Professional Documents
Culture Documents
R1-ADseries Corecess
R1-ADseries Corecess
R1-AD24A
R1-AD24AN
R1-AD48A
User's Guide
| Copyright |
Copyright ©2006 by Corecess Inc. All rights reserved.
| Trademark Credit |
Corecess R1-AD series is registered trademark of Corecess Inc.
Corecess Inc.
500-2, Sangdaewon-dong, Jungwon-ku, Sungnam-city,
Kyungki-do, Korea, 462-120
TEL:+82-31-739-6600 FAX: :+82-31-739-6622
http://www.corecess.com
Manual Contents
This manual is organized as follows concerning the Corecess R1-AD series:
Careful reading of this manual before using the Corecess R1-AD series will alleviate the
complexity of manipulating the system. The user should read the chapters 1~3 to become
acquainted with the functions of the product, name and function of each part, and the
precautions before installation. Understanding chapters 1~3 will help a great deal for safety in
installing and using the product.
9 If you have any problems or questions during installation or while using the product,
contact your equipment provider or visit our website at www.corecess.com and leave
a message in Q&A.
Audience
This manual is designed for the users with basic knowledge in Ethernet and ADSL. Thus, this
manual assumes that the reader is knowledgeable of basic concepts and terminology about
Ethernet and ADSL and does not provide separate explanations for these topics. If you feel that
the contents of this manual are difficult and require more detailed explanations, refer to other
network related books.
Revision History
Edition Date Description
00 May, 2006 First Draft
III III
Notations
This manual uses the notations explained below for assisting readers in understanding the
contents of this manual.
y { A | B | C } means that one entry among A, B, and C must be selected and entered.
y [A | B | C] means that one entry among A, B, and C may or may not be selected and
entered.
Note: Introduces useful item for the use of product, reference, and its related materials
Warning: Explains situtations in which product can be damaged or danger can be imposed
to users physically, and informs you how to respond to those situations.
V V
Organization
The chapters of this manual are organized as follows:
Chapter 1 Overview
This chapter introduces functions and features of the Corecess R1-AD series and describes several kinds of
network examples configurable with the Corecess R1-AD series.
Chapter 4 Installation
This chapter describes how to mount the Corecess R1-AD series on a rack, connect the cables to the ports,
and connect the power.
VIIVII
Table of Contents
IX IX
Required Tools and Equipment ............................................................... 4-6
Mounting the System on a Rack............................................................... 4-6
Connecting Ports.......................................................................... 4-6
Connecting Gigabit Ethernet Uplink Port .............................................. 4-6
Connecting RJ-45 Connector ............................................................................ 4-6
Connecting LC Connector on SFP Module .................................................... 4-6
Connecting Gigabit Ethernet PON Uplink Port..................................... 4-6
Connecting PSTN Port (R1-AD24A only)............................................... 4-6
Connecting ADSL Port .............................................................................. 4-6
Connecting the Console Port .................................................................... 4-6
Connecting Power........................................................................ 4-6
Connecting AC Power ...................................................................................... 4-6
Connecting DC-Input Power ........................................................................... 4-6
Starting the Corecess R1-AD series ............................................ 4-6
XI XI
Displaying ADSL Port Information ......................................................... 6-6
Displaying ADSL Port Information ................................................................ 6-6
Displaying ADSL Line Configuration Information...................................... 6-6
Displaying ADSL Line Status Information .................................................... 6-6
Displaying ADSL Performance Information ................................................. 6-6
Displaying Information of ADSL Port Configuration.................................. 6-6
Displaying ADSL Bitmap ................................................................................. 6-6
Displaying ADSL Link Speed .......................................................................... 6-6
Displaying Information of Impulse Noise Protection Configuration ........ 6-6
Displaying information of Line Attenuation ................................................. 6-6
Displaying the Output Power Information.................................................... 6-6
XIII
XIII
Types of Filtering...................................................................................... 10-6
PVC Filtering............................................................................................. 10-6
Port Filtering ............................................................................................. 10-6
Filtering DHCP Offer Packets................................................................. 10-6
Filtering NetBIOS Packets ....................................................................... 10-6
CIFS (Cognitive Information Filtering System) - Planned ................. 10-6
Creating Classes............................................................................................... 10-6
Creating a Policy.............................................................................................. 10-6
Security Configuration Commands ............................................ 10-6
XVXV
Connector Specifications .............................................................B-6
Champ Connector ......................................................................................B-6
RJ-45 Connector ..........................................................................................B-6
10/100/1000Base-T Port ...................................................................................B-6
Console Port .......................................................................................................B-6
LC Connector ..............................................................................................B-6
1000Base-SX Port ...............................................................................................B-6
1000Base-LX Port ...............................................................................................B-6
SC/APC Connector....................................................................................B-6
1000Base-PX Port ...............................................................................................B-6
Cable Specifications.....................................................................B-6
Telco Cable ..................................................................................................B-6
Twisted Pair Cable .....................................................................................B-6
According to the speed of devices to be connected: Category-3~6 ............B-6
According to the kinds of devices to be connected: Straight-through, Crossover.....B-6
Fiber Optic Cable ........................................................................................B-6
Duplex LC Fiber Optic Cable...........................................................................B-6
Simplex SC/APC Fiber Optic Cable ...............................................................B-6
Console Cable..............................................................................................B-6
Table 3-1 The Number of Required Person to Lift The System ................... 3-6
Table 3-2 Temperature and humidity condition............................................ 3-6
Table 3-3 Power condition ........................................................................... 3-6
XVII
XVII
Table 5-22 show module field descriptions .................................................. 5-6
Table 5-23 show meminfo field descriptions ................................................ 5-6
Table 10-1 Changing timeout for an unattended telnet session ................ 10-6
Table 10-2 Defining access lists ................................................................ 10-6
Table 10-3 Applying the access list to terminal line ................................... 10-6
Table 10-4 Applying the access list to SNMP access................................ 10-6
Table 10-5 Type of packet filtering............................................................. 10-6
Table 10-6 Creating classes ...................................................................... 10-6
Table 10-7 Creating a policy ...................................................................... 10-6
Table 10-8 Security configuration commands............................................ 10-6
Table 12-1 DHCP snooping action according to DHCP message type ..... 12-6
Table 12-2 Enabling DHCP snooping ........................................................ 12-6
Table 12-3 Specifying DHCP snooping ports............................................. 12-6
Table 12-4 Configuring the system filtering rules....................................... 12-6
Table 12-5 Configuring port filtering rules .................................................. 12-6
XIX
XIX
Table 12-6 Configuring information policy.................................................. 12-6
Table 12-7 Specifying the maximum number of DHCP clients .................. 12-6
Table 12-8 Adding static binding entries .................................................... 12-6
Table 12-9 Clearing dynamic binding entries............................................. 12-6
Table 12-10 Enabling DHCP option 82 data insertion ............................... 12-6
Table 12-11 Displaying DHCP snooping binding information .................... 12-6
Table 12-12 Displaying DHCP snooping port information ......................... 12-6
Table 12-13 Enabling ARP snooping ......................................................... 12-6
Table 12-14 Configuring Secure-Reply Check Type ................................. 12-6
Table 12-15 Configuring Secure-Request Type ........................................ 12-6
This chapter introduces functions and features of the Corecess R1-AD series and provides example
applications for the Corecess R1-AD series.
9 Introduction 1-2
9 Applications 1-6
Introduction
The Corecess R1-AD series is IP-based ADSL DSLAMs (Digital Subscriber Line Access
Multiplexer) that provides telephone service and data transmit service functions at the same
time using the existing copper telephone lines.
The Corecess R1-AD series supports ADSL2+ technology. As a result, subscribers can
simultaneously utilize a wide range of powerful broadband service at the up to 24Mbps
downstream rates within a radius of about 1Km.
The Corecess R1-AD series provides 24 or 48 ADSL port interface and Gigabit Ethernet uplink
interfaces, and a built-in POTS splitter (optional). The Corecess R1-AD series is easy to
configure networks that can flexibly respond to a variety of environmental needs. As it can
connect to a remotely located large Gigabit Ethernet backbone device by installing uplink cards
into the uplink slots of the Corecess R1-AD series, it can be used as an intermediate backbone
network device of a large network as well as a mid-range workgroup network.
The Corecess R1-AD series supports Triple Play Service via high-performance QoS and
multicast. The service providers can control various types of traffic (voice, Internet, broadcast
TV, video on demand, near video on demand, etc.) effectively and use strict priority queuing to
guarantee that the highest priority packets will always get serviced ahead of all other traffic.
The Corecess R1-AD series is easy to use and can be easily installed as well. Just like an Ethernet
hub, it can be used by connecting cables to the target device. And LEDs on the front panel of the
Corecess R1-AD series make it easy to manage the product and networks through notifying the
operation status, port conditions and fault occurrence.
The Corecess R1-AD series allows the service providers to offer high-speed Internet access and
broadband services over the existing copper telephone lines. The Corecess R1-AD series is
especially suitable for dense area such as enterprise, apartment, and convention center.
y One port Gigabit EPON ONT (SFP; SFP port adapter included) & one port SFP/RJ45 Gigabit
combo module
Overview 1-31-3
Software Features
ADSL
y Supports ANSI T1.413, ITU-T G.992.1 (G.dmt), G.992.2 (G.lite), G.992.3, G.992.4, G.992.5
compliant for Annex A, B
y Supports up to 24Mbps downstream rates and up to 1Mbps upstream rates for each ADSL
channel
Switch
y Supports IEEE802.1d STP and IEEE802.1w RSTP protocols that prevent the creation of loops
on the network of each Ethernet port
y Supports 802.1q tagging that enables communications between ports belonged to a VLAN
that spans multiple switches
Multicasting
y Supports up to 100 multicast groups
y Supports IGMP snooping that provides for fast client joins and leaves of multicast streams
and limits bandwidth-intensive video traffic to only the requestor
y Supports RMON that allows various network agents and console systems to exchange
network monitoring data
y Can upgrade the system software to the latest version via TFTP or FTP
Security
y MAC-based port-level security prevents unauthorized stations from accessing the system
y DHCP filtering also prevents unauthorized stations from accessing the system
y Multilevel security on console access prevents unauthorized users from altering the system
configuration
y Controls the Telnet or SNMP access to the system using access lists
y Supports broadcast storm control by setting the maximum number of packets that is
configured on the VLAN
Subscriber Management
y Supports NTP (Network Time Protocol) for accurate billing and accounting (planned)
Overview 1-51-5
Applications
This section describes example applications for the Corecess R1-AD series.
This chapter provides components of the Corecess R1-AD series and describes the function and
appearance of the uplink modules provided for the Corecess R1-AD series.
The Corecess R1-AD series is the Corecess R1-AD24A, R1-AD24AN and the Corecess R1-
AD48A. Also, each type of the Corecess R1-AD series is divided into DC power type and AC
power type.
Port Number 24 24 48
R1-AD24A - AC Type
Power switch PSTN port
Uplink slots (A, B)
Ground Connector
R1-AD24A - DC Type
R1-AD24AN – DC Type
Ground Connector
Uplink slots (A, B)
Power switch
R1-AD48A- AC Type
Power switch ADSL port (2)
Uplink slots (A, B)
Ground Connector
Ground Connector
Ground connector is used to ground the Corecess R1-AD series for preventing damage from
electrostatic discharge or lightning. Before connecting power to the system, connect it according
to local site practice.
Power Device
Power
Part Description
Type
Power The power switch is used when turning the Corecess 7200 series on
AC, DC
Switch and off.
Caution: If the reset switch is pressed, all subsribers connecting to the ADSL ports would
be cut off. Therefore, the reset switch should not be used unless it is indispensible.
LEDs
There are system status LED, Uplink status LEDs, and ADSL status LEDs on the front panel of
the Corecess R1-AD series. The system status LED indicates the operating state of the system.
Uplink status LEDs and ADSL status LEDs indicate the data transmission/reception status and
connection state of each port.
Note: For the description of the Uplink Status LED, refers to the Uplink Modules section.
The ADSL port on the Corecess R1-AD series is connected to the MDF which is cabled to the
subscriber’s ADSL modem. The ADSL ports on the Corecess R1-AD series are connected to a
POTS splitter board.
Module Specification
This section describes types and functions of uplink modules that can be installed in the uplink
slot of the Corecess R1-AD series.
Both the RJ-45 connector and the LC connector (SFP module) cannot be used as Gigabit Ethernet
port at the same time. For example, if a RJ-45 connector of 10/100/1000Base-T port is connected
to a Gigabit Ethernet device, a LC connector of SFP port is automatically disabled.
The following table lists the specifications of the Gigabit Ethernet port on the OPT-N2CD
module:
On Indicates that the port have established a valid link with the network.
ACT/
LINK Green Blink Indicates that the port is transmitting or receiving data.
(A, B) Indicates that the port have not established a valid link with the
Off
network.
OPT-N2CS
The OPT-N2CS module provides two Gigabit Ethernet combo ports (RJ-45, SFP). The SFP type
of the Gigabit Ethernet ports supports 1000M speed.
The following table lists the specifications of the Gigabit Ethernet port on the OPT-N2CS
module:
On Indicates that the port have established a valid link with the network.
ACT/
LINK Green Blink Indicates that the port is transmitting or receiving data.
(A, B) Indicates that the port have not established a valid link with the
Off
network.
1000Base-SX/LX
1000Base-PX port SFP port 10/100/1000Base-T port
Table 2-9 LED Functions of Gigabit Ethernet PON Port on the OPT-N1ES1CD Module
On Indicates that the port have established a valid link with the network.
LINK Green Blink Indicates that the port is transmitting or receiving data.
Indicates that the port have not established a valid link with the
Off
network.
ACT Yellow Blink Indicates that the port is transmitting or receiving data.
The following table lists the specifications of the Gigabit Ethernet PON port on the OPT-
N1ES1CD module:
Port Number 1
Both the RJ-45 connector and the LC connector (SFP module) cannot be used as Gigabit Ethernet
port at the same time. For example, if a RJ-45 connector of 10/100/1000Base-T port is connected
to a Gigabit Ethernet device, a LC connector of SFP port is automatically disabled.
The following table lists the specifications of the Gigabit Ethernet port on the OPT-N1ES1CD
module:
Table 2-12 LED Functions of Gigabit Ethernet Port on the OPT-N1ES1CD Module
On Indicates that the port have established a valid link with the network.
ACT/
LINK Green Blink Indicates that the port is transmitting or receiving data.
(A, B) Indicates that the port have not established a valid link with the
Off
network.
OPT-N1EL1CD
The OPT-N1EL1CD provides one Gigabit Ethernet PON port and one Gigabit Ethernet combo
port. The SFP type of the Gigabit Ethernet port supports 100Mbps and 1000Mbps. The Gigabit
Ethernet PON port (1000Base-PX) provides maximum 20Km of service length.
1000Base-SX/LX
1000Base-PX port SFP port 10/100/1000Base-T port
On Indicates that the port have established a valid link with the network.
LINK Green Blink Indicates that the port is transmitting or receiving data.
Indicates that the port have not established a valid link with the
Off
network.
ACT Yellow Blink Indicates that the port is transmitting or receiving data.
The following table lists the specifications of the Gigabit Ethernet PON port on the OPT-
N1EL1CD module:
Table 2-14 Specifications of Gigabit Ethernet PON Port on the OPT-N1EL1CD Module
Port Number 1
The following table lists the specifications of the Gigabit Ethernet port on the OPT-N1EL1CD
module:
Table 2-16 LED Functions of Gigabit Ethernet Port on the OPT-N1EL1CD Module
On Indicates that the port have established a valid link with the network.
ACT/
LINK Green Blink Indicates that the port is transmitting or receiving data.
(A, B) Indicates that the port have not established a valid link with the
Off
network.
This chapter describes the precautions for installation of the Corecess R1-AD series and
installation environment for the normal operation. It also describes the way to unpack box of the
Corecess R1-AD series and verify the contents.
9 Precautions 3-2
9 Unpacking 3-10
Precautions
Warning: Before you install the Corecess R1-AD series, read this section. This section
contains important safety information you should know before working with the system.
General Precautions
y While or after installing the equipment, keep the equipment clean and free from dust.
y After opening the cover of the equipment, keep the cover in safe place.
y Tools and cables should not be left on a passage for better safety.
y When installing the equipment, engineers should fit in their clothing so that ties, scarves, and
sleeves should not be caught in the equipment. Keep ties and scarves from getting slack, and
roll up the sleeves.
y Avoid any dangerous actions which damage the people or the equipment.
y If the case is opened for repairing or test is required, contact the sales agency where you
purchased this equipment. Or directly contact Corecess Inc. for professional help.
