGMP Fast-leave Processing................................................... 11-6
Configuring Static Router Port ............................................................... 11-6
Defining a Multicast Group .................................................................... 11-6
Configuring Membership Timeout........................................................ 11-6
Configuring the Maximum Number of IGMP Groups....................... 11-6
Displaying IGMP Snooping Information ..................................... 11-6
Displaying Multicast Group Information ............................................. 11-6
Displaying All Multicast Group Information.............................................. 11-6
Displaying Multicast Group Information for a VLAN .............................. 11-6
IGMP Snooping Configuration Commands ................................ 11-6
Chapter 12 Configuring DHCP & ARP Snooping 12-6

DHCP Snooping......................................................................... 12-6
DHCP Snooping Overview..................................................................... 12-6
DHCP Messages .............................................................................................. 12-6
DHCP Snooping Operation............................................................................ 12-6
Configuring DHCP Snooping................................................................. 12-6
Enabling DHCP Snooping.............................................................................. 12-6
Specifying DHCP Snooping Ports................................................................. 12-6
Configuring the System Filtering Rules ....................................................... 12-6
Configuring Port Filtering Rules ................................................................... 12-6
Configuring Information Policy .................................................................... 12-6
XIV R1-AD Series User’s Manual

Specifying the Maximum Number of DHCP Clients ................................. 12-6
Adding Static Binding Entries ....................................................................... 12-6
Clearing Dynamic Binding Entries ............................................................... 12-6
Enabling DHCP Option 82 Data Insertion ................................................... 12-6
Displaying DHCP Snooping Configuration......................................... 12-6
Displaying DHCP Snooping Configuration ................................................ 12-6
Displaying DHCP Snooping Binding Information..................................... 12-6
Displaying DHCP Snooping Port Information ........................................... 12-6
ARP Snooping ........................................................................... 12-6
Configuring ARP Snooping .................................................................... 12-6
Enabling ARP Snooping ................................................................................. 12-6
Configuring Secure-Reply Check Type ........................................................ 12-6
Configuring Secure-Request Type ................................................................ 12-6
Displaying ARP Snooping Configuration ............................................ 12-6
Displaying ARP Snoop Table......................................................................... 12-6
Chapter 13 Configuring STP and RSTP 13-6

Understanding STP/RSTP ......................................................... 13-6
STP Overview ........................................................................................... 13-6
BDPU (Bridge Data Protocol Unit) ........................................................ 13-6
Spanning-Tree Port States ....................................................................... 13-6
Selecting Path ............................................................................................ 13-6
RSTP (Rapid Spanning Tree Protocol) .................................................. 13-6
Configuring STP......................................................................... 13-6
Default STP Configuration...................................................................... 13-6
Procedures for STP Configuration ......................................................... 13-6
Enabling or Disabling STP ...................................................................... 13-6
Enabling or Disabling STP on a VLAN ........................................................ 13-6
Enabling or Disabling STP on a Port............................................................. 13-6
Setting STP Protocol Version .................................................................. 13-6
Setting the Bridge ID (Priority)............................................................... 13-6
Configuring the Path Cost....................................................................... 13-6
Configuring STP Encoding Mode .......................................................... 13-6
Configuring the Port Priority.................................................................. 13-6
Setting Spanning Tree Timers................................................................. 13-6
Configuring an Edge Port ....................................................................... 13-6
STP Configuration Commands .................................................. 13-6
Appendix A Product Specifications A-6

Hardware Specifications ..............................................................A-6
Software Specifications................................................................A-6
Appendix B Connector & Cable Specifications B-6
XVXV
Connector Specifications .............................................................B-6
Champ Connector ......................................................................................B-6
RJ-45 Connector ..........................................................................................B-6
10/100/1000Base-T Port ...................................................................................B-6
Console Port .......................................................................................................B-6
LC Connector ..............................................................................................B-6
1000Base-SX Port ...............................................................................................B-6
1000Base-LX Port ...............................................................................................B-6
SC/APC Connector....................................................................................B-6
1000Base-PX Port ...............................................................................................B-6
Cable Specifications.....................................................................B-6
Telco Cable ..................................................................................................B-6
Twisted Pair Cable .....................................................................................B-6
According to the speed of devices to be connected: Category-3~6 ............B-6
According to the kinds of devices to be connected: Straight-through, Crossover.....B-6
Fiber Optic Cable ........................................................................................B-6
Duplex LC Fiber Optic Cable...........................................................................B-6
Simplex SC/APC Fiber Optic Cable ...............................................................B-6
Console Cable..............................................................................................B-6
XVI R1-AD Series User’s Manual

List of Tables
Table 2-1 Difference of the Corecess R1-AD series .................................... 2-6

Table 2-2 Component of Power Device on the Corecess R1-AD series ..... 2-6
Table 2-3 LED Functions of the Corecess R1-AD series............................. 2-6
Table 2-4 Uplink Modules of the Corecess R1-AD series............................ 2-6
Table 2-5 Specifications of Gigabit Ethernet Port ........................................ 2-6
Table 2-6 LED Functions of the OPT-N2CD Module ................................... 2-6
Table 2-7 Specifications of Gigabit Ethernet Port ........................................ 2-6
Table 2-8 LED Functions of the OPT-N2CS Module ................................... 2-6
Table 2-9 LED Functions of Gigabit Ethernet PON Port .............................. 2-6
Table 2-10 Specifications of Gigabit Ethernet PON Port ............................. 2-6
Table 2-11 Specifications of Gigabit Ethernet Port ...................................... 2-6
Table 2-12 LED Functions of Gigabit Ethernet Port..................................... 2-6
Table 2-13 LED Functions of Gigabit Ethernet PON Port ............................ 2-6
Table 2-14 Specifications of Gigabit Ethernet PON Port ............................. 2-6
Table 2-15 Specifications of Gigabit Ethernet Port ...................................... 2-6
Table 2-16 LED Functions of Gigabit Ethernet Port..................................... 2-6
Table 3-1 The Number of Required Person to Lift The System ................... 3-6
Table 3-2 Temperature and humidity condition............................................ 3-6
Table 3-3 Power condition ........................................................................... 3-6
Table 5-1 CLI Modes.................................................................................... 5-6

Table 5-2 Prompt of the command modes................................................... 5-6
Table 5-3 CLI line-editing commands .......................................................... 5-6
Table 5-4 Configuring IP address, etc. for the CC R1-AD series................. 5-6
Table 5-5 Configuring the system name ...................................................... 5-6
Table 5-6 Setting the system clock .............................................................. 5-6
Table 5-7 Adding a new user ....................................................................... 5-6
Table 5-8 Changing a user password .......................................................... 5-6
Table 5-9 Deleting a user............................................................................. 5-6
Table 5-10 Commands for saving the current running configuration ........... 5-6
Table 5-11 Restoring the default configuration ............................................ 5-6
Table 5-12 Downloading software from a remote TFTP server ................... 5-6
Table 5-13 Configuring event level .............................................................. 5-6
Table 5-14 Configuring to display log message to console screen.............. 5-6
Table 5-15 Configuring to display log message to a remote server............. 5-6
Table 5-16 Configuring to display log message to a Telnet sessions.......... 5-6
Table 5-17 Saving log messages in a log file............................................... 5-6
Table 5-18 Displaying contents of log file .................................................... 5-6
Table 5-19 Checking network connectivity................................................... 5-6
Table 5-20 Output of PING command.......................................................... 5-6
Table 5-21 System state information ........................................................... 5-6
XVII
XVII
Table 5-22 show module field descriptions .................................................. 5-6
Table 5-23 show meminfo field descriptions ................................................ 5-6
Table 6-1 Default Gigabit Ethernet Configurations ...................................... 6-6

Table 6-2 Configuring administrative state of Gigabit Ethernet port ............ 6-6
Table 6-3 Configuring Gigabit Ethernet port speed and duplex mode......... 6-6
Table 6-4 Setting Gigabit Ethernet port name.............................................. 6-6
Table 6-5 Setting Gigabit Ethernet port trap ................................................ 6-6
Table 6-6 Show port field descriptions ......................................................... 6-6
Table 6-7 Default ADSL configurations........................................................ 6-6
Table 6-8 Configuring administrative state of ADSL port ............................. 6-6
Table 6-9 Setting ADSL line operating mode............................................... 6-6
Table 6-10 Setting ADSL upstream and downstream rates......................... 6-6
Table 6-11 Configuring ADSL data transmission mode ............................... 6-6
Table 6-12 Setting interleave delay.............................................................. 6-6
Table 6-13 Specifying the SNR margin........................................................ 6-6
Table 6-14 Specifying the SRA .................................................................... 6-6
Table 6-15 Setting pwrmng .......................................................................... 6-6
Table 6-16 Specifying the bitswapping ........................................................ 6-6
Table 6-17 Configuring the Trellis encoding ................................................ 6-6
Table 6-18 Configuring the impulse noise protection................................... 6-6
Table 6-19 Restting ADSL port .................................................................... 6-6
Table 6-20 Creating a PVC .......................................................................... 6-6
Table 6-21 Assigning PVID to a PVC........................................................... 6-6
Table 6-22 Configuring VLAN Tag for a PVC .............................................. 6-6
Table 6-23 Displaying ADSL line configuration information ......................... 6-6
Table 6-24 Displaying ADSL performance information ................................ 6-6
Table 6-25 Show dsl performance perfdata field descriptions ..................... 6-6
Table 6-26 Displaying ADSL Bitmap............................................................ 6-6
Table 6-27 Displaying ADSL Link Speed ..................................................... 6-6
Table 6-28 Displaying Configuration of Impulse Noise Protection............... 6-6
Table 6-29 Displaying Configuration of Impulse Noise Protection............... 6-6
Table 6-30 Displaying the output power information.................................... 6-6
Table 7-1 Default VLAN configuration.......................................................... 7-6

Table 7-2 Creating a VLAN .......................................................................... 7-6
Table 7-3 Assigning ports to a VLAN ........................................................... 7-6
Table 7-4 Assigning IP address to a VLAN.................................................. 7-6
Table 7-5 Assigning IP address to a VLAN.................................................. 7-6
Table 7-6 Configuring tagged port ............................................................... 7-6
Table 7-7 show vlan field descriptions ......................................................... 7-6
Table 7-8 Show dot1q field descriptions ...................................................... 7-6
Table 7-9 VLAN configuration commands ................................................... 7-6
Table 8-1 Community Strings....................................................................... 8-6

Table 8-2 Default SNMP Configuration........................................................ 8-6
Table 8-3 Setting system contact and location information.......................... 8-6
XVIII R1-AD Series User’s Manual

Table 8-4 Adding new community string ...................................................... 8-6
Table 8-5 Types of trap supported by Corecess R1-AD series ................... 8-6
Table 8-6 Enabling a trap type ..................................................................... 8-6
Table 8-7 Adding a trap receiver host .......................................................... 8-6
Table 8-8 RMON groups .............................................................................. 8-6
Table 8-9 Enabling RMON ........................................................................... 8-6
Table 8-10 Configuring RMON statistics group............................................ 8-6
Table 8-11 Configuring RMON history group............................................... 8-6
Table 8-12 Configuring RMON event group................................................. 8-6
Table 8-13 Configuring RMON alarm group ................................................ 8-6
Table 8-14 SNMP & RMON configuration commands ................................. 8-6
Table 9-1 Criteria for packet classification ................................................... 9-6

Table 9-2 Creating a class map ................................................................... 9-6
Table 9-3 QoS actions supported by the Corecess R1-AD series............... 9-6
Table 9-4 Creating a policy map .................................................................. 9-6
Table 9-5 Configuring broadcast suppression ............................................. 9-6
Table 9-6 Configuring unknown unicast suppression .................................. 9-6
Table 9-7 Type of packet filtering................................................................. 9-6
Table 9-8 Filtering DHCP offer..................................................................... 9-6
Table 9-9 Filtering NetBIOS packets............................................................ 9-6
Table 9-10 QoS configuration commands.................................................... 9-6
Table 10-1 Changing timeout for an unattended telnet session ................ 10-6
Table 10-2 Defining access lists ................................................................ 10-6
Table 10-3 Applying the access list to terminal line ................................... 10-6
Table 10-4 Applying the access list to SNMP access................................ 10-6
Table 10-5 Type of packet filtering............................................................. 10-6
Table 10-6 Creating classes ...................................................................... 10-6
Table 10-7 Creating a policy ...................................................................... 10-6
Table 10-8 Security configuration commands............................................ 10-6
Table 11-1 Enabling IGMP snooping on a VLAN....................................... 11-6

Table 11-2 Enabling IGMP fast-leave processing...................................... 11-6
Table 11-3 Configuring a static router port................................................. 11-6
Table 11-4 Defining a multicast group ....................................................... 11-6
Table 11-5 Configuring Membership timeout ............................................. 11-6
Table 11-6 Configuring the maximum number of IGMP groups ................ 11-6
Table 11-7 show ip igmp snooping filed description .................................. 11-6
Table 11-8 show ip igmp snooping vlan field descriptions......................... 11-6
Table 11-9 IGMP snooping configuration commands................................ 11-6
Table 12-1 DHCP snooping action according to DHCP message type ..... 12-6
Table 12-2 Enabling DHCP snooping ........................................................ 12-6
Table 12-3 Specifying DHCP snooping ports............................................. 12-6
Table 12-4 Configuring the system filtering rules....................................... 12-6
Table 12-5 Configuring port filtering rules .................................................. 12-6
XIX
XIX
Table 12-6 Configuring information policy.................................................. 12-6
Table 12-7 Specifying the maximum number of DHCP clients .................. 12-6
Table 12-8 Adding static binding entries .................................................... 12-6
Table 12-9 Clearing dynamic binding entries............................................. 12-6
Table 12-10 Enabling DHCP option 82 data insertion ............................... 12-6
Table 12-11 Displaying DHCP snooping binding information .................... 12-6
Table 12-12 Displaying DHCP snooping port information ......................... 12-6
Table 12-13 Enabling ARP snooping ......................................................... 12-6
Table 12-14 Configuring Secure-Reply Check Type ................................. 12-6
Table 12-15 Configuring Secure-Request Type ........................................ 12-6
Table 13-1 Spanning-tree Timer ................................................................ 13-6

Table 13-2 Comparison of STP and RSTP port states .............................. 13-6
Table 13-3 Default STP configuration ........................................................ 13-6
Table 13-4 Enabling STP on a VLAN......................................................... 13-6
Table 13-5 Enabling STP on a port............................................................ 13-6
Table 13-6 Setting STP protocol version ................................................... 13-6
Table 13-7 Configuring the bridge ID for a VLAN ...................................... 13-6
Table 13-8 Configuring the path cost ......................................................... 13-6
Table 13-9 Configuring STP encoding mode ............................................. 13-6
Table 13-10 Configuring the port priority.................................................... 13-6
Table 13-11 Setting spanning tree timers .................................................. 13-6
Table 13-12 Configuring an edge port ....................................................... 13-6
Table 13-13 STP configuration commands................................................ 13-6
Table A-1 Corecess R1-AD series hardware specifications ........................ A-6

Table A-2 Corecess R1-AD series software specifications.......................... A-6
Table B-1 Pin Configuration of 10/100/1000Base-T Port............................. B-6

Table B-2 Pin Configuration of Console Port ............................................... B-6
Table B-3 System Modules with Fiber Optic Ports....................................... B-6
XX R1-AD Series User’s Manual

Chapter 1 Overview
This chapter introduces functions and features of the Corecess R1-AD series and provides example
applications for the Corecess R1-AD series.
9 Introduction 1-2
9 Applications 1-6
Introduction
The Corecess R1-AD series is IP-based ADSL DSLAMs (Digital Subscriber Line Access
Multiplexer) that provides telephone service and data transmit service functions at the same
time using the existing copper telephone lines.
The Corecess R1-AD series supports ADSL2+ technology. As a result, subscribers can
simultaneously utilize a wide range of powerful broadband service at the up to 24Mbps
downstream rates within a radius of about 1Km.
The Corecess R1-AD series provides 24 or 48 ADSL port interface and Gigabit Ethernet uplink
interfaces, and a built-in POTS splitter (optional). The Corecess R1-AD series is easy to
configure networks that can flexibly respond to a variety of environmental needs. As it can
connect to a remotely located large Gigabit Ethernet backbone device by installing uplink cards
into the uplink slots of the Corecess R1-AD series, it can be used as an intermediate backbone
network device of a large network as well as a mid-range workgroup network.
The Corecess R1-AD series supports Triple Play Service via high-performance QoS and
multicast. The service providers can control various types of traffic (voice, Internet, broadcast
TV, video on demand, near video on demand, etc.) effectively and use strict priority queuing to
guarantee that the highest priority packets will always get serviced ahead of all other traffic.
The Corecess R1-AD series is easy to use and can be easily installed as well. Just like an Ethernet
hub, it can be used by connecting cables to the target device. And LEDs on the front panel of the
Corecess R1-AD series make it easy to manage the product and networks through notifying the
operation status, port conditions and fault occurrence.
The Corecess R1-AD series allows the service providers to offer high-speed Internet access and
broadband services over the existing copper telephone lines. The Corecess R1-AD series is
especially suitable for dense area such as enterprise, apartment, and convention center.
1-2 1-2R1-AD Series User’s Manual

Hardware Features
Memories
y 128MB Host Memory – for processing program and storage
y 128MB Packet Memory – for packet buffer
y 4MB SRAM – network processor specific
y 64MB Flash – storing the S/W image
y 32K Internal Memory – network processor specific
Supported Line Interfaces
y ADSL interface (Telco-50)
y PSTN interface (Telco-50, R1-AD24A only)
Flexible Uplink Interfaces

The Corecess R1-AD series provides uplink slots in which a variety of uplink modules can be
installed as follows:
y Two port SFP/RJ45 Gigabit combo module
y One port Gigabit EPON ONT (SFP; SFP port adapter included) & one port SFP/RJ45 Gigabit
combo module
Overview 1-31-3
Software Features
ADSL
y Supports ANSI T1.413, ITU-T G.992.1 (G.dmt), G.992.2 (G.lite), G.992.3, G.992.4, G.992.5
compliant for Annex A, B
y Supports ITU-T G.994.1
y Supports DMT modulation and demodulation
y Provides up to 24 ADSL channels
y Supports up to 24Mbps downstream rates and up to 1Mbps upstream rates for each ADSL
channel
Switch
y Supports IEEE802.1d STP and IEEE802.1w RSTP protocols that prevent the creation of loops
on the network of each Ethernet port
y Can learn up to 4096 MAC addresses
VLAN (Virtual LAN)

y Supports up to 194 VLANs (192 of ADSL, 2 of Gigabit Ethernet)
y Supports Port-based VLAN
y Supports 802.1q tagging that enables communications between ports belonged to a VLAN
that spans multiple switches
Multicasting
y Supports up to 100 multicast groups
y Supports IGMP snooping that provides for fast client joins and leaves of multicast streams
and limits bandwidth-intensive video traffic to only the requestor

Powerful Manageability
y Simple Network Management Protocol (SNMP) v1 and Telnet interface support deliver
comprehensive in-band management, and a command-line interface (CLI)-based
management console provides detailed out-of-band management
y Supports RMON that allows various network agents and console systems to exchange
network monitoring data
y Can upgrade the system software to the latest version via TFTP or FTP
Security
y MAC-based port-level security prevents unauthorized stations from accessing the system
y DHCP filtering also prevents unauthorized stations from accessing the system
y Multilevel security on console access prevents unauthorized users from altering the system
configuration
QoS (Quality of Service)

y Supports eight priority queues based on IEEE 802.1p
y Supports traffic management function using packet class and QoS
y Controls the Telnet or SNMP access to the system using access lists
y Supports broadcast storm control by setting the maximum number of packets that is
configured on the VLAN
Subscriber Management
y Supports NTP (Network Time Protocol) for accurate billing and accounting (planned)
Overview 1-51-5
Applications
This section describes example applications for the Corecess R1-AD series.
Corecess R1-AD series Network

Chapter 2 Hardware Description
This chapter provides components of the Corecess R1-AD series and describes the function and
appearance of the uplink modules provided for the Corecess R1-AD series.
9 System Chassis 2-2
9 Uplink Modules 2-7

System Chassis
This section describes the external features of the Corecess R1-AD series.
The Corecess R1-AD series is the Corecess R1-AD24A, R1-AD24AN and the Corecess R1-
AD48A. Also, each type of the Corecess R1-AD series is divided into DC power type and AC
power type.
Table 2-1 Difference of the Corecess R1-AD series
Item R1-AD24A R1-AD24AN R1-AD48A
Port Number 24 24 48
PSTN port Provided Not provided Not provided
R1-AD24A - AC Type
Power switch PSTN port
Uplink slots (A, B)
Ground Connector
Reset switch Console port

Power Input ADSL LEDs
ADSL port
RUN LED
R1-AD24A - DC Type
Ground Connector PSTN port

Uplink slots (A, B)
Power switch
Fuse Reset switch Console port

Terminal Block ADSL LEDs
ADSL port
RUN LED

R1-AD24AN – AC Type
Power switch
Uplink slots (A, B)
Ground Connector

ADSL port
RUN LED
R1-AD24AN – DC Type
Ground Connector
Uplink slots (A, B)
Power switch

ADSL port
RUN LED
R1-AD48A- AC Type
Power switch ADSL port (2)
Uplink slots (A, B)
Ground Connector

ADSL port (1)
RUN LED
Hardware Description 2-32-3

R1-AD48A- DC Type
Ground Connector ADSL port (2)
Uplink slots (A, B)
Power switch

ADSL port (1)
RUN LED
Ground Connector
Ground connector is used to ground the Corecess R1-AD series for preventing damage from
electrostatic discharge or lightning. Before connecting power to the system, connect it according
to local site practice.
Power Device
Table 2-2 Component of Power Device on the Corecess R1-AD series
Power
Part Description
Type
The power input is a terminal that connects external AC power of

Power Input AC
100 - 240VAC by using a power cord.
The terminal block is used to connect external DC power supplies
Terminal
DC of –48VDC or rectifiers. There are three (3) terminals in the
Block
terminal block: FG, GND, and -48V.
Fuse is for protecting the device against overload.
Fuse DC Caution: When you change a fuse, use the same Amp fuse
referring tho the label on the real panel.
Power The power switch is used when turning the Corecess 7200 series on
AC, DC
Switch and off.
Uplink Slots ([A], [B])

There are uplink slots in which uplink modules can be installed. The Corecess R1-AD series
provides a variety of uplink modules that support the Gigabit Ethernet ports, Gigabit EPON
port or 10/100/1000Mbps ports of various interfaces.

Reset Switch (RST)
The reset switch is used to reboot the Corecess R1-AD series. When the reset switch is pressed,
all the configuration information that has not been saved is deleted, and the connections
between each port and other devices are disconnected. Use pointed objects like a ball-point pen
when pressing the reset switch.
Caution: If the reset switch is pressed, all subsribers connecting to the ADSL ports would
be cut off. Therefore, the reset switch should not be used unless it is indispensible.
Console Port (CONSOLE)

The console port is used to connect a console terminal for monitoring and configuring the
Corecess R1-AD series. To connect the console port to a console terminal, use the included
console cable. A PC or workstation installed with a terminal emulation program or VT-100
terminal can be used as a console terminal.
LEDs
There are system status LED, Uplink status LEDs, and ADSL status LEDs on the front panel of
the Corecess R1-AD series. The system status LED indicates the operating state of the system.
Uplink status LEDs and ADSL status LEDs indicate the data transmission/reception status and
connection state of each port.
Table 2-3 LED Functions of the Corecess R1-AD series
LED Color Status Description
System initialization is completed and the processor is

Blink
operating normally.
System Green
RUN The system is being initialized, or the processor is not
Status LED Off
operating normally.
Red On The processor is NOT operating normally (system fail).
ADSL LINK On Indicates that a subscriber is connected to the ADSL port.

(1~24, Green
Status LED
1~48) Off Indicates that no subscriber is connected to the ADSL port.
Note: For the description of the Uplink Status LED, refers to the Uplink Modules section.

ADSL Ports
There is one ADSL port on the Corecess R1-AD series. The ADSL port supports 24 ADSL
channels. Through this port, both telephone voice signal and ADSL data communication signal
are carried.
The ADSL port on the Corecess R1-AD series is connected to the MDF which is cabled to the
subscriber’s ADSL modem. The ADSL ports on the Corecess R1-AD series are connected to a
POTS splitter board.
PSTN Port (R1-AD24A only)

The PSTN port is connected to the central office switch or PBX (Private Branch Exchange).
A low pass filter exists between an ADSL port and a PSTN port on the Corecess R1-AD24A.
Only voice signal is transmitted between these ports. By isolating high frequency other than
voice signal, it can exclude the interference between both services.

Uplink Modules
There is an uplink slot on the front panel of the Corecess R1-AD series, and you can install the
following uplink modules into it.
Table 2-4 Uplink Modules of the Corecess R1-AD series
Module Specification
Two port of 10/100/1000Base-TX (RJ-45)

OPT-N2CD
Two port of 1000Base-LX/SX SFP (Duplex LC) supporting 100M and 1000M
Two port of 10/100/1000Base-TX (RJ-45)

OPT-N2CS
Two port of 1000Base-LX/SX SFP (Duplex LC) supporting 1000M
One port of 10/100/1000Base-TX (RJ-45)

OPT-N1ES1CD One port of 1000Base-LX/SX SFP (Duplex LC) supporting 100M and 1000M
One port of 1000Base-PX SFP (Max. length: 10Km)
One port of 10/100/1000Base-TX (RJ-45)

OPT-N1EL1CD One port of 1000Base-LX/SX SFP (Duplex LC) supporting 100M and 1000M
One port of 1000Base-PX SFP (Max. length: 20Km)
This section describes types and functions of uplink modules that can be installed in the uplink
slot of the Corecess R1-AD series.

OPT-N2CD
The OPT-N2CD module provides two Gigabit Ethernet combo ports (RJ-45, SFP). The SFP type
of the Gigabit Ethernet ports supports both 100M and 1000M speed. The feature of the OPT-
N2CD is as follows:
1000Base-SX/LX SFP port 10/100/1000Base-TX port
LEDs of 1000Base-SX/LX SFP port

and 10/100/1000Base-TX port
Gigabit Ethernet Combo Port (A, B)

The Gigabit Ethernet combo ports are used for connecting R1-AD series to the core network.
The OPT-N2CD module has two kinds of Gigabit Ethernet ports as follows:
y 10/100/1000Base-T Port (RJ-45 Connector)
y 100/1000Base-SX/LX SFP Port (LC Connector)
Both the RJ-45 connector and the LC connector (SFP module) cannot be used as Gigabit Ethernet
port at the same time. For example, if a RJ-45 connector of 10/100/1000Base-T port is connected
to a Gigabit Ethernet device, a LC connector of SFP port is automatically disabled.
The following table lists the specifications of the Gigabit Ethernet port on the OPT-N2CD
module:
Table 2-5 Specifications of Gigabit Ethernet Port on the OPT-N2CD Module
Feature 10/100/1000Base-T Port 1000Base-SX/LX SFP Port
Full-duplex mode or Half-duplex mode

Transfer Mode Full-duplex mode
(Auto sensing)
Transfer Speed 10/100/1000Mbps 100/1000Mbps
Connector Type RJ-45 Duplex LC
Maximum y 1000Base-SX : 550m

100m
Transfer Distance y 1000Base-LX : 10Km
y 1000Base-SX : 850nm Multi-mode

Transfer Media Twisted-pair category-5+, 6 cable
y 1000Base-LX : 1310nm Single mode

Gigabit Ethernet Port LED (A, B)
The following table describes the information indicated by LEDs of the OPT-N2CD module:
Table 2-6 LED Functions of the OPT-N2CD Module
LED Color State Description
On Indicates that the port have established a valid link with the network.
ACT/
LINK Green Blink Indicates that the port is transmitting or receiving data.
(A, B) Indicates that the port have not established a valid link with the
Off
network.
SPEED- On Indicates that the port is operating at 1000Mbps speed.

Orange
1000
Off Indicates that the port is operating at 100Mbps speed.
OPT-N2CS
The OPT-N2CS module provides two Gigabit Ethernet combo ports (RJ-45, SFP). The SFP type
of the Gigabit Ethernet ports supports 1000M speed.
The feature of the OPT-N2CS is as follows:
1000Base-SX/LX SFP port 10/100/1000Base-TX port
LEDs of 1000Base-SX/LX SFP port

and 10/100/1000Base-TX port
Gigabit Ethernet Combo Port (A, B)

The OPT-N2CS module has two kinds of Gigabit Ethernet ports as follows:
y 1000Base-SX/LX SFP Port (LC Connector)

The following table lists the specifications of the Gigabit Ethernet port on the OPT-N2CS
module:
Table 2-7 Specifications of Gigabit Ethernet Port on the OPT-N2CS Module

(Auto sensing)
Transfer Speed 10/100/1000Mbps 1000Mbps

100m

Gigabit Ethernet Port LED (A, B)

The following table describes the information indicated by LEDs of the OPT-N2CS module:
Table 2-8 LED Functions of the OPT-N2CS Module
ACT/
Off
network.
SPEED On Indicates that the port is operating at 1000Mbps speed.

Orange
1000

OPT-N1ES1CD
The OPT-N1ES1CD provides one Gigabit Ethernet PON port and one Gigabit Ethernet combo
port. The SFP type of the Gigabit Ethernet port supports 100Mbps and 1000Mbps. The Gigabit
Ethernet PON port (1000Base-PX) provides maximum 10Km of service length.
The feature of the OPT-N1ES1CD is as follows:
1000Base-SX/LX
1000Base-PX port SFP port 10/100/1000Base-T port
LEDs of 1000Base-PX port LEDs of 1000Base-SX/LX SFP port

and 10/100/1000Base-T port
Gigabit Ethernet PON Port LED (A)

The following table describes the information indicated by LEDs of the Gigabit Ethernet PON
port on the OPT-N1ES1CD module:
Table 2-9 LED Functions of Gigabit Ethernet PON Port on the OPT-N1ES1CD Module
Indicates that the port have not established a valid link with the
Off
network.
ACT Yellow Blink Indicates that the port is transmitting or receiving data.
Gigabit Ethernet PON Port (A)

The Gigabit Ethernet PON port can be connected to the maximum of 32 ONT (Optical Network
Terminal) through an optical splitter.
The following table lists the specifications of the Gigabit Ethernet PON port on the OPT-
N1ES1CD module:
Hardware Description 2-11

2-11
Table 2-10 Specifications of Gigabit Ethernet PON Port on the OPT-N1ES1CD Module
Feature 1000Base-PX Port
Transfer Speed 1000Mbps
Connector Type Simplex SC/APC
Port Number 1
Branch Number per port 32
Maximum Transfer Distance 1000Base-PX10 10Km
Rx: 1310nm Single mode

Transfer Media
Tx: 1490nm Single mode
Gigabit Ethernet Combo Port (B)

The OPT-N1ES1CD module has two kinds of Gigabit Ethernet ports as follows:
The following table lists the specifications of the Gigabit Ethernet port on the OPT-N1ES1CD
module:
Table 2-11 Specifications of Gigabit Ethernet Port on the OPT-N1ES1CD Module

(Auto sensing)

100m


Gigabit Ethernet Port LED (B)
The following table describes the information indicated by LEDs of the Gigabit Ethernet port on
the OPT-N1ES1CD module:
Table 2-12 LED Functions of Gigabit Ethernet Port on the OPT-N1ES1CD Module
ACT/
Off
network.

Orange
1000
OPT-N1EL1CD
The OPT-N1EL1CD provides one Gigabit Ethernet PON port and one Gigabit Ethernet combo
port. The SFP type of the Gigabit Ethernet port supports 100Mbps and 1000Mbps. The Gigabit
Ethernet PON port (1000Base-PX) provides maximum 20Km of service length.
The feature of the OPT-N1EL1CD is as follows:
1000Base-SX/LX
1000Base-PX port SFP port 10/100/1000Base-T port
LEDs of 1000Base-PX port LEDs of 1000Base-SX/LX SFP port

and 10/100/1000Base-T port
Gigabit Ethernet PON Port LED (A)

The following table describes the information indicated by LEDs of the Gigabit Ethernet PON
port on the OPT-N1EL1CD module:

2-13
Table 2-13 LED Functions of Gigabit Ethernet PON Port on the OPT-N1EL1CD Module
Indicates that the port have not established a valid link with the
Off
network.
ACT Yellow Blink Indicates that the port is transmitting or receiving data.
Gigabit Ethernet PON Port (A)

The Gigabit Ethernet PON port can be connected to the maximum of 32 ONT (Optical Network
Terminal) through an optical splitter.
The following table lists the specifications of the Gigabit Ethernet PON port on the OPT-
N1EL1CD module:
Table 2-14 Specifications of Gigabit Ethernet PON Port on the OPT-N1EL1CD Module
Feature 1000Base-PX Port
Transfer Speed 1000Mbps
Connector Type Simplex SC/APC
Port Number 1
Branch Number per port 32
Maximum Transfer Distance 1000Base-PX10 20Km
Rx: 1310nm Single mode

Transfer Media
Tx: 1490nm Single mode
Gigabit Ethernet Combo Port (B)

The OPT-N1EL1CD module has two kinds of Gigabit Ethernet ports as follows:

The following table lists the specifications of the Gigabit Ethernet port on the OPT-N1EL1CD
module:
Table 2-15 Specifications of Gigabit Ethernet Port on the OPT-N1EL1CD Module

(Auto sensing)

100m

Gigabit Ethernet Port LED (B)

The following table describes the information indicated by LEDs of the Gigabit Ethernet port on
the OPT-N1EL1CD module:
Table 2-16 LED Functions of Gigabit Ethernet Port on the OPT-N1EL1CD Module
ACT/
Off
network.

Orange
1000

2-15
Chapter 3 Before Installation
This chapter describes the precautions for installation of the Corecess R1-AD series and
installation environment for the normal operation. It also describes the way to unpack box of the
Corecess R1-AD series and verify the contents.
9 Precautions 3-2
9 Installation Place 3-9
9 Unpacking 3-10
Precautions
Warning: Before you install the Corecess R1-AD series, read this section. This section
contains important safety information you should know before working with the system.
General Precautions
y While or after installing the equipment, keep the equipment clean and free from dust.
y After opening the cover of the equipment, keep the cover in safe place.
y Tools and cables should not be left on a passage for better safety.
y When installing the equipment, engineers should fit in their clothing so that ties, scarves, and
sleeves should not be caught in the equipment. Keep ties and scarves from getting slack, and
roll up the sleeves.
y Avoid any dangerous actions which damage the people or the equipment.
y If the case is opened for repairing or test is required, contact the sales agency where you
purchased this equipment. Or directly contact Corecess Inc. for professional help.
Power Considerations
y Notice that wiring is not overloaded when connecting the system to the supply circuit.
y On plugging in a power socket or handling any power sources, put rings, necklaces, and
metal watches in safe place. If these materials touch the power socket or ground of the
product, the parts may be burnt out.
y Always check that there are any potential risks in the workplace. Wet floor, ungrounded
extension, rubbed-off power code, or unsafe (or ungrounded) floor may be dangerous.