Power Considerations
y Notice that wiring is not overloaded when connecting the system to the supply circuit.
y On plugging in a power socket or handling any power sources, put rings, necklaces, and
metal watches in safe place. If these materials touch the power socket or ground of the
product, the parts may be burnt out.
y Always check that there are any potential risks in the workplace. Wet floor, ungrounded
extension, rubbed-off power code, or unsafe (or ungrounded) floor may be dangerous.
y Ensure that power is removed from the DC circuit before installing or removing power
supplies. Tape the switch handle of the DC circuit breaker in the off position.
y Use the approved wiring terminations, such as closed-loop or spade-type with upturned lugs,
when stranded wiring is required. These terminations should be the appropriate size for the
wires and should clamp both the insulation and the conductor.
y Ensure that no exposed portion of the DC-input power source wire extends from the
terminal block plug. An exposed wire can conduct a harmful level of electricity.
AC Power
y The system is designed to be connected to TN power systems. A TN power system is a
power distribution system with one point which is connected directly to earth (ground). The
exposed conductive parts of the installation are connected to that point by protective earth
conductors.
y Ensure that the plug-socket combination is accessible at all times, because it serves as the
main disconnecting device.
Spare Power
If you purchased the product in which a spare power supply is installed, two power supplies
are connected to each input power. Therefore, one of the two power supplies is not working, the
system can operate continuously.
y Always wear an ESD-preventive wrist or ankle strap when handling electronic components.
Connect one end of the strap to an ESD jack or an unpainted metal component on the system
(such as a captive installation screw).
y Handle cards by the faceplates and edges only; avoid touching the printed circuit board and
connector pins.
y Handle cards by the faceplates and edges only; avoid touching the printed circuit board and
connector pins.
y Avoid contact between the cards and clothing. The wrist strap only protects the card from
ESD voltages on the body; ESD voltages on clothing can still cause damage.
y For safety, periodically check the resistance value of the antistatic strap. The measurement
should be between 1 and 10 Mohms.
y Remove all jewelry (including rings and chains) or other items that could get caught in the
system or heat up and cause serious burns.
y Do not touch the backplane or mid-plane with your hand or metal tools.
y Do not perform any action that creates a potential hazard to people or makes the equipment
unsafe.
y Locate the emergency power-off switch for the room before working with the system.
y Turn off the power and disconnect the power from the circuit when working with
components that are not hot-swappable or when working near the system backplane or mid-
plane. If the system does not have an on/off switch, unplug the power cord.
y To completely de-energize the system, disconnect the power connection to all power supplies.
y For DC power supplies, locate the circuit breaker on the panel board that services the DC
circuit, switch the circuit breaker to the off position, and tape the switch handle of the circuit
breaker in the off position.
y Do not touch the power supply when the power cord is connected. Line voltages are present
within the power supply even when the power switch is off and the power cord is connected.
Connecting Cables
When you connect cables, note the following guidelines.
y Use caution when installing or modifying telephone lines to prevent electric shock.
y Do not work on the system or connect or disconnect cables during periods of lightning activity.
y Do not touch uninsulated telephone wires or terminals unless the telephone line has been
disconnected at the network interface.
y Hazardous network voltages are present in WAN ports regardless of whether power to the
system is off or on. When you detach cables, detach the end away from the system first.
y Do not use a telephone to report a gas leak in the vicinity of the leak.
y Do not install telephone jacks in wet locations unless the jack is specifically designed for wet
locations.
y To avoid exposure to radiation, do not stare into the aperture of a fiber-optic port. Invisible
radiation might be emitted from the aperture of the port when no fiber cable is connected.
y Always keep unused fiber-optic ports capped with a clean dust cap.
Preventing EMI
When you run wires for any significant distance in an electromagnetic field, electromagnetic
interference (EMI) can occur between the field and the signals on the wires.
y Strong EMI, especially when it is caused by lightning or radio transmitters, can destroy the
signal drivers and receivers in the system, and can even create an electrical hazard by
conducting power surges through lines and into the system.
y If Strong EMI occurs in the installation place, consult RFI experts to get rid of it.
y Help contain electromagnetic interference (EMI) that might disrupt other equipment
y Install the system in an open rack whenever possible. If installation in an enclosed rack is
unavoidable, ensure that the rack has adequate ventilation.
y Maintain ambient airflow to ensure normal operation. If the airflow is blocked or restricted,
or if the intake air is too warm, an over temperature condition can occur.
y Avoid placing the system in an overly congested rack or directly next to another equipment
rack. Heat exhaust from other equipment can enter the inlet air vents and cause an over
temperature condition.
y Equipment near the bottom of a rack might generate excessive heat that is drawn upward
and into the intake ports of the equipment above. The warm air can cause an over
temperature condition in the equipment above.
y Ensure that cables from other equipment do not obstruct the airflow through the chassis or
impair access to the power supplies or cards.
y Load the rack from the bottom to the top, with the heaviest system at the bottom.
y If there is equipment already installed in the rack, select the location for the system carefully
considering the size of the system:
y Ensure that your footing is solid and the weight of the system is evenly distributed between
your feet.
y Lift the system slowly, keeping your back straight. Lift with your legs, not with your back.
Bend at the knees, not at the waist.
y Do not attempt to lift the system with the handles on the power supplies or on any of the
cards. These handles are not designed to support the weight of the system.
y To lift and move the system, following number of people or a crane should be needed
depends on weight of the system:
18~32Kg 2
32~55Kg 3
y While or after installing the product, keep the product clean all the time.
y The system should be installed in a cool place where has no direct ray of sunlight. Any tool
or equipment should not be place on the way of passage.
y The following ambience condition for temperature and humidity should always be kept.
Power Supply
y The Corecess R1-AD series should be installed in the place where power supply satisfying
the following condition is provided.
Feature AC DC
y Verify the power (source) be clean. If there is too much noise or spark, it is better to have the
power control equipment.
y Locate an electric outlet near the system for easy installation of power cable.
y Be careful with connecting power supply equipment and avoiding overload wiring.
1. Open the shipping carton of the Corecess R1-AD series. There is this manual, desiccant, a
power cable(s), and a console cable on the cushion inserted- Corecess R1-AD series.
2. Without taking off the cushions, pick out the equipment with two hands, and put it in a safe
place.
3. And then, verify whether there is a plastic bag that contains rack brackets and screws under
the shipping carton.
Recommendation: After unpacking, do not throw away the box including cushions and
keep them in a safe place in case the product is relocated, it is better to move the product
after packing with the box including cushions.
Note: If there are some missing contents or damaged components, contact the sales
agency where you purchased this product to replace them with new ones.
This chapter describes how to mount the Corecess R1-AD series on a rack, connect the cables
to the ports, and connect the power.
9 Rack-Mounting 4-3
The following summarizes the installation procedure for the Corecess R1-AD series. The next
section will describe in detail the step-by-step procedures for each step.
1. Rack-mount
The design allows the Corecess R1-AD series to be mounted on a 19-inch rack. Rack brackets
and screws needed for rack mounting are enclosed with the product.
2. Connect ports
Connect a splitter to the ADSL connectors on the front side of the Corecess R1-AD series
using Telco cables.
3. Connect ports
Connect the various types of ports with other devices using appropriate network cables.
Caution: Before installing the system in a rack, read the Rack-Mounting the System
section in the Chapter 3 Before Installation to familiarize yourself with the proper site and
environmental conditions. Failure to read and follow these guidelines could lead to an
unsuccessful installation and possible damage to the system and components.
y A Philips screwdriver
y Electrostatic discharge (ESD) grounding strap
y Rack Brackets and Screws (provided along with the product)
¾ Two (2) rack brackets
¾ Four (4) binder-head screws (M5, 8mm)
¾ Eight (8) pan-head screws (M3, 6mm)
Note: For more information about ESD, refer to the Chapter 3 Before Installation.
Installation 4-34-3
Mounting the System on a Rack
Once all the tools and equipment are prepared, mount the Corecess R1-AD series on a 19-inch
rack according to the following procedure:
1. Place the Corecess R1-AD series on a spacious floor or a sturdy table near the rack. And
check the tools and equipment.
2. There are four screw holes on each side of the Corecess R1-AD series. As shown in the figure,
place the rack brackets to the screw holes and fix them using pan-head screws.
Pan-head screw
3. Make sure that the 19-inch rack is placed on a convenient location for the Corecess R1-AD
series to be installed. And check to see if there is a 1U high space in the rack where the
Corecess R1-AD series can be installed.
1U high space
5. Place the rack brackets installed on the Corecess R1-AD series to the holes of the 19-inch rack.
And fix the brackets using four (4) binder-head screws.
Binder-head screw
Installation 4-54-5
Connecting Ports
This section describes how to connect the ports on the front panel of the Corecess R1-AD series.
The types of cables used for port connection are described in Chapter 3 and Appendix B Connectors
and Cables Specifications.
Caution: The RJ-45 connector and the LC connector of SFP module cannot be used at the
same time. Only one connector type should be used for each port.
Using the twisted-pair cable, connect the 10/100/1000Base-T port to the Gigabit Ethernet
device.
R1-AD24A
R1-AD24A
Single Mode Fiber Optic Cable Multi-Mode Fiber Optic Cable
y Connector : Duplex LC y Connector : Duplex LC
y Wavelength : 1310nm (Rx, Tx) y Wavelength : 850nm (Rx, Tx)
y Max. cable length : 10Km y Max. cable length : 550m
Installation 4-74-7
Connecting Gigabit Ethernet PON Uplink Port
The OPT-N1ES1CD and OPT-N1EL1CD module of the Corecess R1-AD series provides the
Gigabit Ethernet PON uplink port. The Gigabit Ethernet PON uplink port can be connected to
the core network using the 1000Base-PX SFP connector.
Prepare the single mode fiber optic cable (Rx: 1310nm, Tx: 1490nm). Then, connect the cable to
the 1000Base-PX SFP port of the OPT-N1ES1CS or OPT-N1EL1CS module and a Gigabit
Ethernet PON device.
R1-AD24A
Single Mode Fiber Optic Cable
y Connector : Simplex SC/APC
y Wavelength : 1310nm (Rx), 1490nm (Tx)
y Max. cable length : 10/20Km
Corecess ONT
To connect the PSTN port on the front panel of the Corecess R1-AD24A, prepare a Telco cable
with 50-pin Champ connecter and follow these steps:
1. Connect a 50-pin Champ connector of the Telco cable to the PSTN port.
2. Connect the other end of the Telco cable to the MDF which is connected to the central office
switch or PBX.
CO
MDF
Installation 4-94-9
Connecting ADSL Port
The ADSL port on the Corecess R1-AD series is connected to the subscriber’s ADSL modem via
MDF.
To connect the ADSL port on the front panel of the Corecess R1-AD series, prepare a Telco cable
with 50-pin Champ connecter and follow these steps:
1. Connect a 50-pin Champ connector of the Telco cable to the ADSL port.
2. Connect the other end of the Telco cable to the MDF which is which is cabled to the
subscriber’s ADSL modem.
MDF
ADSL Modem
Installation 4-11
4-11
Connecting Power
Check to see whether the power type of the Corecess R1-AD series is AC or DC. And then,
connect power as follows:
Connecting AC Power
1. Check that the power switch is in the OFF (O) position.
2. Connect the power cord, which is provided with the product, to the power input located on
the rear panel of the Corecess R1-AD series. And plug the power cord into an outlet.
2. Connect the cable of an external power supply or a rectifier to the terminal block located on
the front panel of the Corecess R1-AD series as follows:
Installation 4-13
4-13
Starting the Corecess R1-AD series
Start the Corecess R1-AD series according to the following order after installation:
1. Check the followings once again before operating the Corecess R1-AD series:
y Make sure that uplink modules are properly inserted in the uplink slot of the system.
2. Turn the system power switch to the ON position. The green RUN LED should go on.
3. Listen for the fans; they should be operating as soon as power is turned on.
IP address: 172.18.37.220
Subnet mask: 255.255.0.0
Default gateway: 172.18.1.254
:
localhost login:
Now, the Corecess R1-AD series installation is properly done. Continuously, log into the
Corecess R1-AD series CLI and configure the system.
Installation 4-15
4-15
4-16 4-16R1-AD Series User’s Manual
Chapter 5 Basic Configuration
This chapter briefs general configuration method of the Corecess R1-AD series.
1. To access the Corecess CLI on the console screen, the console port on the Corecess R1-AD
series should be connected to a serial port (DB-9) of the console terminal using a console
cable as the following figure:
Console port
Corecess R1-AD24A
VT100 terminal
2. Make sure that you have started the emulation software program such as HyperTerminal
from your console terminal.
3. Press [Enter], then the login message is displayed on the console terminal:
localhost login:
localhost>
5. To configure the Corecess R1-AD series, enter the ‘Privileged’ mode by enable command.
If you enter Privileged mode, the prompt is changed from localhost> to localhost#.
localhost> enable
localhost#
Note: After specifying the IP address of a VLAN interface, you can access CLI of the Corecess
R1-AD series through the Telnet session or NMS.
Command
Description Access Method
Mode
This mode allows you to configure QoS From Global configure mode,
QoS
(Quality of Service) on the system. enter the qos command.
This mode allows you to configure QoS From QoS configure mode,
Class-map
Configure class-map. enter the class-map command.
This mode allows you to configure QoS From QoS configure mode,
Policy-map
policy-map. enter the policy-map command.
> enable
#
To exit from the privileged mode, enter disable privileged mode command. The CLI prompt
will be changed from # to > returning to the user mode from the privileged mode.
# disable
>
If you enter the exit privileged mode command, you can exit form the CLI.
# exit
localhost login:
To be entered into the configuration mode from the privileged mode, enter the configure
terminal which is a privileged mode command. The CLI prompt will be changed to (config)#
which means entering into the configuration mode.
# configure terminal
(config)#
To exit from the configuration mode, enter end or exit command. The CLI prompt will be
changed to # returning to the privileged mode.
(config)# end
#
This example shows how to return to the privileged mode from the policy-map mode by using
the exit command:
(config-pmap)# exit
(config-qos)# exit
(config)# exit
#
This example shows how to return to the privileged mode from the policy-map mode by using
the end command:
(config-pmap)# end
#
This example shows how to log out from the CLI at the privileged mode. After logging out from
the CLI, login prompt will be displayed as follow.
# exit
localhost login:
This example shows how to log out from the CLI at the user mode. After logging out from the
CLI, login prompt will be displayed as follow.
> exit
localhost login:
localhost(config-qos)#
Node name Command mode
The default node name is ‘localhost’. This default node name is used for the prompt until you
change them:
The following table provides the prompt of the main command modes.
User localhost>
Privileged localhost#
Global localhost(config)#
Interface localhost(config-if)#
QoS localhost(config-qos)#
Class-map localhost(config-cmap)#
Configuration
Policy-map localhost(config-pmap)#
Policy-map-class localhost(config-pmap-c)#
VTY-line localhost(config-line)#
DSL Localhost(config-dsl)#
Note: You can change the node name of the Corecess R1-AD series by using hostname
global configuration mode command.
This section describes how to use help system for the CLI.
y To obtain a list of commands that are available for each command mode, enter a question
mark (?) at the prompt:
# ?
calendar calendar
clear Reset functions
clock System clock
close Close the terminal
cls Clear a screen
configure Configuration from vty interface
copy Copy from one file to another
debug
delete Delete
diag Diagnosis mode
disable Turn off privileged mode command
end End current mode and down to previous mode
exit Exit current mode and down to previous mode
help Description of the interactive help system
list Print command list
no Negate a command or set its defaults
ping send echo messages
reset Reset System
show Show running system information
ssh Open a ssh connection
telnet Open a telnet connection
terminal Set terminal line parameters
traceroute Trace route to destination
undebug Disable debugging functions (see also 'debug')
update Update Image
write Write Information
#
# list
calendar set WORD [WORD] [WORD] [WORD]
clear arp
clear arp A.B.C.D
clear host-entries
clear host-entries A.B.C.D
clear interface vlan id <1-4094>
clear ip dhcp snoop port (fastethernet|gigabitethernet|adsl|vdsl|shdsl)
WORD *
clear ip dhcp snoop vlan id <1-4094> A.B.C.D
clear ip dhcp snoop vlan id <1-4094> A:B:C:D:E:F
.
.
update boot-cfg id <1-100>
update flash image NAME
update flash image id <1-100>
write file
write memory
write terminal
write terminal global
write terminal port (fastethernet|gigabitethernet|adsl|vdsl|shdsl|
switchfabric|stacking) WORD
#
y To obtain a list of command associated keywords and arguments, enter a question mark (?)
after a partial command followed by a space:
# copy ?
factory-default Copy from factory-default configuration
flash From flash
ftp From ftp
running-config Copy from current system configuration
startup-config Copy from startup configuration
tftp From tftp
#
The CLI commands of the Corecess R1-AD series have the following characteristics:
y The CLI supports command completion, so you do not need to enter the entire name of a
command or option. As much as you enter enough characters of the command or option
name not to be ambiguous, the CLI understands what you are typing. For example, you may
enter only con t to execute the configure terminal command in Privileged command
mode.
localhost# con t
localhost(config)#
But if you enter only co t, the following error message will be displayed. Because there are
copy and configure command and the system can’t distinguish the two commands.
localhost# co t
% Ambiguous command :co t.
y To complete a command, press Tab key. If you enter a few known characters, then press Tab
key, the CLI displays the rest characters of the command. For example, if you enter only con,
then press Tab key, the CLI displays configure on the terminal.
y To display a list of available commands or command options, enter “?”. If you have not
entered part of a command at the command prompt, all the commands supported at the
current CLI mode are listed. If you enter part of a command, then enter “?”, the CLI lists the
options you can enter at the point in the command string.
y To configure a port, you need to specify the slot number and port number. For example, to
configure an uplink port A on an uplink module, enter 1/1. The following table shows the
numbering rule for the ports.
R1-AD24A, R1-AD24AN
R1-AD48A
y Use dash (-) to specify consecutive number of ports. For example, enter ‘3-6’ instead of
entering ‘3 4 5 6’.
y Use comma (,) to specify non-consecutive number of ports. For example, enter ‘1,3-4’ instead
of entering ‘1 3 4’.
Ctrl-Key
Description
Combination
Ctrl+u Deletes all characters from the cursor to the beginning of the command line.
y IP address and subnet mask of the VLAN connected to the host or backbone.
The following is a procedure of configuring the IP address for managing the Corecess R1-AD
series and default gateway:
Table 5-4 Configuring IP address, subnet mask, and default gateway for the Corecess R1-AD series
Command Task
4. Enter Interface configuration mode for the VLAN connected to the host
interface vlan id
or backbone.
<vlan id>
y <vlan-id>: VLAN ID (1 ~ 4094).
> enable
# configure terminal
(config)# vlan id 2 port gigabitethernet 1/1
(config)# end
# show vlan
VLAN Name Status Slot/Ports
---- --------------- -------- ------------------------------------
1 DEFAULT active 1/2
2/1-24
# configure terminal
(config)# interface vlan id 2
(config-if)# ip address 172.18.37.200/16
(config-if)# end
(config)# ip route default 172.18.37.254
(config)# end
# show interface
Interface vlan2
index 31 kernel index 4 metric 1 mtu 1514 <UP,BROADCAST,RUNNING,MULTICAST>
HWaddr: 00:90:a3:cd:cc:e5
inet 172.18.37.200/16 broadcast 172.18.255.255
input packets 182, bytes 10920, dropped 378, multicast packets 23
input errors 0, length 0, overrun 0, CRC 0, frame 0, fifo 0, missed 0
output packets 0, bytes 0, dropped 0
output errors 0, aborted 0, carrier 0, fifo 0, heartbeat 0,window 0
collisions 0
Status Checking
link-status trap is disable
no checking member's link status
IPv4 Options
icmp redirects are not sent
icmp unreachables are sent
y System name
To change the system name, enter the following command in Global configuration mode:
Command Task
y <system-name>: The string used for system name. The
hostname <system-name> maximum length of the host name is 63 alphanumeric characters
or ‘_’ beginning with alphabet.
Note: When you set the system name, the system name is used as the system prompt.
# configure terminal
(config)# hostname CCAD24
CCAD24(config)#
Command Task
1. Specify the current system time and date.
y <time>: Current time in hours, minutes, and seconds (in the
clock set <time> [<date>] format hh:mm:ss, example : 16:24:00)
[<month>] [<year>] y <day>: Current day (by date) in the month.
y <month>: Current month (1 ~ 12 or name).
y <year>: Current year (no abbreviation).
show clock 2. Verify the configuration.
This example shows how to set the system date and time and display the current date and time:
To manually copy the software clock (calendar) settings into the system clock, use the clock
read-calendar in Privileged mode:
# show calendar
Thu Mar 9 02:23:11 2006 -0.000000 seconds
# clock read-calendar
# show clock
Thu Mar 9 11:23:59 KST 2006
#
Note: The "calendar" clock is the software clock which is erased when the system is
powered cycles or rebooted. This is separate from the hardware clock that runs continuously,
even if the system is powered off or rebooted.
Command Task
configure terminal 1. Enter Global configuration mode.
2. Add a user.
username <user-name> y <user-name>: The user ID for entering the Corecess CLI.
passwd [8] <password> y 8: Encrypts the password.
y <password>: The password for the user.
End 3. Return to Privileged mode.
show username 4. Verify the list of users.
Parameter Value
User ID Guest
Password Pass
Encryption None
# configure terminal
(config)# username guest passwd pass
(config)# end
# show username
corecess console Sun Dec 31 31 00:05:25 +0000 2000
guest none none **Never logged in**
#
Command Task
configure terminal 1. Enter Global configuration mode.
# configure terminal
(config)# username guest passwd AD24
(config)# end
# write memory
Building Configuration...
[OK]
#
Command Task
configure terminal 1. Enter Global configuration mode.
2. Delete a user.
no username <user-name>
y <user-name>: The user name to be deleted.
The following is an example of deleting the user ‘guest’ and verify the deletion:
# configure terminal
(config)# no username guest
(config)# end
# show username
corecess console Sun Dec 31 31 00:05:25 +0000 2000
#
Running Configuration
The running configuration is the current (unsaved) configuration that reflects the most recent
configuration changes. You can upload or download the running configuration file via FTP or
TFTP.
Startup Configuration
The startup configuration is the saved configuration in Flash memory and is used when the
system initializes. You can upload or download the startup configuration file via FTP or TFTP.
Caution: Whenever you make changes to the Corecess R1-AD series configuration, you
must save the changes to memory so they will not be lost if the system is rebooted.
# show running-config
Current configuration:
!
! version 0.77
!
hostname localhost
dsl
!
snmp-server community "pulbic" rw
snmp-server community "public" rw
snmp-server contact Unknown
snmp-server location Unknown
snmp-server enable rmon
!
system fan enable 30 20
system temperature enable 90 80
!
interface vlan id 1
ip address 172.18.37.216/16
!
interface null id 12
!
interface vlan id 2
!
line vty 0 10
!
#
Command
write memory
write file
The following example shows how to save the configuration changes to Flash using the write
memory command:
# write memory
Building Configuration...
.
.
[OK]
#
The following example shows how to save the configuration changes to Flash using the write
file command:
# write file
Building Configuration...
.
.
[OK]
#
The following example shows how to save the configuration changes to Flash using the copy
running-config startup-config command:
Commands Task
copy factory-default start-up config 1. Restore the default configuration.
reset system 2. Restart the Corecess R1-AD series.
Corecess R1-AD24
Network
Source server
Console
Remote telnet
To upgrade the Corecess R1-AD series software, perform this task in Privileged mode:
Command Task
show version 1. Verify the current system software version.
copy ftp <ftp-ip> [id 2. Download the specified image file from the FTP or TFTP server.
<name> password y <ftp-ip>: IP address of the FTP server.
<password>] y <tftp-ip>: IP address of the TFTP server.
flash image <file-name> y id <name>: ID for login to a FTP server.
y passwd <passwd>: Password for login to a FTP server.
copy tftp <tftp-ip> flash y <file-name>: The file name used for saving the downloaded
image <file-name>
file.
show flash image 3. Verify that the image file is downloaded.
4. Update the system software to the downloaded image file.
y <id>: Id of the image.
update flash image
y <name>: Name of the image.
{<id> | <name>}
Note: You can see the id and name of the image file using the
show flash command in step 3.
reset system 5. Reboot the system.
# show version
CoreOS Software
-------------------------------------------------------------
Copyright (c) 1998-2006 by Corecess Inc.
Compiled on Mar 6 2006 16:13:57 by r1
System Uptime 00/00/15/00 [d:h:m:s] (Thu Mar 9 11:40:00 2006)
Software
-------------------------------------------------------------
r1-base-osapp-0.7.1.img
.
.
1. Emergency
More critical
2. Alert
3. Critical
4. Errors
5. Warning
6. Notify
7. Inform
8. Debug
Less critical
Command Task
The following example configures the sys events of the lower levels (Emergency, Alert, Critical,
and Errors) than ’Errors’ level (level 4) to be stored in the system log file:
Command Task
The following example configures the log messages to display on the console screen:
# configure terminal
(config)# logging console enable
(config)#
Command Task
The following example configures the system log to display on the remote server whose IP
address is 172.10.1.0:
Command Task
The following example configures the system log to display on telnet sessions:
To configure the log messages to be saved in a log file, use the following command in Global
configuration mode:
Command Task
The following example shows how to configure the log message to be saved in a file:
Command Task
Display the log messages saved in the log file.
show logging buffer <line>
y <line>: Number of log messages to display.
The following table describes the fields shown by the show logging buffer command:
n o p
No Description
n Date and time that the event occurred (month date hour:minute:second)
o System name
To check whether the Corecess R1-AD series is properly connected and configured, use the
following commands in Privileged mode:
Command Task
# ping 172.27.2.49
PING 172.27.2.49 (172.27.2.49): 56 data bytes
64 bytes from 172.27.2.49: icmp_seq=0 ttl=128 time=0.6 ms
64 bytes from 172.27.2.49: icmp_seq=1 ttl=128 time=0.6 ms
64 bytes from 172.27.2.49: icmp_seq=2 ttl=128 time=0.6 ms
64 bytes from 172.27.2.49: icmp_seq=8 ttl=128 time=0.5 ms
64 bytes from 172.27.2.49: icmp_seq=2 ttl=128 time=0.6 ms
64 bytes from 172.27.2.49: icmp_seq=8 ttl=128 time=0.5 ms
64 bytes from 172.27.2.49: icmp_seq=9 ttl=128 time=0.5 ms
64 bytes from 172.27.2.49: icmp_seq=10 ttl=128 time=0.5 ms
The following messages are displayed according to the status of host and network:
The following example shows how to display the VLAN interface information of the using the
show interface command:
# show interface
Interface vlan2
index 27 kernel index 4 metric 1 mtu 1514 <UP,BROADCAST,RUNNING,MULTICAST>
HWaddr: 00:9c:00:00:00:03
inet 172.19.1.10/16 broadcast 172.19.255.255
input packets 0, bytes 0, dropped 0, multicast packets 0
input errors 0, length 0, overrun 0, CRC 0, frame 0, fifo 0, missed 0
# show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
I - IS-IS, B - BGP, > - selected route, * - FIB route
# show system
System Information
-----------------------------------------------------
Subscriver/Service Interface Board(s)
SIB [ 1] Normal
SIB [ 2] Normal
PWR [ 1] Equipped
FAN [ 1] Normal
FAN [ 2] Normal
FAN [ 3] Normal
FAN [ 4] Normal
Auxiliary Information
-----------------------------------------------------
Fan (`C(`F)) -
Max/Min Threshold : 30/ 20 ( 86/ 68)
Temperature (`C(`F)) -
Current Temperature : 39 (102 )
Max/Min Threshold : 90/ 80 (194/176)
#
Each field shown by the show system command describes the following information about
system state:
Field Description
System Information The state of the main and option slot, power, and fan module.
The range of the temperature of the fan module, but the Corecess R1-AD series
Auxiliary Information
does not provide this information.
# show module
Codes : * - Internal/Built-in Module, N - Network Attached Module
X - Switch Fabric Module, > - Current Management Module
The table below describes the fields shown by the show module command:
Field Description
Module Slot number which the module is installed on. (1 : option slot, 2~ 3 : base slots)
# show meminfo
T total: used: free: shared: buffers: cached:
Mem: 111812608 66183168 45629440 0 3944448 41521152
Swap: 0 0 0
MemTotal: 109192 kB
MemFree: 44560 kB
MemShared: 0 kB
Buffers: 3852 kB
Cached: 40548 kB
SwapCached: 0 kB
Active: 9412 kB
Inactive: 49368 kB
HighTotal: 0 kB
HighFree: 0 kB
LowTotal: 109192 kB
LowFree: 44560 kB
SwapTotal: 0 kB
SwapFree: 0 kB
Committed_AS: 63444 kB
VmallocTotal: 1048560 kB
VmallocUsed: 33336 kB
VmallocChunk: 1015224 kB
#
The table below describes the fields shown by the show meminfo command:
Field Description
(Continued)
Amount of free memory which is not mapping to kernel directly. This is different
HighFree
according to the type of the used kernel.
Amount of free memory which is not mapping to kernel directly. This is different
LowFree
according to the type of the used kernel.
10/100Base-TX Auto
Duplex mode
1000Base-LX
Full-duplex
1000Base-SX
10/100Base-TX 19
Cost
1000Base-LX
4
1000Base-SX
VLAN All ports belong to the default VLAN (ID : 1, name: DEFAULT)
When change the Gigabit Ethernet port configurations, the change becomes part of the running
configuration. The change does not automatically become part of the startup configuration file
in Flash memory. If you do not save your changes in Flash memory, they are lost when the
system is restarted. To save the changes of the Gigabit Ethernet port configuration in Flash
memory, you must enter the write memory command in Privileged mode.
Command Task
The following example shows how to disable Gigabit Ethernet port 1/2:
The following example shows how to re-enable Gigabit Ethernet port 1/1:
y If you set the port speed to auto, the switch automatically sets the duplex mode to auto.
y When you set the port speed to 1000 Mbps, the duplex mode is full duplex. You cannot
change the duplex mode.
y If the port speed is set to 10 or 100 mbps, the duplex mode is set to half duplex by default
unless you explicitly configure it.
To set the speed and duplex parameters on a port, enter the following commands in Global
configuration mode:
Table 6-3 Configuring Gigabit Ethernet port speed and duplex mode
Command Task
Note:
y 1000Base-SX/LX port supports only full-duplex mode.
y To not use autonegotiation featue, you should configure both the port speed and the
duplx mode.
Command Task
This example shows how to set the name for Gigabit Ethernet port 1/1.
By default, the SNMP link trap of the ports on the Corecess R1-AD series is disabled. To
configure the operation of the standard SNMP link trap, enter the following command in Global
configuration mode:
Command Task
This example shows how to enable the SNMP link trap for the Gigabit Ethernet port 1/1:
To disble the SNMP link trap, use no port <port-type> <slot>/<port> trap link-
status command. This example shows how to disable the SNMP link trap for the Gigabit
Ethernet port 1/1:
This example shows how to display the configuration information and statistics for the 1/1
Gigabit Ethernet port:
If Index Logical ID
---------- ----------
1 1
access-type : tranparent
The following table describes the fields in the show port <port-type> <slot>/<port>
command output:
Field Description
shortCRC Number of frames less than 64 bytes in length, received with CRC error.
Number of frames with lengths between 64 bytes and the maximum frame
input normalCRC
size, received with an integral number of bytes and a CRC error.
Number of frames with lengths between 64 bytes and the maximum frame
normalAlign
size, received with a non integral number of bytes and a CRC error.
Number of frames, larger then the maximum frame size, received with a CRC
longCRC
error.
Number of frames deferred at the first transmit attempt due to a busy line in
Deferred
half duplex mode.
Single Number of frames transmitted without any error following a single collision.
When change the ADSL port configurations, the change becomes part of the running
configuration. The change does not automatically become part of the startup configuration file
in Flash memory.
y Setting SRA
y Setting pwrmng
y Configuring port filtering
Command Task
Command Task
This example shows how to set the line operating mode of the ADSL port 2/1 to G.dmt mode:
# configure terminal
(config)# dsl
(config-dsl)# adsl linecoding port 2/1 g.dmt
(config)# end
# show adsl linecoding 2/1 configured
2/01 : g.dmt
Command Task
This example shows how to set the maximum downstream and upstream speed to 24Mbps, and
1Mbps respectively:
# configure terminal
(config)# dsl
(config-dsl)# adsl speed 2/1 ds 24576 us 1024
(config)# end
# show adsl speed 2/1 configured
DS / US [Kbps]
2/01 : 24576 / 1024
To display the current ADSL link speed, execute show adsl speed <slot>/<port>
current command in Privileged mode. The following example shows how to display the
current ADSL link speed.
Command Task
The following example shows how to set the ADSL data transmission mode of the port 2/1 to
‘interleaved’ mode and verify the result:
# configure terminal
(config)# dsl
(config-dsl)# adsl latency 2/1 interleaved
(config)# end
# show adsl latency 2/1
2/01 : interleaved
The default downstream/upstream interleave delay is 16/16 msec. To set the maximum
interleave delay, use the following commands in Global configuration mode:
Command Task
Note: If impulse noise is a concern, set interleave delay to a value greater than the longest
expected duration of the noise. If delay is a concern, set interleave delay as low as possible.
This example sets the interleaving delay of the ADSL port 2/1-10 to 16 msec in both directions,
and displays the results:
# configure terminal
(config)# dsl
(config-dsl)# adsl maxinterleavedelay 2/1-10 ds 16 us 16
(config)# end
# show adsl interleavedelay 2/1-10 max
DS / US [ms]
2/01 : 16 / 16 2/02 : 16 / 16
2/03 : 16 / 16 2/04 : 16 / 16
To display the current value of interleaving delay, execute show adsl interleavedelay
<slot>/<port> current command in Privileged mode. This following example shows how
to display the current value of interleaving delay.