DC Power
y Connect a DC-input power supply only to a DC power source which complies with the
safety extra-low voltage (SELV) requirements in the UL 1950, CSA 950, EN 60950, and IEC
60950 standards.
y Incorporate a readily accessible two-poled disconnect device in a fixed wiring.
y Ensure that power is removed from the DC circuit before installing or removing power
supplies. Tape the switch handle of the DC circuit breaker in the off position.
y Use the approved wiring terminations, such as closed-loop or spade-type with upturned lugs,
when stranded wiring is required. These terminations should be the appropriate size for the
wires and should clamp both the insulation and the conductor.
y Ensure that no exposed portion of the DC-input power source wire extends from the
terminal block plug. An exposed wire can conduct a harmful level of electricity.
AC Power
y The system is designed to be connected to TN power systems. A TN power system is a
power distribution system with one point which is connected directly to earth (ground). The
exposed conductive parts of the installation are connected to that point by protective earth
conductors.
y Ensure that the plug-socket combination is accessible at all times, because it serves as the
main disconnecting device.
Spare Power
If you purchased the product in which a spare power supply is installed, two power supplies
are connected to each input power. Therefore, one of the two power supplies is not working, the
system can operate continuously.
Before Installation 3-33-3

Preventing ESD
Electrostatic discharge (ESD) damage occurs when electronic cards or components are
mishandled and can result in complete or intermittent failures. Note the following guidelines
before you install or service the system:
y Always wear an ESD-preventive wrist or ankle strap when handling electronic components.
Connect one end of the strap to an ESD jack or an unpainted metal component on the system
(such as a captive installation screw).
y Handle cards by the faceplates and edges only; avoid touching the printed circuit board and
connector pins.
y Handle cards by the faceplates and edges only; avoid touching the printed circuit board and
connector pins.
y Avoid contact between the cards and clothing. The wrist strap only protects the card from
ESD voltages on the body; ESD voltages on clothing can still cause damage.
y For safety, periodically check the resistance value of the antistatic strap. The measurement
should be between 1 and 10 Mohms.
Installing and Servicing the System

y Before installation, the power switch of the system should be turned OFF and disconnect all
power and external cables.
y Remove all jewelry (including rings and chains) or other items that could get caught in the
system or heat up and cause serious burns.
y Do not touch the backplane or mid-plane with your hand or metal tools.
y Do not work alone under potentially hazardous conditions.
y Do not perform any action that creates a potential hazard to people or makes the equipment
unsafe.

Disconnecting Power
When disconnecting power, note the following guidelines.
y Locate the emergency power-off switch for the room before working with the system.
y Turn off the power and disconnect the power from the circuit when working with
components that are not hot-swappable or when working near the system backplane or mid-
plane. If the system does not have an on/off switch, unplug the power cord.
y To completely de-energize the system, disconnect the power connection to all power supplies.
y For DC power supplies, locate the circuit breaker on the panel board that services the DC
circuit, switch the circuit breaker to the off position, and tape the switch handle of the circuit
breaker in the off position.
y Do not touch the power supply when the power cord is connected. Line voltages are present
within the power supply even when the power switch is off and the power cord is connected.
Grounding the System

y Connect AC-powered systems to grounded power outlets.
y Do not defeat the ground conductor on an AC plug.
y Connect the system to earth (ground).
Connecting Cables
When you connect cables, note the following guidelines.
y Use caution when installing or modifying telephone lines to prevent electric shock.
y Do not work on the system or connect or disconnect cables during periods of lightning activity.
y Do not touch uninsulated telephone wires or terminals unless the telephone line has been
disconnected at the network interface.
y Hazardous network voltages are present in WAN ports regardless of whether power to the
system is off or on. When you detach cables, detach the end away from the system first.
y Do not use a telephone to report a gas leak in the vicinity of the leak.
y Do not install telephone jacks in wet locations unless the jack is specifically designed for wet
locations.

Working with Lasers
If your system includes a fiber-optic port, note the following guidelines.
y To avoid exposure to radiation, do not stare into the aperture of a fiber-optic port. Invisible
radiation might be emitted from the aperture of the port when no fiber cable is connected.
y Always keep unused fiber-optic ports capped with a clean dust cap.
Preventing EMI
When you run wires for any significant distance in an electromagnetic field, electromagnetic
interference (EMI) can occur between the field and the signals on the wires.
y Bad plant wiring can result in radio frequency interference (RFI).
y Strong EMI, especially when it is caused by lightning or radio transmitters, can destroy the
signal drivers and receivers in the system, and can even create an electrical hazard by
conducting power surges through lines and into the system.
y If Strong EMI occurs in the installation place, consult RFI experts to get rid of it.
Covering Blank Slots

Ensure that all cards, faceplates, and covers are in place. Blank faceplates and cover panels are
used to:
y Prevent exposure to hazardous voltages and currents inside the chassis
y Help contain electromagnetic interference (EMI) that might disrupt other equipment
y Direct the flow of cooling air through the chassis

Rack-Mounting the System
The following explanations should be noticed when installing the system into the 19-inch rack.
y Install the system in an open rack whenever possible. If installation in an enclosed rack is
unavoidable, ensure that the rack has adequate ventilation.
y Maintain ambient airflow to ensure normal operation. If the airflow is blocked or restricted,
or if the intake air is too warm, an over temperature condition can occur.
y Avoid placing the system in an overly congested rack or directly next to another equipment
rack. Heat exhaust from other equipment can enter the inlet air vents and cause an over
temperature condition.
y Equipment near the bottom of a rack might generate excessive heat that is drawn upward
and into the intake ports of the equipment above. The warm air can cause an over
temperature condition in the equipment above.
y Ensure that cables from other equipment do not obstruct the airflow through the chassis or
impair access to the power supplies or cards.
y Bolt the rack to the floor for stability.
y Load the rack from the bottom to the top, with the heaviest system at the bottom.
y If there is equipment already installed in the rack, select the location for the system carefully
considering the size of the system:

Lifting the System
When you lift the product to move or change the installation place, note the following
guidelines.
y Disconnect all power and external cables before lifting the system.
y Ensure that your footing is solid and the weight of the system is evenly distributed between
your feet.
y Lift the system slowly, keeping your back straight. Lift with your legs, not with your back.
Bend at the knees, not at the waist.
y Do not attempt to lift the system with the handles on the power supplies or on any of the
cards. These handles are not designed to support the weight of the system.
y To lift and move the system, following number of people or a crane should be needed
depends on weight of the system:
Table 3-1 The Number of Required Person to Lift The System
Weight of the The Number of

System Required Persons
Below 18Kg 1
18~32Kg 2
32~55Kg 3
Above 55Kg Crane
Disposing of the System

Dispose of the system and its components (including batteries) as specified by all national laws
and regulations.

Installation Place
Environmental Requirements
For the safe installation and use of the Corecess R1-AD series, the place for installation should
satisfy the following requirements:
y While or after installing the product, keep the product clean all the time.
y The system should be installed in a cool place where has no direct ray of sunlight. Any tool
or equipment should not be place on the way of passage.
y The following ambience condition for temperature and humidity should always be kept.
Table 3-2 Temperature and humidity condition
Operating Temperature -40 ~ 65℃
Operating Humidity 0 ~ 95% (40℃, non-condensing)
Power Supply
y The Corecess R1-AD series should be installed in the place where power supply satisfying
the following condition is provided.
Table 3-3 Power condition
Feature AC DC
Input Voltage Rating 100 ~ 240VAC -48VDC
Operating Range 88 ~ 264VAC -48±10%VDC
Frequency 50/60Hz N/A
y Verify the power (source) be clean. If there is too much noise or spark, it is better to have the
power control equipment.
y Locate an electric outlet near the system for easy installation of power cable.
y Be careful with connecting power supply equipment and avoiding overload wiring.

Unpacking
As the following instructions, unpack the shipping carton and inspecting contents of the
shipping carton.
1. Open the shipping carton of the Corecess R1-AD series. There is this manual, desiccant, a
power cable(s), and a console cable on the cushion inserted- Corecess R1-AD series.
2. Without taking off the cushions, pick out the equipment with two hands, and put it in a safe
place.
3. And then, verify whether there is a plastic bag that contains rack brackets and screws under
the shipping carton.
Corecess R1-AD Series (R1-AD24A, R1-AD24AN or R1-AD48A)
User’s Guide Console cable (RJ45-DB9)
Rack brackets (2)
Power cable (AC) Pan-head screws (8)
Binder-head screws (4)
Recommendation: After unpacking, do not throw away the box including cushions and
keep them in a safe place in case the product is relocated, it is better to move the product
after packing with the box including cushions.
Note: If there are some missing contents or damaged components, contact the sales
agency where you purchased this product to replace them with new ones.

Chapter 4 Installation
This chapter describes how to mount the Corecess R1-AD series on a rack, connect the cables
to the ports, and connect the power.
9 Installation Procedure 4-2
9 Rack-Mounting 4-3
9 Connecting Ports 4-6
9 Connecting Power 4-12
9 Starting the Corecess R1-AD Series 4-14

Installation Procedure
Caution: Before starting the installation

y Be sure that the installation place is satisfy the requirements referred to the Chapter 3
Before Installation.
y Be sure that the power switch is in the OFF (O) position and disconnect all connected
cables.
The following summarizes the installation procedure for the Corecess R1-AD series. The next
section will describe in detail the step-by-step procedures for each step.
1. Rack-mount
The design allows the Corecess R1-AD series to be mounted on a 19-inch rack. Rack brackets
and screws needed for rack mounting are enclosed with the product.
2. Connect ports
Connect a splitter to the ADSL connectors on the front side of the Corecess R1-AD series
using Telco cables.
3. Connect ports
Connect the various types of ports with other devices using appropriate network cables.
4. Connect power to the system

Connect adjacent power after installing the Corecess R1-AD series.
5. Start the system

Turn the Corecess R1-AD series on and verity that the system is correctly installed by
checking that certain LEDs are lit.

Rack-Mounting
Depending upon the installation location or network topology, the Corecess R1-AD series can
be placed on a flat place like a table or can be mounted on a 19-inch rack. The design allows the
Corecess R1-AD series to be mounted on any kind of standard 19-inch racks. This section
describes how to install the Corecess R1-AD series on a 19-inch rack.
Caution: Before installing the system in a rack, read the Rack-Mounting the System
section in the Chapter 3 Before Installation to familiarize yourself with the proper site and
environmental conditions. Failure to read and follow these guidelines could lead to an
unsuccessful installation and possible damage to the system and components.
Required Tools and Equipment

To mount the Corecess R1-AD series on a 19-inch rack, you need the following tools and
equipment:
y A Philips screwdriver
y Electrostatic discharge (ESD) grounding strap
y Rack Brackets and Screws (provided along with the product)
¾ Two (2) rack brackets
¾ Four (4) binder-head screws (M5, 8mm)
¾ Eight (8) pan-head screws (M3, 6mm)
Note: For more information about ESD, refer to the Chapter 3 Before Installation.
Installation 4-34-3
Mounting the System on a Rack
Once all the tools and equipment are prepared, mount the Corecess R1-AD series on a 19-inch
rack according to the following procedure:
1. Place the Corecess R1-AD series on a spacious floor or a sturdy table near the rack. And
check the tools and equipment.
2. There are four screw holes on each side of the Corecess R1-AD series. As shown in the figure,
place the rack brackets to the screw holes and fix them using pan-head screws.
Pan-head screw
3. Make sure that the 19-inch rack is placed on a convenient location for the Corecess R1-AD
series to be installed. And check to see if there is a 1U high space in the rack where the
Corecess R1-AD series can be installed.
1U high space

4. Lift up the Corecess R1-AD series installed with rack brackets as high as the available space
in the 19-inch rack.
5. Place the rack brackets installed on the Corecess R1-AD series to the holes of the 19-inch rack.
And fix the brackets using four (4) binder-head screws.
Binder-head screw
Installation 4-54-5
Connecting Ports
This section describes how to connect the ports on the front panel of the Corecess R1-AD series.
The types of cables used for port connection are described in Chapter 3 and Appendix B Connectors
and Cables Specifications.
Connecting Gigabit Ethernet Uplink Port

The uplink module of the Corecess R1-AD series provides the Gigabit Ethernet uplink port. The
Gigabit Ethernet uplink port is connected to the core network using the RJ-45 connector or the
LC connector of SFP module.
Caution: The RJ-45 connector and the LC connector of SFP module cannot be used at the
same time. Only one connector type should be used for each port.
Connecting RJ-45 Connector

The RJ-45 port of the uplink modules on the Corecess R1-AD series supports 10/100/1000Base-
T interface, and the RJ-45 port can be connected with the Gigabit Ethernet device that support
the transmission speed up to 1000Mbps.
Using the twisted-pair cable, connect the 10/100/1000Base-T port to the Gigabit Ethernet
device.
Gigabit Ethernet Switch or Router
Twisted pair cable

y 10Mbps : Category-3, 4
y 100Mbps : Category-5
y 1000Mbps : Category-5+, 6
y Max. cable length : 100m
R1-AD24A

Connecting LC Connector on SFP Module
The 1000Base-SX/LX SFP module can be installed in the SFP slot of the uplink modules on the
Corecess R1-AD series, and the Corecess R1-AD series can be connected to the core network
using the 1000Base-SX/LX SFP module. Depends on the type of SFP modules, connect cables as
follows:
1000Base-SX SFP Module

When the 1000Base-SX SFP module is installed in the SFP module slot, use the 850nm Multi-
mode fiber optic cable. Prepare the fiber optic cable of the duplex LC type, and then connect to
the Gigabit Ethernet network.
1000Base-LX SFP Module

When the 1000Base-LX SFP module is installed in the SFP module slot, use the 1310nm Single
mode fiber optic cable. Prepare the fiber optic cable of the duplex LC type, and then connect to
the Gigabit Ethernet network.
1000Base-LX SFP Module

1000Base-SX SFP Module
R1-AD24A
Single Mode Fiber Optic Cable Multi-Mode Fiber Optic Cable
y Connector : Duplex LC y Connector : Duplex LC
y Wavelength : 1310nm (Rx, Tx) y Wavelength : 850nm (Rx, Tx)
y Max. cable length : 10Km y Max. cable length : 550m
Installation 4-74-7
Connecting Gigabit Ethernet PON Uplink Port
The OPT-N1ES1CD and OPT-N1EL1CD module of the Corecess R1-AD series provides the
Gigabit Ethernet PON uplink port. The Gigabit Ethernet PON uplink port can be connected to
the core network using the 1000Base-PX SFP connector.
Prepare the single mode fiber optic cable (Rx: 1310nm, Tx: 1490nm). Then, connect the cable to
the 1000Base-PX SFP port of the OPT-N1ES1CS or OPT-N1EL1CS module and a Gigabit
Ethernet PON device.
R1-AD24A
Single Mode Fiber Optic Cable
y Connector : Simplex SC/APC
y Wavelength : 1310nm (Rx), 1490nm (Tx)
y Max. cable length : 10/20Km
Corecess 4500 Optical Splitter
Single Mode Fiber Optic Cable

y Connector : Simplex SC/APC
y Wavelength : 1310nm (Rx), 1490nm (Tx)
y Max. cable length : 10/20Km
Corecess ONT

Connecting PSTN Port (R1-AD24A only)
The PSTN port on the Corecess R1-AD24A is connected to the Central Office switch or PBX via
MDF.
To connect the PSTN port on the front panel of the Corecess R1-AD24A, prepare a Telco cable
with 50-pin Champ connecter and follow these steps:
1. Connect a 50-pin Champ connector of the Telco cable to the PSTN port.
2. Connect the other end of the Telco cable to the MDF which is connected to the central office
switch or PBX.
Telco cable (straight-through)

y Max. length : 1.5km
CO
MDF
Installation 4-94-9
Connecting ADSL Port
The ADSL port on the Corecess R1-AD series is connected to the subscriber’s ADSL modem via
MDF.
To connect the ADSL port on the front panel of the Corecess R1-AD series, prepare a Telco cable
with 50-pin Champ connecter and follow these steps:
1. Connect a 50-pin Champ connector of the Telco cable to the ADSL port.
2. Connect the other end of the Telco cable to the MDF which is which is cabled to the
subscriber’s ADSL modem.
MDF
ADSL Modem
Telco cable (straight-through)

y Max. length : 1.5km

Connecting the Console Port
Connect the console port on the Corecess R1-AD series to the console terminal such as a PC or
VT-100 terminal using the included console cable.
Console Cable (RJ-45 - DB-9) Console Teminal Configuration

y included with the product y Bit/Sec : 9600bps
y Max. cable length : 15m y Data Bit : 8bit
y Parity Bit : None
y Stop Bit : 1bit
Console Terminal
y Flow Control : None
Installation 4-11
4-11
Connecting Power
Caution: Before connecting AC or DC power

y Be sure that the power to be connected to the system is satisfy the considerationts
referred to the Chapter 3 Before Installation.
y Be sure that the power switch on the front panel is turned off (O).
Check to see whether the power type of the Corecess R1-AD series is AC or DC. And then,
connect power as follows:
Connecting AC Power
1. Check that the power switch is in the OFF (O) position.
2. Connect the power cord, which is provided with the product, to the power input located on
the rear panel of the Corecess R1-AD series. And plug the power cord into an outlet.

Connecting DC-Input Power
1. Check that the power switch is in the OFF (O) position.
2. Connect the cable of an external power supply or a rectifier to the terminal block located on
the front panel of the Corecess R1-AD series as follows:
Installation 4-13
4-13
Starting the Corecess R1-AD series
Start the Corecess R1-AD series according to the following order after installation:
1. Check the followings once again before operating the Corecess R1-AD series:
y Make sure that uplink modules are properly inserted in the uplink slot of the system.
y Make sure that cables are properly connected to each port.
y Make sure that the power cord is properly connected.
• Console terminal is connected to the console port and turned on.
2. Turn the system power switch to the ON position. The green RUN LED should go on.
3. Listen for the fans; they should be operating as soon as power is turned on.
4. The system boots from Flash memory.
Board Type Detected : R1-AD24A Version : 0.82

OneNAND 32MB 2.65/3.3V 16-bit KFG5616U1M Samsung
WinMon version 2.8 Feb 27 2006
All rights reserved (c) 2000-2004 Wintegra
Core : WinPath 787-Rev-B1 Wintegra mips5kc Opal Rev 2

Board Id: WinPath (null) Rev (null) Serial No: (null)
Board parameters: PLL: 333.334Mhz

Internal: 0x1f020000, 32 Kbytes @ 166.667Mhz
Parameter: 0x10000000, 4 Mbytes @ 111.111Mhz
Packet: 0x08000000, 128 Mbytes @ 111.111Mhz
Host: 0x00000000, 128 Mbytes @ 66.666Mhz
MAC addresses: [eth0] 00:00:00:05:06:21

[eth1] (null)
[ethx] 00:9c:00:00:aa:cc
IP address: 172.18.37.220
Subnet mask: 255.255.0.0
Default gateway: 172.18.1.254
:

5. When initialization has been completed, the console screen displays a login message as
follows:
localhost login:
Now, the Corecess R1-AD series installation is properly done. Continuously, log into the
Corecess R1-AD series CLI and configure the system.
Installation 4-15
4-15
Chapter 5 Basic Configuration
This chapter briefs general configuration method of the Corecess R1-AD series.
9 Before Configuration 5-2
9 Configuring Basic System Parameters 5-13
9 User Management 5-18
9 Configuration File Management 5-21
9 Upgrading Software 5-25
9 System Log Management 5-27
9 Monitoring the System 5-34

Before Configuration
This section describes how to access CLI (Command Line Interface) of the Corecess R1-AD
series and provides information that you should know before using CLI.
Accessing the CLI

When the Corecess R1-AD series starts up for the first time, the only CLI access is available
through the console port. The following steps describe how to access CLI on the console
terminal connected to the console port:
1. To access the Corecess CLI on the console screen, the console port on the Corecess R1-AD
series should be connected to a serial port (DB-9) of the console terminal using a console
cable as the following figure:
Console port
Corecess R1-AD24A
Console termial environment Console cable (RJ-45 - DB-9)

- 9600 bps, 8 data bits, no parity bit, y Console cable included with the system
1 stop bit, no hardware flow control y Max. cable length : 15m
VT100 terminal
2. Make sure that you have started the emulation software program such as HyperTerminal
from your console terminal.
3. Press [Enter], then the login message is displayed on the console terminal:
localhost login:

4. Enter the login id and press the [Enter]. The default login ID is ‘corecess’. If you entered the
login id, localhost> prompt appears.
localhost login: corecess

Password:
localhost>
5. To configure the Corecess R1-AD series, enter the ‘Privileged’ mode by enable command.
If you enter Privileged mode, the prompt is changed from localhost> to localhost#.
localhost> enable
localhost#
Note: After specifying the IP address of a VLAN interface, you can access CLI of the Corecess
R1-AD series through the Telnet session or NMS.
Basic Configuration 5-35-3

Command Modes
The commands in the CLI are organized into the following modes:
Table 5-1 CLI Modes
Command
Description Access Method
Mode
In this mode, you can display information and perform

User Log in.
basic tasks such as Ping and Telnet.
In this mode, you can use the same commands as those

at the User mode plus configuration commands that do From User mode, enter the
Privileged
not require saving the changes to the system-configure enable command.
file.
This mode allows you to globally
configure access-lists, DHCP, SNMP, From Privileged mode, enter
Global and VLAN. You can also apply or the configure terminal
modify parameters for ports on the command.
device.
This mode allows you to assign or From Global configure mode,

Interface
modify specific interface parameters. enter the interface command.
This mode allows you to configure QoS From Global configure mode,
QoS
(Quality of Service) on the system. enter the qos command.
This mode allows you to configure QoS From QoS configure mode,
Class-map
Configure class-map. enter the class-map command.
This mode allows you to configure QoS From QoS configure mode,
Policy-map
policy-map. enter the policy-map command.
From Policy-map configure

Policy- This mode allows you to assign the class
mode, enter the class
map-class to be applied to QoS policy-map.
command.
From Global configuration

This mode allows you to configure a
VTY-line mode, enter the line vty
virtual terminal.
command.
This mode allows you to configure From Global configuration

DSL
ADSL. mode, enter the dsl command.

Entering Privileged Mode
When you start a session on the Corecess R1-AD series, you begin in the user mode. Only a
limited subset of the commands is available in the user mode. To have access to all commands,
you must enter the privileged mode. To enter the privileged mode from the user mode, enter
the enable user mode command. The CLI prompt will be changed from > to # entering the
privileged mode.
> enable
#
To exit from the privileged mode, enter disable privileged mode command. The CLI prompt
will be changed from # to > returning to the user mode from the privileged mode.
# disable
>
If you enter the exit privileged mode command, you can exit form the CLI.
# exit
localhost login:
Entering Global Configuration Mode

The configuration mode allows you to change configuration to for the Corecess R1-AD series.
The configuration mode contains sub-modes for individual ports, for VLANs, and other
configuration areas.
To be entered into the configuration mode from the privileged mode, enter the configure
terminal which is a privileged mode command. The CLI prompt will be changed to (config)#
which means entering into the configuration mode.
# configure terminal
(config)#
To exit from the configuration mode, enter end or exit command. The CLI prompt will be
changed to # returning to the privileged mode.
(config)# end
#

Returning to Previous Command Mode
To log out from CLI, you should return to the user mode or the privileged mode. Use the exit
or end command to return to the user mode or the privileged mode from other command
mode:
This example shows how to return to the privileged mode from the policy-map mode by using
the exit command:
(config-pmap)# exit
(config-qos)# exit
(config)# exit
#
This example shows how to return to the privileged mode from the policy-map mode by using
the end command:
(config-pmap)# end
#
Logging out From CLI

To log out from the CLI, enter the exit command at the user mode or the privileged mode.
This example shows how to log out from the CLI at the privileged mode. After logging out from
the CLI, login prompt will be displayed as follow.
# exit
localhost login:
This example shows how to log out from the CLI at the user mode. After logging out from the
CLI, login prompt will be displayed as follow.
> exit
localhost login:

Prompt
On the CLI prompt, the node name and current command mode are indicated as follows:
localhost(config-qos)#
Node name Command mode
The default node name is ‘localhost’. This default node name is used for the prompt until you
change them:
The following table provides the prompt of the main command modes.
Table 5-2 Prompt of the command modes
Command Mode Prompt
User localhost>
Privileged localhost#
Global localhost(config)#
Interface localhost(config-if)#
QoS localhost(config-qos)#
Class-map localhost(config-cmap)#
Configuration
Policy-map localhost(config-pmap)#
Policy-map-class localhost(config-pmap-c)#
VTY-line localhost(config-line)#
DSL Localhost(config-dsl)#
Note: You can change the node name of the Corecess R1-AD series by using hostname
global configuration mode command.

Getting Help
The CLI provides help system that shows the list of available commands or command options.
You can also get information about their function and brief description of usage.
This section describes how to use help system for the CLI.
y To obtain a list of commands that are available for each command mode, enter a question
mark (?) at the prompt:
# ?
calendar calendar
clear Reset functions
clock System clock
close Close the terminal
cls Clear a screen
configure Configuration from vty interface
copy Copy from one file to another
debug
delete Delete
diag Diagnosis mode
disable Turn off privileged mode command
end End current mode and down to previous mode
exit Exit current mode and down to previous mode
help Description of the interactive help system
list Print command list
no Negate a command or set its defaults
ping send echo messages
reset Reset System
show Show running system information
ssh Open a ssh connection
telnet Open a telnet connection
terminal Set terminal line parameters
traceroute Trace route to destination
undebug Disable debugging functions (see also 'debug')
update Update Image
write Write Information
#

y To obtain command syntaxes which are available in each command mode, enter the list
command at the prompt:
# list
calendar set WORD [WORD] [WORD] [WORD]
clear arp
clear arp A.B.C.D
clear host-entries
clear host-entries A.B.C.D
clear interface vlan id <1-4094>
clear ip dhcp snoop port (fastethernet|gigabitethernet|adsl|vdsl|shdsl)
WORD *
clear ip dhcp snoop vlan id <1-4094> A.B.C.D
clear ip dhcp snoop vlan id <1-4094> A:B:C:D:E:F
.
.
update boot-cfg id <1-100>
update flash image NAME
update flash image id <1-100>
write file
write memory
write terminal
write terminal global
write terminal port (fastethernet|gigabitethernet|adsl|vdsl|shdsl|
switchfabric|stacking) WORD
#
y To obtain a list of command associated keywords and arguments, enter a question mark (?)
after a partial command followed by a space:
# copy ?
factory-default Copy from factory-default configuration
flash From flash
ftp From ftp
running-config Copy from current system configuration
startup-config Copy from startup configuration
tftp From tftp
#

Command Usage Basics
Entering Commands
To executing a CLI command, you should enter both the command and its options. You can
execute the commands in the command mode which the prompt is locating now.
The CLI commands of the Corecess R1-AD series have the following characteristics:
y The CLI commands are case-sensitive.
y The CLI supports command completion, so you do not need to enter the entire name of a
command or option. As much as you enter enough characters of the command or option
name not to be ambiguous, the CLI understands what you are typing. For example, you may
enter only con t to execute the configure terminal command in Privileged command
mode.
localhost# con t
localhost(config)#
But if you enter only co t, the following error message will be displayed. Because there are
copy and configure command and the system can’t distinguish the two commands.
localhost# co t
% Ambiguous command :co t.
y To complete a command, press Tab key. If you enter a few known characters, then press Tab
key, the CLI displays the rest characters of the command. For example, if you enter only con,
then press Tab key, the CLI displays configure on the terminal.
y To display a list of available commands or command options, enter “?”. If you have not
entered part of a command at the command prompt, all the commands supported at the
current CLI mode are listed. If you enter part of a command, then enter “?”, the CLI lists the
options you can enter at the point in the command string.

Specifying Ports
To specify ports, follow these rules.
y To configure a port, you need to specify the slot number and port number. For example, to
configure an uplink port A on an uplink module, enter 1/1. The following table shows the
numbering rule for the ports.
y Port number: 1/1, 1/2 y Port number : 2/1~24

y Port type :Gigabit Ethernet y Port type : ADSL
R1-AD24A, R1-AD24AN
y Port number: 1/1, 1/2 y Port number : 2/1~48

y Port type :Gigabit Ethernet y Port type : ADSL
R1-AD48A
y Use dash (-) to specify consecutive number of ports. For example, enter ‘3-6’ instead of
entering ‘3 4 5 6’.
y Use comma (,) to specify non-consecutive number of ports. For example, enter ‘1,3-4’ instead
of entering ‘1 3 4’.
Basic Configuration 5-11

5-11
Editing Commands
The CLI supports the following line editing commands. To enter a line-editing command, use
the CTRL-key combination for the command by pressing and holding the CTRL key, then
pressing the letter associated with the command.
Table 5-3 CLI line-editing commands
Ctrl-Key
Description
Combination
Ctrl+a Moves to the first character on the command line.
Ctrl+b Moves the cursor back one character.
Ctrl+d Deletes the character at the cursor.
Ctrl+e Moves to the end of the current command line.
Ctrl+f Moves the cursor forward one character.
Ctrl+n Enters the next command line in the history buffer.
Ctrl+p Enters the previous command line in the history buffer.
Ctrl+u Deletes all characters from the cursor to the beginning of the command line.

Configuring Basic System Parameters
This section describes the procedure of configuring the following basic system parameters:
y IP address and default gateway
y System name and system clock
Configuring the IP Address and Default Gateway

To access the Corecess R1-AD series via Telnet session or to configure the Corecess R1-AD
series remotely using the SNMP, the following values must be set:
y IP address and subnet mask of the VLAN connected to the host or backbone.
y Default gateway address
The following is a procedure of configuring the IP address for managing the Corecess R1-AD
series and default gateway:
Table 5-4 Configuring IP address, subnet mask, and default gateway for the Corecess R1-AD series
Command Task
Enable 1. Enter Privileged mode.
show vlan 2. Verify the current VLAN configuration
configure terminal 3. Enter Global configuration mode.
4. Enter Interface configuration mode for the VLAN connected to the host
interface vlan id
or backbone.
<vlan id>
y <vlan-id>: VLAN ID (1 ~ 4094).
5. Assign an IP address and subnet mask to the VLAN interface.

ip address
y <ip-address>: IP address for the VLAN interface.
<ip-address> /<M>
y <M>: Subnet mask.
Exit 6. Exit from Interface configuration mode to Privileged mode.
ip route default 7. Specify a default gateway address.

<default-gateway> y <default-gateway>: Default gateway address.
End 8. Return to Privileged mode.
show interface 9. Verify the configuration.
10. Check network connectivity with other host or network.

ping <destination> y <destination>: The IP address of the host or the network number
to ping.

5-13
The following is an example of assigning an IP address and subnet mask for the managing the
Corecess R1-AD24A and verifying the configuration:
> enable
(config)# vlan id 2 port gigabitethernet 1/1
(config)# end
# show vlan
VLAN Name Status Slot/Ports
---- --------------- -------- ------------------------------------
1 DEFAULT active 1/2
2/1-24
2 vlan2 active 1/1
VLAN Interface MTU STP Private Promisc port

---- ------------ ------ -------- -------- ------------
1 disable 1500 enable disable None
2 disable 1500 enable disable None
(config)# interface vlan id 2
(config-if)# ip address 172.18.37.200/16
(config-if)# end
(config)# ip route default 172.18.37.254
(config)# end
# show interface
Interface vlan2
index 31 kernel index 4 metric 1 mtu 1514 <UP,BROADCAST,RUNNING,MULTICAST>
HWaddr: 00:90:a3:cd:cc:e5
inet 172.18.37.200/16 broadcast 172.18.255.255
input packets 182, bytes 10920, dropped 378, multicast packets 23
input errors 0, length 0, overrun 0, CRC 0, frame 0, fifo 0, missed 0
output packets 0, bytes 0, dropped 0
output errors 0, aborted 0, carrier 0, fifo 0, heartbeat 0,window 0
collisions 0
Status Checking
link-status trap is disable
no checking member's link status
IPv4 Options
icmp redirects are not sent
icmp unreachables are sent

# ping 172.27.2.49
PING 172.27.2.49 (172.27.2.49) from 172.27.2.100 : 56(84) bytes of data.
64 bytes from 172.27.2.49: icmp_seq=0 ttl=128 time=955 usec
.
.
--- 172.27.2.49 ping statistics ---

16 packets transmitted, 15 packets received, 6% packet loss
round-trip min/avg/max/mdev = 0.760/1.304/8.284/1.866 ms

5-15
Configuring System Name and Setting System Date and Time
This section describes the configuration of the following general system features:
y System name
y System date and time
Configuring the System Name

The system name on the switch is a user-configurable string that identifies the device. The
default system name is ‘localhost’.
To change the system name, enter the following command in Global configuration mode:
Table 5-5 Configuring the system name
Command Task
y <system-name>: The string used for system name. The
hostname <system-name> maximum length of the host name is 63 alphanumeric characters
or ‘_’ beginning with alphabet.
Note: When you set the system name, the system name is used as the system prompt.
This example shows how to change the system name:
(config)# hostname CCAD24
CCAD24(config)#

Setting the System Date and Time
To set the system date and time, perform this task in privileged mode:
Table 5-6 Setting the system clock
Command Task
1. Specify the current system time and date.
y <time>: Current time in hours, minutes, and seconds (in the
clock set <time> [<date>] format hh:mm:ss, example : 16:24:00)
[<month>] [<year>] y <day>: Current day (by date) in the month.
y <month>: Current month (1 ~ 12 or name).
y <year>: Current year (no abbreviation).
show clock 2. Verify the configuration.
This example shows how to set the system date and time and display the current date and time:
# clock set 16:23:33 28 feb 2006

# show clock
Tue Feb 28 16:23:40 KST 2006
#
To manually copy the software clock (calendar) settings into the system clock, use the clock
read-calendar in Privileged mode:
# show calendar
Thu Mar 9 02:23:11 2006 -0.000000 seconds
# clock read-calendar
# show clock
Thu Mar 9 11:23:59 KST 2006
#
Note: The "calendar" clock is the software clock which is erased when the system is
powered cycles or rebooted. This is separate from the hardware clock that runs continuously,
even if the system is powered off or rebooted.

5-17
User Management
To access the CLI of the Corecess R1-AD series, you must login by entering a user name. By
default, ‘corecess’ exists. The ‘corecess’ is administrators who can read and write the system
configuration. You can add new users to the Corecess R1-AD series, modify the users’
information, and remove them.
Adding a New User

To add a new user, perform this task in Privileged mode:
Table 5-7 Adding a new user
Command Task
2. Add a user.
username <user-name> y <user-name>: The user ID for entering the Corecess CLI.
passwd [8] <password> y 8: Encrypts the password.
y <password>: The password for the user.
show username 4. Verify the list of users.
The following example shows how to add a user:
Parameter Value
User ID Guest
Password Pass
Encryption None
(config)# username guest passwd pass
(config)# end
# show username
corecess console Sun Dec 31 31 00:05:25 +0000 2000
guest none none **Never logged in**
#

Changing a User Password
To change a user password for a user, perform this task in Privileged mode:
Table 5-8 Changing a user password
Command Task
2. Specify a new password.

username <user-name> y <user-name>: The user name to modify password.
passwd [8] <password> y <password>: New password
y 8: Encrypts the password.
write memory 4. Save the configuration change.
The following is an example of changing a password of the user ‘guest’:
(config)# username guest passwd AD24
(config)# end
# write memory
Building Configuration...
[OK]
#

5-19
Deleting a User
To delete a user, perform this task in Privileged mode:
Table 5-9 Deleting a user
Command Task
2. Delete a user.
no username <user-name>
y <user-name>: The user name to be deleted.

show username 4. Verify the list of users.
The following is an example of deleting the user ‘guest’ and verify the deletion:
(config)# no username guest
(config)# end
# show username
corecess console Sun Dec 31 31 00:05:25 +0000 2000
#

Configuration File Management
This section describes how to display the current system configuration, save the configuration
change, and restore the default configuration.
Displaying and Saving the Current Running Configuration

The Corecess R1-AD series contains two types of configuration files: the running (current
operating) configuration and the startup (last saved) configuration.
Running Configuration
The running configuration is the current (unsaved) configuration that reflects the most recent
configuration changes. You can upload or download the running configuration file via FTP or
TFTP.
Startup Configuration
The startup configuration is the saved configuration in Flash memory and is used when the
system initializes. You can upload or download the startup configuration file via FTP or TFTP.
Caution: Whenever you make changes to the Corecess R1-AD series configuration, you
must save the changes to memory so they will not be lost if the system is rebooted.