DS / US [ms]
2/01 : 5 / 15 2/02 : 5 / 15
2/03 : 5 / 15 2/04 : 6 / 15
2/05 : 5 / 15 2/06 : 5 / 15
2/07 : 5 / 15 2/08 : 5 / 16
2/09 : 5 / 15 2/10 : 5 / 15
#
y Target SNR margin is the noise margin the modem must achieve with a BER of 10-7 or better
to successfully complete initialization.
y If the actual SNR margin is above the configured maximum noise margin, the modem
attempts to reduce its power output to optimize its operation.
y If the actual SNR margin is less than the configured minimum noise margin, startup fails and
is again attempted, with increased power output
The SNR margins of all the ADSL ports are set to the following value by default:
y Target downstream/upstream SNR margin: 6dB
y The maximum downstream/upstream SNR margin: 31dB
y The minimum downstream/upstream SNR margin: 0dB
To specify the SNR margin for the downstream and upstream, follow the steps in the table
below:
Command Task
(config)# dsl
(config-dsl)# adsl snrmargin 2/1 target ds 6 us 6
(config-dsl)# adsl snrmargin 2/1 max ds 20 us 20
(config-dsl)# adsl snrmargin 2/1 min ds 5 us 5
(config)# end
# show adsl snrmargin 2/1 target
DS / US [dB]
2/01 : 6 / 6
DS / US [dB]
2/01 : 20 / 20
DS / US [dB]
2/01 : 5 / 5
#
SRA can be enabled/disabled dynamically. The receiver initiates SRA, therefore in the
downstream direction the CPE is the master and enables SRA.
The following figure provides a pictorial view of SRA and how SRA parameters will be used to
manage rate adjustment.
Command Task
show adsl
5. Show configured SRA related parameters.
sra <slot/port>
DN / UP DN / UP DN / UP DN / UP
# conf t
(config)# dsl
upinterval 11
(config-dsl)# end
DN / UP DN / UP DN / UP DN / UP
y Power Management
First-generation ADSL transceivers operate in full-power (L0 state) mode day and night, even
when not in use. With several millions of deployed ADSL modems, a significant amount of
electricity can be saved if the modems engage in a standby/sleep mode just like computers.
This would also save power for ADSL transceivers operating in small remote units and
digital loop carrier (DLC) cabinets that operate under very strict heat dissipation
requirements
To address these concerns, the ADSL2 standard proposed two power management modes
that helps to reduce overall power consumption, also maintaining ADSL's "always-on"
functionality for the user. These modes include ADSL2's L2 power mode allows a broadband
modem to quickly move from L2 to L0 operation and back without bit errors. Here L0 is the
normal mode of operation with full-blown power meeting requirements of G.992.3.
This mode enables overall power savings at both the ATU-C and the remote ADSL
transceiver unit (ATU-R) by entering into sleep mode when the connection is not being used
for extended periods of time.
Command Task
Show adsl
pwrmng <slot/port> 4. Show configured (or current) pwrmng.
(configured|current)
2/01 : L0 L2 2/02 : L0
2/03 : L0 2/04 : L0
2/05 : L0 2/06 : L0
2/07 : L0 2/08 : L0
2/09 : L0 2/10 : L0
2/11 : L0 2/12 : L0
2/13 : L0 2/14 : L0
2/15 : L0 2/16 : L0
2/17 : L0 2/18 : L0
2/19 : L0 2/20 : L0
2/21 : L0 2/22 : L0
2/23 : L0 2/24 : L0
2/01 : L0 2/02 : L0
2/03 : L0 2/04 : L0
2/05 : L0 2/06 : L0
2/07 : L0 2/08 : L0
2/09 : L0 2/10 : L0
2/11 : L0 2/12 : L0
2/13 : L0 2/14 : L0
2/15 : L0 2/16 : L0
2/17 : L0 2/18 : L0
To specify the bit swapping, follow the steps in the table below:
Command Task
The following is an example of enabling the bitswap status of the ADSL port 2/1:
(config)# dsl
(config-dsl)# adsl bitswap 2/1 ds enable us enable
(config-dsl)# end
# show adsl bitswap 2/1
DS / US
2/01 : enable / enable
To enable or disable the Trellis encoding, follow the steps in the table below:
Command Task
The following is an example of disabling Trellis encoding of the port 2/1 and verifies the
configuration :
(config)# dsl
(config-dsl)# adsl trellis 2/1 disable
(config-dsl)# end
# show adsl trellis 2/1
2/01 : disable
To configure INP for the downstream bearer channel, follow the steps in the table below:
Command Task
The following example shows how to set INP value and verify the configureaion.
(config)# dsl
(config-dsl)# adsl inp 2/1 ds 1 us 2
(config-dsl)# end
# show adsl inp 2/1
DS / US [symbol rate]
2/01 : 1 / 2
Command Task
The following example shows how to reset the ADSL port 2/1.
(config)# dsl
(config-dsl)# adsl reset 2/1
OK!
#
Creating a PVC
If you want to use multiple services such as Internet access, Video on Demand, and Broadcast
TV service, you should create multiple PVCs on a DSL port. Each service requires its own PVC.
The limitation in the number of PVCs supported by the Corecess R1-AD series is as follow:
To create a PVC on an ADSL port, use the following commands in Global configuration mode:
Command Task
1. Creates a PVC.
y <slot>/<port>: Slot number (2) and port number (1 ~ 24, 48) to
port adsl create a PVC.
<slot>/<port>.<channel>
y <channel>: The logical channel number of a PVC (1 ~ 8).
pvc <vpi>/<vci>
y <vpi>: VPI value for a PVC. Possible VPI values are 0 ~ 255.
y <vci>: VCI value for a PVC. Possible VCI values are 32 ~ 65534.
(Continued)
port <port-type>
<slot>/<port>.<channel> 2. Specifies ATM service category and QoS parameters for the
qos-service cbr [pcr new PVC.
<pcr-rate> cdv <cdv- y <port-type>: The type of the DSL port on which PVC is created
delay>] (adsl)
y <slot>/<port>: Slot number (1 ~ 8) and port number (1 ~ 48) to
port <port-type> create a PVC.
<slot>/<port>.<channel> y <channel>: The logical channel number of a PVC (1 ~ 8).
qos-service nrt-vbr
y cbr: Applies CBR (Constant Bit Rate) service to the PVC.
[pcr <pcr-rate> scr
<scr-rate> mbs <mbs- y nrt-vbr: Applies nrt-VBR-nrt (Non-Real-Time Variable Bit Rate)
cell>] service to the PVC.
y rtvbr: Applies rt-VBR (Real-Time Variable Bit Rate) service to the
port <port-type> PVC.
<slot>/<port>.<channel> y ubr: Applies UBR(Unspecified Bit Rate) service to the PVC.
qos-service rtvbr [pcr y unshape: Applies unshape service to the PVC.
<pcr-rate> scr <scr-
rate> mbs <mbs-cell> y pcr <pcr-rate>: Specifies the Peak Cell Rate for a PVC. The
valid range is 150 ~ 60185 cells or 64 ~ 24000 kbps.
cdv <cdv-delay>]
y scr <scr-rate>: Specifies Sustained Cell Rate for a PVC to
port <port-type> which VBR service is applied. The valid range is 150 ~ 60185 cells or
<slot>/<port>.<channel> 64 ~ 24000 kbps.
qos-service ubr [pcr y cdv <cdv-delay>: Specifies Cell Delay Variation(unit: 10ns) for a
<pcr-rate>] PVC to which CBR service is applied. This value must be set to ‘0’
which is the default setting.
port <port-type> y mbs <mbs-cell>: Specifies the Maximum Burst Size for a
<slot>/<port>.<channel> PVC to which VBR service is applied.
qos-service unshape
Note: When configuring a PVC, ATM service category should be specified but QoS
parameters are optional. If you do not specify QoS parameters for a PVC, the Corecess R1-
AD series set them to the default value (PCR:2320, SCR:2320, MBS:2320, CDVT:0).
The following example creates a PVC with VPI/VCI of 1/253 on the 2/1 ADSL port:
To delete a PVC, enter the no port adsl command in the Global configuration mode as
follows:
To assign a PVID to a PVC, use the following commands in Global configuration mode:
Command Task
The following example configures to assign the VLAN ID of 10 to the PVC which is created on
the 2/1 ADSL port:
y You can assign up to 120 tagged VLAN IDs per DSL line card.
To assign tagged VLAN IDs to a PVC, use the following commands in Global configuration
mode:
Command Task
The following example configures to assign tagged VLAN IDs of 2 and 3 to a PVC which is
created on the 2/1 ADSL port:
Internet Service
(config)# port adsl 2/20.1 name internet
(config)# port adsl 2/20.1 pvc 0/36
(config)# port adsl 2/20.1 qos-service unshape
(config)# dot1q port adsl 2/20.1 pvid 100
(config)#
VoIP Service
(config)# port adsl 2/20.2 name voip
(config)# port adsl 2/20.2 pvc 0/37
(config)# port adsl 2/20.2 qos-service rt-vbr
(config)# dot1q port adsl 2/20.2 pvid 200
(config)#
VOD Service
(config)# port adsl 2/20.3 pvc 0/38
(config)# port adsl 2/20.3 qos-service rt-vbr
(config)# port adsl 2/20.3 name VOD
(config)# dot1q port adsl 2/20.3 pvid 300
(config)#
Multicast Service
(config)# port adsl 2/20.4 pvc 0/39
(config)# port adsl 2/20.4 qos-service rt-vbr
(config)# port adsl 2/20.4 name multimedia
(config)# dot1q port adsl 2/20.4 pvid 400
(config)#
This example shows how to display the configuration information and statistics for the 2/1
ADSL port:
If Index Logical ID
---------- ----------
4 65
access-type : tranparent
Extension status
N/A
#
Command Task
The following example shows how to display the configured ADSL line configuration of all
ADSL ports:
The following example shows how to display the ADSL line status information of the ADSL
port 2/1-10:
Command Task
The following example shows how to display the ADSL alarm statistics information of the
ADSL port 2/1:
The following example shows how to display the ADSL RS word information of the ADSL port
2/1:
The following example shows how to display the ADSL super frame error information of the
ADSL port 2/1:
Field Description
LOS Count of the number of Loss of Link failures since agent reset
LOF Count of the number of Loss of Framing failures since agent reset
Count of the number of Errored Seconds since agent reset. The errored second
ES parameter is a count of one-second intervals containing one or more crc
anomalies, or one or more los or sef defects
LOL Count of the number of Loss of Link failures since agent reset
LPR Count of the number of Loss of Power failures since agent reset
The following example shows how to display the ADSL port information of the ADSL port 2/1:
Administration : enable
Speed DS / US [Kbps] : 24576 / 1024
Linecoding : g.dmt
Latency : interleaved
Max Interleaved delay DS / US [ms] : 4 / 4
Target SNR Margin DS / US [dB] : 2 / 2
Max SNR Margin DS / US [dB] : 31 / 31
Min SNR Margin DS / US [dB] : 0 / 0
Trellis : enable
EC or FDM : fdm
Bit Swapping DS / US : enable / enable
INP DS / US [symbol rate] : 0 / 0
Alarm Threshold LOS : 0
Command Task
The following example shows how to display the ADSL bitmap of the ADSL port 2/1:
2/01 : ( 32)
0 : ( 0)
1 : ( 0)
2 : ( 0)
3 : ( 0)
4 : ( 0)
5 : ( 0)
6 : ( 2) >>
7 : ( 6) >>>>>>
8 : ( 8) >>>>>>>>
9 : (10) >>>>>>>>>>
.
.
25 : (14) >>>>>>>>>>>>>>
26 : (14) >>>>>>>>>>>>>>
27 : (13) >>>>>>>>>>>>>
28 : (12) >>>>>>>>>>>>
29 : (11) >>>>>>>>>>>
30 : ( 9) >>>>>>>>>
31 : ( 5) >>>>>
#
Command Task
The following example shows how to display the configured speed of ADSL port 2/1-10.
The following example shows how to display the current speed of ADSL port 2/1-10.
Command Task
The following example shows how to display the information of impulse noise protection
configuration.
2/01 : 0 / 0 2/02 : 0 / 0
2/03 : 0 / 0 2/04 : 0 / 0
2/05 : 0 / 0 2/06 : 0 / 0
2/07 : 0 / 0 2/08 : 0 / 0
2/09 : 0 / 0 2/10 : 0 / 0
#
To display the information of line attenuation, execute the following command in Privileged
mode.
Command Task
DS / US [dB]
Command Task
The following example shows how to display the output power information.
DS / US [dBm]
This chapter overviews Virtual LAN and describes how to configure VLAN using several
examples. The tagged VLAN and overlapped VLAN are described in this chapter.
Each VLAN is considered as a logical network, and packets destined for stations that do not
belong to the VLAN must be forwarded through a router or bridge. Because a VLAN is
considered a separate logical network and can support its own implementation of the Spanning
Tree Protocol (STP).
VLANs are often associated with IP subnetworks. For example, all the end stations in a
particular IP subnet belong to the same VLAN. Traffic between VLANs must be routed.
To communicate between two VLANs on the Corecess R1-AD series, the external router is
needed.
Router
Vlan1 Vlan2
Port: 2/1 ~ 2/12 Port: 2/13 ~ 2/24
Port-Based VLAN
On the Corecess R1-AD series, you can configure port-based VLANs. A port-based VLAN is a
subset of ports on the device that constitutes a broadcast domain.
By default, all the ports on the Corecess R1-AD series are members of the default VLAN. Thus,
all the ports on the Corecess R1-AD series constitute a single broadcast domain. You can
configure multiple port-based VLANs. When you configure a port-based VLAN, the device
automatically removes the ports you add to the VLAN from the default VLAN.
Marketing
Port: 2/17 ~ 24
Corecess R1-AD24
Sales
Port: 2/1 ~ 8 Finance
Port: 2/9 ~ 16
Note : A port can belong to only one port-based VLAN, unless you apply 802.1q tagging
to the port. For detail information about 802.1q tagging, refer to the Tagged VLAN
description.
The default VLAN should exist on the system and can not be deleted by user. Therefore, you
define a VLAN, there are two VLAN, default VLAN and new VLAN, are on the system. You
can define up to 4094 VLANs on the Corecess R1-AD series including default VLAN.
DEFAULT
Corecess R1-AD24
Tagging must be used when connecting two or more Corecess R1-AD series that share a
common VLAN. With tagging, the two devices can logically separate traffic from different
VLANs. The following figure shows an example of two Corecess R1-AD24As that share the
same port-based VLANs configured across them.
Sales
Tagged link
1/1* 1/1*
Accounting
* : Tagged Port
Each switch in the figure above shares two VLANs through the Gigabit Ethernet port 1/1. The
frames must be tagged between the two devices to determine the frame destination. The
tagging allows the transmittal of frames from the Sales department on the Corecess R1-AD24A-
A to the Sales department on the Corecess R1-AD24A-B and the Accounting department in the
Corecess R1-AD24A-A to the Accounting department in the Corecess R1-AD24A-B. Once the
switch knows the destination of the frame, the tagging is removed and the frame is sent
untagged to the VLAN.
VLAN ID 1
MTU 1500
Private Disable
When change the VLAN configurations, the change becomes part of the running configuration.
The change does not automatically become part of the startup configuration file in Flash
memory. If you do not save your changes to Flash memory, they are lost when the system
restarts. To save the VLAN configuration changes to Flash memory, you must enter the write
memory command in Privileged mode.
You can configure VLAN on the Corecess R1-AD series using the following procedures:
Creating a VLAN
In the factory default configuration, all the ports on the Corecess R1-AD series belong to a single
logical broadcast domain, which is given the name DEFAULT. You can partition the default
broadcast domain into multiple logical broadcast domains by adding one or more additional
VLANs and moving ports from the default VLAN to the new VLANs. Because the default
VLAN permanently exists in the Corecess R1-AD series, adding new VLANs results in multiple
VLANs existing in the Corecess R1-AD series.
Command Tasks
1. Define a new VLAN.
vlan id <vlan-id>
name <vlan-name> y <vlan-id>: VLAN ID
y <vlan-name>: VLAN name
End 2. Exit from Global configuration mode.
show vlan 3. Verify that a new VLAN is created.
The following example shows how to create white VLAN on the Corecess R1-AD24A:
2 white active
To delete a VLAN, use the no vlan command in Global configuration mode. The following
example deletes the VLAN:
(config)# no vlan id 2
(config)#
Command Tasks
1. Assign ports to a VLAN.
vlan {id <vlan-id> | name y <vlan-id>: VLAN ID.
<vlan-name>} port <port- y <vlan-name>: VLAN name.
type> <slot>/<port> y <port-type> : Port type (gigabitethernet)
y <slot>/<port>: slot number / port number to be added to the
VLAN.
End 2. Exit from Global configuration mode.
3. Verify that the ports are assigned.
show vlan {id <vlan-id> |
name <vlan-name>} y <vlan-id>: ID of the VLAN to verify.
y <vlan-name>: Name of the VLAN to verify.
The following example shows how to assign 1/2 Gigabit Ethernet ports to the white VLAN:
2 white active
Command Tasks
The following example shows how to assign IP address and subnet mask, 172.16.1.1/16, to the
default VLAN and verify the result:
To specify the secondary IP address to the VLAN, use the following command in Global
configuration mode:
Command Tasks
1. Go to Interface configuration mode.
interface vlan {id <vlan-id>
| name <vlan-name>} y <vlan-id>: ID of the VLAN to configure.
y <vlan-name>: Name of the VLAN to configure.
2. Specify the secondary IP address of the VLAN.
ip address <ip-address>/<M>
secondary y <ip-address>: Secondary IP address for the VLAN.
y <M>: Subnet mask.
End 3. Return to Privileged mode.
4. Verity the secondary IP address assigned to the VLAN.
show interface vlan id
<vlan-id> y <vlan-id>: ID of the VLAN to display.
y <vlan-name>: Name of the VLAN to display.
This example shows how to specify the secondary IP address of the VLAN whose id is ‘1’:
# write memory
Building Configuration...
[OK]
#
DEFAULT sub-1
y ID : 1 y ID : 2
y Port : 2/1~8 y Port : 2/9~16
Corecess R1-AD24
sub-2 sub-3
y ID : 3 y ID : 4
y Port : 2/17~24 y Port : 1/1-2
2/10.1
VirtualPortIndex: 3/2 IfIndex: 59 BridgeIndex: 130
Name: DEFAULT VLAN: 2
VPI/VCI 0/35
Service Category : unshape
Traffic Parameters : PCR/SCR/MBS/CDV 2320/2320/2320/0
.
.
2/23.1
VirtualPortIndex: 3/15 IfIndex: 72 BridgeIndex: 143
Name: DEFAULT VLAN: 3
VPI/VCI 0/35
Service Category : unshape
Traffic Parameters : PCR/SCR/MBS/CDV 2320/2320/2320/0
2/24.1
VirtualPortIndex: 3/16 IfIndex: 73 BridgeIndex: 144
Name: DEFAULT VLAN: 3
VPI/VCI 0/35
Service Category : unshape
Traffic Parameters : PCR/SCR/MBS/CDV 2320/2320/2320/0
Note: To activate the state of new VLANs, enter the interface vlan id <vlan-id>
command in Global configuration mode.
To configure 802.1Q tagged port on the Corecess R1-AD series, use the following commands in
Privileged mode:
Command Task
configure terminal 1. Enter Global configuration mode.
Tagged link
1/1* 1/1*
# configure terminal
(config)# vlan id 2 name vlan2
(config)# vlan id 2 port gigabitethernet 1/1-2
(config)# dot1q port gigabitethernet 1/1 tag 1-2
(config)# end
# show dot1q
Port allowed 802.1q VLAN TAGs
-------- -----------------------------------------------------------------
1/1 1-2
# show dot1q port gigabitethernet 1/1
Port PVID Acceptable frame types Ingress filter
---------- ---- ---------------------- --------------
1/1 2 all off
Port allowed 802.1q Vlans
-------- -----------------------------------------------------------------
1/1 1-2
#
# show vlan
VLAN Name Status Slot/Ports
---- --------------- -------- ------------------------------------
1 DEFAULT active 1/1-2
2 vlan1 active 2/-24
The following table describes the fields shown by the show vlan command:
Field Description
The following example displays the 802.1Q tagging configuration of the Corecess R1-AD24A:
# show dot1q
Port allowed 802.1q Static and Dynamic Vlans created by GVRP
-------- -----------------------------------------------------------------
1/1 1-2
#
The following example displays 802.1Q tagging configuration of the Gigabit Ethernet port 1/1:
The table below describes the fields in the show dot1q command output:
Field Description
Command Description
interface vlan Enter Interface configuration mode.
vlan id name Creates a VLAN.
vlan port Adds ports to the VLAN.
vlan id private-vlan Configures overlapped VLANs.
dot1q port Configures 802.1Q tagging on a port.
ip address Assigns an IP address and subnet mask to the VLAN interface.
show dot1q Displays 802.1q tagging configuration.
show vlan Displays the VLAN configuration.
This chapter describes how to configure SNMP and RMON on the Corecess R1-AD series.
y Managed Device
y SNMP Manager
SNMP
Manager
Managed Device
A managed device is a network node that contains an SNMP agent and that resides on a
managed network. Managed devices collect and store management information and make this
information available to NMSs using SNMP. Managed devices, sometimes called network
elements, can be routers and access servers, switches and bridges, hubs, computer hosts, or
printers.
y Get a MIB variable: The SNMP agent initiates this function in response to a request from the
NMS. The agent retrieves the value of the requested MIB variable and responds to the NMS
with that value.
y Set a MIB variable: The SNMP agent initiates this function in response to a message from the
NMS. The SNMP agent changes the value of the MIB variable to the value requested by the
NMS.
The SNMP agent also sends unsolicited trap messages to notify an NMS that a significant event
has occurred on the agent. Examples of traps conditions include, but are not limited to, when a
port or module goes up or down, when spanning-tree topology changes occur, and when
authentication failures occur.
The MIB is the information base, the SNMP agent must keep available for the managers. This
information base contains objects whose values provide information on the status of the
checked system or objects whose values can be modified by a manager to control the system.
Each object is identified by an Object ID (OID). There are two kinds of MIBs, standard MIB and
enterprise-specific MIB.
SNMP Manager
SNMP Manager is an integrated management module which collects information from SNMP
agent and sometimes sends warning messages depending on the each SNMP agent relations. In
other words, the actual data is collected from SNMP agent and this data will be processed by
management module and saved. To request information or configuration changes, respond to
requests, and send unsolicited alerts, the SNMP manger and SNMP agent use the four messages
(Get, GetNext, Set, and trap). For more information on these messages, refer to the following
section.
y Set-Request Message
y Trap Message
Get-Request Message
Get-Request Message is the basic SNMP request message. Sent by an SNMP manager, it
requests information about a single MIB entry on an SNMP agent. For example, the amount of
free drive space.
GetNext-Request Message
GetNext-Request Message is an extended type of request message that can be used to browse
the entire tree of management objects. When processing a Get-next request for a particular
object, the agent returns the identity and value of the object which logically follows the object
from the request. The Get-next request is useful for dynamic tables, such as an internal IP route
table.
Set-Request Message
If write access is permitted, Set-Request message can be used to send and assign an updated
MIB value to the agent.
Trap Message
An unsolicited message sent by an SNMP agent to an SNMP manager when the agent detects
that a certain type of event has occurred locally on the managed device. For example, a trap
message might be sent on a system restart event.
Gives read access to authorized management stations to all objects in the MIB except the
Read-only
community strings, but does not allow write access.
Gives read and write access to authorized management stations to all objects in the MIB,
Read-write
but does not allow access to the community strings.
Trap
Trap is a defined status of event or system. For example, event generated when port
configuration is changed or a host having not-allowed IP address accesses can be defined as a
trap. You can configure the level of trap according to the kind of events.
If a trap occurs on the system, the SNMP agent send SNMP trap message to the registered trap
host.
Trap Disabled
The values of these variables can be browsed or modified via ViewlinX, NMS of the Corecess or
NMS of other companies. To set the system contact and location information, use the following
command in Global configuration mode:
Command Task
snmp-server contact 1. Set the system contact information.
<string> y <string>: String that describes the system contact information.
snmp-server location 2. Set the system location information.
<string> y <string>: String that describes the system location information.
End 3. Return to Privileged mode.
show snmp-server 4. Verify the system contact and location information.
RMON: Disabled
Extended RMON: Extended RMON module is not present
The Corecess R1-AD series has no default community string. Therefore you should add a new
read-write community string before accessing to the Corecess R1-AD series via SNMP.
To define SNMP community strings, use the following command in Global configuration mode:
Command Task
Community Access
------------------------------ ----------
public Read-Only
corecess Read-Write
# write memory
Building Configuration...
[OK]
Community Access
------------------------------ ----------
public Read-Only
#
bridge Sends a trap message when there is spanning tree topology changes.
repeater Sends a trap message when Ethernet hub repeater state is changed.
ip_permit Sends a trap message when there are access attempts with unauthorized IP address.
sysconfig Sends a trap message when the system backup configuration is changed.
Sends a trap message when there is Entity Management Information Base (MIB)
entity
change.
cpuload Sends a trap message when CPU load limitations are exceeded.
Sends a trap message when there are access attempts with unauthorized community
auth
string.
sysauth Sends a trap message when unauthorized user attempts access to the system.
bgp Sends a trap message when Border Gateway Protocol (BGP) state is changed.
Sends a trap message when Dynamic Host Configuration Protocol (DHCP) state is
dhcp
changed.
When trap is set to ‘enable’ state, if an error occurs in the device where corresponding trap is set
to ‘enable’ or if problem occurs in the part defined by the trap, such error status (trap message)
are transmitted to the trap receiving host and NMS, the SNMP agent. By default, all trap types
are disabled. To send traps to the trap hosts, the trap types should be enabled. To enable a trap
type, perform this task in Global configuration mode:
Command Task
snmp-server enable traps 1. Enable a trap.
End 2. Return to Privileged mode.
show snmp-server 3. Verify the tarp status.
To disable the trap type, use the no snmp-server enable traps command as follows:
Trap receiver host is the host to receive traps from an SNMP agent. Trap is message sent by an
SNMP agent to an NMS, a console, or a terminal to indicate the occurrence of a significant event,
such as a specifically defined condition or a threshold that was reached. By default, no trap
receiver host is configured. To receive the trap generated on your managed device using NMS,
you must add the NMS as a trap receiver host. You can specify up to twenty trap hosts on the
Corecess R1-AD series.
Command Task
The following example shows how to enable the system to send all traps to the host
172.168.10.65:
Trap Source IP
-------------------------
Default : 0.0.0.0
#
The RMON MIB provides a standard method to monitor the basic operations of the Ethernet,
providing inoperability between SNMP management stations and monitoring agents. The
RMON also provides a powerful alarm and event mechanism for setting thresholds and for
notifying you of changes in network behavior.
You can use the RMON to analyze and monitor network traffic data within remote LAN
segments from a central location. This allows you to detect, isolate, diagnose, and report
potential and actual network problems before they escalate to crisis situations. For example, the
Corecess R1-AD series can identify the hosts on a network that generate the most traffic or
errors.
The RMON allows you to set up automatic histories, which the RMON agent collects over a
period of time, providing trending data on such basic statistics as utilization, collisions, and so
forth.
The RMON monitors nine MIB groups including network statistics. The following table lists
the RMON MIB groups:
Command Description
1. Statistics Collects the network statistics.
2. History Records the network activity in sequence of time.
3. Alarm Defines level of the alarms to be informed to the manager.
4. Host Monitors the hosts in the network.
5. Host Top N Filters and manages the information of N hosts.
6. Matrix Monitors the traffics between network nodes.
7. Filter Monitors the specified packets on the network segment.
8. Packet Capture Captures packets after they flow through a channel.
9. Event Determines the action to take when an event is triggered by an alarm.
Command Task
snmp-server enable rmon 1. Enable RMON on the system.
End 2. Return to Privileged mode.
show snmp-server 3. Verify that RMON is enabled.
The following example shows how to enable RMON on the Corecess R1-AD series:
RMON: Enabled
Extended RMON: Extended RMON module is not present
To configure an RMON statistics group, use the following commands in Global configuration
mode:
Command Task
Parameter Value
Interface ID 1
Owner 172.1.1.1
RMON: Enabled
Extended RMON: Extended RMON module is not present
[statistics]
To display the detail information on a statistics group, enter the show rmon statistics
command with the statistics group number:
To delete a statistics group, enter the no rmon etherstats command in Global configuration
mode:
You can configure the operation of the RMON history that periodically samples any Ethernet
port for statistical data. All ports are preconfigured with histories for 30-second and 30-minute
intervals, and 50 buckets with one sample per bucket. However, you can create additional
histories for a specific port. This allows you to configure the time interval to take the sample
and the number of samples you want to save.
To configure an RMON history group, use the following commands in Global configuration
mode:
Command Task
1. Set a history group.
y <index>: RMON history number (1 ~ 65535)
y <ifindex>: Interface number (1 ~ 2147483647)
rmon historycontrol y <port-type>: Port type (gigabitethernet)
<index> {<ifIndex> y <slot>/<port>: Slot number/port number
| <port-type> y <interval>: MIB object monitoring interval (1-2147483647 seconds)
<slot>/<port>} y <ifIndex>: The data source object for the Ethernet port. The port is
owner <history- identified by an ifIndex data object identifier. To see a list of data object
owner> <bucket- IDs, use the show interface command.
number> <history- y owner <history-owner>: Option for specifying an owner who
interval> defined and is using the history resources
y <bucket-number>: The bucket count for the interval (1 ~ 65535)
y <history-interval>: The time interval for the history (1 ~ 3600
seconds)
End 2. Return to Privileged mode.
show rmon 3. Verify the configuration.
Parameter Value
Interface ID 1
Owner 172.1.1.1
Bucket count 50
Interval 60seconds
RMON: Enabled
Extended RMON: Extended RMON module is not present
[statistics]
index status dataSource
----- -------------- -----------------------------
[history]
index status dataSource
----- -------------- -----------------------------
5 valid ifIndex.1 (gigabitethernet 1/1)
.
.
#
To display the detail information on a history group, enter the show rmon history
command with the history number:
In order for RMON to generate trap events, you must set up the SNMP managers table based on
the SNMP community strings (for example, public) you are using with the network
management application and the hosts on which you are running applications. If you fail to
make these changes, the system will be unable to send trap events to the network management
station.
When you set up the SNMP managers table, you can use the SNMP community strings that the
network management application uses and modify the trap receiving tables on the router to use
these names. Or, you can configure the router to use specific SNMP community strings and
modify the network management software to use these strings.
To set an RMON event, use the following commands in Global configuration mode:
Command Task
Parameter Value
Event index 10
Event description Event to create log entry and SNMP notification
Event type log, trap
Community Public
Owner 172.1.1.1
(config)# rmon event 10 description “Event to create log entry and SNMP
notification” log trap public owner 172.1.1.1
(config)# end
# show rmon
RMON: Enabled
Extended RMON: Extended RMON module is not present
[statistics]
index status dataSource
----- -------------- -----------------------------
1 valid iso.3.6.1.2.1.2.2.1.1.5 ( 2/2)
[history]
index status dataSource
----- -------------- -----------------------------
5 valid iso.3.6.1.2.1.2.2.1.1.3 ( 1/2)
[alarm]
index status sample
----- -------------- -----------------------------
[event]
index status type
----- -------------- ---------------
1 valid logandtrap
To delete an event group, enter the no rmon event command in Global configuration mode:
Each alarm is linked to an event in the event group. An event defines an action that will be
triggered when the alarm threshold is exceeded.
The alarm group periodically takes statistical samples from variables and compares them to
previously configured thresholds. The Alarm Table stores configuration entries that define a
variable, a polling period, and threshold parameters. If the RMON agent determines that a
sample crosses the threshold values, it generates an event. You can specify rising or falling
thresholds, indicating network faults such as slow throughput or other network-related
performance problems. You specify rising thresholds when you want to be notified that an
alarm has risen above the threshold you specified. You specify falling thresholds when you
want to be notified that the network is behaving normally again. For example, you might
specify a falling threshold of 30 collisions per second to indicate a return to acceptable behavior.
When you configure an alarm condition, you must define the following values:
y Rising and falling thresholds used to detect when network trouble starts and when it ends.
An RMON event is the action that occurs when an associated RMON alarm is triggered. When
an alarm event occurs, it can be configured to generate a log event, a trap to an SNMP network
management station, or both.
An RMON alarm allows you to monitor a MIB object for a desired transitory state. An alarm
periodically takes samples of the object's value and compares them to the configured thresholds.
To set an RMON alarm, use the following commands in Global configuration mode:
Command Task
(Continued)
(config)# rmon alarm 1 10 pkts 1 absolute both threshold 1000 100 event-index 1
1 owner aaa
(config)# end
# show rmon
RMON: Enabled
Extended RMON: Extended RMON module is not present
[statistics]
index status dataSource
----- -------------- -----------------------------
1 valid iso.3.6.1.2.1.2.2.1.1.5 ( 2/2)
[history]
index status dataSource
----- -------------- -----------------------------
5 valid iso.3.6.1.2.1.2.2.1.1.3 ( 1/2)
[alarm]
index status sample
----- -------------- -----------------------------
1 valid iso.3.6.1.2.1.16.1.1.1.5.1
[event]
index status type
----- -------------- ---------------
1 valid none
Before configure RMON alarm group, you should verify that the statistics group
(<StatisticsIndex>) is defined. If you specify undefined statistics group, the ‘Can't fetch
the MIB values’ message will be displayed:
(config)# rmon alarm 2 20 pkts 10 absolute rising threshold 1000 100 event-
index 1 1 owner aaa
Can't fetch the MIB values
(config)#
To display the detail information on an alarm group, enter the show rmon alarm command
with the alarm number:
To delete a RMON alarm group, enter the no rmon alarm command in Global configuration
mode:
Command Description
snmp-server enable Enables Simple Network Management Protocol (SNMP) notification for
traps various trap types.
snmp-server group Limits hosts which can access to the system through SNMP based on the
access access list.
show snmp-server
Displays SNMP statistics.
statistics
show snmp-server
Displays the list of the trap receiver hosts.
traphost
Displays the contents of the RMON alarm table, event table, history table,
show rmon
and statistics table.