5-21
Displaying the Current Running Configuration
To display the current running configuration, enter the show running-config command in
Privilege mode:
# show running-config
Current configuration:
!
! version 0.77
!
hostname localhost
dsl
!
snmp-server community "pulbic" rw
snmp-server community "public" rw
snmp-server contact Unknown
snmp-server location Unknown
snmp-server enable rmon
!
system fan enable 30 20
system temperature enable 90 80
!
interface vlan id 1
ip address 172.18.37.216/16
!
interface null id 12
!
interface vlan id 2
!
line vty 0 10
!
#

Saving the Current Running Configuration
To save your configuration changes to Flash memory so that they will not be lost if the system is
rebooted, enter one of the following commands in the Privileged command mode:
Table 5-10 Commands for saving the current running configuration
Command
write memory
write file
copy running-config startup-config
The following example shows how to save the configuration changes to Flash using the write
memory command:
# write memory
.
.
[OK]
#
The following example shows how to save the configuration changes to Flash using the write
file command:
# write file
.
.
[OK]
#
The following example shows how to save the configuration changes to Flash using the copy
running-config startup-config command:
# copy running-config startup-config

.
.
[OK]
#

5-23
Restoring Default Configuration
To restore the default configuration, use the following commands in Privileged mode:
Table 5-11 Restoring the default configuration
Commands Task
copy factory-default start-up config 1. Restore the default configuration.
reset system 2. Restart the Corecess R1-AD series.
The following example shows how to restore the default configuration.
# copy factory-default startup-config

done
# reset system
.
.

Upgrading Software
You can download the latest software image for the Corecess R1-AD series from a remote FTP
or TFTP server and upgrade the Corecess R1-AD series. To download software image from a
FTP or TFTP server, the Corecess R1-AD series should be connected with remote source server
as follows:
Corecess R1-AD24
Network
Source server
Console
Remote telnet
To upgrade the Corecess R1-AD series software, perform this task in Privileged mode:
Table 5-12 Downloading software from a remote TFTP server
Command Task
show version 1. Verify the current system software version.
copy ftp <ftp-ip> [id 2. Download the specified image file from the FTP or TFTP server.
<name> password y <ftp-ip>: IP address of the FTP server.
<password>] y <tftp-ip>: IP address of the TFTP server.
flash image <file-name> y id <name>: ID for login to a FTP server.
y passwd <passwd>: Password for login to a FTP server.
copy tftp <tftp-ip> flash y <file-name>: The file name used for saving the downloaded
image <file-name>
file.
show flash image 3. Verify that the image file is downloaded.
4. Update the system software to the downloaded image file.
y <id>: Id of the image.
update flash image
y <name>: Name of the image.
{<id> | <name>}
Note: You can see the id and name of the image file using the
show flash command in step 3.
reset system 5. Reboot the system.

5-25
The following is an example of downloading ‘coreos-base-osapp-1.0.0.img’ file from the TFTP
server whose IP address is 172.27.2.49:
# show version
CoreOS Software
-------------------------------------------------------------
Copyright (c) 1998-2006 by Corecess Inc.
Compiled on Mar 6 2006 16:13:57 by r1
System Uptime 00/00/15/00 [d:h:m:s] (Thu Mar 9 11:40:00 2006)
Software
-------------------------------------------------------------
r1-base-osapp-0.7.1.img
.
.
# copy tftp 172.27.2.49 flash image coreos-base-osapp-1.0.0.img

tftp: data 10000 Kbytes
done
# show flash image
System flash directory:
File Length (bytes) Name/status
----- --------------- -----------------------------------
1 10190924 coreos-base-osapp-1.0.0.img
[30154 blocks used, 21040 available, 51194 total, 1K-blocks]
*/# : running/updated image
# update flash image id 1
update flash:coreos-base-osapp-1.0.0.img is completed
# reset system
[DEVICE]klogging.is_enable_backuplog = 0
halt system now
Power Reset Called
Power Reset C?
Board Type Detected : R1-AD24A Version : 0.82

OneNAND 32MB 2.65/3.3V 16-bit KFG5616U1M Samsung
WinMon version 2.8 Feb 27 2006
All rights reserved (c) 2000-2004 Wintegra
.
.

System Log Management
The Corecess R1-AD series maintains a log file of all error and status messages generated by
each module on the Corecess R1-AD series. Log file is stored in the Corecess R1-AD series. You
can transmit the system log file to a remote host to manage it separately.
In this section, the following issues will be described:
y Specifying level of the logs to be displayed on the console screen
y Specifying screens to display log messages
y Saving event messages in the log file
y Displaying system logs saved in the log file
y Clearing system logs in the log file
Specifying Event Level

All events occurred in the Corecess R1-AD series don’t need to be stored in the system log file.
You can specify the top level of events to be stored using the syslog level command in
Global configure mode. The events of the upper levels than the level designated by the syslog
level command will be ignored (These events will be neither saved nor displayed). The
Corecess R1-AD series supports the following eight event levels. ‘1. Emergency’ event is the
most critical level and ‘8. Debug’ is the least critical level event.
1. Emergency
More critical
2. Alert
3. Critical
4. Errors
5. Warning
6. Notify
7. Inform
8. Debug
Less critical

5-27
To configure the types and level of the events, use the following command in Global
configuration mode:
Table 5-13 Configuring event level
Command Task
1. Configure the event types and level to save.

logging level <type> <level> y <type>: Type of event to configure the level.
y <level>: Level of event (1 ~ 8). Default setting is 6.
show logging 3. Verify the configuration.
The following example configures the sys events of the lower levels (Emergency, Alert, Critical,
and Errors) than ’Errors’ level (level 4) to be stored in the system log file:
(config)# logging level sys 4

(config)# end
# show logging
console logging is disable
logging buffer is enable
logging buffer size is 128 kbytes
Facility Default Severity Current Severity

----------- ------------------ ------------------
sys 6 4(*)
filesys 6 6
authorize 6 6
.
.

Note: The Corecess R1-AD series supprts the following types of events:
- sys : Events related to system hardware.
- filesys : Events related to file system.
- authorize : Events related to security and authentication.
- port : Events related to ports.
- interface : Events related to interfaces.
- vlan : Events related to VLAN (Virtual LAN).
- spantree : Events related to spanning tree and bridge.
- lacp : Events related to LACP (Link aggregation Control Protocol).
- igmp : Events related to IGMP and IGMP snoopping.
- pbnac : Events related to PBNAC (Port Base Network Access Control).
- mcast : Events related to multicast.
- qos : Events related to QoS (Quality Of Service).
- acl : Events related to access list.
- snmp : Events related to SNMP.
- snmp_rmon : Events related to SNMP RMON.
- dhcp : Events related to DHCP.
- ntp : Events related to NTP.
- route_main : Events related to Main Routing Control.

5-29
Specifying Screen to Display Log
When an event occurs, the information of the event can be appeared on the remote host screen,
a console screen, and telnet sessions.
Configuring to Display Log Messages to Console Screen

To configure the log messages to display on the console screen, use the following commands in
Global configuration mode:
Table 5-14 Configuring to display log message to console screen
Command Task
Configure whether to display log messages on the console.

logging console
{enable | disable} y enable: Displays log messages on the console.
y disable: Doesn’t display log messages on the console.
The following example configures the log messages to display on the console screen:
(config)# logging console enable
(config)#
Configuring to Display Log Messages to a Remote Server

To configure the log messages to display on a remote server, use the following command in
Table 5-15 Configuring to display log message to a remote server
Command Task
Specify a remote server to display the log messages.

logging {<ip-address> |
<host-name>} y <ip-address>: IP address of a remote server.
y <host-name>: Host name of a remote server.
The following example configures the system log to display on the remote server whose IP
address is 172.10.1.0:
(config)# logging 172.10.1.0

(config)#

Configuring to Display Log Messages to a Telnet Sessions
To configure the log messages to display on Telnet sessions, use the following commands in
Table 5-16 Configuring to display log message to a Telnet sessions
Command Task
Configure whether to display log messages on telnet sessions.

logging session
{enable | disable} y enable: Displays log messages on telnet sessions.
y disable: Doesn’t display log messages on telnet sessions.
The following example configures the system log to display on telnet sessions:
(config)# logging session enable

(config)#

5-31
Saving Log Message in Log File
By default, the Corecess R1-AD series does not save the log messages in a log file. After
configuring the log messages to save using the logging file enable command, the log
message generated will be saved in a log file.
To configure the log messages to be saved in a log file, use the following command in Global
configuration mode:
Table 5-17 Saving log messages in a log file
Command Task
1. Configure whether to save the log messages in a log file.

logging file {enable |
disable} y enable: Saves log messages in a file.
y disable: Doesn’t save log messages in a file.
The following example shows how to configure the log message to be saved in a file:
(config)# logging file enable

(config)#

Displaying Contents of Log File
To display the contents of the log file, use the following command in Privileged mode:
Table 5-18 Displaying contents of log file
Command Task
Display the log messages saved in the log file.
show logging buffer <line>
y <line>: Number of log messages to display.
The following is a sample output of the show logging buffer command:
# show logging buffer 100

Dec 31 00:01:49 localhost VLAN-6-VLAN_CREATED: vlan [1] is created
Dec 31 00:02:21 localhost SYS-6-SYS_MODULE: module [1] is inserted
Dec 31 00:02:21 localhost SNMP-5-COLDSTART: Cold Start
Dec 31 00:02:38 localhost AUTHORIZE-6-USER_LOGIN: corecess login from
/cinitrd/dev/console
Dec 31 00:58:53 localhost AUTHORIZE-6-USER_LOGOUT: corecess logout
Dec 31 00:59:01 localhost AUTHORIZE-6-USER_LOGIN: corecess login from
/cinitrd/dev/console
Aug 16 16:27:31 localhost SYS-6-CFGCHANGE: system configuration was changed by
corecess
#
The following table describes the fields shown by the show logging buffer command:
Dec 31 00:01:49 localhost VLAN-6-VLAN_CREATED: vlan [1] is created
n o p
No Description
n Date and time that the event occurred (month date hour:minute:second)
o System name
p The brief description of the event in brief.

5-33
Clearing System Log
To clear the system log file, the clear logging buffer command in Privileged mode. The
following is an example of clearing the logs in the log file and verifying the result:
# clear logging buffer

# show logging buffer 1
#

Monitoring the System
This section describes the commands you use to monitor the network connectivity and the state
of the system modules and display the system configuration.
Checking Network Connectivity

After you assign an IP address and a default gateway and connect at least one properly
configured port to the network, you should be able to communicate with other nodes on the
network.
To check whether the Corecess R1-AD series is properly connected and configured, use the
following commands in Privileged mode:
Table 5-19 Checking network connectivity
Command Task
1. Ping another node on the network.

y -c <packet-count>: Sends the specified number of ICMP
packets.
- <packet-count>: The number of packets to send.
y -i <wait-time>: Pings at intervals of the specified in <wait-time>.
ping [–c <packet-count>|
- <wait-time>: Time interval of sending ICMP echo request
-i <wait-time>|
packets (in seconds).
-s <packet-size>]
y -s <packet-size>: Pings with ICMP packets of the specified size
<destination>
(<packet-size>) instead of 56byte ICMP packets.
- <packet-size>: Size of packets sent for the ping test (in bytes, 56 ~
1472).
y <destination>: The IP address of the host or the network
number to ping.
2. If the host is unresponsive, check the IP address, subnet mask,

broadcast address of the VLAN.
show interface
y <interface-name>: Interface name to display its
configuration
3. If the interface is properly configured, check the default gateway

show ip route
configuration.

5-35
This example shows how to ping a host with IP address 172.27.2.49:
# ping 172.27.2.49
PING 172.27.2.49 (172.27.2.49): 56 data bytes
64 bytes from 172.27.2.49: icmp_seq=0 ttl=128 time=0.6 ms
--- 172.27.2.49 ping statistics ---

11 packets transmitted, 11 packets received, 0% packet loss
round-trip min/avg/max = 0.4/2.2/19.2 ms
#
The following messages are displayed according to the status of host and network:
Table 5-20 Output of PING command
Connection Status Displayed message

Host or network is connected. (When
<host> is alive
the ICMP echo response messages have
22 data bytes from <host> : icmp_seq=n.
been received from the host or
time=n ms
network)
Destination does not respond. (When

any packets have not been received no answer from <host>
from the host or network)
Host is unreachable. <host> is unreachable

Network is unreachable. Network is unreachable. : 2
The following example shows how to display the VLAN interface information of the using the
show interface command:
# show interface
Interface vlan2
HWaddr: 00:9c:00:00:00:03
inet 172.19.1.10/16 broadcast 172.19.255.255

output errors 0, aborted 0, carrier 0, fifo 0, heartbeat 0, window 0
collisions 0
Status Checking
link-status trap is disable
no checking member's link status
IPv4 Options
icmp redirects are not sent
icmp unreachables are sent
#
The following is a sample output from the show ip route command:
# show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
I - IS-IS, B - BGP, > - selected route, * - FIB route
S>* 0.0.0.0/0 [1/0] via 172.19.1.254, vlan2

C>* 172.19.0.0/16 is directly connected, vlan2
Route Source Num of Entries

connected 1
static 1
Total 2

5-37
Displaying System Module Equipment Status
You can display the equipment and running state of the system modules using the show system
command in Privileged mode. The following is a sample output of the show system
command:
# show system
System Information
-----------------------------------------------------
Subscriver/Service Interface Board(s)
SIB [ 1] Normal
SIB [ 2] Normal
PWR [ 1] Equipped
FAN [ 1] Normal
FAN [ 2] Normal
FAN [ 3] Normal
FAN [ 4] Normal
Auxiliary Information
-----------------------------------------------------
Fan (`C(`F)) -
Max/Min Threshold : 30/ 20 ( 86/ 68)
Temperature (`C(`F)) -
Current Temperature : 39 (102 )
Max/Min Threshold : 90/ 80 (194/176)
#
Each field shown by the show system command describes the following information about
system state:
Table 5-21 System state information
Field Description
System Information The state of the main and option slot, power, and fan module.
The range of the temperature of the fan module, but the Corecess R1-AD series
Auxiliary Information
does not provide this information.

Displaying System Module Information
You can display the information of the modules installed in the option slots on the Corecess R1-
AD series using the show module command in Privileged mode. The following is a sample
output of the show module command:
# show module
Codes : * - Internal/Built-in Module, N - Network Attached Module
X - Switch Fabric Module, > - Current Management Module
Module Ports Description Status Serial No.

------- ----- ------------------------------- ---------------- -------------
> A(M2) N/A Control Module active N/A
1 2 OPT_N2GC slot insert,up N/A
2 24 ADSL slot insert,up N/A
Module Version Hw Fw Sw
------ ------------------ ---------------- --------------- ---------------
1 release.rev(patch) 1.1(0) 1.1(0) 1.1(0)
2 release.rev(patch) 1.1(0) 1.1(0) 1.1(0)
#
The table below describes the fields shown by the show module command:
Table 5-22 show module field descriptions
Field Description
Module Slot number which the module is installed on. (1 : option slot, 2~ 3 : base slots)
Ports Number of the ports on the module.
Description Type of the module.
Status Equipment status and operating status of the module.
Serial No. Serial number of the module.
Version Version format.
Hw Hardware version of the module.
Fw Firmware version of the module.
Sw Software version of the module.

5-39
Displaying Memory Usage
You can display the usage of the memories on the Corecess R1-AD series using the show meminfo
command in Privileged mode. The following is a sample output of the show meminfo
command:
# show meminfo
T total: used: free: shared: buffers: cached:
Mem: 111812608 66183168 45629440 0 3944448 41521152
Swap: 0 0 0
MemTotal: 109192 kB
MemFree: 44560 kB
MemShared: 0 kB
Buffers: 3852 kB
Cached: 40548 kB
SwapCached: 0 kB
Active: 9412 kB
Inactive: 49368 kB
HighTotal: 0 kB
HighFree: 0 kB
LowTotal: 109192 kB
LowFree: 44560 kB
SwapTotal: 0 kB
SwapFree: 0 kB
Committed_AS: 63444 kB
VmallocTotal: 1048560 kB
VmallocUsed: 33336 kB
VmallocChunk: 1015224 kB
#
The table below describes the fields shown by the show meminfo command:
Table 5-23 show meminfo field descriptions
Field Description
total Total amount of memory held in bytes.
used Total amount of used memory in bytes.
free Total amount of free memory in bytes.

Mem
shared Total amount of shared memory in bytes.
buffers Total amount of buffer memory in bytes.
cached Total amount of cache memory in bytes.
(Continued)

Field Description
total Total amount of swap in bytes.

Swap used Total amount of used swap in bytes.
free Total amount of free swap in bytes.
MemTotal Total amount of memory in Kilobytes.
MemFree Total amount of free memory in Kilobytes.
MemShared Total amount of shared memory in Kilobytes.
Buffers Total amount of buffer memory in Kilobytes.
Cached Total amount of cache memory in Kilobytes.
SwapCached Total amount of swap cache in Kilobytes.
Active Amount of buffer or cache memory currently allocated in kilobytes.
Inactive Amount of free buffer or cache memory in Kilobytes.
Amount of memory which is not mapping to kernel directly. This is different

HighTotal
according to the type of the used kernel.
Amount of free memory which is not mapping to kernel directly. This is different
HighFree
Amount of memory which is not mapping to kernel directly. This is different

LowTotal
Amount of free memory which is not mapping to kernel directly. This is different
LowFree
SwapTotal Total amount of swap in Kilobytes.
SwapFree Total amount of free swap in Kilobytes.

5-41
Chapter 6 Configuring Ports
This chapter describes how to change port configuration settings.
9 Configuring Gigabit Ethernet Ports 6-2
9 Configuring ADSL Ports 6-10

Configuring Gigabit Ethernet Ports
This section describes how to configure basic Gigabit Ethernet port parameters. The
configurations mentioned in this section are applied to Gigabit Ethernet interface of the
Corecess R1-AD series.
Default Gigabit Ethernet Configurations

The following table lists the Gigabit Ethernet default configuration.
Table 6-1 Default Gigabit Ethernet Configurations
Feature Default setting
Admin status Enable
Port name None configured
Port priority level Normal
10/100Base-TX Auto
Duplex mode
1000Base-LX
Full-duplex
1000Base-SX
Port speed Auto
STP status Disable
10/100Base-TX 19
Cost
1000Base-LX
4
1000Base-SX
Port STP priority 32
VLAN All ports belong to the default VLAN (ID : 1, name: DEFAULT)
When change the Gigabit Ethernet port configurations, the change becomes part of the running
configuration. The change does not automatically become part of the startup configuration file
in Flash memory. If you do not save your changes in Flash memory, they are lost when the
system is restarted. To save the changes of the Gigabit Ethernet port configuration in Flash
memory, you must enter the write memory command in Privileged mode.

Configuring Gigabit Ethernet Ports
This section describes the following Gigabit Ethernet port configuration tasks:
y Disabling or enabling the Gigabit Ethernet port
y Setting the port speed and duplex mode
y Setting port name
y Setting port trap
Disabling or Enabling the Gigabit Ethernet Port

By default, all Gigabit Ethernet ports on the Corecess R1-AD series are enabled. To configure
the administrative state of a port (disabling a port or re-enabling a port), enter the following
command in Global configuration mode:
Table 6-2 Configuring administrative state of Gigabit Ethernet port
Command Task
y <port-type>: Port type

- gigabitethernet: Gigabit Ethernet port
port <port-type> <slot>/<port> y <slot>: Slot number (1)
admin {enble|disable} y <port>: Port number (1, 2)
y enable: Enable the specified port.
y disable: Disable the specified port.
The following example shows how to disable Gigabit Ethernet port 1/2:
(config)# port gigabitethernet 1/2 admin disable

(config)#
The following example shows how to re-enable Gigabit Ethernet port 1/1:
(config)# port gigabitethernet 1/1 admin enable

(config)#
Configuring Ports 6-36-3

Setting the Port Speed and Duplex Mode
You can configure the port speed and duplex mode parameters to auto and allow the Corecess
R1-AD series to negotiate the port speed and duplex mode between ports. Follow these
guidelines when configuring the port speed and duplex mode:
y If you set the port speed to auto, the switch automatically sets the duplex mode to auto.
y When you set the port speed to 1000 Mbps, the duplex mode is full duplex. You cannot
change the duplex mode.
y If the port speed is set to 10 or 100 mbps, the duplex mode is set to half duplex by default
unless you explicitly configure it.
To set the speed and duplex parameters on a port, enter the following commands in Global
configuration mode:
Table 6-3 Configuring Gigabit Ethernet port speed and duplex mode
Command Task
1. Set the speed on the specified port.

y <slot>: Slot number (1)
port <port-type> <slot>/<port> y <port>: Port number (1, 2)
speed <speed> y <speed>: Port speed
- auto: Speed is auto negotiated.
- 1000: 1000Mbps
- 100: 100Mbps
- 10: 10Mbps
2. Set the port duplex mode.

port <port-type> <slot>/<port> y <slot>: Slot number (1)
duplex <duplex-mode> y <port>: Port number (1, 2)
y <duplex-mode>: Duplex mode
- auto: Duplex mode is auto negotiated.
- full: Full-duplex mode
- half: Half-duplex mode
Note:
y 1000Base-SX/LX port supports only full-duplex mode.
y To not use autonegotiation featue, you should configure both the port speed and the
duplx mode.

This example shows how to set the port speed and duplex mode on the Gigabit Ethernet port
1/1:
(config)# port gigabitethernet 1/1 speed 100

(config)# port gigabitethernet 1/1 duplex full
(config)#
Setting Port Name

You can assign names to the Gigabit Ethernet ports to facilitate system administration. To
assign a name to a port, enter the following command in Global configuration mode:
Table 6-4 Setting Gigabit Ethernet port name
Command Task

port <port-type> <slot>/<port>
name <port-name>
y <port>: Port number (1, 2)
y <port-name>: Port name
This example shows how to set the name for Gigabit Ethernet port 1/1.
(config)# port gigabitethernet 1/1 name uplink-port

(config)#

Setting Port Trap
You can enable or disable the operation of the standard SNMP link trap (up or down) for a
Gigabit Ethernet port.
By default, the SNMP link trap of the ports on the Corecess R1-AD series is disabled. To
configure the operation of the standard SNMP link trap, enter the following command in Global
configuration mode:
Table 6-5 Setting Gigabit Ethernet port trap
Command Task

port <port-type> <slot>/<port> - gigabitethernet: Gigabit Ethernet port
trap link-status y <slot>: Slot number (1)
y <port>: Port number (1, 2)
This example shows how to enable the SNMP link trap for the Gigabit Ethernet port 1/1:
(config)# port gigabitethernet 1/1 trap link-status

(config)#
To disble the SNMP link trap, use no port <port-type> <slot>/<port> trap link-
status command. This example shows how to disable the SNMP link trap for the Gigabit
Ethernet port 1/1:
(config)# no port gigabitethernet 1/1 trap link-status

(config)#

Displaying Gigabit Ethernet Port Information
This section describes how to display the information about Gigabit Ethernet port configuration.
Displaying Gigabit Ethernet Port Information

To display the configuration information and statistics for a specific Gigabit Ethernet port, enter
show port <port-type> <slot>/<port> command in Privileged mode.
This example shows how to display the configuration information and statistics for the 1/1
Gigabit Ethernet port:
# show port gigabitethernet 1/1
Port Name Status Vlan FlwCtl Duplex Speed Type

----- -------------- ---------- ----- ------- ------- --------- ------------
1/1 uplink-port notconnect 1 a-off full 0 1000BaseT
AdminStatus Media-type STP RSTP Edge Trap LinkAgg.

----------- ---------- ---------- ---------- ---------- ----------
enable none disable disable disable off
Port Admin Speed Limited Speed Active Speed

----- ---------------- ---------------- -----------------
1/1 0 M Unlimited 0 M
If Index Logical ID
---------- ----------
1 1
access-type : tranparent
Port 1/1 Statistics Counters

All(bytes) Unicast Multicast Broadcast Discard Error
-------------- ------------- ------------- ------------ ---------- ---------
in 0 0 0 0 0 0
out 0 0 0 0 0 0
Port Error Counters

input(0): runt/shortCRC/normalCRC/normalAlign/longCRC (0/0/0/0/0)
output(0): defered(0) collision single/multi/consecutive/late (0/0/0/0/0)

Extension status
N/A
#
The following table describes the fields in the show port <port-type> <slot>/<port>
command output:
Table 6-6 Show port field descriptions
Field Description
Port Slot number / port number of the port.
Name Name of the port.
Status Connecting status of the port.
Vlan VLAN ID which the port belongs to.
FlwCtl Whether to enable the flow control function.
Duplex Duplex mode of the port.
Speed Speed of the port.
Type Type of the port.
AdminStatus Administrative status of the port (enable, disable).
Media-type Media type (MDI/MDIX) of the port (none).
STP STP status of the port (enable, disable).
RSTP Edge RSTP status of the port (enable, disable).
Whether to enable displaying trap messages of the ADSL port (enable,

Trap
disable).
LinkAgg. LACP status of the port (on, off).
Admin Speed Maximum speed of the port.
Limited Speed Limited speed of the port.
Active Speed Current speed of the port.
If Index Interface number of the port.
Logical ID Logical ID of the port.
All Total number of the incoming packets on the port.
Unicast Total number of the incoming unicast packets on the port.

in
Multicast Total number of the incoming multicast packets on the port.
Broadcast Total number of the incoming broadcast packets on the port.

Field Description
Discard Number of the incoming packets discarded on the port.

in
Error Number of the incoming packets with errors on the port.
All Total number of the outgoing packets on the port.
Unicast Total number of the outgoing packets on the port.
Multicast Total number of the outgoing packets on the port.

out
Broadcast Total number of the outgoing packets on the port.
Discard Total number of the outgoing packets on the port.
Error Total number of the outgoing packets on the port.
Number of frames received without Start of Frame Delimiter detection but

Runt
with carrier assertion.
shortCRC Number of frames less than 64 bytes in length, received with CRC error.
Number of frames with lengths between 64 bytes and the maximum frame
input normalCRC
size, received with an integral number of bytes and a CRC error.
Number of frames with lengths between 64 bytes and the maximum frame
normalAlign
size, received with a non integral number of bytes and a CRC error.
Number of frames, larger then the maximum frame size, received with a CRC
longCRC
error.
Number of frames deferred at the first transmit attempt due to a busy line in
Deferred
half duplex mode.
Single Number of frames transmitted without any error following a single collision.
Number of frames transmitted without any error following multiple

output Multi
collisions.
Number of frames that have experienced 16 consecutive collisions or more,

consecutive
not including late collisions.
Number of transmission abortion due to a collision occurring after the

Late
transmission of the first 64 bytes fo that packet.

Configuring ADSL Ports
This section describes how to configure basic ADSL port parameters. The configurations
mentioned in this section are applied to ADSL interface of the Corecess R1-AD series.
Default ADSL Configurations

The following table lists the ADSL default configuration.
Table 6-7 Default ADSL configurations
Feature Default Value
Port Enable State All ports are enabled
ADSL Line Operating Mode Auto
ADSL Data Transmission Mode Interleave
Alarm Threshold All items are set to zero
Bit Swap (Up Stream / Down Stream) Enabled/Enabled
INP (Up Stream / Down Stream) 0/0
Interleave delay (Up Stream / Down Stream) 16/16 msec
Line Speed (Up Stream / Down Stream) 1528/24544 Kbps
Target (Up Stream / Down Stream) 6.0/6.0 dB
SNR margin Max (Up Stream / Down Stream) 31/31 dB
Min (Up Stream / Down Stream) 0/0 dB
Enable State (Up stream/ Down Stream) Enabled/ Enabled
SRA Up Margin (Up stream/ Down Stream) 31/ 31 dB

(Seamless
Down Margin (Up Stream/ Down Stream) 3/ 3 dB
Rate
Adaptation) Up Interval (Up Stream/ Down Stream) 10/ 10 dB
Down Interval (Up Stream/ Down Stream) 10/ 10 dB
PWRMNG (Power Management) L0
Trellis Encoding Enabled
When change the ADSL port configurations, the change becomes part of the running
configuration. The change does not automatically become part of the startup configuration file
in Flash memory.

If you do not save your changes in Flash memory, they are lost when the system is restarted. To
save the changes of the ADSL port configuration in Flash memory, you must enter the write
memory command in Privileged mode.
Configuring Ports 6-11

6-11
Configuring ADSL Ports
This section describes the following ADSL port configuration tasks:
y Disabling or enabling the ADSL port
y Setting ADSL line operating mode

y Setting ADSL link speed
y Setting ADSL data transmission mode
y Setting interleave delay

y Setting SNR margin
y Setting SRA
y Setting pwrmng
y Configuring port filtering
Disabling or Enabling the ADSL Port

By default, all ADSL ports on the Corecess R1-AD series are enabled. To configure the
administrative state of an ADSL port, perform this task in Global configuration mode:
Table 6-8 Configuring administrative state of ADSL port
Command Task

port adsl <slot>/<port> y <port>: Port number (1 ~ 24, 48)
admin {enble|disable} y enable: Enable the specified ADSL port.
y disable: Disable the specified ADSL port.
The following example shows how to disable ADSL port 2/1:
(config)# port adsl 2/2 admin disable

(config)#
The following example shows how to re-enable ADSL port 2/1:
(config)# port adsl 2/1 admin enable

(config)#

Setting ADSL Line Operating Mode
To set the ADSL line operating mode, use the following commands in Global configuration
mode:
Table 6-9 Setting ADSL line operating mode
Command Task
Dsl 1. Enter DSL mode.
2. Set the operating mode of the specified port.

y <port>: Port number (1 ~ 24, 48)
y adsl.bis: Configures the ADSL line to train in the adsl.bis
adsl linecoding mode.
<slot>/<port> y adsl.bis.plus: Configures the ADSL line to train in the
{adsl.bis|adsl.bis.plus|aut adsl.bis.plus mode.
o|g.dmt|g.lite|t1.413} y auto: Configures the ADSL line to train in the auto mode.
y g.dmt: Configures the ADSL line to train in the G.dmt mode.
y g.lite: Configures the ADSL line to train in the G.lite mode.
y t1.413: Configures the ADSL line to train in the ANSI
T1.413 Issue 2 mode.
4. Verify the ADSL parameter configuration.

show adsl linecoding
<slot>/ <port> configured y <slot>: Slot number (2)
This example shows how to set the line operating mode of the ADSL port 2/1 to G.dmt mode:
(config)# dsl
(config-dsl)# adsl linecoding port 2/1 g.dmt
(config)# end
# show adsl linecoding 2/1 configured
2/01 : g.dmt

6-13
Setting ADSL Link Speed
To set the maximum downstream and upstream speed for an ADSL port, use the following
commands in Global configuration mode:
Table 6-10 Setting ADSL upstream and downstream rates
Command Task
2. Set the downstream and upstream rates.

adsl speed <slot>/<port> y <slot>: Slot number (2)
ds <down-speed> y <port>: Port number (1 ~ 24, 48)
us <up-speed> y <down-speed>: Downstream speed (64 ~ 32736 Kbps)
y <up-speed>: Upstream speed (64 ~ 1024 Kbps)
4. Verify downstream and upstream rates.

show adsl speed
<slot>/<port> configured y <slot>: Slot number (2)
This example shows how to set the maximum downstream and upstream speed to 24Mbps, and
1Mbps respectively:
(config)# dsl
(config-dsl)# adsl speed 2/1 ds 24576 us 1024
(config)# end
# show adsl speed 2/1 configured
DS / US [Kbps]
2/01 : 24576 / 1024
To display the current ADSL link speed, execute show adsl speed <slot>/<port>
current command in Privileged mode. The following example shows how to display the
current ADSL link speed.
# show adsl speed 2/1 current

DS / US [Kbps]
2/01 : 22867 / 903

#

Setting ADSL Data Transmission Mode
To configure the ADSL data transmission mode, use the following commands in Global
configuration mode:
Table 6-11 Configuring ADSL data transmission mode
Command Task
2. Set the transmission mode of the specified port.

adsl latency y <slot>: Slot number (2)
<slot>/<port> y <port>: Port number (1 ~ 24, 48)
{fast|interleaved} y fast: An interleave buffer is not used.
y interleaved: An interleave buffer is used. (Default)
4. Verify the transmission mode configuration.

show adsl latency
<slot>/<port>
The following example shows how to set the ADSL data transmission mode of the port 2/1 to
‘interleaved’ mode and verify the result:
(config)# dsl
(config-dsl)# adsl latency 2/1 interleaved
(config)# end
# show adsl latency 2/1
2/01 : interleaved

6-15
Setting Interleave Delay
Interleaving is an encoding technique to protect against impulse (burst) noise on the line.
Interleaving enhances error correction by adding the transmission delay at the sending side.
The default downstream/upstream interleave delay is 16/16 msec. To set the maximum
interleave delay, use the following commands in Global configuration mode:
Table 6-12 Setting interleave delay
Command Task
2. Set the downstream and upstream interleaving delay times.

adsl maxinterleavedelay y <port>: Port number (1 ~ 24, 48)
<slot>/<port> ds <down- y <down-depth>: The maximum downstream interleave delay (1 ~
depth> us <up-depth> 64 msec)
y <up-depth>: The maximum upstream interleave delay (1 ~ 64
msec)
show adsl 4. Verify the maximum interleave delay configuration.

interleavedelay y <slot>: Slot number (2)
<slot>/<port> max y <port>: Port number (1 ~ 24, 48)
Note: If impulse noise is a concern, set interleave delay to a value greater than the longest
expected duration of the noise. If delay is a concern, set interleave delay as low as possible.
This example sets the interleaving delay of the ADSL port 2/1-10 to 16 msec in both directions,
and displays the results:
(config)# dsl
(config-dsl)# adsl maxinterleavedelay 2/1-10 ds 16 us 16
(config)# end
# show adsl interleavedelay 2/1-10 max
DS / US [ms]
2/01 : 16 / 16 2/02 : 16 / 16
2/03 : 16 / 16 2/04 : 16 / 16

2/05 : 16 / 16 2/06 : 16 / 16
2/07 : 16 / 16 2/08 : 16 / 16
2/09 : 16 / 16 2/10 : 16 / 16
#
To display the current value of interleaving delay, execute show adsl interleavedelay
<slot>/<port> current command in Privileged mode. This following example shows how
to display the current value of interleaving delay.
# show adsl interleavedelay 2/1-10 current
DS / US [ms]
2/01 : 5 / 15 2/02 : 5 / 15
2/03 : 5 / 15 2/04 : 6 / 15
2/05 : 5 / 15 2/06 : 5 / 15
2/07 : 5 / 15 2/08 : 5 / 16
2/09 : 5 / 15 2/10 : 5 / 15
#

6-17
Specifying Target, Maximum, and Minimum SNR Margin
You can configure the target, maximum, and minimum SNR margin for downstream and
upstream.
y Target SNR margin is the noise margin the modem must achieve with a BER of 10-7 or better
to successfully complete initialization.
y If the actual SNR margin is above the configured maximum noise margin, the modem
attempts to reduce its power output to optimize its operation.
y If the actual SNR margin is less than the configured minimum noise margin, startup fails and
is again attempted, with increased power output
The SNR margins of all the ADSL ports are set to the following value by default:
y Target downstream/upstream SNR margin: 6dB
y The maximum downstream/upstream SNR margin: 31dB
y The minimum downstream/upstream SNR margin: 0dB
To specify the SNR margin for the downstream and upstream, follow the steps in the table
below:
Table 6-13 Specifying the SNR margin
Command Task
Dsl 1. Enter the DSL configuration mode.
2. Change the SNR margin.

y <slot>: Slot number (1 ~ 8)
adsl snrmargin
<slot>/<port>
y target: Sets the target SNR margin.
{target|max|min}
y maxnm: Sets the maximum SNR margin.
ds <ds-margin>
y minnm: Sets the minimum SNR margin.
us <us-margin>
y <ds-margin>: SNR margin for the downstream (0 ~ 31dB).
y <us-margin>: SNR margin for the upstream (0 ~ 31dB).
4. Verify the configuration.

y <slot>: Slot number (1 ~ 8)
show adsl snrmargin y <port>: Port number (1 ~ 24, 48)
<slot>/<port> y current: Verify the current SNR margin.
{current|max|min|target} y target: Verify target SNR margin.
y maxnm: Verify maximum SNR margin.
y minnm: Verify minimum SNR margin.