This chapter describes how to configure QoS (Quality of Service) on the Corecess R1-AD series.
The QoS selects network traffic, prioritizes it according to its relative importance, and provides
priority-indexed treatment through congestion avoidance techniques. Implementing QoS in
your network makes network performance more predictable and bandwidth utilization more
effective.
y Packet classification
y Packet Filtering
Packet Classification
Classification is the process of selecting packets on which to perform QoS and reading the QoS
information. Using packet classification, you can partition network traffic into multiple priority
levels or classes of service. The Corecess R1-AD series uses the values in the following fields of
the layer 1 ~ layer 4 IP packet headers as a criterion to classify packets:
y DHCP packet filtering: Filters DHCP Offer packets received from ADSL subscriber to
prevent the subscribers from operating subscriber’s private DHCP server.
y NetBIOS packet filtering: Filters NetBIOS packets to prevent ADSL subscribers from
sharing data via NetBEUI/NetBIOS protocols.
y CIFS (Cognitive Information Filtering System): Filters the particular class of traffic based
on the source/destination IP address and TCP/UDP port number.
This section describes how to configure QoS on the Corecess R1-AD series.
The following diagram shows steps for configuring QoS service policy:
You can classify packets and assign them to specific queues based on the following criteria:
After creating class-maps, the Corecess R1-AD series checks the inbound or outbound packets
by the criteria in class-maps. QoS actions defined in the policy-map for the class will be applied
to the classified packets into classes.
You can create a class-map by using the class-map command in QoS configuration mode.
When you enter the class-map command, the Corecess R1-AD series enters Class-map
configuration mode. In this mode, the match criterion is defined for the traffic by using the
match command.
Command Task
y Because the ingress packet to a VLAN and egress packet from a VLAN are not
distingushied, the match vlan-sid and match vlan-did command provides the
same function.
y If you define the ip-sa and ip-da criteria in a class map, you should specify the <wildcard>
for the source IP address and the destination IP address to the 0.0.0.0. Otherwise you
can not add the ether-type, mac-sa, mac-da, vlan-sid, and vlan-did criteria in the class
map.
(config)# qos
(config-qos)# class-map class1
(config-cmap)# match ip-sa 172.27.2.16 0.0.255.255
(config-cmap)# end
# show classmap
ClassMap
--------------------------------------------------
Name : class1
Match Content : ip-sa 172.27.2.16/0.0.255.255
Total Entries = 1
#
The following example shows how to create a class map and define the criteria by using the
destination IP address and the destination TCP port number:
(config)# qos
(config-qos)# class-map class2
(config-cmap)# match ip-da 10.10.10.1 0.0.0.255
(config-cmap)# match tcp-dpn 25
(config-cmap)# end
# show classmap class2
ClassMap
--------------------------------------------------
Name : class2
Match Content : ip-da 10.10.10.1/0.0.0.255
: tcp-dpn 25
QoS Actions
The followings are QoS actions which can be included in a policy-map:
To apply multiple QoS actions to a traffic class, multiple QoS actions can be included in a
policy-map.
Command Task
qos 1. Enter QoS configuration mode.
policy-map 2. Create a policy map and enter Policy-map configuration mode.
<policy-map-name> y <policy-map-name>: Name of a policy map to define.
3. Specify the class to which the policy map applies and enter
Policy-map-class configuration mode.
class <class-name>
y <class-name>: The name of the class to which the policy
map applies.
4. Configures Qos actions for the class.
y Assing the priority for a trassfic class means that the traffic class is permitted. Therfore, if
you assing the priority for a trassfic class, you should not apply filtering action to the traffic
class.
y The Corecess R1-AD series uses rate-limiting to mitigate DoS (Denial of Service) attacks.
Thereofore you should add the filter to-proc command when configuring rate-
limiting feature.
(config)# qos
(config-qos)# policy-map polmap1
(config-pmap)# class class1
(config-pmap-c)# priority 6
(config-pmap-c)# end
# show policymap
PolicyMap
--------------------------------------------------
Name : polmap1
Linked ClassMap : class1
Policy : priority 6
Total Entries = 1
#
The following example shows how to create a policy map, specify a class map to which the
policy map applies, and specify the limited rate to be applied to the class map:
(config)# qos
(config-qos)# policy-map polmap1
(config-pmap)# class class2
(config-pmap-c)# rate-limit rate 640
(config-pmap-c)# filter to-proc
(config-pmap-c)# end
# show policymap
PolicyMap
--------------------------------------------------
Name : polmap1
Linked ClassMap : class1
Policy Content : priority 6
Linked ClassMap : class2
Action : To Processor
Policy : rate-limit rate 640
Total Entries = 1
#
(config)# qos
(config-qos)# policy-map filter-policy
(config-pmap)# class class101
(config-pmap-c)# filter deny
(config-pmap-c)# end
# show policymap filter-policy
PolicyMap
--------------------------------------------------
Name : filter-policy
Linked ClassMap : class101
Action : Deny
#
You can remove a class-map from the policy-map, using the no class command in Policy-
map configuration mode. The no class command does not delete the class-map but
disconnects the relation between the policy-map and the class-map. To delete a class-map, use
the no class-map command in QoS configuration mode. This example shows how to remove
a class-map from the policy-map and verify the result:
(config)# qos
(config-qos)# policy-map polmap1
(config-pmap)# no class class1
(config-pmap)# end
# show policymap
Name : polmap1
Total Entries = 1
#
You can delete a policy-map using the no policy-map command in QoS configuration mode.
This example shows how to delete a policy-map:
(config)# qos
(config-qos)# no policy-map polmap1
(config-qos)#
Ethernet switch
Broadcast Storm
Corecess R1-AD24
Broadcast Broadcast
Command Description
Enables broadcast suppression on a VLAN interface.
broadcast-storm-control y <vlan-id>: VLAN ID to enable the broadcast storm control (1 ~
vlan id <vlan-id> bps 4094).
<bit-number> y <bit-number>: The maximum number of broadcast bits per
second number. Valid range is from 1 to 5000000. Default is 48000.
(config)# qos
(config-qos)# broadcast-storm-control vlan id 1 bps 256
(config-qos)#
Command Description
Enables broadcast suppression on a VLAN interface.
unknown-unicast-storm- y <vlan-id>: VLAN ID to enable the broadcast storm control (1 ~
control vlan id <vlan- 4094).
id> bps <bit-number> y <bit-number>: The maximum number of broadcast bits per
second number. Valid range is from 1 to 5000000. Default is 48000.
The following example enables the unknown-unicast storm on the default VLAN:
(config)# qos
(config-qos)# unknown-unicast-storm-control vlan id 1 bps 256
(config-qos)#
Filters DHCP Offer packets received from ADSL subscriber to prevent the
DHCP Packet Filtering
subscribers from operating subscriber’s private DHCP server.
Note: For more detail information about CIFS, refer to the Chapter 10 Configuring
Security in this manual.
If a host connected to the Corecess R1-AD series runs a private DHCP server, other hosts
connected to the Corecess R1-AD series may receive an invalid IP address from that private
DHCP server. To prevent this, you can filter DHCP Offer packets received from a host.
Corecess R1-AD24
Filters DHCP Offer packets received
from ADSL subscribers.
DHCP server
To discard the all DHCP OFFER packets, enter the following command in Global configuration
mode:
Command Task
qos 1. Enter QoS configuration mode.
(config)# qos
(config-qos)# dhcp-offer filter discard adsl 2/1-24
(config-qos)# end
# show dhcp-offer-filter
Dhcp Offer Filter Ports
--------------------------------------------------
Discard : 2/1-24
#
Internet or LAN
Ethernet switch
Corecess R1-AD24
Command Task
show netbios-filter 4. Display the ports configured to filter the NetBIOS packets received.
(config)# qos
(config-qos)# netbios filter discard
(config-qos)# end
# show netbios-filter
Netbios Filtering Ports
--------------------------------------------------
Discard : All Ports
#
Command Description
broadcast-storm-
Enables the broadcast storm control on the specified VLAN.
control
Specifies the VLAN ID that the input port belongs to as a match criterion of a
match vlan-sid
class map.
netbios filter
Filters the NetBIOS packets received from the specified port.
discard
policy-map Enters QoS policy map configuration mode to configure the QoS policy map.
service-policy Applies a policy map to all packets received from the Corecess R1-AD series.
This chapter describes how to configure security features on the Corecess R1-AD series.
Configuring Password
You can provide access control on a terminal line by entering the password and establishing
password checking.
> passwd
Changing password for corecess
Old password: Enter the current password.
Enter the new password (minimum of 5, maximum of 8 characters)
Please use a combination of upper and lower case letters and numbers.
Enter new password: Enter the new password.
Re-enter new password: Enter the new password again.
Password changed.
>
User mode is signified on the system by the > prompt. At this point, you can enter a variety of
commands to view statistics on the system, but you cannot change the configuration of the
system.
You can specify the password for the Privileged mode using enable passwd command in the
Global configuration mode. The following example sets the Privileged mode password to
‘ccAD24’ by the enable passwd command in the Global mode.
After setting the Privileged mode password, you should enter the password to go to the
Privileged mode from user mode as follows:
> enable
Password: ccAD24
Privileged mode is signified by the # prompt. In the Privileged mode, you can enter all
commands to view statistics and configure the system.
To delete the password for the Privileged mode, enter the no enable passwd command in
the Global configuration mode:
You can hide clear-text passwords by storing passwords in an encrypted manner so that anyone
entering write terminal commands will not be able to determine the clear-text password.
The following example shows how to encrypt a user password and display the password on the
terminal line:
# configure terminal
(config)# username guest passwd 8 guest
(config)# end
# write terminal
Building configuration...
Current configuration:
banner incoming "welcome\n"
username recover passwd 8 $1$$nlCC0vP6YG0ZB0Mp685Fy0
username guest passwd 8 $1$$ysap7EeB9ODCrO46Psdbq/
:
:
The default timeout for an unattended telnet session is 10 minutes. To change the login timeout,
enter the following command in Global configuration mode:
Command Task
line vty 1. Enter the VTY-line configuration mode.
2. Set the login timeout.
exec-timeout <minute>
y <minute>: Timeout in minutes ( 1 ~ 600)
Access list criteria could be the source address of the traffic, the destination address of the traffic,
the upper layer protocol, or other information. Note that sophisticated users can sometimes
successfully evade or fool basic access lists because no authentication is required.
You can use standard access lists to control the Telnet or SNMP access methods to management
functions on the Corecess R1-AD series.
Server B
Corecess R1-AD24A
Access list
x Source IP address : 172.20.128.64
x Permit/deny : Permit
x Flow : Out
Host A Host B
IP: 172.20.128.10 IP: 172.20.128.64
In the above example, the access list allows access from the 172.20.128 64 host. Therefore the
host B connected to the Corecess R1-AD24A can access to the Server A or Server B and the host
A can’t access to the Servers.
Command Task
configure terminal 1. Enter Global configuration mode.
access-list <list-number> 2. Configure an ACL with the IP addresses you want to allow or
{permit| deny} <subnet-ip> deny to access the system.
[<mask>] y <list-number>: Number of the standard access list (1 ~ 99,
1300 ~ 1999)
y permit: Permits the frame whose source address matches the
condition.
y deny: Denies the frame whose source address matches the
condition.
y <subnet-ip>: The IP address of the source network or host
access-list <list-number> in hexadecimal form (xxx.xxx.xxx.xxx).
{permit| deny} any y <mask>: Subnet mask bit to be applied to <subnet-ip>.
The subnet mask is a four-part value in dotted-decimal
notation (IP address format) consisting of ones and zeros.
Zeros in the mask mean the packet's source address must
match the <subnet-ip>. Ones mean any value matches.
y any: Configures the policy to match on all host addresses.
end 3. Return to Privileged mode.
show access-list 4. Verify the defined access lists.
x The wildcard is a four-part value in dotted-decimal notation (IP address format) consisting
of ones and zeros. Zeros in the mask mean the packet's source address must match the
<source-ip>. Ones mean any value matches. For example, the <source-ip> and <wild-
card> values 209.157.22.26 0.0.0.255 mean that all hosts in the Class C sub-net
209.157.22.x match the policy.
x The packets that do not match any entries in an access list are denied.
# configure terminal
(config)# access-list 1 permit 192.5.34.0 0.0.0.255
(config)# access-list 1 permit 128.88.0.0 0.0.255.255
(config)# access-list 1 permit 36.0.0.0 0.255.255.255
(config)# end
# show access-list
Standard IP access list 1
permit 192.5.34.0, wildcard bits 0.0.0.255
permit 128.88.0.0, wildcard bits 0.0.255.255
permit 36.0.0.0, wildcard bits 0.255.255.255
#
The following example shows how to define an access list which denies the access from the
specified host:
# configure terminal
(config)# access-list 2 deny host 171.69.198.102
(config)# access-list 2 permit any
(config)# end
# show access-list
Standard IP access list 2
deny 171.69.198.102
permit any
#
To restrict terminal line access to the system using access lists, enter commands such as the
following:
Command Task
line vty 1. Enter the VTY-line configuration mode.
2. Apply the access lists to terminal line.
y <access-list-number>: Number of an IP access list (1 ~
99, 1300 ~ 1999).
access-class <list-number>
{in | out}
y in: Restricts incoming connections between the system and
the addresses in the access list.
y out: Restricts outgoing connections between the system and
the addresses in the access list.
The following example shows how to apply the access list to terminal line. The Corecess R1-
AD24A allows Telnet access to all IP addresses except the hosts listed in access list 2.
The following example shows how to apply the access list to terminal line. The Corecess R1-
AD24A denies connections to networks other than network 192.89.55.0:
# configure terminal
(config)# access-list 12 permit 192.89.55.0 0.0.0.255
(config)# line vty 0 5
(config-line)# access-class 12 out
(config-line)#
To restrict SNMP access to the system using access lists, enter the snmp-server group
access commands such as the following:
Command Description
snmp-server group 1. Apply the access list to SNMP access.
access <list-number> y <list-number>: Standard access list number (1 ~ 99, 1300 ~ 1999)
The following example shows how to apply the access list to SNMP access. The Corecess R1-
AD24A allows SNMP access to all IP addresses except the hosts listed in access list 2.
# configure terminal
(config)# snmp-server group access 2
(config)#
Types of Filtering
The Corecess R1-AD series supports the following types of filtering:
Filters DHCP Offer packets received from ADSL subscriber to prevent the
DHCP Packet Filtering
subscribers from operating subscriber’s private DHCP server.
Filters NetBIOS packets to prevent ADSL subscribers from sharing data via
Netbios Packet Filtering
NetBEUI/NetBIOS protocols.
Port Filtering
You can configure port filtering feature to not allow communication between ADSL ports on
the Corecess R1-AD series. Refer the Chapter 6 / Configuring Ports – Configuring ADSL Ports
section, to configure the ADSL port filtering feature.
The following is the steps for configure filtering policy on the Corecess R1-AD series.
1. Create Classes
Create a class map and define the classification criteria for the class map.
2. Creating a Policy
Create a policy map, specify the class to which the policy map applies, and define the actions
that you want the system to take for the particular class of traffic.
This section describes how to create a QoS service policy according to the above steps.
Note: For more detail information about QoS (Quaility of Service), refer to the Chapter 9
Configuring QoS in this manual..
Creating Classes
To create a class map and specify the way in which the Corecess R1-AD series should classify
traffic, enter the following commands in Global configuration mode:
Command Task
qos 1. Enter QoS configuration mode.
class-map 2. Create a class map and enter Class-map configuration mode.
<class-map-name> y <class-map-name>: Class map name
(Continued)
3-e. Specifies the source TCP port number as a match criterion of a class
match tcp-spn
map.
<tcp-port-num>
y <tcp-port-num>: Source TCP port number (0 ~ 65535)
3-f. Specifies the source UDP port number as a match criterion of a class
match udp-spn
map.
<udp-port-num>
y <udp-port-num>: Source UDP port number (0 ~ 65535)
3-g. Specifies the VLAN ID that the input port belongs to as a match
match vlan-sid
criterion of a class map.
<vlan-id>
y <vlan-id>: VLAN ID (1 ~ 4094)
end 4. Return to Privileged mode.
show classmap 5. Verify the class map configuration.
[<class-map-name>] y <class-map-name>: Class map name
Note: Because the ingress packet to a VLAN and egress packet from a VLAN are not
distingushied, the match vlan-sid and match vlan-did command provides the same
function.