The following example shows how to specify the SNR margins for the ADSL port 2/1:
(config)# dsl
(config-dsl)# adsl snrmargin 2/1 target ds 6 us 6
(config-dsl)# adsl snrmargin 2/1 max ds 20 us 20
(config-dsl)# adsl snrmargin 2/1 min ds 5 us 5
(config)# end
# show adsl snrmargin 2/1 target
DS / US [dB]
2/01 : 6 / 6
# show adsl snrmargin 2/1 max
DS / US [dB]
2/01 : 20 / 20
# show adsl snrmargin 2/1 min
DS / US [dB]
2/01 : 5 / 5
#

6-19
Setting SRA
Seamless rate adaptation (SRA), a key feature of ADSL2, enables the transceiver to change the
data rate of the connection while in operation without any service interruption or bit errors.
When SRA occurs, a downstream rate change trap will be generated during runtime.
SRA can be enabled/disabled dynamically. The receiver initiates SRA, therefore in the
downstream direction the CPE is the master and enables SRA.
The following figure provides a pictorial view of SRA and how SRA parameters will be used to
manage rate adjustment.
To specify the SRA, follow the steps in the table below:

Table 6-14 Specifying the SRA
Command Task
DSL 1. Enter the DSL configuration mode.
adsl sra <slot/port> ds

(enable|disable) us 2. Enable or disable SRA for the down stream and up stream.
(enable|disable)
3. Set several parameters that are used when SRA enabled.
y Upmargin: sets the upshift SNR margin. If the downstream SNR

margin rises above the value and stays above that specified level
for more than the time specified by the upinterval, the ATU-
C/R will attempt to increase the downstream data rate. The
valid range is 0 to 31 dB with 1 dB steps.
y Downmargin: sets the downshift SNR margin. If the
downstream SNR margin falls below the level specified this
adsl sra <slot/port> (ds|us)
value, and stays below that specified level for more than the
downmargin <0-31>
time specified by downinterval, the ATU-C/R will attempt to
upmargin <0-31>
decrease the downstream data rate. The valid range is 0 to 31 dB
downinterval <1-16383>
with 1 dB steps.
upinterval <1-16383>
y Upinterval: sets the interval of time the downstream SNR
margin should stay above the upmargin before the ATU-C/R
attempts to increase the downstream data rate. The valid range
is 1 to 16383 seconds.
y Downinterval: sets the interval of time the downstream SNR
margin should stay below the downmargin before the ATU-
C/R attempts to decrease the downstream data rate. The valid
range is 1 to 16383 seconds.
End 4. Return to the Privileged mode.
show adsl
5. Show configured SRA related parameters.
sra <slot/port>
The following example shows how to set the SRA:
# show adsl sra 2/1-24
Down Stream Up Stream
Margin[dB] Interval[sec] Margin[dB] Interval[sec]
DN / UP DN / UP DN / UP DN / UP
2/01 : enable 3 / 31 10 / 10 enable 3 / 31 10 / 10
2/02 : enable 3 / 31 10 / 10 enable 3 / 31 10 / 10

6-21
2/03 : enable 3 / 31 10 / 10 enable 3 / 31 10 / 10
2/04 : enable 3 / 31 10 / 10 enable 3 / 31 10 / 10
2/05 : enable 3 / 31 10 / 10 enable 3 / 31 10 / 10
2/06 : enable 3 / 31 10 / 10 enable 3 / 31 10 / 10
2/07 : enable 3 / 31 10 / 10 enable 3 / 31 10 / 10
2/08 : enable 3 / 31 10 / 10 enable 3 / 31 10 / 10
2/09 : enable 3 / 31 10 / 10 enable 3 / 31 10 / 10
2/10 : enable 3 / 31 10 / 10 enable 3 / 31 10 / 10
2/11 : enable 3 / 31 10 / 10 enable 3 / 31 10 / 10
2/12 : enable 3 / 31 10 / 10 enable 3 / 31 10 / 10
2/13 : enable 3 / 31 10 / 10 enable 3 / 31 10 / 10
2/14 : enable 3 / 31 10 / 10 enable 3 / 31 10 / 10
2/15 : enable 3 / 31 10 / 10 enable 3 / 31 10 / 10
2/16 : enable 3 / 31 10 / 10 enable 3 / 31 10 / 10
2/17 : enable 3 / 31 10 / 10 enable 3 / 31 10 / 10
2/18 : enable 3 / 31 10 / 10 enable 3 / 31 10 / 10
2/19 : enable 3 / 31 10 / 10 enable 3 / 31 10 / 10
2/20 : enable 3 / 31 10 / 10 enable 3 / 31 10 / 10
2/21 : enable 3 / 31 10 / 10 enable 3 / 31 10 / 10
2/22 : enable 3 / 31 10 / 10 enable 3 / 31 10 / 10
2/23 : enable 3 / 31 10 / 10 enable 3 / 31 10 / 10
2/24 : enable 3 / 31 10 / 10 enable 3 / 31 10 / 10
# conf t
(config)# dsl
(config-dsl)# adsl sra 2/1 ds disable us disable
(config-dsl)# adsl sra 2/2 ds downmargin 4 upmargin 30 downinterval 9
upinterval 11
(config-dsl)# end
# sh adsl sra 2/1-2

Down Stream Up Stream
Margin[dB] Interval[sec] Margin[dB] Interval[sec]
DN / UP DN / UP DN / UP DN / UP
2/01 : disable 3 / 31 10 / 10 disable 3 / 31 10 / 10
2/02 : enable 4 / 30 9 / 11 enable 3 / 31 10 / 10

6-23
Setting pwrmng
y Power Management
First-generation ADSL transceivers operate in full-power (L0 state) mode day and night, even
when not in use. With several millions of deployed ADSL modems, a significant amount of
electricity can be saved if the modems engage in a standby/sleep mode just like computers.
This would also save power for ADSL transceivers operating in small remote units and
digital loop carrier (DLC) cabinets that operate under very strict heat dissipation
requirements
To address these concerns, the ADSL2 standard proposed two power management modes
that helps to reduce overall power consumption, also maintaining ADSL's "always-on"
functionality for the user. These modes include ADSL2's L2 power mode allows a broadband
modem to quickly move from L2 to L0 operation and back without bit errors. Here L0 is the
normal mode of operation with full-blown power meeting requirements of G.992.3.
y L2 Low Power Mode

The L2 power mode is one of the most important innovations of the ADSL2 standard. ADSL2
transceivers can enter and exit the L2 low power mode based on the Internet traffic over the
ADSL connection. When large files are being downloaded, ADSL2 operates in full power
mode (called "L0" power mode) in order to maximize the download speed. When Internet
traffic decreases, such as when a user is reading a long text page, ADSL2 systems can
transition into L2 low power mode, in which the data rate is significantly decreased and
overall power consumption is reduced.
y L3 Low Power Mode

The L3 power mode is a sleep mode where no traffic can be communicated over the ADSL
connection when the user is not online. When the user returns to go on-line the ADSL
transceiver requires approximately three seconds to get re-initialized and to enter into
steady-state communication mode.
This mode enables overall power savings at both the ATU-C and the remote ADSL
transceiver unit (ATU-R) by entering into sleep mode when the connection is not being used
for extended periods of time.
To specify the pwrmng, follow the steps in the table below:

Table 6-15 Setting pwrmng
Command Task
DSL 1. Enter the DSL configuration mode.
adsl pwrmng <slot/port>

2. Enable or disable SRA for the down stream and up stream.
(l0|l0l2|l0l2l3|l0l3)
Show adsl
pwrmng <slot/port> 4. Show configured (or current) pwrmng.
(configured|current)
The following example shows how to use adsl pwrmng:
(config-dsl)# adsl pwrmng 2/1 l0l2

(config-dsl)# end
# sh adsl pwrmng 2/1-24 configured
2/01 : L0 L2 2/02 : L0
2/03 : L0 2/04 : L0
2/05 : L0 2/06 : L0
2/07 : L0 2/08 : L0
2/09 : L0 2/10 : L0
2/11 : L0 2/12 : L0
2/13 : L0 2/14 : L0
2/15 : L0 2/16 : L0
2/17 : L0 2/18 : L0
2/19 : L0 2/20 : L0
2/21 : L0 2/22 : L0
2/23 : L0 2/24 : L0
# sh adsl pwrmng 2/1-24 current
2/01 : L0 2/02 : L0
2/03 : L0 2/04 : L0
2/05 : L0 2/06 : L0
2/07 : L0 2/08 : L0
2/09 : L0 2/10 : L0
2/11 : L0 2/12 : L0
2/13 : L0 2/14 : L0
2/15 : L0 2/16 : L0
2/17 : L0 2/18 : L0

6-25
2/19 : L0 2/20 : L0
2/21 : L0 2/22 : L0
2/23 : L0 2/24 : L0

Specifying Bit Swapping
You can specify bit swapping, which can maximize error performance by attempting to
maintain an acceptable margin for each bin by equalizing the margin across all bins through bit
reallocation. By default, the bitswapping of the ADSL ports on the Corecess R1-AD series are
disabled.
To specify the bit swapping, follow the steps in the table below:
Table 6-16 Specifying the bitswapping
Command Task
2. Enable or disables the bit swapping.

adsl bitswap <slot>/<port> y <port>: The port number (1 ~ 24, 48)
ds {enable | disable} y ds: down stream
us {enable | disable} y us: up stream
y enable: Enables the bitswapping.
y disable: Disables the bitswapping.

show adsl bitswap
<slot>/<port>
y <port>: The port number (1 ~ 24, 48)
The following is an example of enabling the bitswap status of the ADSL port 2/1:
(config)# dsl
(config-dsl)# adsl bitswap 2/1 ds enable us enable
(config-dsl)# end
# show adsl bitswap 2/1
DS / US
2/01 : enable / enable

6-27
Specifying Trellis Encoding
You can enable or disable the Trellis coding on the specified ADSL port. Trellis coding is a
method of forward error correction in which each signal is assigned a coded binary value. This
value represents the phase and amplitude of that signal, allowing the receiving modem to
determine whether a given signal is received in error. By default, the Trellis encoding of all the
ADSL ports on the Corecess R1-AD series is enabled.
To enable or disable the Trellis encoding, follow the steps in the table below:
Table 6-17 Configuring the Trellis encoding
Command Task
2. Enable or disables the Trellis encoding.

adsl trellis <slot>/<port>
{enable|disable}
y enable: Enables the Trellis encoding.
y disable: Disables the Trellis encoding.

show adsl trellis
<slot>/<port>
The following is an example of disabling Trellis encoding of the port 2/1 and verifies the
configuration :
(config)# dsl
(config-dsl)# adsl trellis 2/1 disable
(config-dsl)# end
# show adsl trellis 2/1
2/01 : disable

Configuring the Impulse Noise Protection
INP specifies the minimum impulse noise protection for the downstream/upstream bearer
channel. The impulse noise protection (INP) is expressed in symbols and, can be set to the
values 0, ½, 1 or 2 symbols. For example, an INP value of 1 means that 1 symbol can be
corrected, i.e., a burst of noise for 1 symbol length/duration can be corrected without errors.
One symbol equals 250 µs, so an INP of 1 correlates to a correction time of 250 µs.
To configure INP for the downstream bearer channel, follow the steps in the table below:
Table 6-18 Configuring the impulse noise protection
Command Task
2. Set impulse noise protection value.

adsl inp <slot>/<port>
ds <ds-inp> us <us-inp>
y <ds-inp>: INP value for downstream.
y <us-inp>: INP value for upstream.

show adsl inp
<slot>/<port>
The following example shows how to set INP value and verify the configureaion.
(config)# dsl
(config-dsl)# adsl inp 2/1 ds 1 us 2
(config-dsl)# end
# show adsl inp 2/1
DS / US [symbol rate]
2/01 : 1 / 2

6-29
Resetting ADSL Port
To reset a specified ADSL port, follow the steps in the table below:
Table 6-19 Restting ADSL port
Command Task
2. Reset a specified ADSL port.

adsl reset <port>/<slot> y <slot>: Slot number (2)
The following example shows how to reset the ADSL port 2/1.
(config)# dsl
(config-dsl)# adsl reset 2/1
OK!
#

Configuring Multiple PVCs
The Corecess R1-AD series supports multiple PVCs (Permanent Virtual Circuits) to provide
Triple Play Service. This section describes how to configure multiple PVCs on the Corecess R1-
AD series.
Creating a PVC
If you want to use multiple services such as Internet access, Video on Demand, and Broadcast
TV service, you should create multiple PVCs on a DSL port. Each service requires its own PVC.
The limitation in the number of PVCs supported by the Corecess R1-AD series is as follow:
y You can configure up to 192 PVCs per system.
y You can configure up to 4 PVCs per ADSL port.
To create a PVC on an ADSL port, use the following commands in Global configuration mode:
Table 6-20 Creating a PVC
Command Task
1. Creates a PVC.
y <slot>/<port>: Slot number (2) and port number (1 ~ 24, 48) to
port adsl create a PVC.
<slot>/<port>.<channel>
y <channel>: The logical channel number of a PVC (1 ~ 8).
pvc <vpi>/<vci>
y <vpi>: VPI value for a PVC. Possible VPI values are 0 ~ 255.
y <vci>: VCI value for a PVC. Possible VCI values are 32 ~ 65534.
(Continued)

6-31
Command Task
port <port-type>
<slot>/<port>.<channel> 2. Specifies ATM service category and QoS parameters for the
qos-service cbr [pcr new PVC.
<pcr-rate> cdv <cdv- y <port-type>: The type of the DSL port on which PVC is created
delay>] (adsl)
y <slot>/<port>: Slot number (1 ~ 8) and port number (1 ~ 48) to
port <port-type> create a PVC.
<slot>/<port>.<channel> y <channel>: The logical channel number of a PVC (1 ~ 8).
qos-service nrt-vbr
y cbr: Applies CBR (Constant Bit Rate) service to the PVC.
[pcr <pcr-rate> scr
<scr-rate> mbs <mbs- y nrt-vbr: Applies nrt-VBR-nrt (Non-Real-Time Variable Bit Rate)
cell>] service to the PVC.
y rtvbr: Applies rt-VBR (Real-Time Variable Bit Rate) service to the
port <port-type> PVC.
<slot>/<port>.<channel> y ubr: Applies UBR(Unspecified Bit Rate) service to the PVC.
qos-service rtvbr [pcr y unshape: Applies unshape service to the PVC.
<pcr-rate> scr <scr-
rate> mbs <mbs-cell> y pcr <pcr-rate>: Specifies the Peak Cell Rate for a PVC. The
valid range is 150 ~ 60185 cells or 64 ~ 24000 kbps.
cdv <cdv-delay>]
y scr <scr-rate>: Specifies Sustained Cell Rate for a PVC to
port <port-type> which VBR service is applied. The valid range is 150 ~ 60185 cells or
<slot>/<port>.<channel> 64 ~ 24000 kbps.
qos-service ubr [pcr y cdv <cdv-delay>: Specifies Cell Delay Variation(unit: 10ns) for a
<pcr-rate>] PVC to which CBR service is applied. This value must be set to ‘0’
which is the default setting.
port <port-type> y mbs <mbs-cell>: Specifies the Maximum Burst Size for a
<slot>/<port>.<channel> PVC to which VBR service is applied.
qos-service unshape
End 3. Returns to the Privileged mode.
show dsl vc 4. Verifies the PVC configuration.
Note: When configuring a PVC, ATM service category should be specified but QoS
parameters are optional. If you do not specify QoS parameters for a PVC, the Corecess R1-
AD series set them to the default value (PCR:2320, SCR:2320, MBS:2320, CDVT:0).
The following example creates a PVC with VPI/VCI of 1/253 on the 2/1 ADSL port:
(config)# port adsl 2/1.1 pvc 1/253

(config)# port adsl 2/1.1 qos-service rt-vbr pcr 1024 scr 256 mbs 256 cdv 150
(config)# end
# show dsl vc
2/1.1
VirtualPortIndex: 3/1 IfIndex: 27 BridgeIndex: 129
Name: DEFAULT VLAN: 1
VPI/VCI 1/253

Service Category : rt-vbr
Traffic Parameters : PCR/SCR/MBS/CDV 1024/256/256/150
#
To delete a PVC, enter the no port adsl command in the Global configuration mode as
follows:
(config)# no port adsl 2/1.1

(config)#
Assigning PVID to a PVC

When new PVC is created, a PVID value is assigned to the PVC which is of its native VLAN ID
(default is VLAN 1). This PVID can be applied only to untagged incoming packets. To allow
tagged incoming packets, refer to the following section, ‘Configuring VLAN Tag for a PVC’.
To assign a PVID to a PVC, use the following commands in Global configuration mode:
Table 6-21 Assigning PVID to a PVC
Command Task
1. Defines the native VLAN ID, associated with a PVC.

y <port-type>: The type of the DSL port on which PVC is
dot1q port <port-type> created (adsl)
y <slot>/<port>: Slot number (2) and port number (1 ~ 24, 48).
pvid <vlan-id>
y <vlan-id>: Native VLAN ID for a PVC (1 ~ 4094).
show dot1q port <port-

type> 3. Verify VLAN configuration.
The following example configures to assign the VLAN ID of 10 to the PVC which is created on
the 2/1 ADSL port:
(config)# dot1q port adsl 2/1.1 pvid 10

(config)# end
# show dot1q port adsl 2/1.1
Port PVID Acceptable frame types Ingress filter
-------- ---- ---------------------- --------------
2/1.1 10 all off
#

6-33
Configuring VLAN Tag for a PVC
You can assign tagged VLAN ID to a PVC. This allows the PVC to pass only the incoming
packet with the specified tagged VLAN ID. The number limit of tagged VLAN ID which is
assigned to a PVC is as follow:
y You can assign up to 4 tagged VLAN IDs per PVC.
y You can assign up to 120 tagged VLAN IDs per DSL line card.
To assign tagged VLAN IDs to a PVC, use the following commands in Global configuration
mode:
Table 6-22 Configuring VLAN Tag for a PVC
Command Task
1. Assign tagged VLAN IDs for a PVC.

y <port-type>: The type of the DSL port on which PVC is created
dot1q port <port-type> (adsl)
<slot>/<port>.<channel> y <slot>/<port>: Slot number (2) and port number (1 ~ 24, 48) to
tag <vlan-id> create a PVC.
y <vlan-id>: Tagged VLAN ID for a PVC (1 ~ 4094).
show dot1q port <port-

type> 3. Verify PVC tagging configuration.
The following example configures to assign tagged VLAN IDs of 2 and 3 to a PVC which is
created on the 2/1 ADSL port:
(config)# dot1q port adsl 2/1.1 tag 2-3

(config)# end
# show dot1q port adsl 2/1.1
-------- ---- ---------------------- --------------
2/1.1 1 all off
Port allowed 802.1q Vlans
-------- -----------------------------------------------------------------
2/1.1 2-3
#

Multiple PVCs Configuration Example
Here is an example of configuring the following four PVCs on the 2/20 ADSL port:
Internet (2/20.1, 0/36, unshape, 100)

VoIP (2/20.2, 0/37, rt-vbr, 200)
PC
VOD (2/20.3, 0/38, rt-vbr, 300)
Multicast (2/20.4, 0/39, rt-vbr, 400) ADSL Modem
Corecess R1-AD24A
Internet Service
(config)# port adsl 2/20.1 name internet
(config)# port adsl 2/20.1 qos-service unshape
(config)#
VoIP Service
(config)# port adsl 2/20.2 name voip
(config)# port adsl 2/20.2 qos-service rt-vbr
(config)#
VOD Service
(config)# port adsl 2/20.3 name VOD
(config)#
Multicast Service
(config)# port adsl 2/20.4 name multimedia
(config)#

6-35
Displaying ADSL Port Information
This section describes how to display the information about ADSL port configuration and
ADSL line configuration.
Displaying ADSL Port Information

To display the configuration information and statistics for the specific ADSL port, enter show
port adsl <slot>/<port> command in Privileged mode.
This example shows how to display the configuration information and statistics for the 2/1
ADSL port:
# show port adsl 2/1
Port Name Status Vlan FlwCtl Duplex Speed Type

----- ------------ ---------- ----- ------- ------- ------------- ------------
2/1 DEFAULT connected 1 on a-full a-24.05/1.52 ADSL
AdminStatus Media-type STP RSTP Edge Trap LinkAgg.

----------- ---------- ---------- ---------- ---------- ----------
enable none disable disable disable off
Port Admin Speed Limited Speed Active Speed

----- ---------------- ---------------- -----------------
2/1 24/1 None 24.05/1.52
If Index Logical ID
---------- ----------
4 65
access-type : tranparent
Port 2/1 Statistics Counters

All Unicast Multicast Broadcast Discard Error
-------------- ---------- ---------- ---------- ---------- ----------
in 7897 0 3 55 4 0
out 0 0 0 0 0 0
Extension status
N/A
#

The detail description about the fields in the show port adsl command output, refer to the
Table 6-8.
Displaying ADSL Line Configuration Information

To display the ADSL line configuration information of the ADSL module, enter the show adsl
linecoding command in Privileged mode.
Table 6-23 Displaying ADSL line configuration information
Command Task
Displays ADSL line configuration information.

show adsl linecoding y <slot>: Slot number (2)
{configured|current} y configured: Displays configured line coding information.
y current: Displays current line coding information.
The following example shows how to display the configured ADSL line configuration of all
ADSL ports:
# show adsl linecoding 2/1-24 configured

2/01 : adsl.bis.plus 2/02 : adsl.bis.plus
2/11 : auto 2/12 : auto
2/13 : auto 2/14 : auto
2/15 : auto 2/16 : auto
2/17 : auto 2/18 : auto
2/19 : auto 2/20 : auto
2/21 : auto 2/22 : auto
2/23 : auto 2/24 : auto
#

6-37
Displaying ADSL Line Status Information
To display the ADSL line status information of the specified ADSL module, enter the show
adsl linestate command in Privileged mode.
The following example shows how to display the ADSL line status information of the ADSL
port 2/1-10:
# show adsl linestate 2/1-10
2/01 : HandShaking 2/02 : Activating

2/03 : Activating 2/04 : Activating

Displaying ADSL Performance Information
To display ADSL performance data information, enter the show adsl statistics command
in Privileged mode.
Table 6-24 Displaying ADSL performance information
Command Task
Displays ADSL ATU-R/C performance data information.

show adsl statistics y <slot>: Slot number (2)
{alarm|rsword|sferr} y alarm: Displays alarm statistics information.
y rsword: Displays reed Solomon word information.
y sferr: Displays super frame error information.
The following example shows how to display the ADSL alarm statistics information of the
ADSL port 2/1:
# show adsl statistics 2/1 alarm

LOS LOF ES LOL LPR
2/01 : 0 0 0 27 0
#
The following example shows how to display the ADSL RS word information of the ADSL port
2/1:
# show adsl statistics 2/1 rsword

RS Words Corrected Uncorrected Connection Time
DS / US DS / US min sec
2/01 : 0 / 0 0 / 0 0 0
#
The following example shows how to display the ADSL super frame error information of the
ADSL port 2/1:
# show adsl statistics 2/1 sferr

Super Frame Error Connection Time
DS / US min sec
2/01 : 0 / 0 0 10
#

6-39
The following table describes the fields in the show adsl statistics command output:
Table 6-25 Show dsl performance perfdata field descriptions
Field Description
LOS Count of the number of Loss of Link failures since agent reset
LOF Count of the number of Loss of Framing failures since agent reset
Count of the number of Errored Seconds since agent reset. The errored second
ES parameter is a count of one-second intervals containing one or more crc
anomalies, or one or more los or sef defects
LOL Count of the number of Loss of Link failures since agent reset
LPR Count of the number of Loss of Power failures since agent reset
To clear the ADSL statistics counter, excute adsl statistics <slot>/<port>

{alarm|sfrs} command in DSL mode. adsl statistics <slot>/<port> alarm
command clears the counter of alarm parameter. adsl statistics <slot>/<port> sfrs
command clears the counters of both rsword and sferr parameters.
Displaying Information of ADSL Port Configuration

To display the ADSL port information of the specified ADSL port, enter the show adsl
portinfo command in Privileged mode.
The following example shows how to display the ADSL port information of the ADSL port 2/1:
# show adsl portinfo 2/1
2/01 Configured Information
Administration : enable
Speed DS / US [Kbps] : 24576 / 1024
Linecoding : g.dmt
Latency : interleaved
Max Interleaved delay DS / US [ms] : 4 / 4
Target SNR Margin DS / US [dB] : 2 / 2
Max SNR Margin DS / US [dB] : 31 / 31
Min SNR Margin DS / US [dB] : 0 / 0
Trellis : enable
EC or FDM : fdm
Bit Swapping DS / US : enable / enable
INP DS / US [symbol rate] : 0 / 0
Alarm Threshold LOS : 0

LOF : 0
ES : 0
LOL : 0
LPR : 0
SRA Down Stream : enable
Margin[dB] DN / UP : 3 / 31
Interval[sec] DN / UP : 10 / 10
SRA Up Stream : enable
Margin[dB] DN / UP : 3 / 31
Interval[sec] DN / UP : 10 / 10
2/01 Current Information
Line State : HandShaking

Speed DS / US [Kbps] : 0 / 0
Linecoding : unknown
Latency : unknown
Interleaved delay DS / US [ms] : 0 / 0
Current SNR Margin DS / US [dB] : 0.0 / 0.0
Line Attenuation DS / US [dB] : 0.0 / 0.0
Tx Power DS / US [dBm] : 0.0 / 0.0
Alarm Current LOS : 53
LOF : 6
ES : 874
LOL : 85
LPR : 0
Super Frame Error DS / US : 278 / 242
RS Words Corrected DS / US : 0 / 0
RS Words Uncorrected DS / US : 0 / 0
Connection Time min / sec : 0 / 0

6-41
Displaying ADSL Bitmap
To displays number of bits allocated to each of all DMT channel of downstream/upstream for
the ADSL port, execute the following command in Privileged mode.
Table 6-26 Displaying ADSL Bitmap
Command Task
Displays number of bits allocated to each of all DMT channel.

show adsl bitmap y <slot>: Slot number (2)
<slot>/<port> {ds|us} y <port>: Port number (1 ~ 24, 48)
y ds: Downstream
y us: Upstream
The following example shows how to display the ADSL bitmap of the ADSL port 2/1:
# show adsl bitmap 2/1 us
2/01 : ( 32)
0 : ( 0)
1 : ( 0)
2 : ( 0)
3 : ( 0)
4 : ( 0)
5 : ( 0)
6 : ( 2) >>
7 : ( 6) >>>>>>
8 : ( 8) >>>>>>>>
9 : (10) >>>>>>>>>>
.
.
25 : (14) >>>>>>>>>>>>>>
26 : (14) >>>>>>>>>>>>>>
27 : (13) >>>>>>>>>>>>>
28 : (12) >>>>>>>>>>>>
29 : (11) >>>>>>>>>>>
30 : ( 9) >>>>>>>>>
31 : ( 5) >>>>>
#

Displaying ADSL Link Speed
To display the ADSL link speed, execute the following commands in Privileged mode.
Table 6-27 Displaying ADSL Link Speed
Command Task
Displays ADSL link speed of specified port.

show adsl speed y <slot>: Slot number (2)
{current|configured} y current: Display the current ADSL link speed information.
y configured: Display the configured ADSL link speed information
The following example shows how to display the configured speed of ADSL port 2/1-10.
# show adsl speed 2/1-10 configured

DS / US [Kbps]
2/01 : 24544 / 1528 2/02 : 24544 / 1528

2/03 : 24544 / 1528 2/04 : 24544 / 1528
2/05 : 24544 / 1528 2/06 : 24544 / 1528
2/07 : 24544 / 1528 2/08 : 24544 / 1528
2/09 : 24544 / 1528 2/10 : 24544 / 1528
#
The following example shows how to display the current speed of ADSL port 2/1-10.
# show adsl speed 2/1-10 current

DS / US [Kbps]
2/01 : 22867 / 903 2/02 : 22901 / 935

2/03 : 22741 / 943 2/04 : 18461 / 924
2/05 : 22734 / 943 2/06 : 23153 / 967
2/07 : 22859 / 971 2/08 : 22741 / 952
2/09 : 22970 / 935 2/10 : 23199 / 975
#

6-43
Displaying Information of Impulse Noise Protection Configuration
To display the information of Impulse Noise Protection configuration, execute the following
command in Privileged mode.
Table 6-28 Displaying Configuration of Impulse Noise Protection
Command Task
Display the information of Impulse Noise Protection configuration.

show adsl inp
<slot>/<port> y <slot>: Slot number (2)
The following example shows how to display the information of impulse noise protection
configuration.
# show adsl inp 2/1-10

DS / US [symbol rate]
2/01 : 0 / 0 2/02 : 0 / 0
2/03 : 0 / 0 2/04 : 0 / 0
2/05 : 0 / 0 2/06 : 0 / 0
2/07 : 0 / 0 2/08 : 0 / 0
2/09 : 0 / 0 2/10 : 0 / 0
#

Displaying information of Line Attenuation
The line attenuation (LATN) is the difference in dB between the power received at the near-end
and that transmitted from the far-end over all subcarriers.
y Downstream Line Attenuation

This parameter is the measured difference in dB in the total power transmitted by the ATU-C and the
total power received by the ATU-R over all subcarriers during diagnostics mode and initialization.
y Upstream Line Attenuation

This parameter is the measured difference in dB in the total power transmitted by the ATU-R and the
total power received by the ATU-C over all subcarriers during diagnostics mode and initialization.
To display the information of line attenuation, execute the following command in Privileged
mode.
Table 6-29 Displaying Configuration of Impulse Noise Protection
Command Task
Display the information of Impulse Noise Protection configuration.

show adsl lineatt
The following example shows how to display information of line attenuation.
# show adsl lineatt 2/1-2
DS / US [dB]
2/01 : 0.0 / 0.0 2/02 : 0.0 / 0.0

#

6-45
Displaying the Output Power Information
To display the total measured output power transmitted by the ATU-C, execute the following
Table 6-30 Displaying the output power information
Command Task
display the total measured output power.

show adsl txpwr
The following example shows how to display the output power information.
# show adsl txpwr 2/1-10
DS / US [dBm]
2/01 : 0.0 / 0.0 2/02 : 0.0 / 0.0

2/03 : 0.0 / 0.0 2/04 : 0.0 / 0.0
2/05 : 0.0 / 0.0 2/06 : 8.0 / 13.0
2/07 : 0.0 / 0.0 2/08 : 0.0 / 0.0
2/09 : 0.0 / 0.0 2/10 : 0.0 / 0.0
#

Chapter 7 Configuring VLAN
This chapter overviews Virtual LAN and describes how to configure VLAN using several
examples. The tagged VLAN and overlapped VLAN are described in this chapter.
9 VLAN (Virtual LAN) 7-2
9 Configuring VLAN 7-6
9 Displaying VLAN Configuration 7-18
9 VLAN Configuration Commands 7-20

VLAN (Virtual LAN)
A VLAN (Virtual LAN) is a group of ports designated by the switch as belonging to the same
broadcast domain. A VLAN enables the communication only between the devices which
belongs to the same VLAN.
A VLAN is a switched network that is logically segmented by function, project team, or

application, without regard to the physical locations of the users. VLANs have the same
attributes as a physical LAN, but you can group end stations even if they are not located
physically on the same LAN segment. Any switch port can belong to a VLAN, and unicast,
broadcast, and multicast packets are forwarded and flooded only to end stations in the VLAN.
Each VLAN is considered as a logical network, and packets destined for stations that do not
belong to the VLAN must be forwarded through a router or bridge. Because a VLAN is
considered a separate logical network and can support its own implementation of the Spanning
Tree Protocol (STP).
VLANs are often associated with IP subnetworks. For example, all the end stations in a
particular IP subnet belong to the same VLAN. Traffic between VLANs must be routed.
To communicate between two VLANs on the Corecess R1-AD series, the external router is
needed.
Corecess R1-AD Series
Router
Vlan1 Vlan2
Port: 2/1 ~ 2/12 Port: 2/13 ~ 2/24

Types of VLAN
This section describes the types of VLAN can be configured on the Corecess R1-AD series.
Port-Based VLAN
On the Corecess R1-AD series, you can configure port-based VLANs. A port-based VLAN is a
subset of ports on the device that constitutes a broadcast domain.
By default, all the ports on the Corecess R1-AD series are members of the default VLAN. Thus,
all the ports on the Corecess R1-AD series constitute a single broadcast domain. You can
configure multiple port-based VLANs. When you configure a port-based VLAN, the device
automatically removes the ports you add to the VLAN from the default VLAN.
Marketing
Port: 2/17 ~ 24
Corecess R1-AD24
Sales
Port: 2/1 ~ 8 Finance
Port: 2/9 ~ 16
Note : A port can belong to only one port-based VLAN, unless you apply 802.1q tagging
to the port. For detail information about 802.1q tagging, refer to the Tagged VLAN
description.
Configuring VLAN 7-37-3

Default VLAN
By default, all ports on the Corecess R1-AD series belong to the default VLAN (ID: 1). Therefore,
all ports on the Corecess R1-AD series belong to same broadcast domain. To divide the ports
into multiple broadcast domains, define VLANs and assign the port in the default VLAN to
new defined VLANs. After assigning ports to new VLAN, that ports will be removed from the
default VLAN.
The default VLAN should exist on the system and can not be deleted by user. Therefore, you
define a VLAN, there are two VLAN, default VLAN and new VLAN, are on the system. You
can define up to 4094 VLANs on the Corecess R1-AD series including default VLAN.
DEFAULT
Corecess R1-AD24

Tagged VLAN
Tagged VLAN is specified in the IEEE 802.1Q standard. 802.1Q tagging allows a networking
device add a tag header to frames that are sent across the network. A tag header is used to
indicate to which VLAN a frame belongs. This insures that the networking device forwards the
frame to only those ports that belong to that VLAN.
Tagging must be used when connecting two or more Corecess R1-AD series that share a
common VLAN. With tagging, the two devices can logically separate traffic from different
VLANs. The following figure shows an example of two Corecess R1-AD24As that share the
same port-based VLANs configured across them.
Sales
Tagged link
1/1* 1/1*
Corecess R1-AD24-A Corecess R1-AD24-B
Accounting
* : Tagged Port
Each switch in the figure above shares two VLANs through the Gigabit Ethernet port 1/1. The
frames must be tagged between the two devices to determine the frame destination. The
tagging allows the transmittal of frames from the Sales department on the Corecess R1-AD24A-
A to the Sales department on the Corecess R1-AD24A-B and the Accounting department in the
Corecess R1-AD24A-A to the Accounting department in the Corecess R1-AD24A-B. Once the
switch knows the destination of the frame, the tagging is removed and the frame is sent
untagged to the VLAN.

Configuring VLAN
You can configure VLAN on the Corecess R1-AD series when it is starting or running. If you
change VLAN configuration on running, all MAC address that have been learned by the ports
in VLAN will be deleted.
Default VLAN Configuration

Table 7-1 shows the default VLAN configuration for the Corecess R1-AD series:
Table 7-1 Default VLAN configuration
Feature Default Value
VLAN name DEFAULT
VLAN ID 1
Ports All ports belong to the default VLAN.
MTU 1500
STP status Enable
Private Disable
Promisc port None
Tagged VLAN Untagged
When change the VLAN configurations, the change becomes part of the running configuration.
The change does not automatically become part of the startup configuration file in Flash
memory. If you do not save your changes to Flash memory, they are lost when the system
restarts. To save the VLAN configuration changes to Flash memory, you must enter the write
memory command in Privileged mode.