(config)# qos
(config-qos)# class-map class101
(config-cmap)# match ip-da 10.10.10.1 0.0.0.255
(config-cmap)# match tcp-dpn 25
(config-cmap)# end
# show classmap class101
ClassMap
--------------------------------------------------
Name : class101
Match Content : ip-da 10.10.10.1/0.0.0.255
: tcp-dpn 25
#
Command Task
qos 1. Enter QoS configuration mode.
policy-map 2. Create a policy map and enter Policy-map configuration mode.
<policy-map-name> y <policy-map-name>: Name of a policy map to define
3. Specify the class to which the policy map applies and enter Policy-
class <class-name> map-class configuration mode.
y <class-name>: Class map name
4. Specify whether to filter the traffic class or not.
y deny: Discards the class of traffic belonging to a policy
filter {deny | permit} map.
y permit: Permits the class of traffic belonging to a policy
map.
end 5. Return to Privileged mode.
show policymap 6. Verify the QoS policy.
[<policy-map-name>] y <policy-map-name>: Name of a policy map to verify
The following example shows how to define QoS policy that you want the system to filter that
particular class of traffic:
(config)# qos
(config-qos)# policy-map filter-policy
(config-pmap)# class class101
(config-pmap-c)# filter deny
(config-pmap-c)# end
# show policymap filter-policy
PolicyMap
--------------------------------------------------
Name : filter-policy
Linked ClassMap : class101
Action : Deny
#
Command Description
Restricts incoming and outgoing connections between the Corecess R1-AD series
access-class
virtual terminal and the addresses in an access list.
access-list Defines a standard IP access list using source addresses for filtering packets
(Standard) received/transmitted through the specific interface.
Sets the interval that the EXEC command interpreter waits until user input is
exec-timeout
detected.
filter Configures filtering a class of traffic which belongings to a policy map.
match Specifies a match criterion for a class map.
netbios filter
Filters NetBIOS packets
discard
This chapter describes how to configure IGMP snooping for the Corecess R1-AD series to
manage the multicast traffic.
There are three Internet transmission mode - unicast, broadcast, and multicast.
Unicast transmission mode transmits data from one source to one destination. It is used in
general Internet application program such as Telnet or ftp. Unicast transmission mode must
repeatedly transmit as many data packets as the number of the receivers, therefore not an
appropriate mode for communication such as image conference or internet broadcasts since it
reduces the effectiveness of the communication network and the transmission pressure of the
transmitter increases.
300K x 3 = 900K
Video
Server
Multicast
Router
300K x 2 = 600K
300K
Service User
Broadcast transmission mode is the transmission of the copy of packet to all receivers in the
same network from one transmitter.
300K
Video
Server
Multicast
Router
300K
300K
Multicast User
For the unicast transmission, there is a receiver address displayed on the packet header. But for
the multicast transmission, there is a marks which contains the multicast group address
receivers belong.
D class IP address is used for multicast group address. The range of D class is 224.0.0.0 ~
239.255.255.255, and IP address 224.0.0.0 ~ 224.0.0.255 among this range is assigned for other
uses and cannot be used.
Without IGMP snooping, multicast traffic is treated in the same manner as broadcast traffic,
that is, it is forwarded to all ports. With IGMP snooping, multicast traffic of a group is only
forwarded to ports that have members of that group. IGMP Snooping generates no additional
network traffic, allowing you to significantly reduce multicast traffic passing through your
switch.
For IGMP version 1, if a host does not want to receive the IGMP traffic, it just silently quit the
group. IGMP multicast routers periodically send Host Membership Query messages to discover
if any member is still interesting in the specific multicast group traffic. As long as the IGMP
snooping switch receives this Query Group message, it forwards the message to the associated
port including in the multicast group. If the switch doesn't receive Report Group message for 3
times, it delete the IP multicast group MAC of associated port in the MAC Filtering Database.
Note: Multicast network must be a tree structure with the multicast router as a root.
# configure terminal
(config)# ip igmp snoop
(config)#
To enable IGMP on a VLAN, enter the ip igmp snoop vlan id command in Global
configuration mode:
Command Description
ip igmp snoop vlan 1. Enable IGMP snooping on the specified VLAN.
id <vlan-id> y <vlan-id>: VLAN ID (1 ~ 4094)
The following example shows how to enable IGMP snooping on the default VLAN:
# configure terminal
(config)# ip igmp snoop vlan id 1
(config)#
Note: You can disable IGMP snooping on a VLAN by using the no ip igmp snoop
vlan id in the global configuration mode.
To enable IGMP fast-leave processing on a port interface, enter the ip igmp snoop fast-
leave command in Global configuration mode:
Command Description
This example shows how to enable IGMP fast-leave processing on the Gigabit Ethernet port 1/1:
# config terminal
(config)# ip igmp snoop fast-leave port gigabitethernet 1/1
(config)#
Command Task
configure terminal 1. Enter Global configuration mode.
2. Configure a specified port as a router port.
ip igmp snoop mrouter
y <port-type>: The type of the port to configure as a router
port <port-type>
port. ( gigabitethernet, adsl)
<slot>/<port> vlan id
y <slot>/<port>: The slot number and port number of the port.
<vlan–id>
y <vlan-id>: VLAN ID
end 3. Return to Privileged mode.
show ip igmp snoop
4. Verity the static router port.
mrouter
The following example shows how to add the Gigabit Ethernet port 1/1 as a router port:
# config terminal
(config)# ip igmp snoop mrouter port gigabitethernet 1/1 vlan id 1
(config)# end
# show ip igmp snoop mrouter
---------- ----- ---------------
port vlan router ip
---------- ----- ---------------
Internal N/A 0.0.0.0
1/1 1 0.0.0.0
---------- ----- ---------------
Total Number : 2
---------- ----- ---------------
#
Command Task
configure terminal 1. Go to global configuration mode.
no ip igmp snoop 2. If IGMP snooping is enabled globally, disable IGMP snooping.
3. Define a multicast group.
ip igmp snoop mgroup
y <group-address>: Address of the multicast group.
<group-address> port
y <port-type>: The type of the port to configure of a member
<port-type> <slot>/ port>
port. ( gigabitethernet, adsl)
[vlan <vlan-id>]
y <slot>/<port>: The slot number and port number of the port.
end 4. Return to Privileged mode.
show ip igmp snooping 5. Verify the IGMP multicast group.
The following example shows how to add the ADSL 2/1 ~ 2/5 as a member of group
01:00:5e:02:02:02:
# config terminal
(config)# no ip igmp snoop
(config)# ip igmp snoop mgroup 225.2.2.2 port adsl 2/1-5 vlan id 2
(config)# end
# show ip igmp snoop
1 224.0.255.1 0.0.0.0 2/5-8 static 0
1 225.2.2.2 0.0.0.0 1/1-5 static 0
#
To configure IGMP group membership timeout, perform this task in the privileged mode:
Command Task
configure terminal 1. Enter Global configuration mode.
ip igmp snoop
2. Set IGMP group membership timeout.
membership timeout
y <second>: IGMP group membership time in seconds (1 ~ 260)
<second>
The following example shows how to change IGMP membership time to 240 seconds:
# config terminal
(config)# ip igmp snoop membership timeout 240
(config)# end
# show ip igmp snoop membership timeout
240
#
Command Task
configure terminal 1. Enter Global configuration mode.
2. Specify the maximum number of IGMP groups that a port can join.
ip igmp snoop group- y <group-number>: Maximum number of IGMP groups that the
number-limit <number> specified port can join (1 ~ 4094).
port <port-type> y <port-type>: The type of the port to configure.
<slot>/<port> ( gigabitethernet, adsl)
y <slot>/<port>: The slot number and port number of the port.
The following example shows how to limit the number of IGMP groups that the Gigabit
Ethernet port 1/1 to 25:
# config terminal
(config)# ip igmp snoop group-number-limit 25 port gigabitethernet 1/1
(config)#
The show ip igmp snooping command displays the multicast group information in the
following format:
Filed Description
How long in seconds until the entry is removed from the IGMP groups table.
timeout left
In case of a static multicast group, 0 is displayed.
The table below describes fields shown by the show ip igmp snooping vlan command:
Field Description
Type Status of whether the port was configured manually as a multicast router port.
How long the port will remain as member on the multicast group in the absence of
timeout left
an IGMP reports.
Command Description
ip igmp snoop Globally enables IGMP snooping.
ip igmp snoop Specifies IGMP group membership time which defines how long a group
membership timeout will remain active on an interface in the absence of a group report.
Hosts normally join multicast groups dynamically, but you can also
ip igmp snoop mgroup
configure a host statically on an interface.
Displays the multicast groups that are directly connected to the system
show ip igmp snoop
and that were learned via IGMP.
show ip igmp snoop Displays IGMP group membership time which defines how long a group
membership timeout will remain active on an interface in the absence of a group report.
This chapter describes how to configure DHCP snooping for the Corecess R1-AD series to
manage the DHCP traffic and ARP traffic.
y Client port
Client port generates, deletes, or manages the dynamic binding entries using DHCP messages
which are passed through and transmits the DHCP messages (DHCPDISCOVER,
DHCPREQUEST, and so on) to the server ports. If there is no server port, client port sends the
messages to CPU.
y Transparent port
Transparent port does the same functions as the client port. But no policy and limitation are
applied.
When DHCP snooping is enabled, the system base rule is set to ‘deny’ which means no packets
can be received or sent except DHCP messages. The DHCP messages received from the client
ports will be forwarded to the server port or the CPU. If the CPU detects DHCPACK message is
received from the DHCP server, DHCP snooping saves the binding information (such as the
MAC address, the IP address, the lease time, and so on) in the database, and then forwards the
message to the client ports.
When a link of a DHCP client is down, DHCP snooping applies ‘deny‘ filtering rule to the
binding entry and keep maintaining information on the binding entry instead of deleting it
immediately. When the link is up again, DHCP snooping applies ‘permit’ filtering rule and
restart the service for the DHCP client. If DHCPREQUEST message is received again from a
DHCP client and the DHCP server sends DHCPACK message in response to DHCPREQUEST
message, the timer for this binding entry is updated to the lease time include in new DHCPACK
message.
Commands Task
# configure terminal
(config)# ip dhcp snoop
(config)#
Note: To disable DHCP snooping on the Corecess R1-AD series, use the no ip dhcp
snoop command in Global configuration mode.
(config)# no ip dhcp snoop
(config)#
Commands Description
Note: If you enable DHCP snooping, all packets except DHCP messages will be discarded
on all ports. If you do not want to apply this limitation to a port, configure the port as a
transparent port.
The following example specifies the Gigabit Ethernet ports 1/1-2 as a server port:
The following example specifies the ADSL ports 2/1.1 as DHCP snooping ports:
Commands Task
The following example shows how to enable DHCP snooping filtering for the whole system:
The following example shows how to set the type of DHCP snooping filtering rule:
Commands Task
The following example shows how to disable DHCP snooping filtering for the ADSL port 2/1:
The following example configures the ADSL port 4/1 to receive the only unicast packets from
the DHCP clients:
To configure the information reforwarding policy, use the following command in Global
configuration mode:
Commands Description
The following example shows how to change the information reforwarding policy to ‘replace’:
Commands Description
The following example specifies the maximum number of the DHCP clients for the ADSL ports
2/1:
Commands Description
Add a static DHCP snoop binding entry.
ip dhcp snoop port y <port-type>: Type of the port to add a binding entry.
<port-type> <slot>/<port> y <slot>/<port>: Slot number and port number of the port.
static <mac-addr> <ip-addr> y <mac-addr>: MAC address of a DHCP client.
y <ip-addr>: IP address of a DHCP client.
The following example shows how to add a static binding entry to the ADSL port 2/1:
Commands Description
The following example shows how to clear all dynamic binding entries generated on the ADSL
port 2/1-24:
Option 82 communicates information to the DHCP server using a suboption of the DHCP relay
agent information option. There are three types of suboptions supported by the Corecess R1-AD
series, ATM-VC, NAS, and Switch.
The following shows the format of the suboption when you select ATM-VC encoding: for
example, 00120-DSL01-001/00-0/01-0/03/2/32@HRl-C.
Each field is expressed in the <field name:bits> form. Each part means location code (n), port
information (o), and site code (p). You can set the location code and site code using the ip
dhcp snoop opt82-attr in Global configuration mode. If you set the Circuit ID for a port or
a PVC using ip dhcp snoop port circuit-id command, the Circuit ID is used for DHCP
option 82 data instead of the above suboption format.
The following figure shows the format of the suboption when you select NAS encoding:
The following figure shows the format of the suboption when you select Switch encoding:
Command Task
1. Enables DHCP option 82 data insertion.
y atm-vc: DHCP option 82 field is encoded based on ATM-VC.
ip dhcp snoop opt82
y nas <ip-address>: DHCP option 82 field is encoded based
{atm-vc | nas
on the IP address of NAS.
<ip-address> | switch}
y switch: DHCP option 82 field is encoded based on the interface
index and MAC address of the switch.
2. When you select atm-vc option in the above step, set DHCP
option 82 data using the following commands.
Note: If you not specify the DHCP option 82 data for a port or a PVC (Circuit ID) using the
ip dhcp snoop port circuit-id command, the global DHCP option 82 data defined
using the ip dhcp snoop opt82-attr command is used.
The following example shows how to enable the system to insert DHCP option 82 data based on
ATM-VC and how set the location code and site code that is used globally:
This example shows how to specify the Circuit ID for the ADSL port 2/1.1:
The following is the sample output from show ip dhcp snoop command:
Command Description
y <port-type>: Type of the port to display the IP address
show ip dhcp snoop binding
binding information
{port <port-type>
y <slot>/<port>: Slot number and port number of the port.
<slot>/<port> | vlan id
y <vlan-id>: VLAN ID (1 ~ 4094).
<vlan-id> <ip-address>}
y <ip-address>: IP address assigned to a DHCP client.
The following is the sample output from show ip dhcp snoop binding command:
Command Description
The following is the sample output from show ip dhcp snoop port command:
Commands Task
The following example shows how to enable ARP snooping on the Corecess R1-AD24A:
# configure terminal
(config)# ip arp snoop
(config)#
Note: To disable ARP snooping on the Corecess R1-AD series, use the no ip arp
snoop command in Global configuration mode.
(config)# no ip arp snoop
(config)#
Commands Task
The following example shows how to set sanity check on the Corecess R1-AD24:
To configure secure-request type, use the following commands in Global configuration mode.
Commands Task
The following example shows how to configure secure-request type on the Corecess R1-AD24:
# configure terminal
(config)# ip arp snoop request secure-broadcast
(config)#
The following is the sample output from the show ip arp snoop table command:
This chapter describes how to configure STP (Spanning Tree Protocol) and RSTP (Rapid
Spanning Tree Protocol) on the Corecess R1-AD series.
STP Overview
STP is a Layer 2 link management protocol that provides path redundancy while preventing
loops in the network. For a Layer 2 Ethernet network to function properly, only one active path
can exist between any two stations. Spanning-tree operation is transparent to end stations,
which cannot detect whether they are connected to a single LAN segment or a switched LAN of
multiple segments.
In the following network configuration, there are two paths from Switch A to Switch C. One of
the path is path 2 connected directly and the other path is path 1 and path 2 through Switch B.
A loop is formed in this network because multiple active paths exist between Switch A and
Switch C. In this network, end stations might receive duplicate messages. For example, if Switch
A broadcasts packets, Switch C broadcasts the received packets to Switch A, and Switch A
broadcast the packets again.
Switch A
Path 1 Path 2
Path 3
Switch B Switch C
STP defines a tree with a root switch. When two interfaces on a switch are part of a loop, the
spanning-tree port priority and path cost settings determine which interface is put in the
forwarding state and which is put in the blocking state. Spanning tree forces redundant data
paths into a standby (blocked) state.
Switch A
Path 1 Path 2
(Forwarding) (Forwarding)
Path 3
Switch B (Blocking) Switch C
Switches send and receive spanning-tree frames, called bridge protocol data units (BPDUs), at
regular intervals. The switches do not forward these frames, but use the frames to construct a
loop-free path.
If a network segment in the spanning tree fails and a redundant path exists, the spanning-tree
algorithm recalculates the spanning-tree topology and activates the standby path.
When the switches in a network are powered up, each switch functions as the root switch. Each
switch sends a configuration BPDU through all of its ports. The BPDUs communicate and
compute the spanning-tree topology. Each configuration BPDU contains this information:
y Unique bridge ID of the switch that the sending switch identifies as the root switch
y Message age
y Values for the hello, forward delay, and max-age protocol timers
Bridge ID determines the selection of the root switch. Each VLAN on the switch has a unique 8-
byte bridge ID; the two most-significant bytes are used for the switch priority, and the
remaining six bytes are derived from the switch MAC address. The switch with the highest
switch priority (the lowest numerical priority value) is elected as the root switch. If all switches
are configured with the default priority (32768), the switch with the lowest MAC address in the
VLAN becomes the root switch.