VLAN Configuration Procedure
You can configure VLAN on the Corecess R1-AD series when it is starting or running. If you
change VLAN configuration on running, all MAC address that have been learned by the ports
in VLAN will be deleted.
You can configure VLAN on the Corecess R1-AD series using the following procedures:
y Creating VLANs (Deleting VLANs)
y Assigning ports to the VLAN (Removing ports from the VLAN)
y Assigning IP Address to a VLAN
y Saving the VLAN configuration
Creating a VLAN
In the factory default configuration, all the ports on the Corecess R1-AD series belong to a single
logical broadcast domain, which is given the name DEFAULT. You can partition the default
broadcast domain into multiple logical broadcast domains by adding one or more additional
VLANs and moving ports from the default VLAN to the new VLANs. Because the default
VLAN permanently exists in the Corecess R1-AD series, adding new VLANs results in multiple
VLANs existing in the Corecess R1-AD series.
To create a new VLAN, perform this task in Global configuration mode:
Table 7-2 Creating a VLAN
Command Tasks
1. Define a new VLAN.
vlan id <vlan-id>
name <vlan-name> y <vlan-id>: VLAN ID
y <vlan-name>: VLAN name
End 2. Exit from Global configuration mode.
show vlan 3. Verify that a new VLAN is created.
The following example shows how to create white VLAN on the Corecess R1-AD24A:
(config)# vlan id 2 name white

(config)# end
# show vlan
VLAN Name Status Slot/Port(s)

---- ---------------- -------- ------------------------------------
1 DEFAULT active 1/1-2
2/2-24
2 white active
VLAN Interface IGMPs STP Private PromiscPort(s)

---- ---------- -------- -------- -------- ------------------------
1 disable disable enable Disable None
#
To delete a VLAN, use the no vlan command in Global configuration mode. The following
example deletes the VLAN:
(config)# no vlan id 2
(config)#

Assigning Ports to a VLAN
You should add ports that belong to the default broadcast domain to a VLAN after defining a
VLAN. When ports are assigned to a VLAN, a broadcast domain with assigned ports is created.
If you add ports belonging to the default VLAN to other VLAN, the ports are deleted from the
default VLAN and are added to other VLAN.
To assign ports to a VLAN, perform this task in Global configuration mode:
Table 7-3 Assigning ports to a VLAN
Command Tasks
1. Assign ports to a VLAN.
vlan {id <vlan-id> | name y <vlan-id>: VLAN ID.
<vlan-name>} port <port- y <vlan-name>: VLAN name.
type> <slot>/<port> y <port-type> : Port type (gigabitethernet)
y <slot>/<port>: slot number / port number to be added to the
VLAN.
End 2. Exit from Global configuration mode.
3. Verify that the ports are assigned.
show vlan {id <vlan-id> |
name <vlan-name>} y <vlan-id>: ID of the VLAN to verify.
y <vlan-name>: Name of the VLAN to verify.
The following example shows how to assign 1/2 Gigabit Ethernet ports to the white VLAN:
(config)# vlan name white port gigabitethernet 1/2

(config)# end
# show vlan
---- ---------------- -------- ------------------------------------
1 DEFAULT active 1/1
2/1-24
2 white active 1/2

---- ---------- -------- -------- -------- ------------------------
1 disable disable disable Disable None

To remove ports from the VLAN, use the no vlan command in Global configuration mode.
The following example removes the port 1/2 from the ‘white’ VLAN:
(config)# no vlan name white port gigabitethernet 1/2

(config)# end
# show vlan
---- ---------------- -------- ------------------------------------
2/1-24
2 white active

---- ---------- -------- -------- -------- ------------------------
1 disable disable disable Disable None
#

Assigning IP Address to a VLAN
Once you have defined a VLAN and assigned ports, you need to set the IP address to the VLAN
for managing the VLAN via Telnet or SNMP. Only one IP address of interface can be assigned
to the system.
To assign IP address to a VLAN, perform this task in Global configuration mode:
Table 7-4 Assigning IP address to a VLAN
Command Tasks
1. Enter Interface configuration mode.

interface vlan {id <vlan-id>
| name <vlan-name>} y <vlan-id>: ID of the VLAN to configure.
y <vlan-name>: Name of the VLAN to configure.
2. Assign IP address to a VLAN.
ip address <ip-address>/<M> y <ip-address>: IP address for the VLAN.
y <M>: Subnet mask.
4. Verity the IP address assigned to the VLAN.
show vlan {id <vlan-id> |
name <vlan-name>} y <vlan-id>: ID of the VLAN to display.
y <vlan-name>: Name of the VLAN to display.
The following example shows how to assign IP address and subnet mask, 172.16.1.1/16, to the
default VLAN and verify the result:

(config-if)# ip address 172.16.1.100/16
(config)# end
# show interface vlan id 1
Interface vlan1
HWaddr: 00:90:a3:cc:fb:e6
inet 172.16.1.100/16 broadcast 172.16.255.255
collisions 0
...
Configuring VLAN 7-11

7-11
To remove the IP address of a VLAN, use the no ip address command in Interface
configuration mode. The following example shows how to remove the IP address of the default
VLAN:

(config-if)# no ip address 172.16.1.100/16
(config-if)#
Assigning Secondary IP address to a VLAN

You can specify another IP address to a VLAN. This is called secondary IP address. The
secondary IP address is useful for configuring DHCP server with many DHCP hosts (more than
256 hosts). Only one secondary IP address can be set to the system.
To specify the secondary IP address to the VLAN, use the following command in Global
configuration mode:
Table 7-5 Assigning IP address to a VLAN
Command Tasks
1. Go to Interface configuration mode.
interface vlan {id <vlan-id>
| name <vlan-name>} y <vlan-id>: ID of the VLAN to configure.
y <vlan-name>: Name of the VLAN to configure.
2. Specify the secondary IP address of the VLAN.
ip address <ip-address>/<M>
secondary y <ip-address>: Secondary IP address for the VLAN.
y <M>: Subnet mask.
4. Verity the secondary IP address assigned to the VLAN.
show interface vlan id
<vlan-id> y <vlan-id>: ID of the VLAN to display.
y <vlan-name>: Name of the VLAN to display.
This example shows how to specify the secondary IP address of the VLAN whose id is ‘1’:

(config-if)# ip address 172.16.2.100/16 secondary
(config-if)# end
# show interface vlan id 1
Interface vlan1
HWaddr: 00:90:a3:cc:fb:e6
inet 172.16.1.100/16 broadcast 172.16.255.255
inet 172.16.2.100/16 broadcast 172.16.255.255 secondary

collisions 0
...
To remove the secondary IP address of a VLAN, use the no ip address secondary

command in Interface configuration mode. The following example shows how to remove the
secondary IP address of the default VLAN:

(config-if)# no ip address 172.16.2.100/16 secondary
(config-if)#
Saving VLAN Configuration

When you finish the VLAN configuration, you should save the VLAN configuration to use it
after rebooting the system. To save the current VLAN configuration, use the write memory
# write memory
[OK]
#

7-13
VLAN Configuration Example
This section describes how to configure port-based VLANs using the example of configuring
the following network. If you configure the network as follows, PCs in each subnet can
communicated between, but not possible with other subnets.
DEFAULT sub-1
y ID : 1 y ID : 2
y Port : 2/1~8 y Port : 2/9~16
Corecess R1-AD24
sub-2 sub-3
y ID : 3 y ID : 4
y Port : 2/17~24 y Port : 1/1-2
(config)# vlan id 2 name sub-1

(config)# port adsl 2/9-16.1 pvc 0/35
(config)# port adsl 2/9-16.1 qos-service unshape
(config)# port adsl 2/17-24.1 pvc 0/35
(config)# port adsl 2/17-24.1 qos-service unshape
(config)# dot1q port adsl 2/9-16.1 pvid 2
(config)# dot1q port adsl 2/17-24.1 pvid 3
(config)# vlan id 4 port gigabitethernet 1/1-2
(config)# exit
# show dsl vc
2/9.1

VPI/VCI 0/35
Service Category : unshape
2/10.1
VPI/VCI 0/35
.
.
2/23.1
VPI/VCI 0/35
2/24.1
VPI/VCI 0/35
Note: To activate the state of new VLANs, enter the interface vlan id <vlan-id>
command in Global configuration mode.

7-15
Tagged VLAN Configuration
The following number of tagged VLANs are supported on the Corecess R1-AD series:
y 200 per Gigabit Ethernet
y 32 per ADSL port
y 1536 per system
To configure 802.1Q tagged port on the Corecess R1-AD series, use the following commands in
Privileged mode:
Table 7-6 Configuring tagged port
Command Task
2. If need, create VLANs and assign ports to the VLANs.
2-1. Create a VLAN.

vlan id <vlan-id>
y <vlan-id>: VLAN ID (1 ~ 4094)
name <vlan-name>
y <vlan-name>: VLAN name
2-2. Assign the ports to the VLAN.

vlan {id <vlan-id> | y <vlan-id>: VLAN ID (1 ~ 4094)
name <vlan-name>} y <vlan-name>: VLAN name.
port <port-type> y <port-type>: Port type (gigabitethernet)
<slot>/<port> y <slot>/<port>: Slot number/port number to be added to the
VLAN.
3. Set the specified port or PVC to a tagged port.
dot1q port 3-1. Set the specified Gigabit Ethernet port to a tagged port.
gigabitethernet y <slot>/<port>: Slot number/port number of the Ethernet port
<slot>/<port> tag y <tag-id>: The VLAN ID to be tagged (1 ~ 5, 100, 105 ~ 200)
<tag-id>
3-2. Set the specified PVC on the specified ADSL to a tagged port.
dot1q port adsl y <slot>/<port>: Slot number/port number of the ADSL port
<slot>/<port> vc y <vpi>/<vci>: VCI/VPI value of this PVC
<vci>/<vpi> tag y <tag-id>: The VLAN ID to be tagged (1 ~ 5, 100, 105 ~ 200)
show dot1q port 5. Verify the 802.1Q tagged port configuration.

The following example describes how to configure the Gigabit Ethernet port 1/1 to an 802.1Q
tagged port for VLANs ‘vlan1’ and ‘vlan2’:
Tagged link
1/1* 1/1*
Corecess R1-AD24 Corecess R1-AD24
vlan2 vlan1 vlan2 vlan1

y VLAN ID: 2 y VLAN ID: 1 y VLAN ID: 2 y VLAN ID: 1
y Ports: 1/1-2 (Gigabit Ethernet) y Ports: 2/1-24 (ADSL) y Ports: 1/1-2 (Gigabit Ethernet) y Ports: 3/1-24 (ADSL)
(config)# vlan id 2 name vlan2
(config)# vlan id 2 port gigabitethernet 1/1-2
(config)# dot1q port gigabitethernet 1/1 tag 1-2
(config)# end
# show dot1q
Port allowed 802.1q VLAN TAGs
-------- -----------------------------------------------------------------
1/1 1-2
# show dot1q port gigabitethernet 1/1
---------- ---- ---------------------- --------------
1/1 2 all off
-------- -----------------------------------------------------------------
1/1 1-2
#

7-17
Displaying VLAN Configuration
This section describes how to display VLAN configuration on the Corecess R1-AD series:
Displaying VLAN Configuration

To display the current VLAN configuration on the Corecess R1-AD series, enter the show vlan
command in Privileged mode:
# show vlan
VLAN Name Status Slot/Ports
---- --------------- -------- ------------------------------------
2 vlan1 active 2/-24
VLAN Interface IGMPs STP Private Promisc Port(s)

---- ---------- -------- -------- -------- ------------------------
1 enable disable enable Disable None
#
The following table describes the fields shown by the show vlan command:
Table 7-7 show vlan field descriptions
Field Description
VLAN VLAN id.
Name VLAN name.
Status Administrative status of the VLAN.
Slot/Ports Member ports of the VLAN.
Interface Running status of the VLAN interface.
IGMPs Whether to use the IGMP on the VLAN interface.
STP Whether to use the STP on the VLAN interface.
Private Whether to configure the VLAN as a private VLAN.

Displaying VLAN Tagging Configuration
To display the 802.1Q tagging configuration, use the show dot1q command in Privileged
mode.
The following example displays the 802.1Q tagging configuration of the Corecess R1-AD24A:
# show dot1q
Port allowed 802.1q Static and Dynamic Vlans created by GVRP
-------- -----------------------------------------------------------------
1/1 1-2
#
The following example displays 802.1Q tagging configuration of the Gigabit Ethernet port 1/1:
# show dot1q port gigabitethernet 1/1

---------- ---- ---------------------- --------------
1/1 2 all off
-------- -----------------------------------------------------------------
1/1 1-2
#
The table below describes the fields in the show dot1q command output:
Table 7-8 Show dot1q field descriptions
Field Description
Port Slot number and port number of the port
PVID Port VLAN ID
Acceptable frame types Whether to allow tag only, untag packet
Ingress filter Whether to enable or disable Ingress filter
Allowed 802.1q vlans Tag IDs (VLAN IDs)

7-19
VLAN Configuration Commands
The following table lists the commands for configuring VLAN on the Corecess R1-AD series:
Table 7-9 VLAN configuration commands
Command Description
interface vlan Enter Interface configuration mode.
vlan id name Creates a VLAN.
vlan port Adds ports to the VLAN.
vlan id private-vlan Configures overlapped VLANs.
dot1q port Configures 802.1Q tagging on a port.
ip address Assigns an IP address and subnet mask to the VLAN interface.
show dot1q Displays 802.1q tagging configuration.
show vlan Displays the VLAN configuration.

Chapter 8 Configuring SNMP and RMON
This chapter describes how to configure SNMP and RMON on the Corecess R1-AD series.
9 Configuring SNMP 8-2
9 Configuring RMON 8-12
9 SNMP and RMON Configuration Commands 8-27

Configuring SNMP
SNMP (Simple Network Management Protocol) Overview
The Simple Network Management Protocol (SNMP) is an application layer protocol that
facilitates the exchange of management information between network devices. It is part of the
Transmission Control Protocol/Internet Protocol (TCP/IP) protocol suite. SNMP enables
network administrators to manage network performance, find and solve network problems,
and plan for network growth.
SNMP Basic Components

SNMP consists of the following three key components:
y Managed Device
y SNMP Agent and Management Information Base (MIB)
y SNMP Manager
SNMP
Manager
Managed Managed Managed

Device Device Device
SNMP Agent SNMP Agent SNMP Agent

MIB MIB MIB
Managed Device
A managed device is a network node that contains an SNMP agent and that resides on a
managed network. Managed devices collect and store management information and make this
information available to NMSs using SNMP. Managed devices, sometimes called network
elements, can be routers and access servers, switches and bridges, hubs, computer hosts, or
printers.

SNMP Agent and MIB
The SNMP agent is a network management module running in the managed device. The SNMP
agent responds to SNMP manager requests as follows:
y Get a MIB variable: The SNMP agent initiates this function in response to a request from the
NMS. The agent retrieves the value of the requested MIB variable and responds to the NMS
with that value.
y Set a MIB variable: The SNMP agent initiates this function in response to a message from the
NMS. The SNMP agent changes the value of the MIB variable to the value requested by the
NMS.
The SNMP agent also sends unsolicited trap messages to notify an NMS that a significant event
has occurred on the agent. Examples of traps conditions include, but are not limited to, when a
port or module goes up or down, when spanning-tree topology changes occur, and when
authentication failures occur.
The MIB is the information base, the SNMP agent must keep available for the managers. This
information base contains objects whose values provide information on the status of the
checked system or objects whose values can be modified by a manager to control the system.
Each object is identified by an Object ID (OID). There are two kinds of MIBs, standard MIB and
enterprise-specific MIB.
SNMP Manager
SNMP Manager is an integrated management module which collects information from SNMP
agent and sometimes sends warning messages depending on the each SNMP agent relations. In
other words, the actual data is collected from SNMP agent and this data will be processed by
management module and saved. To request information or configuration changes, respond to
requests, and send unsolicited alerts, the SNMP manger and SNMP agent use the four messages
(Get, GetNext, Set, and trap). For more information on these messages, refer to the following
section.
Configuring SNMP and RMON 8-38-3

SNMP Messages
The SNMP manger and SNMP agent use the following SNMP messages to request information
or configuration changes, respond to requests, and send unsolicited alerts.
y Get-Request / Get-Response Message
y GetNext-Request / GetNext-Request Message
y Set-Request Message
y Trap Message
Get-Request Message
Get-Request Message is the basic SNMP request message. Sent by an SNMP manager, it
requests information about a single MIB entry on an SNMP agent. For example, the amount of
free drive space.
GetNext-Request Message
GetNext-Request Message is an extended type of request message that can be used to browse
the entire tree of management objects. When processing a Get-next request for a particular
object, the agent returns the identity and value of the object which logically follows the object
from the request. The Get-next request is useful for dynamic tables, such as an internal IP route
table.
Set-Request Message
If write access is permitted, Set-Request message can be used to send and assign an updated
MIB value to the agent.
Trap Message
An unsolicited message sent by an SNMP agent to an SNMP manager when the agent detects
that a certain type of event has occurred locally on the managed device. For example, a trap
message might be sent on a system restart event.

SNMP Community Strings
SNMP community strings authenticate access to MIB objects and function as embedded
passwords. In order for the NMS to access the system, the community string definitions on the
NMS must match at least one of the three community string definitions on the system. A
community string can have one of the following attributes:
Table 8-1 Community Strings
Types Access Right
Gives read access to authorized management stations to all objects in the MIB except the
Read-only
community strings, but does not allow write access.
Gives read and write access to authorized management stations to all objects in the MIB,
Read-write
but does not allow access to the community strings.
Trap
Trap is a defined status of event or system. For example, event generated when port
configuration is changed or a host having not-allowed IP address accesses can be defined as a
trap. You can configure the level of trap according to the kind of events.
If a trap occurs on the system, the SNMP agent send SNMP trap message to the registered trap
host.

Configuring SNMP
SNMP configuration set as a default in the Corecess R1-AD series is as follows:
Table 8-2 Default SNMP Configuration
SNMP Configuration Element Default Value
Agent contact information

None configured
(MIB-II System Contact variable)
Agent location information

None configured
(MIB-II System Location variable)
Community strings None configured
Trap Disabled
Trap Host None configured
RMON RMON statistics group
Setting the System Contact and Location Information

In the system group of MIB-II (Public MIB) supported by the Corecess R1-AD series has System
Contact variable and System Location variable displaying the system contact information and
system location information.
The values of these variables can be browsed or modified via ViewlinX, NMS of the Corecess or
NMS of other companies. To set the system contact and location information, use the following
Table 8-3 Setting system contact and location information
Command Task
snmp-server contact 1. Set the system contact information.
<string> y <string>: String that describes the system contact information.
snmp-server location 2. Set the system location information.
<string> y <string>: String that describes the system location information.
show snmp-server 4. Verify the system contact and location information.

The following example shows how to set the agent contact and location information:
(config)# snmp-server contact Dial System Administrator at phone #2734

(config)# snmp-server location 1st floor lab
(config)# end
# show snmp-server
RMON: Disabled
Extended RMON: Extended RMON module is not present
sysContact Dial System Operator at phone

sysLocation 1st floor lab
:
:
#
Configuring Community Strings

You use the SNMP community string to define the relationship between the SNMP manager
and the agent. The community string acts like a password to permit access to the agent on the
system.
The Corecess R1-AD series has no default community string. Therefore you should add a new
read-write community string before accessing to the Corecess R1-AD series via SNMP.
To define SNMP community strings, use the following command in Global configuration mode:
Table 8-4 Adding new community string
Command Task
1. Add a new community string.

y <string>: A string that acts like a password and permits access to
the SNMP protocol. You can configure one or more community
strings of any length.
snmp-server community
y ro: (Optional) Specifies read-only access. Authorized management
<string> {ro | rw}
stations are only able to retrieve MIB objects.
y rw: (Optional) Specifies read-write access. Authorized
management stations are able to both retrieve and modify MIB
objects.
show snmp-server
3. Verify new community string.
community-list

The following example shows how to add a new community string, ‘admin’, with the rights to
read and write.
(config)# snmp-server community public ro

(config)# snmp-server community corecess rw
(config)# end
# show snmp-server community-list
Community Access
------------------------------ ----------
public Read-Only
corecess Read-Write
# write memory
[OK]
To delete a community string, use the no snmp-server community <string> command in

Global configuration mode as follows:
(config)# no snmp-server community corecess

(config)# end
# show snmp-server community-list
Community Access
------------------------------ ----------
public Read-Only
#

Configuring Trap Type
Traps are system alerts that the Corecess R1-AD series generates when certain events occur. The
Corecess R1-AD series supports the following types of traps:
Table 8-5 Types of trap supported by Corecess R1-AD series
Trap Types Description
Sends a trap message when power supply is installed or uninstalled, temperature

chassis
limitations are exceeded, or fan errors occur.
module Sends a trap message when a module goes up or down.
port Sends a trap message when a port goes up or down.
bridge Sends a trap message when there is spanning tree topology changes.
repeater Sends a trap message when Ethernet hub repeater state is changed.
ip_permit Sends a trap message when there are access attempts with unauthorized IP address.
sysconfig Sends a trap message when the system backup configuration is changed.
Sends a trap message when there is Entity Management Information Base (MIB)
entity
change.
cpuload Sends a trap message when CPU load limitations are exceeded.
Sends a trap message when there are access attempts with unauthorized community
auth
string.
sysauth Sends a trap message when unauthorized user attempts access to the system.
bgp Sends a trap message when Border Gateway Protocol (BGP) state is changed.
Sends a trap message when Dynamic Host Configuration Protocol (DHCP) state is
dhcp
changed.
When trap is set to ‘enable’ state, if an error occurs in the device where corresponding trap is set
to ‘enable’ or if problem occurs in the part defined by the trap, such error status (trap message)
are transmitted to the trap receiving host and NMS, the SNMP agent. By default, all trap types
are disabled. To send traps to the trap hosts, the trap types should be enabled. To enable a trap
type, perform this task in Global configuration mode:
Table 8-6 Enabling a trap type
Command Task
snmp-server enable traps 1. Enable a trap.
show snmp-server 3. Verify the tarp status.

The following example shows how to enable port and sysconfig traps to send trap notifications:
(config)# snmp-server enable traps port

(config)# snmp-server enable traps sysconfig
(config)# end
# show snmp-server
...
Traps Enabled
------------------------- ------------------
chassis disabled
module disabled
port enabled
bridge disabled
repeater disabled
ip_permit disabled
sysconfig enabled
entity disabled
cpuload disabled
auth disabled
...
To disable the trap type, use the no snmp-server enable traps command as follows:
(config)# no snmp-server enable traps port

(config)#
Configuring Trap Receiver Hosts

Trap receiver host is the host receiving the information (trap message) when an error occurs in
the device with trap in ‘enable’ status or when becomes a certain status. By default, no trap
receiver host is configured. Generally trap host includes NMS and etc. To receive the trap
generated on your managed device using NMS, you must add the NMS as a trap receiver host.
Trap receiver host is the host to receive traps from an SNMP agent. Trap is message sent by an
SNMP agent to an NMS, a console, or a terminal to indicate the occurrence of a significant event,
such as a specifically defined condition or a threshold that was reached. By default, no trap
receiver host is configured. To receive the trap generated on your managed device using NMS,
you must add the NMS as a trap receiver host. You can specify up to twenty trap hosts on the

To add or modify trap receiver host, use the following commands in Global configuration
mode:
Table 8-7 Adding a trap receiver host
Command Task
1. Add a trap receiver host.

y <host-addr>: IP address of the host (the targeted
recipient).
y <community>: Password-like community string sent with
the notification operation. Though you can set this string
snmp-server host <host-addr>
by using the snmp-server host command, we recommend
<community> port {default |
you define this string by using the snmp-server
<udp-port>}
community command before using the snmp-server host
command.
y default: Uses the default UDP port number (162).
y <udp-port>: User Datagram Protocol (UDP) port number
of the host for sending traps (1 ~ 65535, default)
show snmp-server traphost 3. Verify that the trap receiver host is added.
The following example shows how to enable the system to send all traps to the host
172.168.10.65:
(config)# snmp-server host 172.168.10.65 private port default

(config)# end
# show snmp-server traphost
Host Version Community
------------------------- -------- ----------
udp:172.160.10.65:162 v2c private
Trap Source IP
-------------------------
Default : 0.0.0.0
#
Configuring SNMP and RMON 8-11

8-11
Configuring RMON
RMON (Remote MONitoring) Overview
The RMON is a standard MIB that defines current and historical MAC-layer statistics and
control objects, allowing you to capture real-time information across the entire network. The
RMON standard is an SNMP MIB definition described in RFC 1757 (formerly 1271) for Ethernet.
The RMON MIB provides a standard method to monitor the basic operations of the Ethernet,
providing inoperability between SNMP management stations and monitoring agents. The
RMON also provides a powerful alarm and event mechanism for setting thresholds and for
notifying you of changes in network behavior.
You can use the RMON to analyze and monitor network traffic data within remote LAN
segments from a central location. This allows you to detect, isolate, diagnose, and report
potential and actual network problems before they escalate to crisis situations. For example, the
Corecess R1-AD series can identify the hosts on a network that generate the most traffic or
errors.
The RMON allows you to set up automatic histories, which the RMON agent collects over a
period of time, providing trending data on such basic statistics as utilization, collisions, and so
forth.
The RMON monitors nine MIB groups including network statistics. The following table lists
the RMON MIB groups:
Table 8-8 RMON groups
Command Description
1. Statistics Collects the network statistics.
2. History Records the network activity in sequence of time.
3. Alarm Defines level of the alarms to be informed to the manager.
4. Host Monitors the hosts in the network.
5. Host Top N Filters and manages the information of N hosts.
6. Matrix Monitors the traffics between network nodes.
7. Filter Monitors the specified packets on the network segment.
8. Packet Capture Captures packets after they flow through a channel.
9. Event Determines the action to take when an event is triggered by an alarm.

The Corecess R1-AD series supports the following four groups of the nine groups:
1) Statistics (RMON group 1)

Collects the number of packets/bytes, the number of broadcast/multicast packets, the
number of collisions, the number of errors occurred (fragment, CRC, jabber, short-length, and
long-length) on an interface.
2) History (RMON group 2)

Collects a history group of statistics on Ethernet, Fast Ethernet, and Gigabit Ethernet
interfaces for a specified polling interval.
3) Alarm (RMON group 3)

Monitors a specific management information base (MIB) object for a specified interval,
triggers an alarm at a specified value (rising threshold).
4) Event (RMON group 9)

Determines the action to take when an event is triggered by an alarm. The action can be to
generate a log entry or an SNMP trap.

8-13
Configuring RMON
Enabling RMON
To enable RMON on the Corecess R1-AD series, perform this task in Global configuration
mode:
Table 8-9 Enabling RMON
Command Task
snmp-server enable rmon 1. Enable RMON on the system.
show snmp-server 3. Verify that RMON is enabled.
The following example shows how to enable RMON on the Corecess R1-AD series:
(config)# snmp-server enable rmon

(config)# end
# show snmp-server
RMON: Enabled
sysContact Dial System Operator at phone

sysLocation 1st floor lab
.
.
#

Configuring Statistics Groups
The RMON Statistics group records data that the Ethernet DCM measures on network
interfaces. The Ethernet DCM creates one entry for each Ethernet interface it monitors and
places the entry in the EtherStatsTable. The EtherStatsTable also contains control parameters for
this group.
To configure an RMON statistics group, use the following commands in Global configuration
mode:
Table 8-10 Configuring RMON statistics group
Command Task
1. Set a statistics group.

y <index>: RMON statistics group number (1 ~ 65535)
rmon etherstats y <ifIndex>: The data source object for the Ethernet port. The port is
<index> {<ifIndex> | identified by an ifIndex data object identifier. To see a list of data
<port-type> object IDs, use the show interface command.
<slot>/<port>} y <port-type>: Port type (gigabitethernet)
owner <etherstats- y <slot>/<port>: Slot number/port number
owner> y owner <etherstats-owner>: Specify an owner who defined and is
using the statistics resources
show rmon 3. Verify the configuration.
The following example shows how to configure a statistics group:
Parameter Value
Statistics group No. 1
Interface ID 1
Owner 172.1.1.1
(config)# rmon etherstats 1 1 owner 172.1.1.1

(config)# end
# show rmon
RMON: Enabled
[statistics]

8-15
index status dataSource
----- -------------- -----------------------------
1 valid fIndex.1 (gigabitethernet 1/1)
.
.
#
To display the detail information on a statistics group, enter the show rmon statistics
command with the statistics group number:
# show rmon statistics 1

Entry 1 is valid, and owned by 172.1.1.1
Monitors ifEntry.ifIndex.1 which has
Received 0 octets, 0 packets,
0 broadcast and 0 multicast packets,
0 CRCAlign error and 0 Collisions(tx),
0 undersized and 0 oversized packets,
0 fragments and 0 jabbers,
# of dropped packet events (due to lack of resoures): 0
# of packets received of length (in octets):
64: 0 65-127: 0 128-255: 0
256-511: 0 512-1023: 0 1024-1518: 0
To delete a statistics group, enter the no rmon etherstats command in Global configuration
mode:
(config)# no rmon etherstats 1

(config)#

Configuring History Groups
The RMON History group contains a control and data collection function. The control function
manages the periodic statistical sampling of data from networks and specifies control
parameters, such as the frequency of data sampling, in the historyControlTable. The history
function records periodic statistical samples from Ethernet networks, for example, interval start
time and number of packets. This function places the statistical samples in the
etherHistoryTable.
You can configure the operation of the RMON history that periodically samples any Ethernet
port for statistical data. All ports are preconfigured with histories for 30-second and 30-minute
intervals, and 50 buckets with one sample per bucket. However, you can create additional
histories for a specific port. This allows you to configure the time interval to take the sample
and the number of samples you want to save.
To configure an RMON history group, use the following commands in Global configuration
mode:
Table 8-11 Configuring RMON history group
Command Task
1. Set a history group.
y <index>: RMON history number (1 ~ 65535)
y <ifindex>: Interface number (1 ~ 2147483647)
rmon historycontrol y <port-type>: Port type (gigabitethernet)
<index> {<ifIndex> y <slot>/<port>: Slot number/port number
| <port-type> y <interval>: MIB object monitoring interval (1-2147483647 seconds)
<slot>/<port>} y <ifIndex>: The data source object for the Ethernet port. The port is
owner <history- identified by an ifIndex data object identifier. To see a list of data object
owner> <bucket- IDs, use the show interface command.
number> <history- y owner <history-owner>: Option for specifying an owner who
interval> defined and is using the history resources
y <bucket-number>: The bucket count for the interval (1 ~ 65535)
y <history-interval>: The time interval for the history (1 ~ 3600
seconds)

8-17
The following example shows how to configure a history group:
Parameter Value
History group No. 5
Interface ID 1
Owner 172.1.1.1
Bucket count 50
Interval 60seconds
(config)# rmon historycontrol 5 1 owner 172.1.1.1 50 60

(config)# end
# show rmon
RMON: Enabled
[statistics]
----- -------------- -----------------------------
[history]
----- -------------- -----------------------------
5 valid ifIndex.1 (gigabitethernet 1/1)
.
.
#
To display the detail information on a history group, enter the show rmon history
command with the history number:
# show rmon history 5

Entry 5 is valid, and owned by 172.1.1.1
Monitors ifEntry.ifIndex.1 every 60 seconds
Requested # of time intervals, is buckets, is 50
Granted # of time intervals, is buckets, is 50
Sample # 1 began measuring at 0days 2h:57m:50s:39th(1067039)

0 CRC alignment errors and 0 collisions.
# of dropped packet events is 0
Network utilization is estimated at 0
Sample # 2 began measuring at 0days 2h:58m:50s:41th(1073041)
0 CRC alignment errors and 0 collisions.
# of dropped packet events is 0
Network utilization is estimated at 0
#
To delete a history group, enter the no rmon historycontrol command in Global

configuration mode:
(config)# no rmon historycontrol 5

(config)#

8-19
Configuring Event Group
The RMON Event group allows for the generation of an SNMP trap, the generation of a log entry,
or both, for any event you choose. An event can occur when the sample variable exceeds the
alarm threshold or a channel match event generated. Traps can be delivered by the RMON
agent to multiple management stations.
In order for RMON to generate trap events, you must set up the SNMP managers table based on
the SNMP community strings (for example, public) you are using with the network
management application and the hosts on which you are running applications. If you fail to
make these changes, the system will be unable to send trap events to the network management
station.
When you set up the SNMP managers table, you can use the SNMP community strings that the
network management application uses and modify the trap receiving tables on the router to use
these names. Or, you can configure the router to use specific SNMP community strings and
modify the network management software to use these strings.
To set an RMON event, use the following commands in Global configuration mode:
Table 8-12 Configuring RMON event group
Command Task
1. Set an event group.

y <index>: Assigned event number (1 ~ 65535)
rmon event <index> y description <string>: A description of the event
description <string> y log: Option for generating an RMON log entry when the event is
{trap <community> | triggered.
log | owner <owner>} y trap <community>: Option for generating SNMP trap with the
<community> community string when the event occurs.
y owner <owner>: Option for specifying an owner for the event.

The following example shows how to configure an event group on the Corecess R1-AD24A and
how to verify that they are configured:
Parameter Value
Event index 10
Event description Event to create log entry and SNMP notification
Event type log, trap
Community Public
Owner 172.1.1.1
(config)# rmon event 10 description “Event to create log entry and SNMP
notification” log trap public owner 172.1.1.1
(config)# end
# show rmon
RMON: Enabled
[statistics]
----- -------------- -----------------------------
1 valid iso.3.6.1.2.1.2.2.1.1.5 ( 2/2)
[history]
----- -------------- -----------------------------
5 valid iso.3.6.1.2.1.2.2.1.1.3 ( 1/2)
[alarm]
index status sample
----- -------------- -----------------------------
[event]
index status type
----- -------------- ---------------
1 valid logandtrap

8-21
To display the detail information on an event group, enter the show rmon events command
with the event number:
# show rmon events 10

Event 10 is valid, owned by 172.1.1.1
Description is Event to create log entry and SNMP notification
Event firing causes log and trap to community public
last fired 0days 00:00:00:00
To delete an event group, enter the no rmon event command in Global configuration mode:
(config)# no rmon event 10

(config)#

Configuring Alarm Groups
The RMON Alarm group allows you to set an alarm threshold and a sampling interval to
enable the RMON agent to generate alarms on any network segment it monitors. Alarm
thresholds can be based on absolute or delta values so that you can be notified of rapid spikes or
drops in a monitored value.
Each alarm is linked to an event in the event group. An event defines an action that will be
triggered when the alarm threshold is exceeded.
The alarm group periodically takes statistical samples from variables and compares them to
previously configured thresholds. The Alarm Table stores configuration entries that define a
variable, a polling period, and threshold parameters. If the RMON agent determines that a
sample crosses the threshold values, it generates an event. You can specify rising or falling
thresholds, indicating network faults such as slow throughput or other network-related
performance problems. You specify rising thresholds when you want to be notified that an
alarm has risen above the threshold you specified. You specify falling thresholds when you
want to be notified that the network is behaving normally again. For example, you might
specify a falling threshold of 30 collisions per second to indicate a return to acceptable behavior.
When you configure an alarm condition, you must define the following values:
y The monitoring interval over which data is sampled.
y The variable to be sampled.
y Rising and falling thresholds used to detect when network trouble starts and when it ends.
y The event that takes place when a rising threshold is crossed.
y The event that takes place when a falling threshold is crossed.
An RMON event is the action that occurs when an associated RMON alarm is triggered. When
an alarm event occurs, it can be configured to generate a log event, a trap to an SNMP network
management station, or both.
An RMON alarm allows you to monitor a MIB object for a desired transitory state. An alarm
periodically takes samples of the object's value and compares them to the configured thresholds.

8-23
RMON allows you to configure two types of sampling, absolute and delta:
y Absolute sampling compares the sample value directly to the threshold. This sampling is
similar to a gauge, recording values that go up or down.
y Delta sampling subtracts the current sample value from the last sample taken, and then
compares the difference to the threshold. This sampling is similar to a counter, recording a
value that is constantly increasing.
To set an RMON alarm, use the following commands in Global configuration mode:
Table 8-13 Configuring RMON alarm group
Command Task
1. Set an alarm group.

y <index>: Alarm number (1 ~ 65535)
y <interval>: MIB object monitoring interval (1 ~ 2147483647
seconds)
y <variable>: OID number of the MIB object to monitor
y <type>: Value to monitor. Select one of the following values:
- multicastPkts: The number of incoming multicast packets.
- cRCAlignErrors: The number of incoming packets with CRC errors.
- collisions: The number of times a collision occurs while the packet is
received.
- octets: The total number of incoming octets.
rmon alarm <index> - pkts: The total number of incoming packets.
<interval> {<type> - broadcastPkts: The number of incoming broadcast packets
<StatisticsIndex> - pkts256to511: The number of incoming packets 256 to 511 bytes in
|<variable>} length.
{delta | absolute} - pkts512to1023: The number of incoming packets 512 to 1023 bytes in
{rising | falling | length.
both} threshold - pkts1024to1518: The number of incoming packets 1024 to 1518 bytes
<rising-threshold> in length.
<falling-threshold> - pkts64: The number of incoming packets 64 bytes in length
event-index <rising- - pkts65to127: The number of incoming packets 65 to 127 bytes in
event-number> length.
<falling-event-number> - pkts128to255: The number of incoming packets 128 to 255 bytes in
owner <alarm-owner> length.
y <StatisticsIndex>: The number of statistics group to get the
selected value from <type>option (0 ~ 65535).
y <variable>: OID number of the MIB object to monitor.
y absolute: Option for testing each MIB variable directly.
y delta: Option for testing the change between MIB variables
y rising: Option for triggering alarm when the monitored value
exceeds the rising threshold
y falling: Option for triggering alarm when the monitored value
exceeds the falling threshold
y both: Option for triggering alarm when the monitored value
exceeds the rising or falling threshold.
(Continued)

Command Task
y <rising-threshold>: Value at which the alarm is triggered (0 ~

2147483647)
y <falling-threshold>: Value at which the alarm is reset (0 ~
2147483647)
y <rising-event-number>: Event number to trigger when the
rising threshold exceeds its limit. (0 ~ 65535)
y <falling-event-number>: Event number to trigger when the
falling threshold exceeds its limit. (0 ~ 65535)
y owner <alarm-owner>: option for specifying an owner for the
alarm.
end 2. Return to Privileged mode.
The following example shows how to configure RMON alarm group:
(config)# rmon alarm 1 10 pkts 1 absolute both threshold 1000 100 event-index 1
1 owner aaa
(config)# end
# show rmon
RMON: Enabled
[statistics]
----- -------------- -----------------------------
1 valid iso.3.6.1.2.1.2.2.1.1.5 ( 2/2)
[history]
----- -------------- -----------------------------
5 valid iso.3.6.1.2.1.2.2.1.1.3 ( 1/2)
[alarm]
index status sample
----- -------------- -----------------------------
1 valid iso.3.6.1.2.1.16.1.1.1.5.1
[event]
index status type
----- -------------- ---------------
1 valid none

8-25
...
#
Before configure RMON alarm group, you should verify that the statistics group
(<StatisticsIndex>) is defined. If you specify undefined statistics group, the ‘Can't fetch
the MIB values’ message will be displayed:
(config)# rmon alarm 2 20 pkts 10 absolute rising threshold 1000 100 event-
index 1 1 owner aaa
Can't fetch the MIB values
(config)#
To display the detail information on an alarm group, enter the show rmon alarm command
with the alarm number:
# show rmon alarm 1

Alarm 1 is valid, owned by aaa
Monitors iso.3.6.1.2.1.16.1.1.1.5.1 every 10 seconds
Taking absolute samples, last value was 2
Rising threshold is 1000, assigned to event 1
Falling threshold is 100, assigned to event 1
On startup enable rising or falling alarm
To delete a RMON alarm group, enter the no rmon alarm command in Global configuration
mode:
(config)# no rmon alarm 1

(config)#

SNMP and RMON Configuration Commands
The following table lists the commands for configuring SNMP and RMON on the Corecess R1-
AD series:
Table 8-14 SNMP & RMON configuration commands
Command Description
Sets up the community access string to permit access to the Simple

snmp-server community
Network Management Protocol (SNMP).
snmp-server contact Sets the system contact (sysContact) string.
snmp-server enable
Enables the Remote Monitoring(RMON).
rmon
snmp-server enable Enables Simple Network Management Protocol (SNMP) notification for
traps various trap types.
snmp-server group Limits hosts which can access to the system through SNMP based on the
access access list.
Specifies the recipient (host) of a Simple Network Management Protocol

snmp-server host
traps.
snmp-server location Sets the system location string.
rmon alarm Configures a RMON alarm group.
rmon etherstats Configures an RMON statistics group.
rmon event Configures a RMON event group.
rmon historycontrol Configures a RMON history group.
Displays Simple Network Management Protocol (SNMP) configuration

show snmp-server
information.
show snmp-server
Displays SNMP community configuration.
community-list
show snmp-server
Displays SNMP statistics.
statistics
show snmp-server
Displays the list of the trap receiver hosts.
traphost
Displays the contents of the RMON alarm table, event table, history table,
show rmon
and statistics table.

8-27
Chapter 9 Configuring QoS
This chapter describes how to configure QoS (Quality of Service) on the Corecess R1-AD series.
9 QoS Overview 9-2
9 Configuring QoS 9-5
9 QoS Configuration Commands 9-19

QoS Overview
This section describes QoS (Quality of Service) and QoS features supported by the Corecess R1-
AD series.
QoS (Quality of Service)

Typically, networks operate on a best-effort delivery basis, which means that all traffic has
equal priority and an equal chance of being delivered in a timely manner. When congestion
occurs, all traffic has an equal chance of being dropped.
The QoS selects network traffic, prioritizes it according to its relative importance, and provides
priority-indexed treatment through congestion avoidance techniques. Implementing QoS in
your network makes network performance more predictable and bandwidth utilization more
effective.
The Corecess R1-AD series supports the following QoS features:
y Packet classification
y Broadcast storm control
y Packet Filtering

QoS Features
This section describes QoS features supported by the Corecess R1-AD series.
Packet Classification
Classification is the process of selecting packets on which to perform QoS and reading the QoS
information. Using packet classification, you can partition network traffic into multiple priority
levels or classes of service. The Corecess R1-AD series uses the values in the following fields of
the layer 1 ~ layer 4 IP packet headers as a criterion to classify packets:
y Layer 1: Input (ingress) port number
y Layer 2: Source/destination MAC address, EtherType field, VLAN ID
y Layer 3: Source/destination IP address, protocol ID
y Layer 4: TCP/UDP port number
Broadcast Storm Control

A broadcast storm occurs when a switch port receives a large number of broadcast packets, and
forwarding these packets causes the network to slow down or time out. Broadcast storm control
monitors the number of the broadcast packets for which you enable broadcast storm control in
1-second intervals. Within an interval, when the ingress traffic for which Broadcast storm
control is enabled reaches the maximum number of packets that is configured on the VLAN,
broadcast storm control drops the traffic until the broadcast storm control interval ends.
Unknown Unicast Storm Control

An unknown unicast storm occurs when a switch port receives a large number of unknown
unicast packets, and forwarding these packets causes the network to slow down or time out.
Unknown unicast storm control monitors the number of the unicast packets for which you
enable unknown unicast storm control in 1-second intervals. Within an interval, when the
ingress traffic for which unknown unicast storm control is enabled reaches the maximum
number of packets that is configured on the VLAN, unknown unicast storm control drops the
traffic until the unknown unicast storm control interval ends.
Configuring QoS 9-39-3

Packet Filtering
Packet filtering can help limit network traffic and restrict network use by certain users or
devices. The Corecess R1-AD series supports the following types of packet filtering:
y DHCP packet filtering: Filters DHCP Offer packets received from ADSL subscriber to
prevent the subscribers from operating subscriber’s private DHCP server.
y NetBIOS packet filtering: Filters NetBIOS packets to prevent ADSL subscribers from
sharing data via NetBEUI/NetBIOS protocols.
y CIFS (Cognitive Information Filtering System): Filters the particular class of traffic based
on the source/destination IP address and TCP/UDP port number.

Configuring QoS
This section describes how to configure QoS on the Corecess R1-AD series.
Configuring QoS Service Policy

A QoS service policy consists of a classification policy and QoS policies that are applied to a
particular interface. The Corecess R1-AD series supports the use of class maps and policy maps
to create or modify a QoS service policy.
The following diagram shows steps for configuring QoS service policy:
A class map consists of criteria for classifying traffic into several

X Defining Class Map classes. The first task for configuring QoS service policy is defining
class maps.
A policy map consists of classes which have actions to apply to the

Y Defining Policy Map traffic class. The second step for configuring QoS service policy is
defining policy maps.
A policy map class consists of actions to apply to the specified class

Z Configuring
of traffic (bandwidth priority, filtering, rate limiting). The third step for
Policy Map Class
configuring QoS service policy is configuring policy map class.
A service policy consists of a policy-map and ingress/egress ports

Applying
[ Service Policy which the policy map will be applied to. The last step of configuring
the QoS Service policy is defining service policies.
The sections which describe how to configure each step follow.

Configuring a Class Map
A class-map is a mechanism that you use to name and to isolate a specific traffic flow (or class)
from all other traffic. The class-map defines the criteria used to match against a specific traffic
flow to further classify it. If you have more than one type of traffic that you want to classify, you
can create another class-map and use a different name. After a packet is matched against the
class-map criteria, you further classify it through the use of a policy-map.
You can classify packets and assign them to specific queues based on the following criteria:
Table 9-1 Criteria for packet classification
Criterion Description Value

ether-type The Ethernet Type filed value 0 ~ 65535
ip-da The destination IP address
ip-sa The source IP address
mac-da The destination MAC address
mac-sa The source MAC address
protocol The L4 Protocol field value 0 ~ 255
tcp-dpn The destination TCP port number 0 ~ 65535
tcp-spn The source TCP port number 0 ~ 65535
udp-dpn The destination UDP port number 0 ~ 65535
udp-spn The source UDP port number 0 ~ 65535
vlan-sid The source VLAN ID 1 ~ 4094
After creating class-maps, the Corecess R1-AD series checks the inbound or outbound packets
by the criteria in class-maps. QoS actions defined in the policy-map for the class will be applied
to the classified packets into classes.
You can create a class-map by using the class-map command in QoS configuration mode.
When you enter the class-map command, the Corecess R1-AD series enters Class-map
configuration mode. In this mode, the match criterion is defined for the traffic by using the
match command.

To create a class map and specify the way in which the Corecess R1-AD series should classify
traffic, enter the following commands in Global configuration mode:
Table 9-2 Creating a class map
Command Task
Qos 1. Enter QoS configuration mode.
2. Create a class map and enters class-map configuration

class-map <class-map-name> mode.
y <class-map-name>: Class map name.
3. Define the classification criteria for the class map.
y <cos-value>: Class of Service value (0 ~ 7)
y <ether-type>: Ethernet Type filed value
match ether-type <ether-type> y <port-type>: Type of the input port
match ip-da <subnet-ip> <mask> (gigabitethernet, adsl)
match ip-sa <subnet-ip> <mask> y <slot>/<port>: Slot number/port number of the
match mac-da <destination-mac> input port.
match mac-sa <source-mac> y <subnet-ip>: Subnet IP address.
match protocol <protocol> y <mask>: Subnet mask to be masked with the
match tcp-dpn <tcp-port-num> destination IP address.
match tcp-spn <tcp-port-num> y <destination-mac>: Destination MAC address.
match udp-dpn <udp-port-num> y <source-mac>: Source MAC address.
match ucp-spn <udp-port-num> y <protocol>: IP protocol value (ICMP:1, IGMP: 2,
match vlan-sid <vlan-id> IP: 4, TCP: 6, GRP: 7, IGP: 9, UDP: 17, GRE: 47,
IGRP: 88, OSPF: 89)
y <tcp-port-num>: TCP port number (0 ~ 65535)
y <udp-port-num>: UDP port number (0 ~ 65535)
5. Verify the class map configuration.

show classmap [<class-map-name>]
y <class-map-name>: Class map name.
Note: Guidelines for configuring a class-map
y Because the ingress packet to a VLAN and egress packet from a VLAN are not
distingushied, the match vlan-sid and match vlan-did command provides the
same function.
y If you define the ip-sa and ip-da criteria in a class map, you should specify the <wildcard>
for the source IP address and the destination IP address to the 0.0.0.0. Otherwise you
can not add the ether-type, mac-sa, mac-da, vlan-sid, and vlan-did criteria in the class
map.
y The maximum length for a class map is 192 bits.

The following example shows how to create a class map and define a classification criterion by
using the source IP address:
(config)# qos
(config-qos)# class-map class1
(config-cmap)# match ip-sa 172.27.2.16 0.0.255.255
(config-cmap)# end
# show classmap
ClassMap
--------------------------------------------------
Name : class1
Match Content : ip-sa 172.27.2.16/0.0.255.255
Total Entries = 1
#
The following example shows how to create a class map and define the criteria by using the
destination IP address and the destination TCP port number:
(config)# qos
(config-cmap)# match ip-da 10.10.10.1 0.0.0.255
(config-cmap)# match tcp-dpn 25
(config-cmap)# end
# show classmap class2
ClassMap
--------------------------------------------------
Name : class2
Match Content : ip-da 10.10.10.1/0.0.0.255
: tcp-dpn 25
To delete a class-map, use the no class-map command in QoS configuration mode. To

remove a criterion from a class-map, use no match command in Class-map configuration
mode.

Configuring a Policy Map
A policy-map specifies which traffic class to act on. Before a policy-map can be effective, you
must attach it to an interface through defining a service policy. Multiple policy-maps can be
attached to an interface and each policy-map should be applied to different traffic class.
QoS Actions
The followings are QoS actions which can be included in a policy-map:
Table 9-3 QoS actions supported by the Corecess R1-AD series
QoS Action Description

filter Action to decide whether the traffic is discarded or forwarded.
To apply multiple QoS actions to a traffic class, multiple QoS actions can be included in a
policy-map.

Creating a Policy-map
To create a policy-map and configure QoS actions for a traffic class, perform this task in Global
configuration mode:
Table 9-4 Creating a policy map
Command Task
qos 1. Enter QoS configuration mode.
policy-map 2. Create a policy map and enter Policy-map configuration mode.
<policy-map-name> y <policy-map-name>: Name of a policy map to define.
3. Specify the class to which the policy map applies and enter
Policy-map-class configuration mode.
class <class-name>
y <class-name>: The name of the class to which the policy
map applies.
4. Configures Qos actions for the class.
4-a. Select the filtering method of the traffic class.

filter {deny | permit | y deny: Discard the traffic.
to-proc} y permit: Forward the traffic.
y to-proc: Send the traffic to the CPU.
4-b. Assign the priority to a class of traffic belonging to a
priority <value>
policy-map.
y <priority>: Priority (0 ~ 7). ‘0’ is the highest priority queue
and ‘7’ is the lowest priority queue.
4-c. Specify the limited rate to be applied to traffic of the

rate-limit rate
class in the specific policy-map
y <target-rate>: Average rate to be applied to the traffic
<target-rate>
which meets the condition of the class (0 ~ 1000000Kbps).
The value must be in increments of 64 kbps.

show policymap 6. Verify the policy map configuration.
Note: Guidelines for configuring a policy-map
y Assing the priority for a trassfic class means that the traffic class is permitted. Therfore, if
you assing the priority for a trassfic class, you should not apply filtering action to the traffic
class.
y The Corecess R1-AD series uses rate-limiting to mitigate DoS (Denial of Service) attacks.
Thereofore you should add the filter to-proc command when configuring rate-
limiting feature.

The following example shows how to create a policy map, specify a class map to which the
policy map applies, and assign the priority to the class map:
(config)# qos
(config-qos)# policy-map polmap1
(config-pmap)# class class1
(config-pmap-c)# priority 6
(config-pmap-c)# end
# show policymap
PolicyMap
--------------------------------------------------
Name : polmap1
Linked ClassMap : class1
Policy : priority 6
Total Entries = 1
#
The following example shows how to create a policy map, specify a class map to which the
policy map applies, and specify the limited rate to be applied to the class map:
(config)# qos
(config-pmap-c)# rate-limit rate 640
(config-pmap-c)# filter to-proc
# show policymap
PolicyMap
--------------------------------------------------
Name : polmap1
Policy Content : priority 6
Action : To Processor
Policy : rate-limit rate 640
Total Entries = 1
#
Configuring QoS 9-11

9-11
The following example shows how to define QoS policy that you want the system to filter that
particular class of traffic:
(config)# qos
(config-qos)# policy-map filter-policy
(config-pmap-c)# filter deny
# show policymap filter-policy
PolicyMap
--------------------------------------------------
Name : filter-policy
Action : Deny
#
You can remove a class-map from the policy-map, using the no class command in Policy-
map configuration mode. The no class command does not delete the class-map but
disconnects the relation between the policy-map and the class-map. To delete a class-map, use
the no class-map command in QoS configuration mode. This example shows how to remove
a class-map from the policy-map and verify the result:
(config)# qos
(config-pmap)# no class class1
(config-pmap)# end
# show policymap
Name : polmap1
Total Entries = 1
#
You can delete a policy-map using the no policy-map command in QoS configuration mode.
This example shows how to delete a policy-map:
(config)# qos
(config-qos)# no policy-map polmap1
(config-qos)#

Configuring Broadcast Suppression
Broadcast suppression prevents LAN interfaces from being disrupted by a broadcast storm. A
broadcast storm occurs when broadcast or multicast packets flood the subnet, creating excessive
traffic and degrading network performance. Errors in the protocol-stack implementation or in
the network configuration can cause a broadcast storm. Broadcast suppression uses filtering
that measures broadcast activity in a subnet over a 1-second interval and compares the
measurement with a predefined threshold. If the threshold is reached, further broadcast activity
is suppressed for the duration the interval.
Ethernet switch
Broadcast Storm
Corecess R1-AD24
Suppresses broadcast packet in a subnet.
Broadcast Broadcast
Broadcast suppression is disabled by default. To enable broadcast suppression, enter the

broadcast-storm-control command in QoS configuration mode:
Table 9-5 Configuring broadcast suppression
Command Description
Enables broadcast suppression on a VLAN interface.
broadcast-storm-control y <vlan-id>: VLAN ID to enable the broadcast storm control (1 ~
vlan id <vlan-id> bps 4094).
<bit-number> y <bit-number>: The maximum number of broadcast bits per
second number. Valid range is from 1 to 5000000. Default is 48000.

9-13
The following example enables the broadcast storm on the default VLAN:
(config)# qos
(config-qos)# broadcast-storm-control vlan id 1 bps 256
(config-qos)#
Configuring Unknown Unicast Suppression

Unknown unicast suppression prevents LAN interfaces from being disrupted by a unknown
unicast storm. A unknown unicast storm occurs when unknown unicast packets flood the
subnet, creating excessive traffic and degrading network performance. Errors in the protocol-
stack implementation or in the network configuration can cause a unknown unicast storm.
Unknown unicast suppression uses filtering that measures unknown unicast activity in a subnet
over a 1-second interval and compares the measurement with a predefined threshold. If the
threshold is reached, further unknown unicast activity is suppressed for the duration the
interval.
Unknown unicast suppression is disabled by default. To enable unknown unicast suppression,

enter the unknown-unicast-storm-control command in QoS configuration mode:
Table 9-6 Configuring unknown unicast suppression
Command Description
Enables broadcast suppression on a VLAN interface.
unknown-unicast-storm- y <vlan-id>: VLAN ID to enable the broadcast storm control (1 ~
control vlan id <vlan- 4094).
id> bps <bit-number> y <bit-number>: The maximum number of broadcast bits per
second number. Valid range is from 1 to 5000000. Default is 48000.
The following example enables the unknown-unicast storm on the default VLAN:
(config)# qos
(config-qos)# unknown-unicast-storm-control vlan id 1 bps 256
(config-qos)#

Configuring Packet Filtering
devices. This section describes how to configure the packet filtering features on the Corecess
R1-AD series.
Type of Packet Filtering

The Corecess R1-AD series supports the following types of packet filtering:
Table 9-7 Type of packet filtering
Type of Packet Filtering Description
Filters DHCP Offer packets received from ADSL subscriber to prevent the
DHCP Packet Filtering
subscribers from operating subscriber’s private DHCP server.
Filters NetBIOS packets to prevent ADSL subscribers from sharing data

Netbios Packet Filtering
via NetBEUI/NetBIOS protocols.
Filters the particular class of traffic based on the following criteria:

- The destination MAC address
- The source MAC address
- The destination IP address
CIFS
- The source IP address
(Cognitive Information
- The source TCP port number (0 ~ 65535)
Filtering System)
- The source UDP port number (0 ~ 65535)
- The Ethernet Type filed value (0 ~ 65535)
- The IP Protocol field value
- The VLAN ID that the input port belongs to (1 ~ 4094)
Note: For more detail information about CIFS, refer to the Chapter 10 Configuring
Security in this manual.
Filtering DHCP Offer Packets

You can filter DHCP Offer packets received from host to prevent the hosts from being assigned
invalid IP address by another host’s private DHCP server.
If a host connected to the Corecess R1-AD series runs a private DHCP server, other hosts
connected to the Corecess R1-AD series may receive an invalid IP address from that private
DHCP server. To prevent this, you can filter DHCP Offer packets received from a host.

9-15
Internet or LAN
Corecess R1-AD24
Filters DHCP Offer packets received
from ADSL subscribers.
DHCP server
To discard the all DHCP OFFER packets, enter the following command in Global configuration
mode:
Table 9-8 Filtering DHCP offer
Command Task
2. Configure the specified port to filter DHCP OFFER packets

dhcp-offer filter discard
received.
port <port-type>
y <port-type>: Type of the port (gigabitethernet, adsl)
<slot>/<port>
y <slot>/<port>: Slot number and port number of the port.
4. Display the ports configured to filter the DHCP packets received

show dhcp-offer-filter
from hosts.

The following example configures to discard all the DHCP OFFER packets received:
(config)# qos
(config-qos)# dhcp-offer filter discard adsl 2/1-24
(config-qos)# end
# show dhcp-offer-filter
Dhcp Offer Filter Ports
--------------------------------------------------
Discard : 2/1-24
#
Filtering NetBIOS Packets

NetBIOS (Network Basic Input/Output System) is a program that allows applications on
different computers to communicate within a LAN. You can filter NetBIOS packets to prevent
ADSL subscribers from sharing data via NetBEUI/NetBIOS protocols.
Internet or LAN
Ethernet switch
Corecess R1-AD24

9-17
To discard NetBIOS packets received, enter the following command in Global configuration
mode:
Table 9-9 Filtering NetBIOS packets
Command Task
netbios filter discard 2. Configure to filter NetBIOS packets received.
show netbios-filter 4. Display the ports configured to filter the NetBIOS packets received.
The following example configures to filter NetBIOS traffic:
(config)# qos
(config-qos)# netbios filter discard
(config-qos)# end
# show netbios-filter
Netbios Filtering Ports
--------------------------------------------------
Discard : All Ports
#

QoS Configuration Commands
The following table lists the commands for configuring QoS on the Corecess R1-AD series:
Table 9-10 QoS configuration commands
Command Description
broadcast-storm-
Enables the broadcast storm control on the specified VLAN.
control
Enters Policy-map class configuration mode to specify a previously created

class
class map to be included in the policy map.
class-map Enters Class-map configuration mode to configure class maps.
dhcp-offer filter
Filters the DHCP server packets received from the specified port.
discard
filter Configures filtering a class of traffic which belongings to a policy map.

match ether-type Specifies the Ethernet Type filed value as a match criterion of a class map.
match ip-da Specifies the destination IP address as a match criterion of a class map.
match ip-sa Specifies the source IP address as a match criterion of a class map.
match mac-da Specifies the destination MAC address as a match criterion of a class map.
match mac-sa Specifies the source MAC address as a match criterion of a class map.
match protocol Specifies the IP Protocol field value as a match criterion of a class map.
match tcp-spn Specifies the source TCP port numbers as a match criterion of a class map.
match udp-spn Specifies the source UDP port numbers as a match criterion of a class map.
Specifies the VLAN ID that the input port belongs to as a match criterion of a
match vlan-sid
class map.
netbios filter
Filters the NetBIOS packets received from the specified port.
discard
policy-map Enters QoS policy map configuration mode to configure the QoS policy map.
service-policy Applies a policy map to all packets received from the Corecess R1-AD series.

9-19
Chapter 10 Configuring Security
This chapter describes how to configure security features on the Corecess R1-AD series.
9 Configuring Password and Session Timeouts 10-2
9 Configuring Access Lists 10-6
9 Configuring Filtering Features 10-11
9 Security Configuration Commands 10-17

Configuring Password and Session Timeouts
This section describes how to prevent unauthenticated users from logging in to the Corecess R1-
AD series.
Configuring Password
You can provide access control on a terminal line by entering the password and establishing
password checking.
Changing Login Password

By default, the Corecess R1-AD series requires a user name or password when you log in to the
CLI. The default user name and password are same as a ‘corecess’. To change the default login
password, perform the following tasks in User mode:
> passwd
Changing password for corecess
Old password: Enter the current password.
Enter the new password (minimum of 5, maximum of 8 characters)
Please use a combination of upper and lower case letters and numbers.
Enter new password: Enter the new password.
Re-enter new password: Enter the new password again.
Password changed.
>
User mode is signified on the system by the > prompt. At this point, you can enter a variety of
commands to view statistics on the system, but you cannot change the configuration of the
system.

Setting the Privileged Mode Password
You can set the Privileged mode password that controls access to privilege mode. By default,
the Corecess R1-AD series does not require the Privileged mode password for entering the
Privileged mode.
You can specify the password for the Privileged mode using enable passwd command in the
Global configuration mode. The following example sets the Privileged mode password to
‘ccAD24’ by the enable passwd command in the Global mode.
(config)# enable passwd ccAD24

(config)#
After setting the Privileged mode password, you should enter the password to go to the
Privileged mode from user mode as follows:
> enable
Password: ccAD24
Privileged mode is signified by the # prompt. In the Privileged mode, you can enter all
commands to view statistics and configure the system.
# The privileged mode prompt
To delete the password for the Privileged mode, enter the no enable passwd command in
the Global configuration mode:
(config)# no enable passwd

(config)#
Configuring Security 10-3

10-3
Password Encryption
All passwords on the system can be viewed by using the write terminal privileged mode
commands. If you have access to Privileged mode on the system, you can view all passwords in
clear text by default.
You can hide clear-text passwords by storing passwords in an encrypted manner so that anyone
entering write terminal commands will not be able to determine the clear-text password.
The following example shows how to encrypt a user password and display the password on the
terminal line:
(config)# username guest passwd 8 guest
(config)# end
# write terminal
Building configuration...
Current configuration:
banner incoming "welcome\n"
username recover passwd 8 $1$$nlCC0vP6YG0ZB0Mp685Fy0
username guest passwd 8 $1$$ysap7EeB9ODCrO46Psdbq/
:
:

Session Timeouts
The timeout for an unattended telnet session provides an additional security measure. If the
telnet line is left unattended in Privileged mode, any user can modify the system configuration.
The default timeout for an unattended telnet session is 10 minutes. To change the login timeout,
enter the following command in Global configuration mode:
Table 10-1 Changing timeout for an unattended telnet session
Command Task
line vty 1. Enter the VTY-line configuration mode.
2. Set the login timeout.
exec-timeout <minute>
y <minute>: Timeout in minutes ( 1 ~ 600)
The following commands change the timeout to 1 minute:
(config)# line vty

(config-line)# exec-timeout 1
(config-line)#

10-5
Configuring Access Lists (Planned)
Access Lists
Access lists filter network traffic by controlling whether routed packets are forwarded or
blocked at the system's interfaces. Your system examines each packet to determine whether to
forward or drop the packet, based on the criteria you specified within the access lists.
Access list criteria could be the source address of the traffic, the destination address of the traffic,
the upper layer protocol, or other information. Note that sophisticated users can sometimes
successfully evade or fool basic access lists because no authentication is required.
You can use standard access lists to control the Telnet or SNMP access methods to management
functions on the Corecess R1-AD series.
Router Internet or LAN Server A
Server B
Corecess R1-AD24A
Access list
x Source IP address : 172.20.128.64
x Permit/deny : Permit
x Flow : Out
Host A Host B
IP: 172.20.128.10 IP: 172.20.128.64
In the above example, the access list allows access from the 172.20.128 64 host. Therefore the
host B connected to the Corecess R1-AD24A can access to the Server A or Server B and the host
A can’t access to the Servers.

Defining Access Lists
The Corecess R1-AD series provides basic traffic filtering capabilities with access control lists.
You can configure access lists at your system to control access to a network: access lists can
prevent certain traffic from entering or exiting a network.
To define access lists, enter the following command in Privileged mode:
Table 10-2 Defining access lists
Command Task
access-list <list-number> 2. Configure an ACL with the IP addresses you want to allow or
{permit| deny} <subnet-ip> deny to access the system.
[<mask>] y <list-number>: Number of the standard access list (1 ~ 99,
1300 ~ 1999)
y permit: Permits the frame whose source address matches the
condition.
y deny: Denies the frame whose source address matches the
condition.
y <subnet-ip>: The IP address of the source network or host
access-list <list-number> in hexadecimal form (xxx.xxx.xxx.xxx).
{permit| deny} any y <mask>: Subnet mask bit to be applied to <subnet-ip>.
The subnet mask is a four-part value in dotted-decimal
notation (IP address format) consisting of ones and zeros.
Zeros in the mask mean the packet's source address must
match the <subnet-ip>. Ones mean any value matches.
y any: Configures the policy to match on all host addresses.
show access-list 4. Verify the defined access lists.
Note: Guidelines for defining a access list
x The range of standard access list number can be from 1 to 99.
x The wildcard is a four-part value in dotted-decimal notation (IP address format) consisting
of ones and zeros. Zeros in the mask mean the packet's source address must match the
<source-ip>. Ones mean any value matches. For example, the <source-ip> and <wild-
card> values 209.157.22.26 0.0.0.255 mean that all hosts in the Class C sub-net
209.157.22.x match the policy.
x The packets that do not match any entries in an access list are denied.

10-7
The following example shows how to define an access list which permits the access from hosts
in the specified network:
(config)# access-list 1 permit 192.5.34.0 0.0.0.255
(config)# end
# show access-list
Standard IP access list 1
permit 192.5.34.0, wildcard bits 0.0.0.255
#
The following example shows how to define an access list which denies the access from the
specified host:
(config)# access-list 2 deny host 171.69.198.102
(config)# access-list 2 permit any
(config)# end
# show access-list
Standard IP access list 2
deny 171.69.198.102
permit any
#

Applying the Access List to Terminal Line
After you create an access list, you can apply it to terminal line. In this case, access lists can be
applied on both outbound and inbound flows.
To restrict terminal line access to the system using access lists, enter commands such as the
following:
Table 10-3 Applying the access list to terminal line
Command Task
line vty 1. Enter the VTY-line configuration mode.
2. Apply the access lists to terminal line.
y <access-list-number>: Number of an IP access list (1 ~
99, 1300 ~ 1999).
access-class <list-number>
{in | out}
y in: Restricts incoming connections between the system and
the addresses in the access list.
y out: Restricts outgoing connections between the system and
the addresses in the access list.
The following example shows how to apply the access list to terminal line. The Corecess R1-
AD24A allows Telnet access to all IP addresses except the hosts listed in access list 2.
(config)# line vty

(config-line)# access-class 2 in
(config-line)#
The following example shows how to apply the access list to terminal line. The Corecess R1-
AD24A denies connections to networks other than network 192.89.55.0:
(config)# line vty 0 5
(config-line)# access-class 12 out
(config-line)#
Note: To remove access restrictions, use the no access-class <list-number> {in

| out} command.

10-9
Applying the Access List to SNMP Access
After you create an access list, you can apply it to SNMP access. In this case, access lists can be
applied on inbound flow.
To restrict SNMP access to the system using access lists, enter the snmp-server group
access commands such as the following:
Table 10-4 Applying the access list to SNMP access
Command Description
snmp-server group 1. Apply the access list to SNMP access.
access <list-number> y <list-number>: Standard access list number (1 ~ 99, 1300 ~ 1999)
The following example shows how to apply the access list to SNMP access. The Corecess R1-
AD24A allows SNMP access to all IP addresses except the hosts listed in access list 2.
(config)# snmp-server group access 2
(config)#
10-1010-10R1-AD Series User’s Manual

Configuring Filtering Features
devices. This section describes packet filtering feature on the Corecess R1-AD series.
Types of Filtering
The Corecess R1-AD series supports the following types of filtering:
Table 10-5 Type of packet filtering
Type of Packet Filtering Description
Filters packet transmitted between PVCs on an ADSL port to prevent a PVC

PVC Filtering
loop.
Filters packet transmitted between ADSL ports on the Corecess R1-AD

Port Filtering
series.
Filters DHCP Offer packets received from ADSL subscriber to prevent the
DHCP Packet Filtering
subscribers from operating subscriber’s private DHCP server.
Filters NetBIOS packets to prevent ADSL subscribers from sharing data via
Netbios Packet Filtering
NetBEUI/NetBIOS protocols.
Filters the particular class of traffic based on the following criteria:

- The destination MAC address
- The source MAC address
- The destination IP address
- The source IP address
* CIFS - The destination TCP port number (0 ~ 65535)
(Cognitive Information - The source TCP port number (0 ~ 65535)
Filtering System) - The destination UDP port number (0 ~ 65535)
- The source UDP port number (0 ~ 65535)
- The Ethernet Type filed value (0 ~ 65535)
- The input port number
- The IP Protocol field value (0 ~ 255)
- The VLAN ID that the input/output port belongs to (1 ~ 4094)
* CIFS is now planned

10-11
PVC Filtering
You can configure PVC filtering feature to not allow communication between PVCs established
on an ADSL port. PVC filtering feature prevents a PVC loop. Refer the Chapter 5 / Basic
configuration – Configuring PVCs section, to configure the PVC filtering feature.
Port Filtering
You can configure port filtering feature to not allow communication between ADSL ports on
the Corecess R1-AD series. Refer the Chapter 6 / Configuring Ports – Configuring ADSL Ports
section, to configure the ADSL port filtering feature.
Filtering DHCP Offer Packets

You can filter DHCP Offer packets received from ADSL subscriber to prevent the subscribers
from being assigned invalid IP address by another subscriber’s private DHCP server. Refer the
Chapter 9 / Configuring QoS – Configuring Packet Filtering section, to configure the DHCP offer
packet filtering.
Filtering NetBIOS Packets

NetBIOS (Network Basic Input/Output System) is a program that allows applications on
different computers to communicate within a LAN. You can filter NetBIOS packets to prevent
ADSL subscribers from sharing data via NetBEUI/NetBIOS protocols. Refer the Chapter 9 /
Configuring QoS – Configuring Packet Filtering section, to configure the NetBIOS packet filtering.

CIFS (Cognitive Information Filtering System) - Planned
You can filter the particular class of traffic by using the QoS policy supported by the Corecess
R1-AD series.
The following is the steps for configure filtering policy on the Corecess R1-AD series.
1. Create Classes
Create a class map and define the classification criteria for the class map.
2. Creating a Policy
Create a policy map, specify the class to which the policy map applies, and define the actions
that you want the system to take for the particular class of traffic.
3. Applying the Policy

Apply the policy map to both inbound and outbound traffics on the system.
This section describes how to create a QoS service policy according to the above steps.
Note: For more detail information about QoS (Quaility of Service), refer to the Chapter 9
Configuring QoS in this manual..
Creating Classes
To create a class map and specify the way in which the Corecess R1-AD series should classify
traffic, enter the following commands in Global configuration mode:
Table 10-6 Creating classes
Command Task
class-map 2. Create a class map and enter Class-map configuration mode.
<class-map-name> y <class-map-name>: Class map name
3. Configure match criteria of a class map.

match ether-type 3-a. Specifies the Ethernet type as a match criterion of a class map.
<type> y <type>: Ethernet Type filed value
(Continued)

10-13
Command Task
3-b. Specifies the destination IP address as a match criterion of a class

match ip-da map.
<destination-ip> y <destination-ip>: Destination IP address.
<wildcard> y <wildcard>: Wild card to be masked with <destination-ip>
parameter.
3-c. Specifies the source IP address as a match criterion of a class map.

match ip-sa y <source-ip>: Source IP address.
<source-ip> <wildcard> y <wildcard>: Wild card to be masked with <source-ip>
parameter.
3-d. Specifies the protocol number as a match criterion of a class map.

match protocol
y <protocol-number>: IP protocol value (ICMP:1, IGMP: 2, IP: 4,
<protocol-number>
TCP: 6, GRP: 7, IGP: 9, UDP: 17, GRE: 47, IGRP: 88, OSPF: 89)
3-e. Specifies the source TCP port number as a match criterion of a class
match tcp-spn
map.
<tcp-port-num>
y <tcp-port-num>: Source TCP port number (0 ~ 65535)
3-f. Specifies the source UDP port number as a match criterion of a class
match udp-spn
map.
<udp-port-num>
y <udp-port-num>: Source UDP port number (0 ~ 65535)
3-g. Specifies the VLAN ID that the input port belongs to as a match
match vlan-sid
criterion of a class map.
<vlan-id>
show classmap 5. Verify the class map configuration.
[<class-map-name>] y <class-map-name>: Class map name
Note: Because the ingress packet to a VLAN and egress packet from a VLAN are not
distingushied, the match vlan-sid and match vlan-did command provides the same
function.

The following example shows how to create a class map and define a classification criterion by
using the destination IP address and the destination TCP port number:
(config)# qos
(config-cmap)# match ip-da 10.10.10.1 0.0.0.255
(config-cmap)# match tcp-dpn 25
(config-cmap)# end
# show classmap class101
ClassMap
--------------------------------------------------
Name : class101
Match Content : ip-da 10.10.10.1/0.0.0.255
: tcp-dpn 25
#

10-15
Creating a Policy
To create a policy map and define the actions that you want the system to take for the particular
class of traffic, enter the following commands in Global configuration mode:
Table 10-7 Creating a policy
Command Task
policy-map 2. Create a policy map and enter Policy-map configuration mode.
<policy-map-name> y <policy-map-name>: Name of a policy map to define
3. Specify the class to which the policy map applies and enter Policy-
class <class-name> map-class configuration mode.
y <class-name>: Class map name
4. Specify whether to filter the traffic class or not.
y deny: Discards the class of traffic belonging to a policy
filter {deny | permit} map.
y permit: Permits the class of traffic belonging to a policy
map.
show policymap 6. Verify the QoS policy.
[<policy-map-name>] y <policy-map-name>: Name of a policy map to verify
The following example shows how to define QoS policy that you want the system to filter that
particular class of traffic:
(config)# qos
(config-qos)# policy-map filter-policy
(config-pmap-c)# filter deny
# show policymap filter-policy
PolicyMap
--------------------------------------------------
Name : filter-policy
Action : Deny
#

Security Configuration Commands
The following table lists the commands for configuring security on the Corecess R1-AD series:
Table 10-8 Security configuration commands
Command Description
Restricts incoming and outgoing connections between the Corecess R1-AD series
access-class
virtual terminal and the addresses in an access list.
access-list Defines a standard IP access list using source addresses for filtering packets
(Standard) received/transmitted through the specific interface.
Enters Policy-map class configuration mode to specify a previously created class

class
map to be included in the policy map.
class-map Enters Class-map configuration mode to configure class maps.
dhcp-offer Discards the all DHCP OFFER packets received (packets received through the
filter discard UDP port 67).
enable passwd Sets the Privileged mode password.
Sets the interval that the EXEC command interpreter waits until user input is
exec-timeout
detected.
filter Configures filtering a class of traffic which belongings to a policy map.
match Specifies a match criterion for a class map.
netbios filter
Filters NetBIOS packets
discard
passwd Specifies or changes the CLI login password

policy-map Enters QoS policy map configuration mode to configure the QoS policy map.
service-policy Applies a policy map to all packets received or sent to the system.

10-17
Chapter 11 Configuring IGMP Snooping
This chapter describes how to configure IGMP snooping for the Corecess R1-AD series to
manage the multicast traffic.
9 Multicast and IGMP 11-2
9 Configuring IGMP Snooping 11-6
9 Displaying IGMP Snooping Information 11-13
9 IGMP Snooping Configuration Commands 11-15

Multicast and IGMP
Multicast Transmission Mode
Multicast is a transmission mode which transmits the copy of packets to multiple destination. It
is a special mode of broadcast transmission mode which transmits the copy of packets to all
destinations.
There are three Internet transmission mode - unicast, broadcast, and multicast.
Unicast transmission mode transmits data from one source to one destination. It is used in
general Internet application program such as Telnet or ftp. Unicast transmission mode must
repeatedly transmit as many data packets as the number of the receivers, therefore not an
appropriate mode for communication such as image conference or internet broadcasts since it
reduces the effectiveness of the communication network and the transmission pressure of the
transmitter increases.
300K x 3 = 900K
Video
Server
Multicast
Router
300K x 2 = 600K
300K
300K 300K 300K
Service User
Broadcast transmission mode is the transmission of the copy of packet to all receivers in the
same network from one transmitter.

Multicast transmission mode is used in application programs of Internet image conference and
etc, as a mode of more than one transmitters transmitting data to more than one certain
receivers. When a transmitter transmits the pack to a multicast group address, only the
receivers belonging to that multicast group can receive the copy of the packet transmitted by
the transmitter. Multicast transmission mode minimizes the network resource loss due to
repetitive transmission of the data like the broadcast transmission mode and thus can save
network bandwidth, and can save transmission time since there is no need to transmit the
packet to all receivers separately like the unicast transmission mode.
300K
Video
Server
Multicast
Router
300K
300K
300K 300K 300K
Multicast User
For the unicast transmission, there is a receiver address displayed on the packet header. But for
the multicast transmission, there is a marks which contains the multicast group address
receivers belong.
D class IP address is used for multicast group address. The range of D class is 224.0.0.0 ~
239.255.255.255, and IP address 224.0.0.0 ~ 224.0.0.255 among this range is assigned for other
uses and cannot be used.
Configuring IGMP Snooping 11-3

11-3
IGMP Snooping
IGMP snooping manages multicast traffic at Layer 2 on the Corecess R1-AD series by allowing
directed switching of IP multicast traffic. Switches can use IGMP snooping to configure Layer 2
interfaces dynamically so that IP multicast traffic is forwarded only to those interfaces
associated with IP multicast devices.
Without IGMP snooping, multicast traffic is treated in the same manner as broadcast traffic,
that is, it is forwarded to all ports. With IGMP snooping, multicast traffic of a group is only
forwarded to ports that have members of that group. IGMP Snooping generates no additional
network traffic, allowing you to significantly reduce multicast traffic passing through your
switch.
Joining a Multicast Group

When a host wants to join a multicast group, it sends an IGMP Report message specifying the IP
multicast group it wants to join. The IGMP snooping switch will recognize the IGMP Report
message and add a IP multicast group MAC address of associated port in the MAC Filtering
Database. While multicast traffic is transmitted to the switch next time, it will directly forward
the traffic to the ports associated with this IP multicast group MAC address regarding the
Filtering Database.
Leaving a Multicast Group

For IGMP version 2, if a host does not want to receive the IGMP traffic any more, it sends a
Leave Group message. As long as the IGMP snooping switch receives this Leave Group
message, it sends an IGMP group specified query message to determine if any device behind
that port is interested in the specific multicast group traffic. If the switch doesn't receive any
IGMP Report message, it removes the IP multicast group MAC address from the associated port
in the MAC Filtering Database.
For IGMP version 1, if a host does not want to receive the IGMP traffic, it just silently quit the
group. IGMP multicast routers periodically send Host Membership Query messages to discover
if any member is still interesting in the specific multicast group traffic. As long as the IGMP
snooping switch receives this Query Group message, it forwards the message to the associated
port including in the multicast group. If the switch doesn't receive Report Group message for 3
times, it delete the IP multicast group MAC of associated port in the MAC Filtering Database.

Fast-Leave Processing
IGMP snooping fast-leave processing allows the switch processor to remove an interface from
the portmask of a forwarding-table entry without first sending out group specific queries to the
interface. The VLAN interface is pruned from the multicast tree for the multicast group
specified in the original leave message. Fast-leave processing ensures optimal bandwidth
management for all hosts on a switched network, even when multiple multicast groups are in
use simultaneously.

11-5
Configuring IGMP Snooping
This section describes how to configure IGMP snooping:
y Enabling IGMP snooping
y Enabling IGMP fast-leave processing
y Configuring a multicast router port statically
y Defining a multicast group
y Configuring membership timeout
y Configuring the maximum number of multicast group
Note: Multicast network must be a tree structure with the multicast router as a root.
Enabling IGMP Snooping

By default, IGMP snooping is disabled on the Corecess R1-AD series. You can enable IGMP
snooping on the system globally or on a VLAN. By default IGMP snooping is disabled on the
Enabling IGMP Snooping Globally

To enable IGMP on the Corecess R1-AD series, enter the ip igmp snoop command in Global
configuration mode:
The following example show how to globally enable IGMP snooping:
(config)# ip igmp snoop
(config)#

Enabling IGMP Snooping on a VLAN
When IGMP snooping is globally enabled, multicast packets are forwarded to all VLANs on the
Corecess R1-AD series. When IGMP snooping is enabled on a VLAN, multicast packets are
forwarded to only that VLAN.
To enable IGMP on a VLAN, enter the ip igmp snoop vlan id command in Global
configuration mode:
Table 11-1 Enabling IGMP snooping on a VLAN
Command Description
ip igmp snoop vlan 1. Enable IGMP snooping on the specified VLAN.
id <vlan-id> y <vlan-id>: VLAN ID (1 ~ 4094)
The following example shows how to enable IGMP snooping on the default VLAN:
(config)# ip igmp snoop vlan id 1
(config)#
Note: You can disable IGMP snooping on a VLAN by using the no ip igmp snoop
vlan id in the global configuration mode.

11-7
Enabling IGMP Fast-leave Processing
When you enable IGMP fast-leave processing in a VLAN, the system immediately removes an
interface from the multicast group when it detects an IGMP version 2 leave message on that
interface.
To enable IGMP fast-leave processing on a port interface, enter the ip igmp snoop fast-
leave command in Global configuration mode:
Table 11-2 Enabling IGMP fast-leave processing
Command Description
1. Enable IGMP fast-leave processing on a specific port.

ip igmp snoop fast-
y <port-type>: The type of the port to enable IGMP fast-leave.
leave port <port-
( gigabitethernet, adsl)
type> <slot>/<port>
y <slot>/<port>: The slot number and port number of the port.
This example shows how to enable IGMP fast-leave processing on the Gigabit Ethernet port 1/1:
# config terminal
(config)# ip igmp snoop fast-leave port gigabitethernet 1/1
(config)#

Configuring Static Router Port
As mentioned earlier, configure the port that is connected with a multicast router as a static
router port. To configure a static connection to a multicast router, use the following commands
in Privileged mode:
Table 11-3 Configuring a static router port
Command Task
2. Configure a specified port as a router port.
ip igmp snoop mrouter
y <port-type>: The type of the port to configure as a router
port <port-type>
port. ( gigabitethernet, adsl)
<slot>/<port> vlan id
<vlan–id>
y <vlan-id>: VLAN ID
show ip igmp snoop
4. Verity the static router port.
mrouter
The following example shows how to add the Gigabit Ethernet port 1/1 as a router port:
# config terminal
(config)# ip igmp snoop mrouter port gigabitethernet 1/1 vlan id 1
(config)# end
# show ip igmp snoop mrouter
---------- ----- ---------------
port vlan router ip
---------- ----- ---------------
Internal N/A 0.0.0.0
1/1 1 0.0.0.0
---------- ----- ---------------
Total Number : 2
---------- ----- ---------------
#

11-9
Defining a Multicast Group
Hosts normally join multicast groups dynamically, but you can also configure a host statically
on an interface.
To define a multicast group, perform this task in the privileged mode:
Table 11-4 Defining a multicast group
Command Task
configure terminal 1. Go to global configuration mode.
no ip igmp snoop 2. If IGMP snooping is enabled globally, disable IGMP snooping.
3. Define a multicast group.
ip igmp snoop mgroup
y <group-address>: Address of the multicast group.
<group-address> port
y <port-type>: The type of the port to configure of a member
<port-type> <slot>/ port>
port. ( gigabitethernet, adsl)
[vlan <vlan-id>]
show ip igmp snooping 5. Verify the IGMP multicast group.
The following example shows how to add the ADSL 2/1 ~ 2/5 as a member of group
01:00:5e:02:02:02:
# config terminal
(config)# no ip igmp snoop
(config)# ip igmp snoop mgroup 225.2.2.2 port adsl 2/1-5 vlan id 2
(config)# end
# show ip igmp snoop
1 224.0.255.1 0.0.0.0 2/5-8 static 0
1 225.2.2.2 0.0.0.0 1/1-5 static 0
#

Configuring Membership Timeout
Group membership timeout defines how long a group will remain active on an interface in the
absence of a group report. Possible values are from 1 - 260 seconds and the default value is 260
seconds.
To configure IGMP group membership timeout, perform this task in the privileged mode:
Table 11-5 Configuring Membership timeout
Command Task
ip igmp snoop
2. Set IGMP group membership timeout.
membership timeout
y <second>: IGMP group membership time in seconds (1 ~ 260)
<second>

show ip igmp snoop
4. Verify the IGMP group membership timeout.
mgroup
The following example shows how to change IGMP membership time to 240 seconds:
# config terminal
(config)# ip igmp snoop membership timeout 240
(config)# end
# show ip igmp snoop membership timeout
240
#

11-11
Configuring the Maximum Number of IGMP Groups
Each port on the Corecess R1-AD series can join up to 1024 multicast groups at time. To
configure the maximum number of IGMP groups that a port can join, perform this task in the
privileged mode:
Table 11-6 Configuring the maximum number of IGMP groups
Command Task
2. Specify the maximum number of IGMP groups that a port can join.
ip igmp snoop group- y <group-number>: Maximum number of IGMP groups that the
number-limit <number> specified port can join (1 ~ 4094).
port <port-type> y <port-type>: The type of the port to configure.
<slot>/<port> ( gigabitethernet, adsl)
The following example shows how to limit the number of IGMP groups that the Gigabit
Ethernet port 1/1 to 25:
# config terminal
(config)# ip igmp snoop group-number-limit 25 port gigabitethernet 1/1
(config)#

Displaying IGMP Snooping Information
This section describes displaying IGMP snooping information.
Displaying Multicast Group Information

You can display IGMP snooping information for dynamically learned and statically configured
router ports. You can also display MAC address multicast entries for a VLAN configured for
IGMP snooping. You can display IGMP snooping information for dynamically learned and
statically configured
Displaying All Multicast Group Information

To displays the multicast groups that are directly connected to the system and that were learned
via IGMP, enter the show ip igmp snooping command in Privileged mode:
# show ip igmp snooping

---- --------------- --------------- ---------- ------- -------
vlan mac group group ip ports type timeout
---- --------------- --------------- ---------- ------- -------
1 1:0:5e:64:64:65 239.100.100.101 2/5-8 static N/A
2 0:a0:cc:77:a1:8d 224.1.2.3 2/1-4 static 240
---- --------------- --------------- ---------- ------- -------
Total number : 2
---- --------------- --------------- ---------- ------- -------
#
The show ip igmp snooping command displays the multicast group information in the
following format:
Table 11-7 show ip igmp snooping filed description
Filed Description
vlan VLAN ID of the multicast group.
mac group MAC Address of the multicast group.

IP Address of the multicast group. In case of a static multicast group, 0.0.0.0 is
group ip
displayed.
ports Interface through which the group is reachable.

11-13
Filed Description
How the multicast group is registered.

type - static: Multicast groups that are directly connected to the system.
- dynamic: Multicast groups that were learned by IGMP snooping.
How long in seconds until the entry is removed from the IGMP groups table.
timeout left
In case of a static multicast group, 0 is displayed.
Displaying Multicast Group Information for a VLAN

To display the information of the multicast groups of the specified VLAN, enter the show ip
igmp snooping vlan id in Privileged mode:
# show ip igmp snooping vlan id 1

---- --------------- ---------------- ---------- ------- -------------
vlan mac group ip group ports type timeout left
---- --------------- ---------------- ---------- ------- -------------
1 1:0:5e:0:2:3 0.0.0.0 1/1,2/1 static 0
1 1:0:5e:1:1:2 224.1.1.2 1/1 dynamic 0
1 1:0:5e:0:0:2 225.0.0.2 1/1 dynamic 0
---- --------------- ---------------- ---------- ------- -------------
Total number : 5
---- --------------- ---------------- ---------- ------- -------------
#
The table below describes fields shown by the show ip igmp snooping vlan command:
Table 11-8 show ip igmp snooping vlan field descriptions
Field Description
vlan VLAN ID.
mac group Group destination MAC address.
ip group IP address of the multicast group.
ports Member ports of the multicast group.
Type Status of whether the port was configured manually as a multicast router port.
How long the port will remain as member on the multicast group in the absence of
timeout left
an IGMP reports.

IGMP Snooping Configuration Commands
The following table lists the commands for configuring IGMP snooping on the Corecess R1-AD
series:
Table 11-9 IGMP snooping configuration commands
Command Description
ip igmp snoop Globally enables IGMP snooping.
Enables IGMP fast-leave processing which the function is the system

ip igmp snoop
immediately removes a port when it detects an IGMP version 2 leave
fast-leave
message on that port.
ip igmp snoop
Sets the maximum number of IGMP groups that the port can join.
group-number-limit
ip igmp snoop Specifies IGMP group membership time which defines how long a group
membership timeout will remain active on an interface in the absence of a group report.
Hosts normally join multicast groups dynamically, but you can also
ip igmp snoop mgroup
configure a host statically on an interface.
ip igmp snoop mrouter Adds a router port.
ip igmp snoop vlan id Enables IGMP snooping on the specified VLAN.
Displays the multicast groups that are directly connected to the system
show ip igmp snoop
and that were learned via IGMP.
show ip igmp snoop

Lists the ports which IGMP fast-leave processing is enabled on.
fast-leave
show ip igmp snoop Displays IGMP group membership time which defines how long a group
membership timeout will remain active on an interface in the absence of a group report.
show ip igmp snoop

Displays multicast router ports.
mrouter
show ip igmp snoop

Displays the information of the multicast groups of the specified VLAN.
vlan

11-15
Chapter 12 Configuring DHCP & ARP Snooping
This chapter describes how to configure DHCP snooping for the Corecess R1-AD series to
manage the DHCP traffic and ARP traffic.
9 DHCP Snooping 12-2
9 ARP Snooping 12-14

DHCP Snooping
DHCP Snooping Overview
DHCP snooping is a DHCP security feature that monitors DHCP messages exchanged between
DHCP servers and DHCP clients on Layer 2 network and allows only DHCP clients assigned its
IP address from the DHCP server to communicate. DHCP snooping acts like a firewall between
DHCP servers and DHCP clients.
DHCP snooping uses the following types of ports:
y Server port (Uplink port)

Server port relays the DHCP messages between the client ports and the transparent ports. No
policy is applied to the server port. If no server port is specified, the DHCP messages will be
sent to CPU.
y Client port
Client port generates, deletes, or manages the dynamic binding entries using DHCP messages
which are passed through and transmits the DHCP messages (DHCPDISCOVER,
DHCPREQUEST, and so on) to the server ports. If there is no server port, client port sends the
messages to CPU.
y Transparent port
Transparent port does the same functions as the client port. But no policy and limitation are
applied.
DHCP snooping uses the following filtering rules:
y System base rule

System base rule is the global filtering rule applied to the whole system. There are two system
base rules, ‘permit’ and ‘deny’. If the system base rule is set to ‘deny’, all packets except
DHCP messages will be denied on all ports. If the system base rule is set to ‘permit’, all
packets will be forwarded on all ports. The default system base rule is ‘deny’.
y Port base rule

Port base rule is the filtering rule applied to a specific port. It overrides the system base rule.
There are two port base rules, ‘permit’ and ‘deny’. If the port base rule is set to ‘deny’, all
packets except DHCP messages will be denied on the specified port. If the port base rule is set
to ‘permit’, all packets will be forwarded on the specified port.

DHCP Messages
These DHCP messages are used to determine the DHCP snooping action:
Table 12-1 DHCP snooping action according to DHCP message type
DHCP Message DHCP Snooping Action
DHCPDISCOVER Forwards this message to the server port or the CPU.
DHCPOFFER Forwards this message to the client ports.
DHCPREQUEST Forwards this message to the server port or the CPU.
DHCPACK Forwards this message to the client ports.
When DHCP snooping is enabled, the system base rule is set to ‘deny’ which means no packets
can be received or sent except DHCP messages. The DHCP messages received from the client
ports will be forwarded to the server port or the CPU. If the CPU detects DHCPACK message is
received from the DHCP server, DHCP snooping saves the binding information (such as the
MAC address, the IP address, the lease time, and so on) in the database, and then forwards the
message to the client ports.
DHCP Snooping Operation

DHCP snooping dynamically creates binding entries using the information included in
DHCPACK message sent to a DHCP client and applies filtering rule to the binding entries.
DHCP snooping also activates timer for the binding entries using the lease time included in
DHCPACK message. DHCP clients that ‘permit’ filtering rule is applied can communicate.
Binding entices can be manually added using the CLI command. Binding entries are removed
when DHCPRELEASE messages are received from the client ports or when the lease time has
expired. Binding entries can be manually deleted using the CLI command or SNMP manger.
When a link of a DHCP client is down, DHCP snooping applies ‘deny‘ filtering rule to the
binding entry and keep maintaining information on the binding entry instead of deleting it
immediately. When the link is up again, DHCP snooping applies ‘permit’ filtering rule and
restart the service for the DHCP client. If DHCPREQUEST message is received again from a
DHCP client and the DHCP server sends DHCPACK message in response to DHCPREQUEST
message, the timer for this binding entry is updated to the lease time include in new DHCPACK
message.
Configuring DHCP & ARP Snooping 12-3

12-3
Configuring DHCP Snooping
This section describes the following DHCP snooping configuration tasks:
y Enabling DHCP snooping
y Specifying DHCP snooping ports

y Configuring the system filtering rules
y Configuring port filtering rules
y Configuring information policy
y Specifying the maximum number of DHCP clients
y Adding static binding entries
y Clearing dynamic binding entries
y Enabling DHCP option 82 data insertion
Enabling DHCP Snooping

If you enable DHCP snooping, the system base rule is set to ‘deny’ which is no packet can be
received or sent except DHCP messages. To enable DHCP snooping on the Corecess R1-AD
series, use the following command in Privileged mode:
Table 12-2 Enabling DHCP snooping
Commands Task
configure terminal 1. Enter the Global configuration mode.
ip dhcp snoop 2. Enable the DHCP snooping.
The following example enables DHCP snooping on the Corecess R1-AD24A:
(config)# ip dhcp snoop
(config)#
Note: To disable DHCP snooping on the Corecess R1-AD series, use the no ip dhcp
snoop command in Global configuration mode.
(config)# no ip dhcp snoop
(config)#

Specifying DHCP Snooping Ports
To specify DHCP snooping ports, use the following command in Global configuration mode:
Table 12-3 Specifying DHCP snooping ports
Commands Description
Specifies DHCP snooping port.

y <port-type>: Type of the port to be configured as a DHCP
snooping port.
y <slot>/<port>: Slot number and port number of the port
ip dhcp snoop port
to be configured as a DHCP snooping port.
<port-type> <slot>/<port>
y <snoopport-type>: Type of the DHCP snooping port. Select
[<snoopport-type>]
one of the following types:
- client: Sets the specified port as a client port (default).
- server: Sets the specified port as a server port.
- transparent: Sets the specified port as a transparent port.
Note: If you enable DHCP snooping, all packets except DHCP messages will be discarded
on all ports. If you do not want to apply this limitation to a port, configure the port as a
transparent port.
The following example specifies the Gigabit Ethernet ports 1/1-2 as a server port:
(config)# ip dhcp snoop port gigabitethernet 1/1-2 server

(config)#
The following example specifies the ADSL ports 2/1.1 as DHCP snooping ports:
(config)# ip dhcp snoop port adsl 2/1.1

(config)#

12-5
Configuring the System Filtering Rules
To configure DHCP snooping filtering rule applied to the system, use the following commands
in Global configuration mode:
Table 12-4 Configuring the system filtering rules
Commands Task
1. Configure DHCP snooping filtering for the whole system.

ip dhcp snoop base-rule y permit: Disables the DHCP snooping filtering (all permit
{deny | permit} rule).
y deny: Enables the DHCP snooping filtering (all deny rule).
2. Specify the type of DHCP snooping filtering rule.
y <type>: The type of DHCP snooping filtering rule.
ip dhcp snoop rule-type
- ip: Applies IP-based filtering rule.
<type>
- mac: Applies MAC-based filtering rule.
- non: DHCP session tracking mode
The following example shows how to enable DHCP snooping filtering for the whole system:
(config)# ip dhcp snoop base-rule deny

(config)#
The following example shows how to set the type of DHCP snooping filtering rule:
(config)# ip dhcp snoop rule-type ip

(config)#

Configuring Port Filtering Rules
To configure DHCP snooping filtering rule applied to a specific port, use the following
commands in Global configuration mode:
Table 12-5 Configuring port filtering rules
Commands Task
1. Configures DHCP snooping filtering rule for the specified port.

y <port-type>: Type of the port to configure the filtering rule.
ip dhcp snoop port
y <slot>/<port>: Slot number and port number of the port to
<port-type>
configure the filtering rule.
<slot>/<port> base-rule
y permit: Disables the DHCP snooping filtering (all permit
{deny | permit}
rule).
y deny: Enables the DHCP snooping filtering (all deny rule).
2. Configure the packet type allowed on the specified port.

y <port-type>: Type of the port
ip dhcp snoop port y <packet-type>: The type of packets allowed on the port Select
<port-type> one of the followings:
<slot>/<port> port-rule - all: all types of packets (multicast, unicast, and unknown
<packet-type> unicast).
- unicast: all types of packets except the multicast packets
(unicast and unknown unicast).
- strict-unicast: unicast packets only
The following example shows how to disable DHCP snooping filtering for the ADSL port 2/1:
(config)# ip dhcp snoop port adsl 2/1.1 base-rule deny

(config)#
The following example configures the ADSL port 4/1 to receive the only unicast packets from
the DHCP clients:
(config)# ip dhcp snoop port adsl 2/1.1 port-rule unicast

(config)#

12-7
Configuring Information Policy
You can configure the policy for the information about the binding of IP addresses to clients. By
default, the Corecess R1-AD series ignores the information which is different from the existing
information (drop policy).
To configure the information reforwarding policy, use the following command in Global
configuration mode:
Table 12-6 Configuring information policy
y drop: Ignores the information which is different from the

ip dhcp snoop information existing information.
policy {drop | replace} y replace: Replace and forwards the information which is
different from the existing information.
The following example shows how to change the information reforwarding policy to ‘replace’:
(config)# ip dhcp snoop information policy replace

(config)#
Specifying the Maximum Number of DHCP Clients

To specify the maximum number of DHCP clients for a specific port, use the following
Table 12-7 Specifying the maximum number of DHCP clients
Specify the maximum number of DHCP clients for a specific port.

ip dhcp snoop port
y <port-type>: Type of the port.
<port-type> <slot>/<port>
client-limit <number>
y <number>: Maximum number of the DHCP clients (1 ~ 255).
The following example specifies the maximum number of the DHCP clients for the ADSL ports
2/1:
(config)# ip dhcp snoop port adsl 2/1.1 clients-limit 10

(config)#

Adding Static Binding Entries
To add static binding entries, use the following command in Global configuration mode:
Table 12-8 Adding static binding entries
Add a static DHCP snoop binding entry.
ip dhcp snoop port y <port-type>: Type of the port to add a binding entry.
<port-type> <slot>/<port> y <slot>/<port>: Slot number and port number of the port.
static <mac-addr> <ip-addr> y <mac-addr>: MAC address of a DHCP client.
y <ip-addr>: IP address of a DHCP client.
The following example shows how to add a static binding entry to the ADSL port 2/1:
(config)# ip dhcp snoop port adsl 2/1.1 static 0:4:23:24:bb:6f 10.10.10.1

(config)#
Clearing Dynamic Binding Entries

To clear all dynamic binding entries, use the following command in Privileged mode:
Table 12-9 Clearing dynamic binding entries
Clears all dynamic binding entries.

clear ip dhcp snoop port y <port-type>: Type of the port to clear dynamic binding
<port-type> <slot>/<port> * entries.
The following example shows how to clear all dynamic binding entries generated on the ADSL
port 2/1-24:
# clear ip dhcp snoop port adsl 2/1-24.1 *

#

12-9
Enabling DHCP Option 82 Data Insertion
You can enable Corecess R1-AD series to insert DHCP relay agent information (option-82 field)
in DHCPREQUEST messages forwarded from DHCP clients to the DHCP server. The DHCP
server can use this information to implement security and IP address assignment policies.
Option 82 communicates information to the DHCP server using a suboption of the DHCP relay
agent information option. There are three types of suboptions supported by the Corecess R1-AD
series, ATM-VC, NAS, and Switch.
The following shows the format of the suboption when you select ATM-VC encoding: for
example, 00120-DSL01-001/00-0/01-0/03/2/32@HRl-C.
<location:5>-<DSLAM type:5>-<DSLAM sequence:3>/ n

<shelf:2>-<subshelf:1>/<slot:2>-<subslot:1>/<port:2>/<vpi:3>/<vci:5>@ o
<MDF> p
Each field is expressed in the <field name:bits> form. Each part means location code (n), port
information (o), and site code (p). You can set the location code and site code using the ip
dhcp snoop opt82-attr in Global configuration mode. If you set the Circuit ID for a port or
a PVC using ip dhcp snoop port circuit-id command, the Circuit ID is used for DHCP
option 82 data instead of the above suboption format.
The following figure shows the format of the suboption when you select NAS encoding:
Port type Version Reserved NAS IP address N/A Slot Port

(1 byte) (1 byte) (2 bytes) (4 bytes) (1 byte) (1 byte) (2 bytes)
The following figure shows the format of the suboption when you select Switch encoding:
Type Length Ifindex Type Length Switch-mac

(1 byte) (1 byte) (4 bytes) (1 byte) (1 byte) (6 bytes)

To configure the information reforwarding policy, use the following command in Global
configuration mode:
Table 12-10 Enabling DHCP option 82 data insertion
Command Task
1. Enables DHCP option 82 data insertion.
y atm-vc: DHCP option 82 field is encoded based on ATM-VC.
ip dhcp snoop opt82
y nas <ip-address>: DHCP option 82 field is encoded based
{atm-vc | nas
on the IP address of NAS.
<ip-address> | switch}
y switch: DHCP option 82 field is encoded based on the interface
index and MAC address of the switch.
2. When you select atm-vc option in the above step, set DHCP
option 82 data using the following commands.
2-1. Sets DHCP option 82 data that is globally used.

ip dhcp snoop opt82-attr
y location-code: Defines location code for ATM-VC encoding.
{location-code | site-
y site-code: Defines site code for ATM-VC encoding.
code} <string>
y <string>: Strings defining the specified attribute.
2-2. Sets DHCP option 82 data that is used for a specific port or
ip dhcp snoop port PVC (Circuit ID).
<port-type> <slot>/<port> y <port-type>: Type of the port to set DHCP option 82 data.
[.<channel>] y <slot>/<port>: Slot number and port number of the port.
circuit-id <string> y <channel>: The logical channel number of a PVC (1 ~ 8).
y <string>: Strings defining the Circuit ID
Note: If you not specify the DHCP option 82 data for a port or a PVC (Circuit ID) using the
ip dhcp snoop port circuit-id command, the global DHCP option 82 data defined
using the ip dhcp snoop opt82-attr command is used.
The following example shows how to enable the system to insert DHCP option 82 data based on
ATM-VC and how set the location code and site code that is used globally:
(config)# ip dhcp snoop opt82 atm-vc

(config)# ip dhcp snoop opt82-attr location-code 00120-DSL01-001
(config)# ip dhcp snoop opt82-attr site-code HRl-C
(config)#
This example shows how to specify the Circuit ID for the ADSL port 2/1.1:
(config)# ip dhcp snoop port adsl 2/1.1 circuit-id DSL1/04/01/0/35/01@MDF1

slotport 2/1 circuit_id(DSL1/04/01/0/35/01@MDF1)
(config)#

12-11
Displaying DHCP Snooping Configuration
Displaying DHCP Snooping Configuration
To display the DHCP snooping configuration, use the show ip dhcp snoop command in
Privileged mode.
The following is the sample output from show ip dhcp snoop command:
# show ip dhcp snoop

ip dhcp snoop is enable
system's base rule : deny
option82 insertion mode : atm-vc
option82 NAS ip : 0.0.0.0
option82 attribute location-code : 00120-DSL01-001
option82 attribute site-code : HR1-C
#
Displaying DHCP Snooping Binding Information

To displays the DHCP snooping binding configuration, use the show ip dhcp snoop
binding command in Privileged mode.
Table 12-11 Displaying DHCP snooping binding information
Command Description
y <port-type>: Type of the port to display the IP address
show ip dhcp snoop binding
binding information
{port <port-type>
<slot>/<port> | vlan id
y <vlan-id>: VLAN ID (1 ~ 4094).
<vlan-id> <ip-address>}
y <ip-address>: IP address assigned to a DHCP client.
The following is the sample output from show ip dhcp snoop binding command:
# show ip dhcp snoop binding port adsl 2/1.1

port 2/1 IP address binding information
Hardware address : 0:4:23:24:bb:6f, ip address: 10.10.10.1
client status : established, operation status : request
lease expiration : 3 minutes (2 minutes 39 seconds elapsed)
server ip : 10.10.10.254, router ip : 10.10.10.254
rule : permit is applied
#

Displaying DHCP Snooping Port Information
To displays the DHCP snooping port configuration, use the show ip dhcp snoop port
Table 12-12 Displaying DHCP snooping port information
Command Description
y <port-type>: Type of the port to display the DHCP

show ip dhcp snoop port snooping information.
<port-type> <slot>/<port> y <slot>/<port>: Slot number and port number of the port to
display the DHCP snooping information.
The following is the sample output from show ip dhcp snoop port command:
# show ip dhcp snoop port adsl 2/1.1

DHCP snooping port 2/1 is disable ref(3) type(L:A)
link up, vlan 0, clients limit 10 (serviced 0)
base port rule: deny, port snooping type: client
port traffic rule: unicast
port timer-id: off
opt82 circuit-id (none)
#

12-13
ARP Snooping
Configuring ARP Snooping

This section describes the following ARP snooping configuration tasks:
y Enabling ARP snooping
y Configuring secure-reply check type

y Configuring secure-request type
Enabling ARP Snooping

To enable ARP snooping on the Corecess R1-AD series, use the following commands in
Privileged mode:
Table 12-13 Enabling ARP snooping
Commands Task
configure terminal 1. Enter the Global configuration mode.
ip arp snoop 2. Enable the DHCP snooping.
The following example shows how to enable ARP snooping on the Corecess R1-AD24A:
(config)# ip arp snoop
(config)#
Note: To disable ARP snooping on the Corecess R1-AD series, use the no ip arp
snoop command in Global configuration mode.
(config)# no ip arp snoop
(config)#

Configuring Secure-Reply Check Type
To set sanity check referred to DHCP binding information for ARP source and target address,
use the following commands in Global configuration mode:
Table 12-14 Configuring Secure-Reply Check Type
Commands Task
Configure secure-reply check type.

ip arp snoop reply y all: Check source and target address.
{all|source|target} y source: Check source address.
y target: Check target address.
The following example shows how to set sanity check on the Corecess R1-AD24:
(config)# ip arp snoop reply source

(config)#

12-15
Configuring Secure-Request Type
There four type of secure-request types as follows:
y Broadcast: Broadcast ARP request packets to bridge ports.

y Protected-broadcast: Broadcast ARP packets to only server ports and router ports. Thus, local
proxy ARP should be enabled. Protected-broadcast is only operating when the base rule of
DHCP snooping is set to ‘deny’ (ip dhcp snoop base-rule deny command).
y Restrict-broadcast: Check the match of a source IP and a source hardware address referred to
NetSnoopIpPool table. If the source IP and a source hardware address are not matched, the
ARP request is discarded. On the other hand, matched ARP request packets are broadcasted.
y Secure-broadcast: Operation of this method is the same as restrict-broadcast. But, if a dest-ip,
exists in the NetSnoopIpPool table, is requested, the dest-ip is translated to unicast MAC and
is requested for ARP. This method can reduce the amount of broadcast and secure the
information of subscribers. In addition, it makes usage ratio of DSL line are increased.
To configure secure-request type, use the following commands in Global configuration mode.
Table 12-15 Configuring Secure-Request Type
Commands Task
2. Configure secure-request type.

ip arp snoop request y broadcast: No ARP check. Broadcast ARP request.
{broadcast| y protected-broadcast: Broadcast ARP requests to only sever
protected-broadcast| and router ports.
restrict-broadcast| y restrict-broadcast: Check source address if source is valid
secure-broadcast} or not.
y secure-broadcast: Convert ARP request to unicast request.
The following example shows how to configure secure-request type on the Corecess R1-AD24:
(config)# ip arp snoop request secure-broadcast
(config)#

Displaying ARP Snooping Configuration
Displaying ARP Snoop Table
To display the ARP Snoop table (NetSnoopIpPool), use the show ip arp snoop table command in
Privileged mode.
The following is the sample output from the show ip arp snoop table command:
# show ip arp snoop table

ip arp snoop $Revision: 1.2 $
vlan 1 Status(A:Auth, R:Router, S:Static, I:Incomplete)

vlan 1 total entries = 0
#

12-17
Chapter 13 Configuring STP and RSTP
This chapter describes how to configure STP (Spanning Tree Protocol) and RSTP (Rapid
Spanning Tree Protocol) on the Corecess R1-AD series.
9 Understanding STP/RSTP 13-2
9 Configuring STP 13-9
9 STP Configuration Commands 13-24

Understanding STP/RSTP
This section describes how to prevent unauthenticated users from logging in to the Corecess R1-
AD series.
STP Overview
STP is a Layer 2 link management protocol that provides path redundancy while preventing
loops in the network. For a Layer 2 Ethernet network to function properly, only one active path
can exist between any two stations. Spanning-tree operation is transparent to end stations,
which cannot detect whether they are connected to a single LAN segment or a switched LAN of
multiple segments.
In the following network configuration, there are two paths from Switch A to Switch C. One of
the path is path 2 connected directly and the other path is path 1 and path 2 through Switch B.
A loop is formed in this network because multiple active paths exist between Switch A and
Switch C. In this network, end stations might receive duplicate messages. For example, if Switch
A broadcasts packets, Switch C broadcasts the received packets to Switch A, and Switch A
broadcast the packets again.
Switch A
Path 1 Path 2
Path 3
Switch B Switch C
STP defines a tree with a root switch. When two interfaces on a switch are part of a loop, the
spanning-tree port priority and path cost settings determine which interface is put in the
forwarding state and which is put in the blocking state. Spanning tree forces redundant data
paths into a standby (blocked) state.
13-2 R1-AD Series User’s Manual

If the path 3 is blocked in the network configuration mentioned previously, you can have a
loop-free path between Switch A and Switch C as follows:
Switch A
Path 1 Path 2
(Forwarding) (Forwarding)
Path 3
Switch B (Blocking) Switch C
Switches send and receive spanning-tree frames, called bridge protocol data units (BPDUs), at
regular intervals. The switches do not forward these frames, but use the frames to construct a
loop-free path.
If a network segment in the spanning tree fails and a redundant path exists, the spanning-tree
algorithm recalculates the spanning-tree topology and activates the standby path.
Product Specifications 13-3

BDPU (Bridge Data Protocol Unit)
Spanning tree consists of a root switch, designated switches, root port, and designated ports.
The root switch is the logical center of the spanning-tree topology in a switched network. A
designated switch is a switch used to forward packets from that LAN to the root switch. A root
port is a forwarding port elected for the spanning-tree topology. A designated port is a
forwarding port elected for every switched LAN segment.
When the switches in a network are powered up, each switch functions as the root switch. Each
switch sends a configuration BPDU through all of its ports. The BPDUs communicate and
compute the spanning-tree topology. Each configuration BPDU contains this information:
y Unique bridge ID of the switch that the sending switch identifies as the root switch
y Spanning-tree path cost to the root
y Bridge ID of the sending switch
y Message age
y ID of the sending interface
y Values for the hello, forward delay, and max-age protocol timers
Bridge ID determines the selection of the root switch. Each VLAN on the switch has a unique 8-
byte bridge ID; the two most-significant bytes are used for the switch priority, and the
remaining six bytes are derived from the switch MAC address. The switch with the highest
switch priority (the lowest numerical priority value) is elected as the root switch. If all switches
are configured with the default priority (32768), the switch with the lowest MAC address in the
VLAN becomes the root switch.

Path cost determines the selection of the root port and designated switch. The port that provides
the best path (lowest cost) when the switch forwards packets to the root switch is called the root
port. The switch that provides the lowest path cost when forwarding packets from that LAN to
the root switch is called the designated switch. The port through which the designated switch is
attached to the LAN is called the designated port.
A root port is selected for each switch (except the root switch). This port provides the best path
(lowest cost) when the switch forwards packets to the root switch.
BPDU has three spanning-tree timers (hello, forward delay, max age). The following table
describes the timers that affect the entire spanning-tree performance:
Table 13-1 Spanning-tree Timer
Timer Description
When this timer expires, the interface sends out a Hello message to the
Hello timer
neighboring nodes.
Determines how long each of the listening and learning states last before the
Forward delay timer
interface begins forwarding.
Determines the amount of time the switch stores protocol information received
Max age timer
on an interface.

Spanning-Tree Port States
Each port on the switch using spanning tree exists in one of these states:
y Blocking: The port does not participate in frame forwarding. (Default state)
y Listening: The first transitional state after the blocking state when the spanning tree
determines that the port should participate in frame forwarding.
y Learning: The port prepares to participate in frame forwarding.
y Forwarding: The port forwards frames.
y Disabled: The port is not participating in spanning tree because of a shutdown port, no link
on the port, or no spanning-tree instance running on the port.
The port in the blocking state does not participate in frame forwarding. After initialization, a
BPDU is sent to each interface in the switch. A switch initially functions as the root until it
exchanges BPDUs with other switches. This exchange establishes which switch in the network
is the root or root switch. If there is only one switch in the network, no exchange occurs, the
forward-delay timer expires, and the ports move to the listening state. A port always enters the
blocking state after switch initialization.
The port in the blocking state does not participate in frame forwarding. After initialization a
BPDU is sent to each interface in the switch. A switch initially functions as the root until it
exchanges.
The listening state is the first state a port enters after the blocking state. The port enters this state
when the spanning tree determines that the interface should participate in frame forwarding.
When the forward-delay timer expires, the port moves to the learning state.
The port in the learning state does not transmit or receive frames. However, the port can learn
the MAC addresses of frames received on the port. When the forward-delay timer expires,
spanning tree moves the port to the forwarding state.
The port in the forwarding state forwards frames received on the port.
The port in the disabled state does not participate in frame forwarding or in the spanning tree.
This can occur when the port is disconnected or STP is administratively disabled on the port.

Selecting Path
The STP uses a spanning-tree algorithm to select one switch of a redundantly connected
network as the root of the spanning tree. The algorithm calculates the best loop-free path
through a switched Layer 2 network by assigning a role to each port based on the role of the
port in the active topology.
When two interfaces on a switch are part of a loop, the spanning-tree port priority and path cost
settings determine which interface is put in the forwarding state and which is put in the
blocking state. The port priority value represents the location of an interface in the network
topology and how well it is located to pass traffic. The path cost value represents media speed.
Spanning tree forces redundant data paths into a standby (blocked) state. If a network segment
in the spanning tree fails and a redundant path exists, the spanning-tree algorithm recalculates
the spanning-tree topology and activates the standby path.

RSTP (Rapid Spanning Tree Protocol)
RSTP is an evolution of the Spanning Tree Protocol (802.1D standard) and provides for faster
spanning tree convergence after a topology change.
The key difference between STP and RSTP is the transition states of a port. STP moves a port
from the blocking state to the forwarding state after the listening and the learning state. RSTP
reduces the transition steps by moving directly a port from the blocking state to the forwarding
state. This allows rapid reconfiguration capability when the topology has changed.
The key difference between STP and RSTP is the transition states of a port. STP moves a port
from the blocking state to the forwarding state after the listening and the learning state.
There are only three port states left in RSTP 802.1W, corresponding to the three possible
operational states. The STP 802.1D states disabled, blocking, and listening have been merged
into a unique RSTP discarding state. The following table provides a comparison of STP and
RSTP port states.
Table 13-2 Comparison of STP and RSTP port states
Is Port Included in
STP Port RSTP Port Operational Is port learning
the Active
State State Status MAC Addresses?
Topology?
Blocking Discarding Enabled No No
Listening Discarding Enabled No No
Learning Learning Enabled No Yes
Forwarding Forwarding Enabled Yes Yes
Disabled Discarding Disabled No No

Configuring STP
These sections describe how to configure spanning-tree features on the Corecess R1-AD series.
Default STP Configuration

The following table shows the default STP configuration.
Table 13-3 Default STP configuration
Feature Default Setting
VLAN STP State RSTP is enabled by default on all VLANs.
Port STP State Disabled
VLAN ID (Switch priority) 32768
Spanning-tree port priority 128
10Mbps 2,000,000
Spanning- 100Mbps 200,000

tree port cost 1Gbps 20,000
10Gbps 2,000
Path Cost 32 bit (1 ~ 200,000,000)
Hello time 2 seconds
Timer Forward delay 15 seconds
Max age 20 seconds
Admin Edge Disabled
STP Version RSTP version 2

Procedures for STP Configuration
You can configure the following STP features on the Corecess R1-AD series:
y Enabling or disabling STP
y Setting STP protocol version
y Configuring the bridge ID for a VLAN
y Configuring the path cost
y Configuring STP encoding mode
y Configuring the port priority
y Setting spanning tree timers (Hello time, Max age, Forward delay)
y Configuring an Edge port
Enabling or Disabling STP

You can enable or disable STP on a per-VLAN basis and an individual port.
Enabling or Disabling STP on a VLAN

You can enable or disable STP on a per-VLAN basis. RSTP is enabled by default on the default
VLAN and on all newly created VLANs. To re-enable STP on a VLAN after disabling it,
perform this task in Privileged mode:
Table 13-4 Enabling STP on a VLAN
Command Task
2. Enable STP on the specific VLAN.

stp vlan id <vlan-id>
show stp vlan id 4. Verify the STP configuration.
<vlan-id> y <vlan-id>: VLAN ID (1 ~ 4094)

The following example shows how to enable STP on a VLAN:
# config terminal
(config)# stp vlan id 2
(config)# end
# show stp vlan id 2
VLAN ID: 2
Protocol Operation: enabled
Root Bridge: yes
STP version: rstp(2)
Pathcost Encoding: 32bit
BridgeID: 0x8000-009000002003
Time since topology change: 82(s)
Topology changes: 0
Designated Root BridgeID: 0x8000-009000002003
Root Path Cost: 0
Root Port Number(logical): 0
:
#
Disable STP only if you are sure there are no loops in the network topology. When STP is
disabled and loops are present in the topology, excessive traffic and indefinite packet
duplication can drastically reduce network performance. To disable STP on a per-VLAN basis,
enter the no stp vlan command in Global configuration mode. The following example
shows how to disable STP on the VLAN whose ID is 2:
(config)# no stp vlan id 2

(config)# end
VLAN ID: 2
Protocol Operation: disabled
BridgeID: 0x8000-009000002003
Topology changes: 0
:
#
If you disable STP on a VLAN, STP is disabled on all ports belongs to the VLAN.

Enabling or Disabling STP on a Port
If you enable STP on a VLAN, the change does not affects all ports belong to the VLAN.
Therefore you should enable STP on all Ethernet ports within the VLAN. To enable STP on a
port, perform this task in Privileged mode:
Table 13-5 Enabling STP on a port
Command Task
2. Enable STP on a specific Ethernet port.
y <port-type>: The type of Ethernet port to enable STP on.
port <port-type>
<slot>/ <port> stp - gigabitethernet: Gigabit Ethernet port
y <slot>/<port>: The slot number (1) and port number (1, 2) of
the Ethernet port.
4. Verify the STP configuration.
show stp port y <port-type>: The type of Ethernet port
<port-type> <slot>/<port> y <slot>/<port>: The slot number and port number of the
Ethernet port.
The following example enables STP on the Gigabit Ethernet port 1/1:
# config terminal
(config)# port gigabitethernet 1/1 stp
(config)# end
# show stp port gigabitethernet 1/1
Link State: up
Port Number(logical): 1
Port Priority: 0x08
Designated Path Cost: 200000
AdminEdge: false
#
To disable STP on a specific port, enter the no port gigabitethernet <slot>/<port> stp
command in Global configuration mode. The following example disables STP on the Gigabit
Ethernet port 1/1:
(config)# no port gigabitethernet 1/1 stp disable

(config)#

Setting STP Protocol Version
Corecess R1-AD series supports both 802.1D STP and 802.1W RSTP. 802.1W RSTP is enabled by
default on all VLANs of the Corecess R1-AD series. You can set the protocol to be used by STP
on a VLAN for compatible with other network devices.
To set protocol to be used by STP, perform this task in Privileged mode:
Table 13-6 Setting STP protocol version
Command Task
2. Set protocol to be used by STP on a specific VLAN.

stp protocol-version
y rstp: The Rapid STP protocol, defined by IEEE 802.1w.
{rstp|stp} vlan id
y stp: The STP protocol, defined by IEEE 802.1d.
<vlan-id>
show stp vlan id 4. Verify the configuration change.
The following example shows how to set STP protocol on a VLAN to 802.1D STP:
(config)# stp protocol-version stp vlan id 2
(config)# end
VLAN ID: 2
Root Bridge: yes
STP version: stpCompatible(0)
BridgeID: 0x8000-009000002003
Topology changes: 0
:

The following example shows how to set STP protocol on a VLAN to 802.1W RSTP:
(config)# stp protocol-version rstp vlan id 2
(config)# end
VLAN ID: 2
Root Bridge: yes
BridgeID: 0x8000-009000002003
Topology changes: 0
:

Setting the Bridge ID (Priority)
You can configure the bridge ID for individual VLANs. Bridge ID is used to identify the root
bridge in a spanning tree. The default bridge priority for all VLANs on the Corecess R1-AD
series is ‘32768’. The bridge with the lowest value has the highest priority and is the root. To
make the switch the root bridge, set the bridge ID to the lowest value. If you change the bridge
ID, the spanning tree for the VLAN is reconfigured.
To change the bridge ID of a VLAN, perform this task in Privileged mode:
Table 13-7 Configuring the bridge ID for a VLAN
Command Task
2. Set the bridge ID for a specific VLAN.
stp bridge-priority
y <priority>: Bridge ID (0 ~ 65535). A higher numerical value means
<priority> vlan id
a lower priority; thus, the highest priority is 0.
<vlan-id>
show stp vlan id 4. Verify the STP configuration change.
The following example shows how to set bridge ID for a VLAN to 3000 (hexa-decimal: 0x0BB8):
# config terminal
(config)# stp bridge-priority 3000 vlan id 2
(config)# end
VLAN ID: 2
Root Bridge: yes
BridgeID: 0x0BB8-009000002003
Topology changes: 0
:
#

To restore the bridge ID for a VLAN to the default priority (32768, hexa decimal: 0x8000), enter
the no stp bridge-priority command in Global configuration mode:
(config)# no stp bridge-priority vlan id 2

(config)# end
VLAN ID: 2
Root Bridge: yes
BridgeID: 0x8000-0090A3000004
Topology changes: 0
:
#

Configuring the Path Cost
If a loop occurs, spanning tree uses cost when selecting a port to put in the forwarding state.
You can assign lower cost values to ports that you want selected first and higher cost values to
ports that you want selected last. If all ports have the same cost value, spanning tree puts the
port with the lowest interface number in the forwarding state and blocks the other ports.
Note: The default path cost for the Ethernet ports on the Corecess R1-AD series is
derived from STP prottocol version and the media speed of the port as follows:
Port Speed STP RSTP
10Mbps 100 2,000,000
100Mbps 19 200,000
1Gbps 4 20,000
To configure the path cost for an Ethernet port, perform this task in Privileged mode:
Table 13-8 Configuring the path cost
Command Task
2. Set the path cost for a specific Ethernet port.

y <port-type>: The type of Ethernet port.
port <port-type> <slot>/
y <slot>/<port>: The slot number and port number to set
<port> pathcost <path-cost>
the path cost.
y <path-cost>: The port's cost as a path to the spanning tree's
root bridge (STP: 1~65525, RSTP: 1~200000000)
4. Verify the STP configuration change.

show stp port <port-type>
<slot>/<port>
y <slot>/<port>: The slot number and port number.

The following example shows how to set the path cost for the Gigabit Ethernet port 1/1 running
STP protocol:
# config terminal
(config)# port gigabitethernet 1/1 pathcost 10
(config)# end
Link State: up
Port Priority: 0x08
AdminEdge: false
#
Recommand: We recommand that you set the path cost as follows according to the
running STP prottocol version and the media speed of the port:
Port Speed STP RSTP

10Mbps 50~ 600 200000 ~ 20000000
100Mbps 10 ~ 60 20000 ~ 2000000
1Gbps 3 ~ 10 2000 ~ 200000
10Gbps 1~5 200 ~ 20000

Configuring STP Encoding Mode
While STP calculates path cost using 16 bits (1~65,535), RSTP calculates path cost using 32 bits
(1~200,000,000). Therefore the path cost is not compatible between STP and RSTP. You can not
configure the STP encoding mode for individual VLANs and the change affects to all spanning
trees.
By default, RSTP is enabled on the Corecess R1-AD series and the default STP encoding mode is
32 bits. To configure the type of STP encoding mode, perform this task in Privileged mode:
Table 13-9 Configuring STP encoding mode
Command Task
2. Configure the type of STP encoding mode.

stp pathcost-encoding
y stp8021d1998: Calculates STP cost using 16 bits.
{stp8021d1998|stp8021t2001}
y stp8021t2001: Calculates STP cost using 32 bits.

show stp vlan id <vlan-id>
The following example shows how to configure the type of STP encoding mode to 16 bits:
# config terminal
(config)# stp pathcost-encoding stp8021d1998
(config)# end
VLAN ID: 2
Root Bridge: yes
BridgeID: 0x0BB8-009000002003
Topology changes: 0
:
#

Configuring the Port Priority
If all ports have the same path cost, spanning tree uses the port priority when selecting a port to
put into the forwarding state. You can assign higher priority values (lower numerical values) to
ports that you want selected first, and lower priority values (higher numerical values) that you
want selected last. To configure the port priority of an Ethernet port, perform this task in
Privileged mode:
Table 13-10 Configuring the port priority
Command Task
2. Sets the spanning-tree port priority for a specified Ethernet port.

port <port-type> <slot>/
y <slot>/<port>: The slot number (1) / port number (1, 2) of
<port> priority <priority>
the Ethernet port.
y <priority>: The value of the STP port priority (0 ~ 15,
default:8)

show stp port <port-type> y <port-type>: The type of Ethernet port.
<slot>/<port> y <slot>/<port>: The slot number (1) / port number (1, 2) of
the Ethernet port.
The following example shows how to configure the port priority of the Gigabit Ethernet port
1/1 to ‘1’:
(config)# port gigabitethernet 1/1 priority 1
(config)# end
Link State: up
Port Priority: 0x01
AdminEdge: false
#

Setting Spanning Tree Timers
BPDU contains spanning tree timers (hello, forward delay, and max-age timers) that affect the
performance of the entire spanning tree.
You can set spanning tree timers for individual VLANs. To set spanning tree timers for a
specific VLAN, perform this task in Privileged mode:
Table 13-11 Setting spanning tree timers
Command Task
2. Set the STP forward delay for a specific VLAN.
y <value>: The STP forward time. The forward delay is the
stp forward-delay
number of seconds a port waits before changing from its
<value> vlan id
spanning-tree learning and listening states to the forwarding
<vlan-id>
state. (4 ~ 30 seconds, default: 15 seconds)
3. Set the STP hello time for a VLAN.
y <value>: The STP hello time. The hello time is the interval
stp hello-time <value>
between the generation of configuration messages by the root
vlan id <vlan-id>
switch (1 ~ 10 seconds, default: 2 seconds)
4. Sets the STP maximum aging time for a VLAN.
y <value>: The STP maximum aging time. The maximum aging
stp max-age <value> time is the number of seconds a switch waits without receiving
vlan id <vlan-id> spanning-tree configuration messages before attempting a
reconfiguration. (6 ~ 40 seconds, default: 20 seconds)

show stp vlan <vlan-id>
The following example shows how to set spanning tree timers for a VLAN:
(config)# stp forward-delay 20 vlan id 2
(config)# stp hello-time 5 vlan id 2
(config)# stp max-age 30 vlan id 2
(config)# end
VLAN ID: 2
Root Bridge: yes

BridgeID: 0x8000-009000002003
Topology changes: 0
Root Path Cost: 0
MaxAge: 20(s)
HelloTime: 2(s)
ForwardDelay: 15(s)
Bridge MaxAge: 30(s)
Bridge HelloTime: 5(s)
Bridge ForwardDelay: 20(s)
:
#
To return the spanning tree timers to the default value, use the no form of these command in
(config)# no stp forward-delay 20 vlan id 2
(config)# no stp hello-time 5 vlan id 2
(config)# no stp max-age 30 vlan id 2
(config)# end
VLAN ID: 2
Root Bridge: yes
BridgeID: 0x8000-009000002003
Topology changes: 0
Root Path Cost: 0
MaxAge: 20(s)
HelloTime: 2(s)
ForwardDelay: 15(s)
Bridge MaxAge: 20(s)
Bridge HelloTime: 2(s)
Bridge ForwardDelay: 15(s)
:

Configuring an Edge Port
The Corecess R1-AD series allows ports that are configured as Edge ports to be present in an
RSTP topology. STP edge ports are bridge ports that do not need STP enabled, where loop
protection is not needed out of that port or an STP neighbor does not exist out of that port.
Edge ports assume Designated port roles. Port flapping does not cause any topology change
events on Edge ports since RSTP does not consider Edge ports in the spanning tree calculations.
However, if any incoming BPDU is received from a previously configured Edge port, RSTP
automatically makes the port as a non-edge port. This is extremely important to ensure a loop
free Layer 2 operation since a non-edge port is part of the active RSTP topology.
To configure an edge port, perform this task in Privileged mode:
Table 13-12 Configuring an edge port
Command Task
2. Configures a port as an Edge port.
y <port-type>: The type of Ethernet port to configure as an
stp adminEdge port <port-
Edge port (gigabitethernet).
type> <slot>/ <port>
y <slot>/<port>: The slot number (1) / port number (1, 2) of
the Ethernet port.
4. Verify the STP configurations.

show stp port <port-type>
y <port-type>: The type of the Edge port.
<slot>/<port>
y <slot>/<port>: The slot number/ port number of the port.
The following example shows how to configure the Gigabit Ethernet port 1/2 as an Edge port:
(config)# stp adminEdge port gigabitethernet 1/2
(config)# end
Link State: down

Port Priority: 0x01
AdminEdge: true
#

STP Configuration Commands
The following table lists the commands for configuring STP on the Corecess R1-AD series:
Table 13-13 STP configuration commands
Command Description
port pathcost Sets the spanning-tree port path cost for the specified Ethernet port.
port priority Sets the spanning-tree port priority for the specified Ethernet port.
Enables or disables STP (Spanning Tree Protocol) on the specified

port stp
Ethernet port.
show stp port Displays spanning-tree information for the specified port.
show stp vlan Displays spanning-tree information for the specified VLAN interface.
stp adminEdge port Configures a port as an Edge port.
stp bridge-priority Sets the bridge ID for a VLAN.
stp forward-delay Sets the bridge forward delay for a VLAN.
stp hello-time Sets the bridge hello time for a VLAN.
stp max-age Sets the bridge maximum aging time for a VLAN.
stp pathcost-encoding Configures the type of Spanning Tree Protocol encoding mode.
Configure the type of Spanning Tree Protocol mode to run for a specific
stp protocol-version
VLAN.
stp vlan Enables the spanning tree algorithm for a specific VLAN.

Appendix A Product Specifications
Appendix A describes the specifications of the Corecess R1-AD series.
9 Hardware Specifications A-2
9 Software Specifications A-4

Hardware Specifications
Table A-1 Corecess R1-AD series hardware specifications
Capacity
y MIPS for CPU performance
y 128MB Host Memory – for processing program and storage
y 128MB Packet Memory – for packet buffer
y 2MB SRAM – Network Processor specific
y 64MB Flash – storing the S/W image
y 32K Internal Memory – Network Processor specific
y 8 PVCs per subscriber port, 192 PVCs per system are supported
y Full range of VPI/VCI
y 4096 MAC table entries
y 100 multicast groups can be configured.
Uplink Interface
System y 2 port SFP/RJ45 Gigabit combo module
y 1 port Gigabit EPON ONT(SFP;SFP port adapter included) & 1 port SFP/RJ45 Gigabit
combo module
Line Interface
y Encoding Type: DMT
y Supported Type of Line Codes:
- ITU-T G.992.5(ADSL2+)
- ITU-T G.992.1(G.dmt) Annex A
- ITU-T G.992.2(G.lite)
- ITU-T G.992.3(ADSL2)
- ANSI T1.413 Issue2
Dimensions (W ¯ H ¯ D)
440.0 x 44.0 x 240.0 mm
Memory and Table Size
y Packet Memory: 128Mbytes
y Host memory: 128Mbytes
y Parameter memory: 2Mbytes
y Boot ROM: 512Kbytes
y Flash Memory: 32Mbytes
Hardware
y VLAN table: 4K entries
Connector and Cabling
y ADSL: 2 x Telco-50 (CHAMP) connector for lines. Operable over UTP, CPEV, TIV, SH
and Interphone Cable.
y Management console port: 8 pin RJ-45 connector, Serial cable with RJ-45 to DB9
adaptor for PC connections.
(Continued)
A-2 R1-AD Series User’s Manual

AC Power
y Frequency : 50/60Hz
Power y Input Voltage : 100 ~ 240VAC
DC Power
y Input Voltage : -48VDC
Operating Range
Operational -40 ~ 65°C
Environment Operating relative humidity
y Operating Range : 0 ~ 95% (40°C, non-condensing)
Product Specifications A-3

Software Specifications
Table A-2 Corecess R1-AD series software specifications
VLAN Function
y Supports IEEE 802.1q VLAN tagging.

y Multicasting per VLAN.
Reliability
y Layer 2: STP, RSTP.
Subscriber Management
y DHCP Server and Relay (Option 82)

y NTP (Network Time Protocol) for billing.
Multicast and Multicast Routing

Function
y IGMP snooping.
y 100 multicast sessions
y 1536 tagged VLAN’s simultaneous
Multiple PVC
y Max. 8 PVCs per port

y Total 192 PVCs per system.
y Total 1,536 queues per system
EMS
y Equipment Management System: Java based equipment management system.

y Operating System: Solaris, Linux, Windows (98/2000/XP) which supports JAVA VM.
y ITU-T G.992.5 (ADSL2+)
y ITU-T G.992.1 (G.dmt) Annex A
y ITU-T G.992.2 (G.lite)
y ITU-T G.992.3 (ADSL2)
y ANSI T1.413 Issue2
y ITU-T G.994.1 (G.hs)
y IEEE 802.1D Bridging
y IEEE 802.1Q Virtual Bridged LAN
y IEEE 802.1D/P Priority Queuing
Standard y IEEE 802.3u Fast Ethernet, 10Base-T Standard for Control path (Backplane)
y IEEE 802.3z 1000Base-X Standard for Data path (Backplane)
y IEEE 802.1x Flow Control
y RFC2236 IGMPv2 (igmp snooping)
y RFC2684 Multiprotocol Encapsulation over AAL5 (Bridge LLC/SNAP only)
y ATM Forum TM4.1
y IEEE 802.1p CoS (Class of Service) – 8 queues per port
y IEEE 802.1q VLAN (VLAN tagging)
y RFC1907 SNMPv2 MIB (private MIB)
y RFC2662 ADSL MIB
A-4 R1-AD Series User’s Manual

Appendix B Connector & Cable Specifications
Appendix B describes the specifications of the ports on the Corecess R1-AD series. In addition,
the kinds and specifications of cables needed for the connection of each port.
9 Connector Specifications B-2
9 Cable Specifications B-5

Connector Specifications
Champ Connector
The ADSL port and the PSTN port on the Corecess R1-AD series are 50-pin Champ connector.
The cable used for connecting 50-pin Champ connectors is Telco cable with 50-pin Champ
connectors on both ends.
PSTN port
ADSL port
The figure below shows connector pin locations for the ADSL connectors.
25 1
50 26
B-2 R1-AD Series User’s Manual

RJ-45 Connector
10/100/1000Base-T Port
10/100/1000Base-T ports on the uplink modules have the 8-pin RJ-45 connector. The
cable used for connecting 10/100/1000Base-T port is twisted-pair cable with RJ-45
8 1 connectors at both ends.
Pin configuration of 10/100/1000Base-T port is as follows:
Table B-1 Pin Configuration of 10/100/1000Base-T Port
Pin Signal Pin Signal
1 Tx, Rx+ (1 pair) 5 Tx, Rx+ (3 pair)
2 Tx, Rx- (1 pair) 6 Tx, Rx- (2 pair)
3 Tx, Rx+ (2 pair) 7 Tx, Rx+ (4 pair)
4 Tx, Rx- (3 pair) 8 Tx, Rx- (4 pair)
Console Port
1 8 The CONSOLE port on the front panel of the Corecess R1-AD series has an 8-pin RJ-45
connector. The cable used for connecting console port is serial cable with an RJ-45
connector and a DB-9 at each end.
Pin configuration of Console port is as follows:
Table B-2 Pin Configuration of Console Port
Pin Signal
2 Tx
3 Rx
5 GND
Connector & Cable Specifications B-3

LC Connector
1000Base-SX Port
1000Base-SX ports on the uplink modules have Duplex LC connectors. The cable used
for connecting these LC connectors is multi mode fiber optic cable
(transmitting/receiving wavelength: 850nm).
1000Base-LX Port
1000Base-LX ports on the uplink modules have Duplex LC connectors. The cable used
for connecting these LC connectors is multi mode fiber optic cable
(transmitting/receiving wavelength: 850nm).
SC/APC Connector
1000Base-PX Port
1000Base-PX ports on the OPT-N1ES1CD module and OPT-N1EL1CD module have

simplex SC/APC connectors. The cable used for connecting these SC connectors is
single mode fiber optic cable (transmitting/receiving wavelength: 1490/1310nm).

Cable Specifications
Telco Cable
Telco cables are made up of 25 twisted-pair cooper wires. One end of a Telco cable is 50-pin
Champ connector and the other end of it is 50-pin Champ connector or wire wrapping pins.
Telco cable is variable according to its length. Before ordering cables, investigate the installation
environment to choose proper length of cables. You can purchase this Telco cable from the
product provider.
The figure below shows connector pin locations for the champ connectors of Telco cable.
50 38 37 26
25 13 12 1
Twisted Pair Cable

The 10/100/1000Base-T ports on the uplink modules are connected by using twisted pair cables
with RJ-45 connectors at both ends.
There are two types of twisted pair cables: UTP (unshielded twisted pair) cable and STP
(shielded twisted pair) cable. The following figure shows a twisted pair cable with RJ-45
connectors at both ends.

According to the speed of devices to be connected: Category-3, 4, 5, 5+, 6
The category of twisted pair cable to be used is determined by the speed of the devices to be
connected to RJ-45 port. In case of connecting with a device that operates at 10Mbps, category 3
and 4 cable is used. In case of connecting with a device that operates at 100Mbps, category 5
cable is used. In case of connecting with a device that operates at 1000Mbps, category 5+ or
category 6 cable is used.
According to the kinds of devices to be connected: Straight-through, Crossover

Either straight-through cable or crossover cable is used according to the kinds of devices to be
connected to RJ-45 port. In case the device to be connected is such terminal (MDI) as PC
equipped with NIC (Network Interface Card), straight-through cable is used. On the other hand,
crossover cable is used for connecting the ports of network devices (MDI-X) such as hub or
switch.

Fiber Optic Cable
The system modules with fiber optic ports are connected using fiber optic cables as follows:
Table B-3 System Modules with Fiber Optic Ports
Fiber Optic
Module Connector Interface Wave Length(nm)
Cable
OPT-N1ES1CD
1000Base-SX Multi-mode y Rx/Tx : 850nm
OPT-N1EL1CD
Duplex LC
OPT-N2CD
OPT-N2CS 1000Base-LX Single mode y Rx/Tx : 1310nm
OPT-N1ES1CD y Rx : 1310nm
OPT-N1EL1CD Simplex SC/APC 1000Base-PX Single mode
y Tx : 1490nm
Duplex LC Fiber Optic Cable

The cable used for connecting the 1000Base-SX/LX SFP ports on the uplink modules is fiber-optic
cable with duplex LC connectors at both ends (transmitting/receiving wavelength: 1310nm).

Simplex SC/APC Fiber Optic Cable
The cable used for connecting the 1000Base-PX SFP port on the OPT-N1ES1CD module and
OPT-N1EL1CD module is fiber-optic cable with simplex SC/APC connectors at both ends
(transmitting/receiving wavelength: 1490/1310nm).

Console Cable
Console cable is used to connect the console port to a console terminal (ASCII terminals or PCs
equipped with terminal emulation programs). Console cable has an RJ-45 connector and a DB-9
connector at each ends.
Console Port DB-9 Connector
Console Port DB9 Connector
<Pin Configuration>
Note: Before connecting the console port, ensure that console terminal is configured as
follows:
Baud rate Data bit Parity Stop bit Flow control

9600 8 None 1 None


R1-ADseries Corecess

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

R1-ADseries Corecess

Uploaded by

Copyright:

Available Formats

Edition: 00

Distribution: May, 2006

Corecess Smart ADSL 2+ DSLAM

No Part of this book shall be reproduced, stored in a retrieval system, or

The specifications and information regarding the products in this manual

Other product names or company names mentioned in this manual are

y Introduction to functions and features

y Name and function of each part

y How to install on a rack and connect cable to each port

y How to configure the Corecess R1-AD series

9 This manual can also be downloaded from Corecess website www.corecess.com.

Notations in Console Screen

y Text displayed on console screen is shown in Courier New.

y Values entered by user are displayed in bold Courier New.

Notations in Command Syntax

y Console commands are indicated in bold Courier New.

y Parameters that need to be entered are indicated in Courier New.

y Parameters in [ ] are parameters that can be ignored.

IV R1-AD Series User’s Manual

Recommendation: Introduces recommendatory item for the use of product..

Caution: Explains possible situations or conditions of improper operation and possibility of

Chapter 2 Hardware Description

Chapter 3 Before Installation

Chapter 5 Basic Configuration

Chapter 6 Configuring Ports

Chapter 7 Configuring VLAN

Chapter 8 Configuring SNMP and RMON

Chapter 9 Configuring QoS

VI R1-AD Series User’s Manual

Chapter 11 Configuring IGMP Snooping

Chapter 12 Configuring DHCP & ARP Snooping

Chapter 13 Configuring STP

Appendix A Technical Specifications

Appendix B Connector and Cable Specifications

Manual Contents ............................................................................ III

Chapter 1 Overview 1-6

Chapter 2 Hardware Description 2-6

VIII R1-AD Series User’s Manual

Chapter 3 Before Installation 3-6

Chapter 4 Installation 4-6

Chapter 5 Basic Configuration 5-6

X R1-AD Series User’s Manual

Chapter 6 Configuring Ports 6-6

Chapter 7 Configuring VLAN 7-6

Chapter 8 Configuring SNMP and RMON 8-6

XII R1-AD Series User’s Manual

Chapter 9 Configuring QoS 9-6

Chapter 10 Configuring Security 10-6

Chapter 11 Configuring IGMP Snooping 11-6

Chapter 12 Configuring DHCP & ARP Snooping 12-6

XIV R1-AD Series User’s Manual

Chapter 13 Configuring STP and RSTP 13-6

Appendix A Product Specifications A-6

Appendix B Connector & Cable Specifications B-6

XVI R1-AD Series User’s Manual

Table 2-1 Difference of the Corecess R1-AD series .................................... 2-6

Table 5-1 CLI Modes.................................................................................... 5-6

Table 6-1 Default Gigabit Ethernet Configurations ...................................... 6-6

Table 7-1 Default VLAN configuration.......................................................... 7-6

Table 8-1 Community Strings....................................................................... 8-6

XVIII R1-AD Series User’s Manual

Table 9-1 Criteria for packet classification ................................................... 9-6