A root port is selected for each switch (except the root switch). This port provides the best path
(lowest cost) when the switch forwards packets to the root switch.
BPDU has three spanning-tree timers (hello, forward delay, max age). The following table
describes the timers that affect the entire spanning-tree performance:
Timer Description
When this timer expires, the interface sends out a Hello message to the
Hello timer
neighboring nodes.
Determines how long each of the listening and learning states last before the
Forward delay timer
interface begins forwarding.
Determines the amount of time the switch stores protocol information received
Max age timer
on an interface.
y Blocking: The port does not participate in frame forwarding. (Default state)
y Listening: The first transitional state after the blocking state when the spanning tree
determines that the port should participate in frame forwarding.
y Disabled: The port is not participating in spanning tree because of a shutdown port, no link
on the port, or no spanning-tree instance running on the port.
The port in the blocking state does not participate in frame forwarding. After initialization, a
BPDU is sent to each interface in the switch. A switch initially functions as the root until it
exchanges BPDUs with other switches. This exchange establishes which switch in the network
is the root or root switch. If there is only one switch in the network, no exchange occurs, the
forward-delay timer expires, and the ports move to the listening state. A port always enters the
blocking state after switch initialization.
The port in the blocking state does not participate in frame forwarding. After initialization a
BPDU is sent to each interface in the switch. A switch initially functions as the root until it
exchanges.
The listening state is the first state a port enters after the blocking state. The port enters this state
when the spanning tree determines that the interface should participate in frame forwarding.
When the forward-delay timer expires, the port moves to the learning state.
The port in the learning state does not transmit or receive frames. However, the port can learn
the MAC addresses of frames received on the port. When the forward-delay timer expires,
spanning tree moves the port to the forwarding state.
The port in the forwarding state forwards frames received on the port.
The port in the disabled state does not participate in frame forwarding or in the spanning tree.
This can occur when the port is disconnected or STP is administratively disabled on the port.
When two interfaces on a switch are part of a loop, the spanning-tree port priority and path cost
settings determine which interface is put in the forwarding state and which is put in the
blocking state. The port priority value represents the location of an interface in the network
topology and how well it is located to pass traffic. The path cost value represents media speed.
Spanning tree forces redundant data paths into a standby (blocked) state. If a network segment
in the spanning tree fails and a redundant path exists, the spanning-tree algorithm recalculates
the spanning-tree topology and activates the standby path.
The key difference between STP and RSTP is the transition states of a port. STP moves a port
from the blocking state to the forwarding state after the listening and the learning state. RSTP
reduces the transition steps by moving directly a port from the blocking state to the forwarding
state. This allows rapid reconfiguration capability when the topology has changed.
The key difference between STP and RSTP is the transition states of a port. STP moves a port
from the blocking state to the forwarding state after the listening and the learning state.
There are only three port states left in RSTP 802.1W, corresponding to the three possible
operational states. The STP 802.1D states disabled, blocking, and listening have been merged
into a unique RSTP discarding state. The following table provides a comparison of STP and
RSTP port states.
Is Port Included in
STP Port RSTP Port Operational Is port learning
the Active
State State Status MAC Addresses?
Topology?
Blocking Discarding Enabled No No
10Mbps 2,000,000
10Gbps 2,000
y Setting spanning tree timers (Hello time, Max age, Forward delay)
Command Task
configure terminal 1. Enter Global configuration mode.
# config terminal
(config)# stp vlan id 2
(config)# end
# show stp vlan id 2
VLAN ID: 2
Protocol Operation: enabled
Root Bridge: yes
STP version: rstp(2)
Pathcost Encoding: 32bit
BridgeID: 0x8000-009000002003
Time since topology change: 82(s)
Topology changes: 0
Designated Root BridgeID: 0x8000-009000002003
Root Path Cost: 0
Root Port Number(logical): 0
:
#
Disable STP only if you are sure there are no loops in the network topology. When STP is
disabled and loops are present in the topology, excessive traffic and indefinite packet
duplication can drastically reduce network performance. To disable STP on a per-VLAN basis,
enter the no stp vlan command in Global configuration mode. The following example
shows how to disable STP on the VLAN whose ID is 2:
VLAN ID: 2
Protocol Operation: disabled
STP version: rstp(2)
Pathcost Encoding: 32bit
BridgeID: 0x8000-009000002003
Time since topology change: 82(s)
Topology changes: 0
Designated Root BridgeID: 0x8000-009000002003
:
#
If you disable STP on a VLAN, STP is disabled on all ports belongs to the VLAN.
Command Task
configure terminal 1. Enter Global configuration mode.
2. Enable STP on a specific Ethernet port.
y <port-type>: The type of Ethernet port to enable STP on.
port <port-type>
<slot>/ <port> stp - gigabitethernet: Gigabit Ethernet port
y <slot>/<port>: The slot number (1) and port number (1, 2) of
the Ethernet port.
end 3. Return to Privileged mode.
4. Verify the STP configuration.
show stp port y <port-type>: The type of Ethernet port
<port-type> <slot>/<port> y <slot>/<port>: The slot number and port number of the
Ethernet port.
The following example enables STP on the Gigabit Ethernet port 1/1:
# config terminal
(config)# port gigabitethernet 1/1 stp
(config)# end
# show stp port gigabitethernet 1/1
Link State: up
Protocol Operation: enabled
Pathcost Encoding: 32bit
Port Number(logical): 1
Port Priority: 0x08
Designated Path Cost: 200000
AdminEdge: false
#
To disable STP on a specific port, enter the no port gigabitethernet <slot>/<port> stp
command in Global configuration mode. The following example disables STP on the Gigabit
Ethernet port 1/1:
Command Task
configure terminal 1. Enter Global configuration mode.
The following example shows how to set STP protocol on a VLAN to 802.1D STP:
# configure terminal
(config)# stp protocol-version stp vlan id 2
(config)# end
# show stp vlan id 2
VLAN ID: 2
Protocol Operation: enabled
Root Bridge: yes
STP version: stpCompatible(0)
Pathcost Encoding: 32bit
BridgeID: 0x8000-009000002003
Time since topology change: 77572(s)
Topology changes: 0
:
# configure terminal
(config)# stp protocol-version rstp vlan id 2
(config)# end
# show stp vlan id 2
VLAN ID: 2
Protocol Operation: enabled
Root Bridge: yes
STP version: rstp(2)
Pathcost Encoding: 32bit
BridgeID: 0x8000-009000002003
Time since topology change: 77572(s)
Topology changes: 0
:
Command Task
configure terminal 1. Enter Global configuration mode.
2. Set the bridge ID for a specific VLAN.
stp bridge-priority
y <priority>: Bridge ID (0 ~ 65535). A higher numerical value means
<priority> vlan id
a lower priority; thus, the highest priority is 0.
<vlan-id>
y <vlan-id>: VLAN ID (1 ~ 4094)
end 3. Return to Privileged mode.
show stp vlan id 4. Verify the STP configuration change.
<vlan-id> y <vlan-id>: VLAN ID (1 ~ 4094)
The following example shows how to set bridge ID for a VLAN to 3000 (hexa-decimal: 0x0BB8):
# config terminal
(config)# stp bridge-priority 3000 vlan id 2
(config)# end
# show stp vlan id 2
VLAN ID: 2
Protocol Operation: enabled
Root Bridge: yes
STP version: stpCompatible(0)
Pathcost Encoding: 32bit
BridgeID: 0x0BB8-009000002003
Time since topology change: 1518(s)
Topology changes: 0
:
#
VLAN ID: 2
Protocol Operation: enabled
Root Bridge: yes
STP version: stpCompatible(0)
Pathcost Encoding: 32bit
BridgeID: 0x8000-0090A3000004
Time since topology change: 1518(s)
Topology changes: 0
:
#
Note: The default path cost for the Ethernet ports on the Corecess R1-AD series is
derived from STP prottocol version and the media speed of the port as follows:
100Mbps 19 200,000
1Gbps 4 20,000
To configure the path cost for an Ethernet port, perform this task in Privileged mode:
Command Task
configure terminal 1. Enter Global configuration mode.
# config terminal
(config)# port gigabitethernet 1/1 pathcost 10
(config)# end
# show stp port gigabitethernet 1/1
Link State: up
Protocol Operation: enabled
Pathcost Encoding: 32bit
Port Number(logical): 193
Port Priority: 0x08
Designated Path Cost: 10
AdminEdge: false
#
Recommand: We recommand that you set the path cost as follows according to the
running STP prottocol version and the media speed of the port:
By default, RSTP is enabled on the Corecess R1-AD series and the default STP encoding mode is
32 bits. To configure the type of STP encoding mode, perform this task in Privileged mode:
Command Task
configure terminal 1. Enter Global configuration mode.
The following example shows how to configure the type of STP encoding mode to 16 bits:
# config terminal
(config)# stp pathcost-encoding stp8021d1998
(config)# end
# show stp vlan id 2
VLAN ID: 2
Protocol Operation: enabled
Root Bridge: yes
STP version: stpCompatible(0)
Pathcost Encoding: 16bit
BridgeID: 0x0BB8-009000002003
Time since topology change: 3636(s)
Topology changes: 0
Designated Root BridgeID: 0x8000-009000002003
:
#
Command Task
configure terminal 1. Enter Global configuration mode.
The following example shows how to configure the port priority of the Gigabit Ethernet port
1/1 to ‘1’:
# configure terminal
(config)# port gigabitethernet 1/1 priority 1
(config)# end
# show stp port gigabitethernet 1/1
Link State: up
Protocol Operation: enabled
Pathcost Encoding: 32bit
Port Number(logical): 193
Port Priority: 0x01
Designated Path Cost: 10
AdminEdge: false
#
You can set spanning tree timers for individual VLANs. To set spanning tree timers for a
specific VLAN, perform this task in Privileged mode:
Command Task
configure terminal 1. Enter Global configuration mode.
2. Set the STP forward delay for a specific VLAN.
y <value>: The STP forward time. The forward delay is the
stp forward-delay
number of seconds a port waits before changing from its
<value> vlan id
spanning-tree learning and listening states to the forwarding
<vlan-id>
state. (4 ~ 30 seconds, default: 15 seconds)
y <vlan-id>: VLAN ID (1 ~ 4094)
3. Set the STP hello time for a VLAN.
y <value>: The STP hello time. The hello time is the interval
stp hello-time <value>
between the generation of configuration messages by the root
vlan id <vlan-id>
switch (1 ~ 10 seconds, default: 2 seconds)
y <vlan-id>: VLAN ID (1 ~ 4094)
4. Sets the STP maximum aging time for a VLAN.
y <value>: The STP maximum aging time. The maximum aging
stp max-age <value> time is the number of seconds a switch waits without receiving
vlan id <vlan-id> spanning-tree configuration messages before attempting a
reconfiguration. (6 ~ 40 seconds, default: 20 seconds)
y <vlan-id>: VLAN ID (1 ~ 4094)
end 5. Return to Privileged mode.
The following example shows how to set spanning tree timers for a VLAN:
# configure terminal
(config)# stp forward-delay 20 vlan id 2
(config)# stp hello-time 5 vlan id 2
(config)# stp max-age 30 vlan id 2
(config)# end
# show stp vlan id 2
VLAN ID: 2
Protocol Operation: enabled
Root Bridge: yes
To return the spanning tree timers to the default value, use the no form of these command in
Global configuration mode:
# configure terminal
(config)# no stp forward-delay 20 vlan id 2
(config)# no stp hello-time 5 vlan id 2
(config)# no stp max-age 30 vlan id 2
(config)# end
# show stp vlan id 2
VLAN ID: 2
Protocol Operation: enabled
Root Bridge: yes
STP version: rstp(2)
Pathcost Encoding: 32bit
BridgeID: 0x8000-009000002003
Time since topology change: 42(s)
Topology changes: 0
Designated Root BridgeID: 0x8000-009000002003
Root Path Cost: 0
Root Port Number(logical): 0
MaxAge: 20(s)
HelloTime: 2(s)
ForwardDelay: 15(s)
Bridge MaxAge: 20(s)
Bridge HelloTime: 2(s)
Bridge ForwardDelay: 15(s)
:
Edge ports assume Designated port roles. Port flapping does not cause any topology change
events on Edge ports since RSTP does not consider Edge ports in the spanning tree calculations.
However, if any incoming BPDU is received from a previously configured Edge port, RSTP
automatically makes the port as a non-edge port. This is extremely important to ensure a loop
free Layer 2 operation since a non-edge port is part of the active RSTP topology.
Command Task
configure terminal 1. Enter Global configuration mode.
2. Configures a port as an Edge port.
y <port-type>: The type of Ethernet port to configure as an
stp adminEdge port <port-
Edge port (gigabitethernet).
type> <slot>/ <port>
y <slot>/<port>: The slot number (1) / port number (1, 2) of
the Ethernet port.
end 3. Return to Privileged mode.
The following example shows how to configure the Gigabit Ethernet port 1/2 as an Edge port:
# configure terminal
(config)# stp adminEdge port gigabitethernet 1/2
(config)# end
# show stp port gigabitethernet 1/2
Command Description
port pathcost Sets the spanning-tree port path cost for the specified Ethernet port.
port priority Sets the spanning-tree port priority for the specified Ethernet port.
Configure the type of Spanning Tree Protocol mode to run for a specific
stp protocol-version
VLAN.
stp vlan Enables the spanning tree algorithm for a specific VLAN.
Capacity
y MIPS for CPU performance
y 128MB Host Memory – for processing program and storage
y 128MB Packet Memory – for packet buffer
y 2MB SRAM – Network Processor specific
y 64MB Flash – storing the S/W image
y 32K Internal Memory – Network Processor specific
y 8 PVCs per subscriber port, 192 PVCs per system are supported
y Full range of VPI/VCI
y 4096 MAC table entries
y 100 multicast groups can be configured.
Uplink Interface
System y 2 port SFP/RJ45 Gigabit combo module
y 1 port Gigabit EPON ONT(SFP;SFP port adapter included) & 1 port SFP/RJ45 Gigabit
combo module
Line Interface
y Encoding Type: DMT
y Supported Type of Line Codes:
- ITU-T G.992.5(ADSL2+)
- ITU-T G.992.1(G.dmt) Annex A
- ITU-T G.992.2(G.lite)
- ITU-T G.992.3(ADSL2)
- ANSI T1.413 Issue2
Dimensions (W ¯ H ¯ D)
440.0 x 44.0 x 240.0 mm
Memory and Table Size
y Packet Memory: 128Mbytes
y Host memory: 128Mbytes
y Parameter memory: 2Mbytes
y Boot ROM: 512Kbytes
y Flash Memory: 32Mbytes
Hardware
y VLAN table: 4K entries
Connector and Cabling
y ADSL: 2 x Telco-50 (CHAMP) connector for lines. Operable over UTP, CPEV, TIV, SH
and Interphone Cable.
y Management console port: 8 pin RJ-45 connector, Serial cable with RJ-45 to DB9
adaptor for PC connections.
(Continued)
VLAN Function
Reliability
Subscriber Management
Multiple PVC
EMS
Appendix B describes the specifications of the ports on the Corecess R1-AD series. In addition,
the kinds and specifications of cables needed for the connection of each port.
PSTN port
ADSL port
The figure below shows connector pin locations for the ADSL connectors.
25 1
50 26
Console Port
1 8 The CONSOLE port on the front panel of the Corecess R1-AD series has an 8-pin RJ-45
connector. The cable used for connecting console port is serial cable with an RJ-45
connector and a DB-9 at each end.
Pin Signal
2 Tx
3 Rx
5 GND
1000Base-SX ports on the uplink modules have Duplex LC connectors. The cable used
for connecting these LC connectors is multi mode fiber optic cable
(transmitting/receiving wavelength: 850nm).
1000Base-LX Port
1000Base-LX ports on the uplink modules have Duplex LC connectors. The cable used
for connecting these LC connectors is multi mode fiber optic cable
(transmitting/receiving wavelength: 850nm).
SC/APC Connector
1000Base-PX Port
Telco cable is variable according to its length. Before ordering cables, investigate the installation
environment to choose proper length of cables. You can purchase this Telco cable from the
product provider.
The figure below shows connector pin locations for the champ connectors of Telco cable.
50 38 37 26
25 13 12 1
There are two types of twisted pair cables: UTP (unshielded twisted pair) cable and STP
(shielded twisted pair) cable. The following figure shows a twisted pair cable with RJ-45
connectors at both ends.
Fiber Optic
Module Connector Interface Wave Length(nm)
Cable
OPT-N1ES1CD
1000Base-SX Multi-mode y Rx/Tx : 850nm
OPT-N1EL1CD
Duplex LC
OPT-N2CD
OPT-N2CS 1000Base-LX Single mode y Rx/Tx : 1310nm
OPT-N1ES1CD y Rx : 1310nm
OPT-N1EL1CD Simplex SC/APC 1000Base-PX Single mode
y Tx : 1490nm
<Pin Configuration>
Note: Before connecting the console port, ensure that console terminal is configured as
follows: