Add to collection(s) Add to saved
  1. Social Science
  2. Psychology
  3. Conformity

Ports, Circuits, and Tunnels Configuration Guide

Ports, Circuits, and Tunnels Configuration
Guide
SmartEdge OS
Release 5.0.3
Part Number 220-0580-01
Corporate Headquarters
Redback Networks Inc.
300 Holger Way
San Jose, CA 95134-1362
USA
http://www.redback.com
Tel: +1 408 750 5000
© 1998–2005, Redback Networks Inc. All rights reserved.
Redback and SmartEdge are trademarks registered at the U.S. Patent & Trademark Office and in other countries. AOS, NetOp, SMS, and User Intelligent Networks are
trademarks or service marks of Redback Networks Inc. All other products or services mentioned are the trademarks, service marks, registered trademarks or registered service
marks of their respective owners. All rights in copyright are reserved to the copyright owner. Company and product names are trademarks or registered trademarks of their
respective owners. Neither the name of any third party software developer nor the names of its contributors may be used to endorse or promote products derived from this
software without specific prior written permission of such third party.
Rights and Restrictions
All statements, specifications, recommendations, and technical information contained are current or planned as of the date of publication of this document. They are reliable as of
the time of this writing and are presented without warranty of any kind, expressed or implied. In an effort to continuously improve the product and add features, Redback
Networks Inc. ("Redback") reserves the right to change any specifications contained in this document without prior notice of any kind.
Redback shall not be liable for technical or editorial errors or omissions which may occur in this document. Redback shall not be liable for any indirect, special, incidental or
consequential damages resulting from the furnishing, performance, or use of this document.
Third Party Software
The following third party software may be included with this Software and is subject to the following terms and conditions:
The OpenLDAP Version 2.0.1 © 1999 The OpenLDAP Foundation; OpenSymphony Software License, Version 1.1 2001-2004 © The OpenSymphony Group; TOAD © 2004
Quest Software, Inc.; NuSOAP Web Services Toolkit for PHP © 2002 NuSphere Corporation; The PHP License, versions 2.02 and 3.0 © 1999 - 2002 The PHP Group; The
OpenSSL toolkit Copyright © 1998-2003 The OpenSSL Project; Apache HTTP © 2000 The Apache Software Foundation; Java © 2003 Sun Microsystems, Inc.; ISC Dhcpd
3.0pl2 © 1995, 1996, 1997, 1998, 1999 Internet Software Consortium - DHCP; IpFilter © 2003 Darren Reed; Perl Kit © 1989-1999 Larry Wall; SNMP Monolithic Agent © 2002
SNMP Research International, Inc.; VxWorks © 1984-2000, Wind River Systems, Inc.; Point-to-Point Protocol (PPP) © 1989, Carnegie-Mellon University; Dynamic Host
Configuration Protocol (DHCP) © 1997, 1998 The Internet Software Consortium; portions of the Redback SmartEdge Operating System use cryptographic software written by
Eric Young (eay@cryptsoft.com); Redback adaptation and implementation of the UDP and TCP protocols developed by the University of California, Berkeley (UCB) as part of
UCB’s public domain version of the UNIX operating system. © 1982, 1986, 1988, 1990, 1993, 1995 The Regents of the University of California. All advertising materials
mentioning features or use of this Software must display the following acknowledgment: “This product includes software developed by the University of California, Berkeley and
its contributors.”
This Software includes software developed by Sun Microsystems, Inc., Internet Software Consortium, Larry Wall, the Apache Software Foundation (http://www.apache.org/) and
their contributors. Such software is provided “AS IS,” without a warranty of any kind. ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND
WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE
HEREBY EXCLUDED. LICENSORS AND ITS CONTRIBUTORS SHALL NOT BE LIABLE FOR ANY DAMAGES SUFFERED BY LICENSEE AS A RESULT OF
USING, MODIFYING OR DISTRIBUTING THIS SOFTWARE OR ITS DERIVATIVES. IN NO EVENT WILL LICENSOR OR ITS CONTRIBUTORS BE LIABLE FOR
ANY LOST REVENUE, PROFIT OR DATA, OR FOR DIRECT, INDIRECT, SPECIAL, CONSEQUENTIAL, INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER
CAUSED AND REGARDLESS OF THE THEORY OF LIABILITY, ARISING OUT OF THE USE OF OR INABILITY TO USE THIS SOFTWARE, EVEN IF THE
LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. This software consists of voluntary contributions made by many individuals on behalf of
the Apache Software Foundation. For more information on the Apache Software Foundation, please see http://www.apache.org/. Portions of this software are based upon public
domain software originally written at the National Center for Supercomputing Applications, University of Illinois, Urbana-Champaign. The portions of this Software developed
by Larry Wall may be distributed and are subject to the GNU General Public License as published by the Free Software Foundation.
FCC Notice
The following information is for FCC compliance of Class A devices: This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant
to part 15 of the FCC rules. These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment.
This equipment generates, uses, and can radiate radio-frequency energy and, if not installed and used in accordance with the instruction manual, may cause harmful interference
to radio communications. Operation of this equipment in a residential area is likely to cause harmful interference, in which case users will be required to correct the interference
at their own expense.
1.
MODIFICATIONS
The FCC requires the user to be notified that any changes or modifications made to this device that are not expressly approved by Redback could void the user’s authority to
operate the equipment.
2.
CABLES
Connection to this device must be made with shielded cables with metallic RFI/EMI connector hoods to maintain compliance with FCC Rules and Regulations. (This statement
only applies to copper cables, Ethernet, DS-3, E1, T1, and so forth. It does not apply to fiber cables.)
3.
POWER CORD SET REQUIREMENTS
The power cord set used with the System must meet the requirements of the country, whether it is 100-120 or 220-264 VAC. For the U.S. and Canada, the cord set must be UL
Listed and CSA Certified and suitable for the input current of the system.
For DC-powered systems, the installation instructions need to be followed.
VCCI Class A Statement
European Community Mark
The marking on this product signifies that it meets all relevant European Union directives.
Safety Notices
1.
Laser Equipment:
CAUTION! Use of controls or adjustments of performance or procedures other than those specified herein may result in hazardous radiation exposure.
Class 1 Laser Product—Product is certified by the manufacturer to comply with DHHS Rule 21 Subchapter J.
CAUTION! Invisible laser radiation when an optical interface is open.
2.
Lithium Battery Warnings:
It is recommended that, when required, Redback replace the lithium battery.
WARNING! Do not mutilate, puncture, or dispose of batteries in fire. The batteries can burst or explode, releasing hazardous chemicals. Discard used batteries according to the
manufacturer’s instructions and in accordance with your local regulations.
Danger of explosion if battery is incorrectly replaced. Replace only with the same or equivalent type as recommended by the manufacturer’s instructions.
VARNING Eksplosionsfara vid felaktigt batteribyte. Använd samma batterityp eller en ekvivalent typ som rekommenderas av apparattillverkaren. Kassera använt batteri enligt
fabrikantens instruktion.
ADVARSEL! Lithiumbatteri—Eksplosionsfare ved fejlagtig håndtering. Udskiftning må kun ske med batteri af samme fabrikat og type. Levér det brugte batteri tilbage
tilleverandøren.
VARIOTUS Paristo voi räjähtää, jos se on virheellisesti asennettu. Vaihda paristo ainoastaan valmistajan suosittelemaan tyyppiin. Hävitä käytetty paristo valmistajan ohjeiden
mikaisesti.
ADVARSEL Eksplosjonsfare ved feilaktig skifte av batteri. Benytt samme batteritype eller en tilsvarende type anbefait av apparatfabrikanten. Brukte batterier kasseres i henhold
til fabrikantens instruksjoner.
WAARSCHUWING! Bij dit produkt zijn batterijen geleverd. Wanneer deze leeg zijn, moet u ze niet weggooien maar inleveren als KCA.
Contents
About This Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xvii
Related Publications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xvii
Intended Audience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xix
Organization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xix
Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xx
Command Modes and Privilege Levels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xx
Command Syntax . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xx
Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxi
Task Tables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxii
Online Navigation Aids . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxii
Ordering Documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxiii
Part 1: Introduction
Chapter 1: Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-1
SmartEdge OS Architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2
Independent System Processes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-3
System Redundancy and Synchronization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-4
SmartEdge OS Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-4
SmartEdge OS Concepts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-5
Contexts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-6
Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-6
Subscribers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-7
Ports, Channels, and Circuits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-7
Cross-Connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-8
Tunnels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-8
GRE Tunnels and VPNs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-8
L2TP Tunnels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-9
Overlay Tunnels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-9
Bindings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-10
Static Bindings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-10
Dynamic Bindings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-10
User Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-11
Command Modes and Prompts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-12
Command Mode Hierarchy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-12
Privilege Levels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-15
No and Default Forms of Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-16
What’s Next? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-16
Contents
v
Part 2: Traffic Cards, Ports, and Channels
Chapter 2: Traffic Card Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-1
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-2
Configuration Tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-3
Configuration Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-3
Command Descriptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-4
atm mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-5
card . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-9
clock-source . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-12
maximum ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-14
sonet-eu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-16
Chapter 3: ATM, Ethernet, and POS Port Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-1
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-2
Configuration Tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-2
Configuring ATM Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-2
Configure Operational Features for an ATM Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-3
Configure Maintenance Features for an ATM Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-4
Configuring Ethernet Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-4
Configure Operational Features for an Ethernet Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-5
Configure a Maintenance Feature for an Ethernet Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-6
Configuring POS Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-6
Configure Operational Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-6
Configure a POS Port for APS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-8
Configure Maintenance Features for a POS Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-8
Configuration Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-8
ATM Port Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-8
Ethernet Port Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-9
POS Port Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-9
Command Descriptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-9
alarm-report-only . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-10
atm scramble . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-11
c2byte . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-13
cablelength . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-15
ccod-mode port-listen . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-16
clock-source . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-18
crc16 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-21
description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-22
encapsulation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-23
equipment-loopback . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-25
flow-control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-26
framing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-27
keepalive . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-29
link-dampening . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-31
loopback . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-33
mac-address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-35
medium . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-36
mtu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-37
over-subscription-rate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-39
path-trace . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-40
port atm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-42
port ethernet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-44
vi
Ports, Circuits, and Tunnels Configuration Guide
port pos . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-46
scramble . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-48
shutdown . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-49
threshold . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-51
transport unmatched-encap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-52
Chapter 4: Clear-Channel and Channelized Port and Channel Configuration . . . . . . . . . . . . . . . . . . . . . . . . 4-1
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-2
Configuration Tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-3
Configuring Channelized OC-12 Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-3
Configure Operational Features for a Channelized OC-12 Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-3
Configure the Maintenance Feature for a Channelized OC-12 Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-4
Configuring DS-3 Channels or Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-4
Configure Operational Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-4
Configure the Maintenance Feature for a DS-3 Channel or Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-6
Configuring DS-1 Channels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-6
Configure Operational Features for a DS-1 Channel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-7
Configure the Maintenance Feature for a DS-1 Channel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-8
Configuring Clear-Channel E3 Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-8
Configure Operational Features for a Clear-Channel E3 Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-8
Configure the Maintenance Feature for a Clear-Channel E3 Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-9
Configuring Channelized STM-1 Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-9
Configure Operational Features for a Channelized STM-1 Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-10
Configure Maintenance Features for a Channelized STM-1 Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-10
Configuring E1 Channels or Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-11
Configure Operational Features for an E1 Channel or Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-11
Configure the Maintenance Feature for an E1 Channel or Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-12
Configuring a DS-0 Channel Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-13
Configure Operational Features for a DS-0 Channel Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-13
Configure the Maintenance Feature for a DS-0 Channel Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-14
Configuration Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-14
Channelized OC-12 Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-14
DS-3 Channel and Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-14
DS-1 Channel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-15
Clear-Channel E3 Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-15
Channelized STM-1 Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-15
E1 Channel and Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-16
DS-0 Channel Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-16
Command Descriptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-17
au3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-18
aug-mapping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-19
cablelength . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-20
channel-mapping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-21
clock-source . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-23
crc32 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-25
description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-26
dsu bandwidth . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-28
dsu mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-29
dsu scramble . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-30
encapsulation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-31
equipment-loopback . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-33
framing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-35
idle-character . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-38
invert-data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-40
Contents
vii
keepalive . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
loopback . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
mtu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
national . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
path-trace . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
port channelized-ds3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
port channelized-oc12 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
port channelized-stm1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
port ds0s . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
port ds1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
port ds3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
port e1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
port e3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
shutdown . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
speed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
timeslot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
traps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
yellow-alarm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
4-41
4-43
4-47
4-49
4-50
4-52
4-54
4-56
4-58
4-61
4-63
4-65
4-67
4-69
4-71
4-72
4-74
4-76
Chapter 5: APS Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-1
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-1
Configuration Tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-3
Configure an APS Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-3
Configure the Working and Protect Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-3
Add Ports to an APS Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-4
Manage Ports in an APS Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-4
Delete a Port from an APS Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-4
Replace a Port in an APS Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-5
Change the Configuration of the Working and Protect Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-5
Configuration Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-6
Configure an APS Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-6
Request a Lockout Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-6
Request a Forced Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-7
Request a Manual Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-7
Command Descriptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-7
aps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-8
aps group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-10
aps switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-11
description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-14
revert . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-15
Part 3: Circuits
Chapter 6: Circuit Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
802.1Q PVCs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
ATM Profiles, VPs, and PVCs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Frame Relay Profiles and PVCs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Configuration Tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Configuring 802.1Q PVCs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Configure an 802.1Q Profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Configure an 802.1Q PVC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Configure an 802.1Q Tunnel and the 802.1Q PVCs Within It . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
viii
6-1
6-2
6-2
6-3
6-6
6-6
6-6
6-6
6-7
6-8
Ports, Circuits, and Tunnels Configuration Guide
Configuring ATM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-9
ATM Configuration Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-9
Specify the Card Mode for the SAR Image . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-18
Configure an ATM Profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-18
Configure a Shaped ATM VP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-19
Configure an ATM PVC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-20
Configuring Frame Relay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-21
Configure a Frame Relay Profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-22
Configure the Interface Type and LMI Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-22
Configure a Frame Relay PVC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-23
Configuration Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-23
802.1Q PVC Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-23
802.1Q PVCs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-23
802.1Q PVC Tunnel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-24
ATM Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-25
ATM Profiles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-25
ATM VPs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-26
ATM PVCs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-26
ATM HSVCs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-26
Frame Relay Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-27
Frame Relay PVC on DS-3 Channel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-27
Frame Relay PVC on POS Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-27
Command Descriptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-28
atm profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-29
atm pvc . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-31
atm vp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-39
clpbit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-41
congestion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-42
counters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-45
description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-46
dot1q profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-47
dot1q pvc . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-48
dot1q tunnel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-52
encapsulation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-53
frame-relay auto-detect . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-54
frame-relay intf-type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-56
frame-relay keepalive . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-58
frame-relay lmi-n391dte . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-60
frame-relay lmi-n392dce . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-62
frame-relay lmi-n392dte . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-64
frame-relay lmi-n393dce . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-66
frame-relay lmi-n393dte . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-68
frame-relay lmi-t392dce . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-70
frame-relay lmi-type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-72
frame-relay profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-74
frame-relay pvc . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-75
idle-down . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-77
ip host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-79
mac-address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-81
oam fault-monitor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-83
oam manage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-84
oam xc . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-86
report . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-88
shaping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-90
Contents
ix
shutdown . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-93
Chapter 7: CLIPS Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-1
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-1
Configuration Tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-2
Configuring CLIPS Static Circuits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-3
Configuring Dynamic CLIPS Circuits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-3
Configuring a CLIPS Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-4
Configuring CLIPS Exclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-5
Configuration Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-5
Static CLIPS Circuit for a Single PVC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-6
Static CLIPS for a Range of PVCs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-6
Static CLIPS Circuits Using an IP Address Pool . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-7
Dynamic CLIPS Circuits Using Local Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-7
Dynamic CLIPS Using Global RADIUS Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-8
CLIPS Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-9
CLIPS Exclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-10
Command Descriptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-11
clips-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-12
clips pvc . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-14
service clips . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-16
service clips-exclude . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-18
service clips-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-20
Chapter 8: PPP and PPPoE Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-1
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-2
PPP-Encapsulated Circuits and Binding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-2
PPP Oversubscription . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-4
Multilink PPP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-4
PPP Keepalive Checks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-5
PPPoE Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-6
Configuration Tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-7
Configuring PPP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-7
Configure PPP Global Attributes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-7
Configure a PPP-Encapsulated Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-8
Configure a PPP-Encapsulated Channel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-8
Configure a PPP-Encapsulated ATM PVC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-8
Configure MP on ATM PVCs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-9
Configure a Subscriber Record for PPP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-9
Configuring PPPoE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-9
Configure PPPoE Global Attributes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-10
Configure a PPPoE-Encapsulated Ethernet Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-10
Configure a PPPoE-Encapsulated ATM PVC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-10
Configure a PPPoE-Encapsulated 802.1Q PVC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-11
Configure a PPPoE-Encapsulated Child Circuit on an ATM PVC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-11
Configure a PPPoE-Encapsulated Child Circuit on an 802.1Q PVC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-11
Configure a Subscriber Record for PPPoE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-12
Configuration Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-12
PPP Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-12
PPP Configuration with Dynamic Binding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-13
PPP Configuration with Restricted Dynamic Binding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-13
MP Configuration on ATM PVCs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-13
PPPoE Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-14
Advertise a List of Services (Domains) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-14
x
Ports, Circuits, and Tunnels Configuration Guide
Create and Delete a MOTM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-15
Point a Subscriber’s Browser to a URL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-15
Command Descriptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-15
ppp keepalive . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-16
ppp mtu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-19
ppp multilink . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-20
ppp multilink lfi . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-21
ppp our-options mru . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-23
ppp our-options multilink . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-25
ppp peer-options mru . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-27
ppp pppoe-large-mru . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-29
pppoe always-send-padt . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-30
pppoe client route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-31
pppoe motm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-32
pppoe service-name accept-all . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-33
pppoe services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-34
pppoe tag . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-35
pppoe url . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-36
Chapter 9: Link Aggregation Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-1
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-2
PPP-Encapsulated Channels and Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-2
Frame Relay-Encapsulated Channels and Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-3
IPoE- and 802.1Q-Encapsulated Ethernet Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-3
Configuration Tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-4
Configuring an MP Bundle . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-4
Configure an MP Bundle . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-4
Configure and Add DS-1 Channels, E1 Channels, or E1 Ports to an MP Bundle . . . . . . . . . . . . . . . . . . . . . . . . . 9-5
Configuring an MFR Bundle . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-5
Configure an MFR Bundle . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-5
Configure an Aggregated Frame Relay PVC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-7
Configure and Add DS-1 Channels, E1 Channels, or E1 Ports to the MFR Bundle . . . . . . . . . . . . . . . . . . . . . . . 9-7
Configuring an Ethernet Link Group for IPoE-Encapsulated Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-8
Configure an Ethernet Link Group for IPoE-Encapsulated Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-8
Configure and Add an Ethernet Port to an Ethernet Link Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-9
Configuring an 802.1Q Link Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-10
Configure an 802.1Q Link Group for 802.1Q-Encapsulated Ethernet Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-10
Configure an Aggregated 802.1Q PVC in the 802.1Q Link Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-11
Configure and Add an Ethernet Port to the 802.1Q Link Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-11
Configuration Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-12
MP Bundle . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-12
MFR Bundle . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-13
Ethernet Link Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-14
802.1Q Link Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-15
Command Descriptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-16
frame-relay multilink . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-17
link-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-19
mac-address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-22
minimum-links . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-23
mp endpoint-discriminator . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-24
Contents
xi
Part 4: Bridging and Cross-Connecting
Chapter 10: Bridging Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-1
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-1
Rate Limiting Using a Bridge Profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-3
Configuration Tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-4
Configuration Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-4
Configuring Bridging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-5
Configure a Bridge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-6
Configure a Bridged Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-6
Configure a Bridge Profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-6
Configure a Bridged Ethernet Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-7
Configure a Bridged 802.1Q PVC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-7
Configure a Bridged ATM PVC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-8
Configure a Bridged Subscriber . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-9
Configuration Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-9
Bridge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-10
Bridged Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-10
Bridge Profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-10
Bridged Trunk Circuits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-11
Bridged Tributary Circuits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-11
Bridged Subscriber . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-12
Command Descriptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-12
aging-time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-13
bridge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-14
bridge mac-entry . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-16
bridge-only . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-17
bridge profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-18
broadcast rate-limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-20
description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-21
learning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-22
mac-entry . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-23
mac-limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-24
multicast rate-limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-25
restricted . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-26
trunk . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-27
unknown-dest rate-limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-28
Chapter 11: Cross-Connection Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Types of Non-Interworking Cross-Connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
ATM PVC to ATM PVC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
ATM PVC to 802.1Q PVC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
802.1Q PVC to 802.1Q PVC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Filtering Traffic Using Non-Interworking Cross-Connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Filtering Using Child Circuits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Filtering Using Circuits with Unlike Encapsulations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Interworking Cross-Connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Configuration Tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Cross-Connecting Circuits Without Child Circuits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Cross-Connect ATM PVCs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Cross-Connect 802.1Q PVCs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Cross-Connect an ATM PVC to an 802.1Q PVC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
xii
11-1
11-2
11-2
11-2
11-3
11-4
11-4
11-4
11-5
11-6
11-6
11-7
11-7
11-8
11-8
Ports, Circuits, and Tunnels Configuration Guide
Complete the Configuration of the ATM or 802.1Q PVCs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-8
Cross-Connecting Parent and Child Circuits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-9
Configure Ports and Circuits for Non-Cross-Connected Traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-9
Cross-Connect ATM or 802.1Q PVC Parent and Child Circuits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-9
Cross-Connecting a Circuit with a Child Circuit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-10
Configure Ports and Circuits for Non-Cross-Connected Traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-11
Cross-Connect an Inbound Child Circuit with an Outbound Circuit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-11
Cross-Connect an Inbound Circuit with an Outbound Child Circuit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-12
Cross-Connecting an ATM PVC to an 802.1Q PVC for Interworking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-12
Configuration Guidelines for an Interworking Cross-Connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-13
Cross-Connect an ATM PVC to an 802.1Q PVC for Interworking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-13
Complete the Configuration of the ATM and 802.1Q PVCs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-13
Configuration Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-13
Cross-Connected ATM PVCs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-14
Cross-Connected Child Circuits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-14
Cross-Connected Circuit with Child Circuit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-15
Cross-Connected Circuits for Interworking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-15
Command Descriptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-16
circuit protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-17
ip host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-19
xc . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-21
Part 5: Tunnels
Chapter 12: GRE Tunnel Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-1
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-1
Using GRE Tunnels and Tunnel Circuits with IPv6 Packets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-2
Using GRE Tunnels and Tunnel Circuits with IPv4 Packets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-2
Using GRE Tunnels and Tunnel Circuits for VPNs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-3
Configuration Tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-4
Configuration Guidelines for GRE Tunnels and Tunnel Circuits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-4
Configuration Guidelines for GRE Tunnels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-4
Configuration Guidelines for GRE Tunnel Circuits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-5
Configure a GRE Tunnel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-5
Configure a GRE Tunnel Circuit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-6
Configure a GRE Tunnel Circuit Not Being Used as a VPN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-6
Configure a GRE Tunnel Circuit Used as a VPN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-7
Configuration Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-8
GRE Tunnel with a Single Circuit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-8
GRE Tunnels with Multiple Circuits Used as VPNs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-9
Command Descriptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-13
clear-df . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-14
description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-15
gre-peer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-16
gre-tunnel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-18
ip host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-20
keepalive . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-21
log-state-changes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-22
shutdown . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-23
tunnel map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-25
Chapter 13: L2TP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-1
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-1
Contents
xiii
L2TP Tunnels and Peers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-2
Tunnel Switching . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-3
L2TP Peer Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-4
Session Distribution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-4
RADIUS and Accounting Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-5
Mapping Subscribers to Peers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-5
Slot Redundancy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-6
QoS Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-7
Avoiding Unwanted Fragmentation and Reassembly . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-7
Configuration Tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-8
L2TP Configuration Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-8
Configure a Context for L2TP Peers and Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-9
Configure an LNS Peer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-10
Configure an LNS Peer Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-11
Configure an LAC Peer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-12
Configure a Subscriber for L2TP Peer Selection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-13
Configure an L2TP Tunnel Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-13
Configuration Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-14
SmartEdge Router as a LAC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-14
Context Aliases . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-14
LNS Peers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-14
Group of LNS Peers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-15
Subscribers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-15
SmartEdge Router as an LNS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-16
Context Alias . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-16
LAC Peer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-16
SmartEdge Router as a Tunnel Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-16
L2TP Slot Redundancy for an LAC Peer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-17
Command Descriptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-18
algorithm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-19
deadtime . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-21
description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-23
domain . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-24
function . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-26
hello-timer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-27
l2tp calling-number format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-28
l2tp clear-radius-peer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-30
l2tp deadtime . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-31
l2tp fragment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-33
l2tp-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-34
l2tp-peer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-36
l2tp proxy-auth . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-39
l2tp renegotiate lcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-40
l2tp strict-deadtime . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-42
lns card . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-43
local-name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-45
max-sessions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-46
max-tunnels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-48
peer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-49
retry . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-51
session-auth . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-52
timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-54
tunnel-auth key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-55
tunnel domain . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-56
xiv
Ports, Circuits, and Tunnels Configuration Guide
tunnel name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-58
tunnel-window . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-59
Chapter 14: Overlay Tunnel Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-1
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-1
Configuration Tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-2
Configure an Overlay Tunnel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-3
Configure an Overlay Tunnel Circuit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-3
Configuration Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-4
Command Descriptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-5
description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-6
ipv6-tunnel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-8
ipv6 v4tunnel-peer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-10
log-state-changes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-12
mtu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-13
shutdown . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-14
tunnel map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-16
Part 6: Bindings
Chapter 15: Bindings Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-1
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-2
Types of Bindings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-2
Binding Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-3
Binding Summary Tables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-5
Bindings for POS Ports with and Without Frame Relay PVCs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-5
Bindings for PDH Channels and Ports with and Without Frame Relay PVCs . . . . . . . . . . . . . . . . . . . . . . . . . . 15-6
Bindings for Ethernet Ports and 802.1Q PVCs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-6
Bindings for ATM PVCs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-7
Bindings for CLIPS PVCs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-8
Bindings for Child Circuits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-9
Configuration Tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-9
Create a Static Binding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-9
Create a Dynamic Binding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-10
Configuration Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-10
Static Binding for a Single Circuit to an Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-10
Static Binding for Multiple Circuits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-11
Restricted Dynamic Binding for a Circuit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-11
Command Descriptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-11
bind authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-12
bind auto-subscriber . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-15
bind interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-18
bind subscriber . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-20
Part 7: Hardware Management
Chapter 16: Hardware Management Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-1
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-1
Configuration Tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-2
Command Descriptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-2
diag pod . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-3
Contents
xv
system alarm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-5
Part 8: Appendixes
Appendix A: L2TP Attribute-Value Pairs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-1
Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
Modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
xvi
Ports, Circuits, and Tunnels Configuration Guide
About This Guide
This guide describes the tasks and commands used to configure the following SmartEdge® OS features:
traffic cards; ports; channels; Automatic Protection Switching (APS); circuits, including permanent virtual
circuits (PVCs); clientless Internet Protocol (IP) service selection (CLIPS) circuits; Point-to-Point Protocol
(PPP) and PPP over Ethernet (PPPoE) information; link aggregation; bridging; cross-connections between
circuits; Generic Routing Encapsulation (GRE) tunnels (including Internet Protocol version 6 [IPv6] over
GRE tunnels); overlay tunnels (IPv6 over IP Version 4 [IPv4]), and Layer 2 Tunneling Protocol (L2TP)
tunnels; bindings between ports, channels, PVCs, and interfaces; hardware alarm and power-on
diagnostics.
This guide also includes descriptions of commands used to navigate the command-line interface (CLI) and
manage configuration files.
This preface includes the following sections:
•
Related Publications
•
Intended Audience
•
Organization
•
Conventions
•
Ordering Documentation
Related Publications
In parallel with this guide, use the Ports, Circuits, and Tunnels Operations Guide for the SmartEdge OS,
which describes the tasks and the commands used to monitor, administer, and troubleshoot system features
described in this guide.
Use this guide and the Ports, Circuits, and Tunnels Operations Guide in conjunction with the following
publications:
•
Basic Configuration Guide for the SmartEdge OS
Describes the tasks and commands used to configure the following SmartEdge OS features: access to
the system; basic system parameters; contexts, interfaces, and subscribers; system-wide management
features, including bulk statistics, logging facilities, and the Simple Network Management Protocol
(SNMP) and Remote Monitoring (RMON) functions.
About This Guide
xvii
Related Publications
•
Routing Protocols Configuration Guide for the SmartEdge OS
Describes the tasks and commands used to configure the following SmartEdge OS features: static IP
routing; dynamically verified static routing (DVSR); Virtual Router Redundancy Protocol (VRRP);
Routing Information Protocol (RIP) and RIP next generation (RIPng); Open Shortest Path First (OSPF)
and OSPF Version 3 (OSPFv3); Border Gateway Protocol (BGP); BGP/multiprotocol label switching
Virtual Private Networks (BGP/MPLS VPNs); Intermediate System-to-Intermediate System (IS-IS);
IP multicast, including Internet Group Management Protocol (IGMP), Multicast Source Discovery
Protocol (MSDP), and Protocol Independent Multicast (PIM); routing policies; MPLS; Layer 2 Virtual
Private Networks (L2VPNs); and Label Distribution Protocol (LDP). BGP, OSPFv3, RIPng, and
routing policies include tasks and commands that provide limited support for IPv6 routing.
•
IP Services and Security Configuration Guide for the SmartEdge OS
Describes the tasks and commands used to configure the following SmartEdge OS features: Address
Resolution Protocol (ARP), Neighbor Discovery (ND) protocol for IPv6 routers, Dynamic Host
Configuration Protocol (DHCP), Network Time Protocol (NTP), Domain Name System (DNS), HTTP
redirect, access control lists (ACLs), forward policies, Network Address Translation (NAT) policies,
service policies, quality of service (QoS) policies, authentication, authorization, and accounting (AAA),
Remote Authentication Dial-In User Service (RADIUS), Terminal Access Controller Access Control
System Plus (TACACS+), key chains, and lawful intercept (LI).
•
Basic System Operations Guide for the SmartEdge OS
Describes the tasks and commands used to monitor, administer, and troubleshoot the SmartEdge OS
features described in the Basic System Configuration Guide; commands include all clear, debug,
monitor, process, and show commands, along with other operations-based commands, such as
on-demand diagnostics.
•
Routing Protocols Operations Guide for the SmartEdgeOS
Describes the tasks and commands used to monitor, administer, and troubleshoot the SmartEdge OS
features described in the Routing Protocols Configuration Guide; commands include all clear, debug,
monitor, process, and show commands, along with other operations-based commands.
•
IP Services and Security Operations Guide for the SmartEdge OS
Describes the tasks and commands used to monitor, administer, and troubleshoot the SmartEdge OS
features described in the IP Services and Security Configuration Guide; commands include all clear,
debug, and show commands, along with other operations-based commands.
•
SmartEdge 800 Router Hardware Guide for the SmartEdge OS
Describes the SmartEdge 800 hardware and provides site preparation information and installation,
monitoring, and maintenance procedures for the chassis and cards.
•
SmartEdge 400 Router Hardware Guide for the SmartEdge OS
Describes the SmartEdge 400 hardware and provides site preparation information and installation,
monitoring, and maintenance procedures for the chassis and cards.
xviii
Ports, Circuits, and Tunnels Configuration Guide
Intended Audience
Intended Audience
This publication is intended for system and network administrators experienced in access and internetwork
administration.
Organization
This guide is organized as follows:
•
Part 1, “Introduction”
Provides and overview of the SmartEdge OS features, functions, and applications.
•
Part 2, “Traffic Cards, Ports, and Channels”
Describes the tasks and commands used to configure and manage traffic cards, their ports and channels,
and APS groups.
•
Part 3, “Circuits”
Describes the tasks and commands used to configure basic features for circuits, including CLIPS,
encapsulated circuits with PPP or PPPoE, and link-aggregated circuits.
•
Part 4, “Bridging and Cross-Connecting”
Describes the tasks and commands used to configure basic features for bridges, bridge groups, and
cross-connections between circuits.
•
Part 5, “Tunnels”
Describes the tasks and commands used to configure basic features for GRE tunnels and tunnel circuits,
L2TP peers and groups, and overlay tunnel configurations.
•
Part 6, “Bindings”
Describes the tasks and commands used to bind ports, channels, and circuits to interfaces.
•
Part 7, “Hardware Management”
Describes the tasks and commands used to configure these features, provides configuration examples,
and detailed descriptions of the commands used to configure them through the SmartEdge OS.
•
Part 8, “Appendixes”
Describes the standard Layer 2 Tunneling Protocol (L2TP) attribute value pairs (AVPs) supported by
the SmartEdge® OS, in order by AVP number.
Note There are three indexes in this guide: an index of tasks and features, an index of commands, and an
index of CLI modes with the commands found within each mode.
About This Guide
xix
Conventions
Conventions
This guide uses special conventions for the following elements:
•
Command Modes and Privilege Levels
•
Command Syntax
•
Examples
•
Task Tables
•
Online Navigation Aids
Command Modes and Privilege Levels
Commands are issued in exec mode or in one of many configuration modes. By default, the majority of
commands in exec mode have a privilege level of 3, while commands in any configuration mode have a
privilege level of 10. Exceptions are noted in parentheses ( ) in the “Command Mode” section in any
command description; for example, “exec (15)”.
For a hierarchy list of command modes, see the “Command Mode Hierarchy” section in Chapter 1,
“Overview.”
For detailed information about command modes and privilege levels, see the “User Interface” section in
Chapter 1, “Overview.”
Command Syntax
Table 1 lists the descriptions of the elements used in a command syntax statement.
Table 1
Command Syntax Terminology
Syntax Element
Definition
Example Fragment
Argument
An item for which you must supply a value.
slot
Construct
Keyword
A combination of:
• A keyword and its argument.
• min-wait seconds
• Two or more keywords that cannot be specified independently.
• line fdl ansi
• Two or more arguments that cannot be specified independently.
• dest dest-wildcard
An optional or required item that must be entered exactly as shown.
all
Table 2 describes separator characters used in a command syntax statement.
Table 2
Separator Characters in Command Syntax Statement
Character
Use
Example Fragment
@
Separates the prefix name from the suffix name.
sub-name@ctx-name
/
Separates slot from port, IP address from prefix length, and separates fields in
URLs.
slot[/port]
{ip-addr | /prefix-length}
/device[/directory]/filename.ext
xx
Ports, Circuits, and Tunnels Configuration Guide
Conventions
Table 2
Separator Characters in Command Syntax Statement (continued)
Character
Use
Example Fragment
:
Separates port from channel and a channel from a subchannel
port[:chan-num]
ds3-chan-num[:ds1-chan-num]
-
Separates starting value from ending value
start-end
|
Separates output modifiers from keywords and arguments in show commands1
show configuration | include port
1. For more information about the use of the pipe ( | ) character, see the “Using the CLI” chapter in the Basic System Configuration Guide for the SmartEdge OS.
The following guidelines apply to separator characters in Table 2:
•
The separator character between the prefix and suffix names in a structured username is configurable;
the @ character is the default and is used in command syntax throughout this guide.
•
Separator characters act as one-character keywords; therefore, they are always shown in bold.
Table 3 lists the characters and formats used in command syntax statements.
Table 3
Text Formats and Characters in Command Syntax Statements
Convention
Example
Commands and keywords are indicated in bold.
no ip unnumbered
Arguments for which you must supply the value are indicated in italics.
banner login delimited-text
Square brackets ([ ]) indicate optional arguments, keywords, and
constructs within scripts or commands.
enable [level]
Alternative arguments, keywords, and constructs within commands are
separated by the pipe character ( | ).
public-key {DSA | RSA} [after-key existing-key | position
key-position] {new-key | ftp url}
Alternative, but required arguments, keywords, and constructs are
shown within grouped braces ({ }), and are separated by the pipe
character ( | ).
ip address ip-addr {netmask | /prefix-length} [secondary]
Optional and required arguments, keywords, and constructs can be
nested with grouped braces and square brackets, where the syntax
requires such format.
show clock [universal]
debug ssh {all | ssh-general | sshd-detail | sshd-general}
enable authentication {none | method [method [method]]}
Examples
Examples use the following conventions:
•
System prompts are of the form [context]hostname(mode)#, [context]hostname#, or
[context]hostname>.
In this case, context indicates the current context, hostname represents the configured name of the
SmartEdge system, and mode indicates the string for the current configuration mode, if applicable.
Whether the prompt includes the # or the > symbol depends on the privilege level. For further
information about privilege levels, see Chapter 1, “Overview.”
For example, the prompt in the local context on the system Redback in context configuration
mode is:
[local]Redback(config-ctx)#
About This Guide
xxi
Conventions
•
Information displayed by the system is in Courier font.
•
Information that you enter is in Courier bold font.
Task Tables
Tasks to configure features are described in task tables under the “Configuration Tasks” section in each
chapter. The command syntax displays only the root command, which is hyperlinked to the location where
the complete command syntax is described in the “Command Descriptions” section of the chapter. Table 4
displays an example of a task table.
Table 4
Configure a Frame Relay PVC
#
Task
Root Command
Notes
1.
Create or select a Frame Relay PVC and access Frame
Relay PVC configuration mode.
frame-relay pvc
Enter this command in DS-0, DS-1, DS-3,
E1, E3, or port configuration mode. You
must have previously specified Frame Relay
encapsulation for this command to be
available.
2.
Associate the IP address of the remote host on the circuit.
ip host
Enter this command in Frame Relay PVC
configuration mode.
3.
Bind the Frame Relay PVC to an existing interface in an
existing context.
bind interface
Enter this command in Frame Relay PVC
configuration mode.
Additional conventions for the task tables in this guide include:
•
Alternative tasks are shown as bulleted lists. The task description indicates that they are alternatives.
•
Subtasks are shown as an unnumbered list under a task heading.
•
Optional subtasks are shown as unnumbered lists. The task description indicates that they are optional.
see step 4.
Online Navigation Aids
To aid in accessing information in the online format for this guide, the following types of cross-references
are hyperlinks:
•
Cross-references to chapters, sections, tables, and figures in the text
•
Lists of section headings within a chapter or appendix
•
Commands listed in the “Related Commands” section at the end of each command description
•
Entries in the table of context
•
Entries in indexes
Note Hyperlinks in PDF files appear the same as regular text; however, your cursor changes from an open
hand icon to a pointing finger icon when you move your cursor over a hyperlink.
xxii
Ports, Circuits, and Tunnels Configuration Guide
Ordering Documentation
Ordering Documentation
Redback documentation is available on CD-ROM, which ships with Redback products. The appropriate
CD-ROMS are included with your products as follows:
•
SMS product
•
SmartEdge router product
•
NetOp product (includes NetOp EMS and NetOp PM)
To order additional copies of the appropriate CD-ROM or printed, bound books, perform the following
steps:
1. Log on to the Redback Networks Support web site at http://www.redback.com and enter a username
and password.
If you do not have a logon username and password, contact your Redback Networks support
representative, or send an e-mail to supportlogin@redback.com with a copy of the show hardware
command output, your contact name, company name, address, and telephone number.
2. On the Redback Networks Support web site, select one of the Redback Networks product line tabs at
the bottom of the web page, click Documentation on the navigation bar, and then click To Order
Books on the navigation bar.
To electronically provide feedback on our documentation, perform the following steps:
1. On the Documentation web page, click Feedback on the navigation bar.
2. Complete and submit the documentation feedback form.
We appreciate your comments.
About This Guide
xxiii
Ordering Documentation
xxiv
Ports, Circuits, and Tunnels Configuration Guide
Part 1
Introduction
This part provides an overview of the SmartEdge® OS features, functions, and applications, and consists of
Chapter 1, “Overview.”
Chapter 1
Overview
The edge of the network is a highly demanding environment due to the large number of access terminations
and the need to perform in-service upgrades to handle new feature deployments.
The SmartEdge® router hardware and software products provide multiservice optical platforms that enable
the next generation of services in the new access network. The SmartEdge OS runs on all the SmartEdge
routers, including the SmartEdge 800, SmartEdge 800s, and SmartEdge 400. The SmartEdge router
products are edge routing platforms that provide:
•
High-performance—Enables line-rate packet forwarding.
•
Robustness—Enables packet reliability, meeting rigorous uptime and availability requirements.
•
Scalability—Supports a large number of access terminations.
•
Flexibility—Provides platforms that can support multiple services.
This chapter describes the SmartEdge OS software, including the following sections:
•
SmartEdge OS Architecture
•
SmartEdge OS Applications
•
SmartEdge OS Concepts
•
User Interface
•
What’s Next?
Note In the following descriptions, the term, controller card, applies to the Cross-Connect Route
Processor (XCRP) or the XCRP Version 3 (XCRP3) Controller card, unless otherwise noted.
Overview
1-1
SmartEdge OS Architecture
SmartEdge OS Architecture
The SmartEdge OS is the advanced software system that works in conjunction with the ASIC-based
SmartEdge hardware products to provide a scalable and robust multiservice platform, including the features
described in the following sections:
•
Independent System Processes
•
System Redundancy and Synchronization
The SmartEdge OS performs the route processing and other control functions and runs on the controller
card. The packet forwarding function is performed by Packet Processing ASICs (PPAs) on the individual
traffic cards.
Figure 1-1 illustrates the SmartEdge OS architecture.
Figure 1-1 SmartEdge OS Architecture
1-2
Ports, Circuits, and Tunnels Configuration Guide
SmartEdge OS Architecture
The SmartEdge OS is based on a general-purpose operating system; each major system component (see
Table 1-1) runs as a separate process in the system.
Table 1-1
SmartEdge OS System Components
System Component
Function
Authentication, authorization, and
accounting (AAA)
Forces all authentication requests and accounting updates to a single
set of Remote Authentication Dial-In User Service (RADIUS) servers.
NetBSD kernel
Provides a lean and stable base for the SmartEdge OS.
Process Manager (PM)
Monitors and controls the operation of the other processes in the
system.
Router Configuration Manager (RCM)
Controls all system configurations using a transaction-oriented
database.
Interface and Circuit State Manager (ISM)
Monitors and disseminates the state of all interfaces, ports, and
circuits in the system.
Routing protocols
Run as an independent processes, maintaining independent Routing
Information Bases (RIBs). The routing processes send the routing
information to the central RIB.
RIB
Downloads forwarding tables to the traffic cards.
Feature modules
Run as independent processes, each in its own protected address
space.
Traffic card
Includes the PPA ASICs, which contain the Forwarding Information
Base (FIB) and forwarding code.
Independent System Processes
The implementation of the major software components as independent processes provides several benefits:
•
Processes in the system can be independently stopped, restarted, and upgraded without reloading the
entire system or individual traffic cards.
•
The system continues to operate in the event of a failure or disruption to any single component.
The separation of the route processing and control functions (performed by the SmartEdge OS software
running on the controller card) from the forwarding function (performed on the individual traffic cards) also
provides several benefits:
Overview
•
Dedicated route processing functions are not affected by heavy traffic; dedicated packet forwarding is
not affected by routing instability in the network.
•
The architecture enables line-rate forwarding on all traffic cards. New features can be added to the
control software on the controller without affecting the forwarding performance.
•
The architecture provides nonstop forwarding during system upgrades or reloads; the traffic cards
continue to forward packets.
1-3
SmartEdge OS Applications
System Redundancy and Synchronization
Among other redundancy features, the SmartEdge routers and the operating system support dual controller
cards; one card acts as the active controller and the other acts as its hot standby:
Both controller cards contain disk memory (compact-flash) cards that store the operating system image, its
associated files, and the configuration database. A synchronization process ensures that the standby
controller is always ready to become the active controller:
•
When either the software release or the firmware on the active controller is upgraded, the standby
controller automatically synchronizes its software or firmware version to that of the active controller.
•
When a user modifies the contents of the compact-flash card (for example, by saving a configuration to
a file, copying a file, or deleting a file), the change is propagated to the compact flash of the standby
controller.
•
The configuration database of the active and standby controllers are always synchronized.
To guard against system inconsistency, the synchronization process is protected.While the synchronization
is in progress, switchover from the active to the standby controller is not allowed. If the active controller
should fail during such a time, the standby does not become active. If the user attempts to force a switchover
during this synchronization period, the system warns the user that the standby is not ready.
The synchronization process is not affected by traffic card installation and removal. The active controller,
and hence the system, continues to forward traffic and detect and notify the administrator of any faults that
occur while the standby controller card is being synchronized (FAIL LED is blinking).
After the synchronization is complete, the standby controller is ready to become the active controller, if the
active should fail.
SmartEdge OS Applications
The SmartEdge products provide carrier-class, scalable termination and aggregation of IP-based traffic.
The SmartEdge platform combines high-density optical and electrical interfaces with robust IP routing
software to support business-grade IP service aggregation and delivery.
The SmartEdge platform can be used as an edge aggregation router to directly connect customers. The
SmartEdge OS supports a variety of interfaces and vital services such as quality of service (QoS) and
inbound and outbound access control lists. New services can easily be added with software upgrades.
Because of the optimized packet forwarding capabilities and support of high-bandwidth uplink interfaces,
the SmartEdge platform can also be used in the metropolitan core to aggregate traffic from other routers
into the long-haul transit core.
1-4
Ports, Circuits, and Tunnels Configuration Guide
SmartEdge OS Concepts
Figure 1-2 shows an example application for the SmartEdge products.
Figure 1-2 SmartEdge OS Application
SmartEdge OS Concepts
SmartEdge OS concepts include the following entities (see Figure 1-3):
Overview
•
Contexts
•
Interfaces
•
Subscribers
•
Ports, Channels, and Circuits
•
Cross-Connections
•
Tunnels
•
Bindings
1-5
SmartEdge OS Concepts
Figure 1-3 SmartEdge OS Software Component Interrelationships
Contexts
Most networking products are designed so that the entire set of ports, circuits, and protocols operate
together as one global instance. The SmartEdge OS supports an advanced feature called multiple contexts.
Each context is a virtual SmartEdge router instance running within a single physical device. A context
operates as a separate routing and administrative domain, with separate routing protocol instances,
addressing, authentication, accounting, and so on, and does not share this information with other contexts.
By separating the address and name spaces in this way, service providers can use multiple contexts to
provide direct access to customers, or to provide different classes of services for customers. Service
providers use a single physical device to implement this, with one or more contexts being assigned to each
service provider or service class. Implementing this today with equipment from other vendors requires
multiple devices.
The SmartEdge router is always configured with the special “local” context. This context is always present
on the system and cannot be deleted. In a single-context configuration, the local context is the only context
present on the system.
For more information about contexts, see the “Context Configuration” chapter in the Basic System
Configuration Guide for the SmartEdge OS.
Interfaces
The concept of an interface in the SmartEdge OS differs from that in traditional networking devices. In
traditional devices, the term, interface, is often used synonymously with port, channel, or circuit, which are
physical entities. In the SmartEdge OS, an interface is a logical construct that provides higher-layer
protocol and service information, such as layer 3 addressing. Interfaces are configured as part of a context
and are independent of physical ports, channels, and circuits. The decoupling of the interface from the
physical layer entities enables many of the advanced features offered by the SmartEdge OS.
For the higher-layer protocols to become active, an interface must be associated with a physical port,
channel, or circuit. This association is referred to as a binding in the SmartEdge OS. For more information,
see the “Interface Configuration” chapter in the Basic System Configuration Guide for the SmartEdge OS.
1-6
Ports, Circuits, and Tunnels Configuration Guide
SmartEdge OS Concepts
Subscribers
Subscribers are the end users of the high-speed access services. Subscriber records are configured as part
of a context, either locally on the SmartEdge router or on a RADIUS server. Subscriber records contain the
information necessary to bind a subscriber to the correct interface, and therefore, to the correct network
context and services. Subscriber records can also contain other configuration information, such as
authentication, access control, rate-limiting, and policing information.
The number of active subscribers is a function of configuration, memory, processing power, and desired
per-subscriber bandwidth. Each platform and hardware variant has a maximum active subscriber figure,
which may or may not be achieved under deployment scenarios.
With this release of the SmartEdge OS, the operating system supports the following subscriber
management services:
•
Dynamic service selection—The unique capability to dynamically bind subscriber sessions to services.
•
Provides access functions that traditional routers were not designed to provide, such as subscriber
management, provisioning, authentication, and accounting.
•
Provides the routing of subscriber traffic based on layer 3 addressing.
•
Performs all translations necessary to convert subscriber traffic to IP, relieving the service provider
backbone routers of frame translations that can cause congestion on high-volume routers.
•
Grooms individual subscriber data streams into simplified IP flows for routers connecting to the
Internet backbone.
For more information about subscribers, see the “Subscriber Configuration” chapter in the Basic System
Configuration Guide for the SmartEdge OS.
Ports, Channels, and Circuits
Ports, channels, and circuits in the SmartEdge OS represent the physical connectors and paths on the
SmartEdge traffic and controller cards. Physical port, channel, and circuit configurations include both
hardware and software parameters that allow the behavior of the port, channel, or circuit to be specified for
a specific platform.
Before any higher-layer user data can flow through a physical port, channel, or circuit, that port, channel,
or circuit must be associated with an interface within a context. This association is referred to as a binding
in the SmartEdge OS. The configuration for each port, channel, and circuit includes binding information.
Overview
1-7
SmartEdge OS Concepts
Cross-Connections
The SmartEdge OS supports various types of cross-connections that allow you to cross-connect circuits of
different types or of the same type. Types of supported cross-connections include:
•
Transparent, self-learning bridges using Asynchronous Transfer Mode (ATM) permanent virtual
circuits (PVCs) with RFC 1483 bridged encapsulation, Ethernet ports, or 802.1Q PVCs
•
Cross-connections with and without filtering
— ATM PVCs-to-ATM PVCs
— ATM PVCs-to-802.1Q PVCs
— 802.1Q PVCs-to-802.1Q PVCs
•
Interworking cross-connections between ATM PVCs and 802.1Q PVCs
Tunnels
The SmartEdge OS supports Generic Routing Encapsulation (GRE) over IP Version 4 (IPv4) tunnels, the
GRE Virtual Private Network (VPN) model, and the Layer 2 Tunneling Protocol (L2TP) for which the
SmartEdge router acts as an L2TP access concentrator (LAC). Tunnels are described in the following
sections:
•
GRE Tunnels and VPNs
•
L2TP Tunnels
•
Overlay Tunnels
GRE Tunnels and VPNs
GRE is a simple, stateless protocol that allows for the tunneling of IP in IP. GRE allows you to connect
remote sites using private IP addresses over a public network that uses publicly routable IP addresses. GRE
supports both IPv4 and IPv6 traffic. IP packets traveling through the tunnel are encapsulated with an IP
header from the public address space as shown in Figure 1-4 and Figure 1-5.
Figure 1-4 GRE Tunnel Packet Encapsulation for IPv4 Packets
Figure 1-5 GRE Tunnel Packet Encapsulation for IPv6 Packets
1-8
Ports, Circuits, and Tunnels Configuration Guide
SmartEdge OS Concepts
One of the more common applications of GRE tunneling is the creation of VPNs to connect to remote sites.
Multiple SmartEdge OS contexts and GRE tunnel circuits, one for each VPN, demultiplex traffic for each
VPN into its own IP address space. Thus each context acts as a dedicated virtual router for a VPN, where
the IP address space (for example, private addresses as described in RFC 1918, Address Allocation for
Private Internets) and routing databases are maintained separately from other contexts.
L2TP Tunnels
L2TP tunnels are User Datagram Protocol (UDP)/IP-encapsulated circuits that carry subscriber
Point-to-Point Protocol (PPP) sessions to another router. The router is designated as an LNS or an LAC,
depending on its relationship with the SmartEdge router:
•
When functioning as an LNS, the SmartEdge router accepts IP packets from LACs in the network and
terminates them.
•
When functioning as an LAC, the SmartEdge router terminates subscriber PPP sessions and tunnels
these sessions to a number of LNSs.
In each context configured on the system, the SmartEdge router can function as an LAC to one or more
LNSs, as an LNS to one or more LACs, or as both a LAC and an LNS.
Figure 1-6 shows a SmartEdge router acting as a LAC: terminating subscriber PPP sessions and tunneling
these sessions to a number of L2TP peers that are acting as LNSs.
Figure 1-6 L2TP Tunnels over UDP/IP
Overlay Tunnels
An overlay tunnel is used within a site or between sites; it is equivalent to a permanent link between two
IPv6 domains over an IPv4 backbone. The primary use is for stable connections that require regular secure
communication between two edge routers or between an end system and an edge router, or for connection
to remote IPv6 networks. You can configure overlay tunnels between border routers or between a border
router and a host. The host or router at each end of a tunnel must support both the IPv4 and IPv6 protocol
stacks.
The SmartEdge OS implementation of overlay tunnels is based on the RFC 2893, Transition Mechanisms
for IPv6 Hosts and Routers. IPv6 is fully described in RFC 2460, Internet Protocol Version 6 (IPv6)
Specification.
Overview
1-9
SmartEdge OS Concepts
The changes from IPv4 to IPv6 include:
•
Increase in address size from 32 bits to 128 bits
•
Simplified header
•
Extensible header with optional extension headers
•
Designed to co-exist with IPv4
•
Uses multicast addresses instead of broadcast addresses
For a description of IPv6 addressing and the types of IPv6 addresses, see RFC 3513, Internet Protocol
Version 6 (IPv6) Addressing Architecture.
Bindings
Bindings form the association in the SmartEdge OS between the ports, channels, or circuits and the
higher-layer routing protocols configured for a given context. No user data can flow on a port, channel, or
circuit until some higher-layer service is configured and associated with it. After a port, channel, or circuit
is bound to an interface, traffic flows through the context as it would through any IP router.
Bindings are either statically mapped during configuration or dynamically created based on subscriber
characteristics as defined in the local database, or on a RADIUS server; see the “Static Bindings” and
“Dynamic Bindings” sections that follow.
Static Bindings
With static bindings, a port, channel, or circuit is bound directly to an interface. In this case, the port,
channel, or circuit is hard-wired to the higher-layer protocols defined for the interface. Multiple ports,
channels, or circuits can be bound to a single interface.
A circuit can also be statically bound to a particular subscriber in a given context. In this case, the binding
between the circuit and the higher-layer protocols is determined indirectly, through the subscriber record.
In Figure 1-7, subscriber joe is configured with an IP address that maps to interface if1 in the context
local. When the virtual circuit on ATM port 6/1 is bound to subscriber joe, the SmartEdge OS
determines the interface that the circuit will be bound to by examining the subscriber information for joe.
Dynamic Bindings
Dynamic binding occurs when a circuit is bound to the higher-layer protocols based on session information.
For example, a PPP-encapsulated session can be bound to a particular context and interface by examining
the authenticated structured subscriber name in the form sub-name@ctx-name.
Note The separator character between the sub-name and the ctx-name arguments is configurable and can
be any of %, -, @, _, \\, #, and /. For information about configuring the separator character, see the
“AAA Configuration” chapter in the IP Services and Security Configuration Guide for the
SmartEdge OS. The default character is @, which is used throughout this guide.
Dynamic binding is the key to enabling advanced features, such as dynamic service and provider selection.
Dynamic binding also enables simultaneous access to multiple services on a single circuit.
1-10
Ports, Circuits, and Tunnels Configuration Guide
User Interface
Figure 1-7 also shows a dynamic binding between the virtual circuit on ATM port 6/1 and interface if5
in context ispgold. When the subscriber initiates a PPP session using the structured subscriber name,
mary@ispgold, the SmartEdge OS determines the context (ispgold) for the connection, and selects an
interface (if5) to which to bind the circuit. Successful dynamic binding depends on subscriber information
for subscriber mary configured in context ispgold, and successful PPP authentication during PPP
session establishment. The binding between this circuit and the ispgold context will be removed when
the PPP session is terminated. Because the binding on the circuit is dynamic, this same circuit could be used
by a different subscriber to select a different service.
Figure 1-7 Static and Dynamic Bindings
User Interface
The primary user interface to the SmartEdge OS is the command-line interface (CLI). The CLI concepts
are described in the following sections:
•
Command Modes and Prompts
•
Command Mode Hierarchy
•
Privilege Levels
•
No and Default Forms of Commands
For more information about using CLI commands, see the “Using the CLI” chapter in Basic System
Configuration Guide for the SmartEdge OS.
Overview
1-11
User Interface
Command Modes and Prompts
The two major modes are exec and global configuration. When a session is initiated, the CLI is set to the
exec mode by default. The exec mode allows you to examine the state of the system and perform most
monitoring, troubleshooting, and administration tasks using a subset of the available CLI commands.
Exec mode prompts can be one of the following forms, depending on the user privilege level (see the
“Privilege Levels” section):
[local]hostname#
[local]hostname>
In this example, local is the context in which commands are applied and hostname is the currently
configured hostname of the router. When you exit exec mode, using the exit command; this also ends the
CLI session.
Global configuration mode is the top-level configuration mode; all other configuration modes are accessed
from this mode. These modes allow you to interactively configure the system through the CLI, or to create
and modify a configuration file offline by entering configuration commands using any text editor. After you
have saved the file, you can then load it to the operating system at a later time.
To access global configuration mode, enter the configure command (in exec mode).
Configuration mode prompts are of the following form:
[local]hostname(mode-name)#
In the example above, local is the context in which commands are applied, hostname is the currently
configured hostname of the router, and mode-name is a string indicating the name of the current
configuration mode.
The prompt (in global configuration mode), assuming the factory default hostname of Redback and the
local context, is as follows:
[local]Redback(config)#
Each feature supported through the SmartEdge OS can have one or more configuration modes, some of
which you access using a command (in global configuration mode). Table 1-2 lists the configuration modes
for the commands described in this guide and the commands that you enter to access them.
Command Mode Hierarchy
Command modes exist in a hierarchy; that is, you must access the higher-level command mode before you
can access a lower-level command mode in the same chain.
Note For modes relevant to routing protocol features, see the “Overview” chapter in the Routing
Protocols Configuration Guide for the SmartEdge OS. For modes relevant to IP services and
security features, see the “Overview” chapter in the IP Services and Security Configuration Guide
for the SmartEdge OS.
1-12
Ports, Circuits, and Tunnels Configuration Guide
User Interface
Figure 1-8 shows the hierarchy of the command modes used to configure features for ports, circuits and
tunnels.
Figure 1-8 Command Mode Hierarchy for Ports, Circuits and Tunnels Commands
Overview
1-13
User Interface
Table 1-2 lists the command modes (in alphabetical order) relevant to ports, circuits and tunnels features.
It includes the commands that enable access to each mode, and the command-line prompt for each mode.
Table 1-2
Mode Access Commands and System Prompts
Mode Name
Commands Used to Access
Command-Line Prompt
exec
(user logon)
# or >
administrator
administrator command from context configuration mode
(config-administrator)#
APS
aps group command from global configuration mode
(config-aps)#
ATM DS-3
port atm command from global configuration mode
(config-atm-ds3)#
ATM OC
port atm command from global configuration mode
(config-atm-oc)#
ATM profile
atm profile command from global configuration mode
(config-atm-profile)#
ATM PVC
atm pvc command from ATM OC and ATM DS-3 configuration mode
(config-atm-pvc)#
ATM child protocol
circuit protocol command from ATM PVC configuration mode
(config-atm-child-proto)#
AU-3
au3 command from STM-1 configuration mode
(config-au3)#
bridge
bridge command from context configuration mode
(config-bridge)#
bridge profile
bridge-profile command from global configuration mode
(config-bridge-profile)#
bulkstats
bulkstats policy command from context configuration mode
(config-bulkstats)#
card
card command from global configuration mode
(config-card)#
CLIPS PVC
clips pvc command from ATM PVC, dot1Q PVC, and port configuration modes
(config-clips-pvc)#
context
context command from global configuration mode
(config-ctx)#
dot1q profile
dot1q profile command from global configuration mode
(config-dot1q-profile)#
dot1q PVC
dot1q pvc command from port configuration mode
(config-dot1q-pvc)#
dot1q child protocol
circuit protocol command from dot1q PVC configuration mode
(config-dot1q-child-proto)#
DS-0 group
port ds0s command from global configuration mode
(config-ds0-group)#
DS-1
port ds1 command from global configuration mode
(config-ds1)#
DS-3
port channelized-ds3 and port d3 commands from global configuration mode
(config-ds3)#
E1
port e1 command from global configuration mode
(config-e1)#
E3
port e3 command from global configuration mode
(config-e3)#
Frame Relay profile
frame-relay profile from global configuration mode
(config-fr-profile)#
Frame Relay PVC
frame-relay pvc command from DS-0, DS-1, DS-3, E1, E3, and port configuration
modes
(config-fr-pvc)#
global
configure command from exec mode
(config)#
GRE peer
gre-peer command from context configuration mode
(config-gre-peer)#
GRE tunnel
gre-tunnel command from tunnel map configuration mode
(config-gre-tunnel)#
interface
interface command from context configuration mode
(config-if)#
L2TP group
l2tp-group command from context configuration mode
(config-l2tp-group)#
L2TP peer
l2tp-peer command from context configuration mode
(config-l2tp)#
1-14
Ports, Circuits, and Tunnels Configuration Guide
User Interface
Table 1-2
Mode Access Commands and System Prompts (continued)
Mode Name
Commands Used to Access
Command-Line Prompt
link group
link-group command from global configuration mode
(config-link-group)#
link PVC
dot1q pvc command from link group configuration mode
(config-link-pvc)#
macro
macro command from global configuration mode
(config-macro)#
NetOp
netop command from global configuration mode
(config-netop)#
port
port channelized oc-12, port ethernet, and port pos commands from global
configuration mode
(config-port)#
SNMP server
snmp server command from global configuration mode
(config-snmp-server)#
software license
software license command from global configuration mode
(config-license)#
stats collection
stats-collection command from global configuration mode
(config-stats-collection)#
STM-1
port channelized-stm1 command from global configuration mode
(config-stm1)#
subscriber
subscriber command from context configuration mode
(config-sub)#
tunnel map
tunnel map command from global configuration mode
(config-tunnel-map)#
Privilege Levels
The SmartEdge OS supports 16 different privilege levels for administrators and for commands. By default,
administrators are assigned an initial privilege level of 6; administrators can only issue commands that are
assigned at the same level as their own privilege level or lower than their privilege level. Each command
in the CLI is assigned a default privilege level. At a privilege level of 6 or higher, the prompt in the CLI
displays a number sign (#) instead of an angle bracket (>).
There are two types of administrators:
•
Local—An administrator authenticated to the “local” context. The local administrator has a structured
administrator name of the form admin-name@local.
•
Non-local—An administrator authenticated to any context other than the local context. An example of
a non-local administrator has a administrator name of the form admin-name@ctx-name is joe@vpn1,
where vpn1 is the name of the context.
Note The separator character between the admin-name and the ctx-name arguments is configurable and
can be any of %, -, @, _, \\, #, and /. For information about configuring the separator character, see
the “AAA Configuration” chapter in the IP Services and Security Configuration Guide for the
SmartEdge OS. The default character is @, which is used throughout this guide.
An administrator authenticated to the “local” context, given appropriate administrator privileges, can
configure all functions on the SmartEdge router, including functions for each context, and global entities,
such as ports, port profiles, SNMP, and so on. Non-local administrators have no configuration mode
privileges, and have restricted exec mode privileges.
To configure administrator privilege levels, see the “Context Configuration” chapter in the Basic System
Configuration Guide for the SmartEdge OS.
Overview
1-15
What’s Next?
Each command has a default privilege level that determines, given the privilege assigned to the
administrator, who can enter the command. The majority of commands (in exec mode) have a default
privilege level of 3, while commands in any configuration mode have a default privilege level of 10.
Exceptions are noted in parentheses ( ) in the “Command Mode” section in any command description; for
example, “exec (15)”.
Command privilege levels are configurable; to change the default privilege level for a command, see the
“Basic System Configuration” chapter in the Basic System Configuration Guide for the SmartEdge OS.
No and Default Forms of Commands
Many configuration commands support the no keyword. Entering the no keyword in front of a command
disables the function or removes the command from the configuration. For example, to enable PPP
keepalive checks, enter the ppp keepalive command (in context configuration mode). To subsequently
disable PPP keepalive checks and remove the command from the configuration, enter the no ppp keepalive
command (in context configuration mode).
Many configuration commands support the default keyword. Entering the default keyword in front of a
command returns a parameter or feature to the default state.
What’s Next?
You can interactively configure the SmartEdge router through the CLI. You can also configure the
SmartEdge router using a text editor to create a configuration file and then loading that file on to the router.
The SmartEdge OS configuration process is transaction-based and supports atomic transactions, including
commits and aborts, against the configuration database. Sequences of commands can be entered and
validated before being applied, and automated provisioning systems can be interfaced to the SmartEdge for
flow-through provisioning and scheduled command execution.
The CLI commands are described in the “Using the CLI” chapter in the Basic System Configuration Guide
for the SmartEdge OS.
1-16
Ports, Circuits, and Tunnels Configuration Guide
Part 2
Traffic Cards, Ports, and Channels
This part describes how to configure and manage traffic cards, their ports and channels, and Automatic
Protection Switching (APS) groups; it consists of the following chapters:
•
Chapter 2, “Traffic Card Configuration”
•
Chapter 3, “ATM, Ethernet, and POS Port Configuration”
•
Chapter 4, “Clear-Channel and Channelized Port and Channel Configuration”
•
Chapter 5, “APS Configuration”
Chapter 2
Traffic Card Configuration
This chapter provides an overview of SmartEdge® traffic cards, describes the tasks used to configure traffic
card parameters, provides configuration examples, and describes the commands used to configure
SmartEdge traffic cards through the SmartEdge OS. The commands described in this chapter are common
to all card types, except where noted.
For information about the tasks and commands used to monitor, troubleshoot, and administer traffic cards,
see the “Card, Port, and Channel Operations” chapter in the Ports, Circuits, and Tunnels Operations Guide
for the SmartEdge OS.
Other chapters with related tasks and commands include:
•
Configuration tasks and commands for Asynchronous Transfer Mode (ATM), Ethernet, and Packet over
SONET/SDH (POS) ports are described in Chapter 3, “ATM, Ethernet, and POS Port Configuration.”
•
Configuration tasks and commands for clear-channel and channelized ports and channels are described
in Chapter 4, “Clear-Channel and Channelized Port and Channel Configuration.”
•
Configuration tasks and commands for permanent virtual circuits (PVCs) are described in Chapter 6,
“Circuit Configuration.”
For protocol- or feature-specific commands that appear in card configuration mode, see the appropriate
chapter in this guide, or the Routing Protocols Configuration Guide for the SmartEdge OS, or the IP
Services and Security Configuration Guide for the SmartEdge OS.
Note In the following descriptions, the term, controller card, applies to the Cross-Connect Route
Processor (XCRP) or the XCRP Version 3 (XCRP3) Controller card, unless otherwise noted.
The term, first-generation ATM OC card, refers to a 2-port ATM OC-3c/STM-1c or
ATM OC-12c/STM-4c card; similarly, the term, second-generation ATM OC card, refers to a 4-port
ATM OC-3c/STM-1c or Enhanced ATM OC-12c/STM-4c card.
The term, chassis, refers to any SmartEdge chassis; the term, SmartEdge 800, refers to any version
of the SmartEdge 800 chassis.
This chapter includes the following sections:
•
Overview
•
Configuration Tasks
•
Configuration Examples
•
Command Descriptions
Traffic Card Configuration
2-1
Overview
Overview
Traffic cards are the individual I/O cards in a SmartEdge system. The SmartEdge router supports many
different types of traffic cards, and configuration tasks for each card may vary, depending on its type.
Table 2-1 lists the traffic cards supported in this release; in the table, ER, IR, LR, and SR abbreviations are
used for Extended Reach, Intermediate Reach, Long Reach, and Short Reach, respectively.
Table 2-1
SmartEdge Traffic Cards
Type of Traffic Card
SONET/SDH
Cards Supported
• OC-48c/STM-16c ER (1-port card)
• OC-48c/STM-16c LR (1-port card)
• OC-48c/STM-16c SR (1-port card)
• OC-12c/STM-4c IR (4-port card)
• OC-3c/STM-1c IR (8-port card)
Channelized SONET
• Channelized OC-12 to DS-3 IR (1-port card)
• Channelized OC-12 to DS-1 IR (1-port card)
Channelized SDH
ATM
• Channelized STM-1 (3-port card)
• ATM OC-12c/STM-4c IR (1-port card)
• Enhanced ATM OC-12c/STM-4c IR (1-port card)
• ATM OC-3c/STM-1c IR (2- and 4-port cards)
• ATM DS-3 (12-port card)
PDH
• Channelized DS-3 (3-port card)
• Channelized DS-3 (12-port card)
• Clear-Channel DS-3 (12-port card)
• Clear-Channel E3 (6-port card)
• Channelized E1 (24-port card)
Ethernet
• 10/100 Ethernet (12-port card)
• Gigabit Ethernet (4-port card)
• Advanced Gigabit Ethernet (4-port card)
• Gigabit Ethernet 3 (4-port card)
• Gigabit Ethernet 1020 (20-port card)
• 10 Gigabit Ethernet (1-port,10-Gbps card)
For more information about traffic cards, see the “Traffic Card Descriptions” chapter in the SmartEdge 800
Router Hardware Guide or SmartEdge 400 Router Hardware Guide.
2-2
Ports, Circuits, and Tunnels Configuration Guide
Configuration Tasks
Configuration Tasks
Note In this section, the command syntax in the task table displays only the root command; for the
complete command syntax, see the full description for the command in the “Command
Descriptions” section.
To configure the basic features for a traffic card, perform the tasks described in Table 2-2.
Table 2-2
Configure a Traffic Card
#
Task
Root Command
Notes
1.
Provision a card and access card configuration
mode.
card
Enter this command in global configuration
mode.
2.
Specify the number of configurable ports.
maximum ports
Enter this command in card configuration
mode. This command applies to ATM DS-3
cards only. The ATM DS-3 traffic card is not
supported on the SmartEdge 800s chassis.
3.
Specify card-specific attributes (all attributes are optional):
Enable SONET path maintenance, path trace,
and path alarm monitoring features for the card.
sonet-eu
Enter this command in card configuration
mode. This command applies to
first-generation ATM OC and all POS cards
only.
Select the clock source for the card.
clock-source
Enter this command in card configuration
mode. This command applies to ATM DS-3
and second-generation ATM OC cards only.
The ATM DS-3 traffic card is not supported
on the SmartEdge 800s chassis.
Specify the mode for the segmentation and
reassembly (SAR) image in the card.
atm mode
Enter this command in card configuration
mode. This command applies to ATM DS-3
and second-generation ATM OC cards only.
The ATM DS-3 traffic card is not supported
on the SmartEdge 800s chassis.
Configuration Examples
The following example configures a POS OC-12c/STM-4c traffic card in slot 3 and enables the SONET
path and alarm monitoring:
[local]Redback(config)#card oc12-4-port 3
[local]Redback(config-card)#sonet-eu
[local]Redback(config-card)#exit
The following example configures a 4-port ATM OC-3c/STM-1c card in slot 4 and specifies the ATM
priority mode for the card:
[local]Redback(config)#card atm-oc3-4-port 4
[local]Redback(config-card)#atm mode atm-priority
Note: enable atm-priority SAR image will cause card reload
commit to continue; abort to exit without change
Traffic Card Configuration
2-3
Command Descriptions
[local]Redback(config-card)#commit
[local]Redback(config-card)#exit
The following example specifies the first 8 ports on an ATM DS-3 card in slot 5 as software configurable:
[local]Redback(config)#card atm-ds3 5
[local]Redback(config-card)#maximum ports 8
[local]Redback(config-card)#commit
[local]Redback(config-card)#exit
Command Descriptions
This section describes the syntax and usage guidelines for the commands used to configure traffic card
parameters. The commands are presented in alphabetical order.
atm mode
card
clock-source
maximum ports
sonet-eu
2-4
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
atm mode
atm mode [atm-priority | ip-priority | vc-fair]
{no | default} atm mode
Purpose
Specifies the mode in which the segmentation and reassembly (SAR) image in the Asynchronous Transfer
Mode (ATM) DS-3 or second-generation ATM OC card performs traffic shaping and scheduling for virtual
paths (VPs) and the permanent virtual circuits (PVCs) configured on them.
Command Mode
card configuration
Syntax Description
atm-priority
Optional. Specifies ATM priority scheduling with shaping using traffic classes.
ip-priority
Optional. Specifies IP priority scheduling with shaping using limited traffic classes.
vc-fair
Optional. Specifies weighted round-robin scheduling with shaping using traffic classes;
this is the default mode.
Default
Traffic scheduling is performed using the VC fairness mode.
Usage Guidelines
Use the atm mode command to specify the mode in which the SAR image in the ATM DS-3 or
second-generation ATM OC card performs traffic shaping and scheduling for VPs and the PVCs configured
on them.
Note A PVC created on a shaped VP is referred to as a virtual circuit (VC) in the following descriptions
of the modes, only to easily distinguish it from a PVC configured on a nonshaped VP.
•
ATM priority
This mode supports different ATM profiles with different shaping for VPs and the ATM VCs that you
configure on them. VPs and VCs are shaped using constant bit rate (CBR), variable bit rate-real time
(VBR-rt), VBR nonreal-time (VBR-nrt), or unspecified bit rate (UBR), subject to the restrictions given
in the “Configuring ATM” section in Chapter 6, “Circuit Configuration.”
It uses these traffic classes to perform VP and VC scheduling; VCs can also be scheduled with an
attached quality of service (QoS) ATM weighted-fair queuing (WFQ) scheduling policy.
PVCs configured on a nonshaped VP are shaped using any traffic class, including UBR extended
(UBRe) and can be scheduled using traffic classes and an attached QoS ATMWFQ scheduling policy.
Note The ATM DS-3 traffic card is not supported on the SmartEdge 800s chassis.
Traffic Card Configuration
2-5
Command Descriptions
•
IP priority
This mode supports different profiles with different shaping for VPs and their VCs, but restricts the
shaping for VPs to CBR, UBR with the peak cell rate (PCR) option, VBR-rt, and VBR-nrt; VCs are
restricted to UBR with the PCR option.
It uses the IP priorities specified by an attached QoS ATMWFQ policy to perform VP and VC
scheduling.
Note If the QoS ATMWFQ policy has queue 0 mode set to alternate, then the PVC that policy configured
on, will be treated as low priority. It is recommended to use strict mode for the IP priority to work
properly.
PVCs configured on a nonshaped VP are shaped using any traffic class, except UBRe, and can be
scheduled using traffic classes and an attached QoS ATMWFQ scheduling policy. (Configuring PVCs
in this mode is not recommended.)
Note The ATM priority and IP priority modes reduce the number of PVCs that you can configure on an
ATM DS-3 or second-generation ATM OC card; performance on an ATM DS-3 port might not
reach line rate for certain traffic patterns.
•
VC fairness
This mode supports different profiles with different shaping for shaped VPs and their VCs, but restricts
the shaping for VPs to CBR, UBR with the PCR option, VBR-rt, and VBR-nrt; VCs are restricted to
UBR without the PCR option.
It uses traffic classes to perform VP scheduling; VCs are scheduled using weighted round-robin (WRR)
scheduling. VCs can also be scheduled with an attached QoS ATMWFQ scheduling policy.
PVCs configured on a nonshaped VP are shaped and scheduled using any traffic class.
For more information about shaping, traffic classes, and traffic scheduling, see the “Configuring ATM”
section in Chapter 6, “Circuit Configuration.” For more information about IP priorities, class of service
(CoS) queues, and QoS ATMWFQ policies, see the “QoS Scheduling Configuration” chapter in the IP
Services and Security Configuration Guide for the SmartEdge OS.
Note The ATM priority mode replaces the hierarchical-shaped virtual circuit (HSVC) SAR image that
was supported in previous releases. ATM DS-3 and second-generation ATM OC cards that were
configured with the hierarchical shaping command (in card configuration mode) are automatically
configured using this command with the atm-priority keyword.
You cannot enter this command for an ATM DS-3 or second-generation ATM OC card for which you have
already configured ATM VPs or ATM PVCs. You must remove the VPs and PVCs with one of the
following commands before you can specify a different mode:
2-6
•
The no form of the atm vp and atm pvc commands (in ATM OC, or ATM DS-3 configuration mode)
•
The no form of the port atm command (in global configuration mode) for each port that has VPs and
PVCs configured
•
The no form of the card command (in global configuration mode)
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
If you attempt to specify an ATM mode that is different from the current mode, the system displays a
message; you must commit the transaction using the commit command (in any configuration mode) to
change the mode. You can the delete the transaction by entering the abort command (any configuration
mode) to terminate the operation without changing the mode.
Caution Risk of data loss. This command causes a card reload which disrupts all traffic on the card. To
reduce the risk, do not change the mode of the card during peak traffic times.
To view the current mode in an ATM DS-3 or second-generation ATM OC card, enter the show hardware
command (in any mode) with the card and detail keywords; the mode displays in the SAR Image Type
field. For information about this command, see the “Hardware Operations” chapter in the Ports, Circuits,
and Tunnels Operations Guide for the SmartEdge OS.
Use the no or default form of this command to specify the default mode. The same restrictions apply to the
no and default forms of this command as the command itself:
•
You must remove all ATM VPs and ATM PVCs configured for the card before changing the mode as
described previously.
•
You must enter the commit command (in card configuration mode) for the change of mode to proceed.
Examples
The following example specifies the ATM priority mode for a 4-port ATM OC-3c/STM-1c card for which
no ATM VPs or PVCs are configured:
[local]Redback(config)#card atm-oc3-4-port 5
[local]Redback(config-card)#atm mode atm-priority
Note: enable atm-priority SAR image will cause card reload
commit to continue; abort to exit without change
[local]Redback(config-card)#commit
The following example displays the current mode and its version in the 4-port ATM OC-3c/STM-1c card
in slot 5:
[local]Redback(config)#show hardware card 5 detail
Slot
Serial No
EEPROM id/ver
SysFpga rev
LimFpga rev
IPPA memory
SARC memory
Voltage 1.5V
Voltage 2.6V
Temperature
Card Status
Fail LED
Standby LED
Chass Entitlement
Ports Entitled
Traffic Card Configuration
:
:
:
:
:
:
:
:
:
:
:
:
:
:
:
5
9X0B5100200011
0x5a/4
0x7
0x6
256 MB
16 MB 30
1.516 (+1%)
2.646 (+1%)
NORMAL (51 C)
HW initialized
Off
Off
SE400/SE800
All
Type
: atm-oc3-4-port
Hardware Rev
: 255 25
Mfg Date
: 13-NOV-2002
SysFpga file rev : N/A
LimFpga file rev : 0x6
EPPA memory
: 256 MB
Voltage 1.8V
Voltage 3.3V
: 1.794 (-0%)
: 3.403 (+0%)
Diag Status
Active LED
: Success
: On 35
2-7
Command Descriptions
SAR Image Type
: atm-priority
SAR Image Version : 1.3.33.10.15
Active Alarms
: NONE
[local]Redback(config-card)#
The following example specifies ATM priority mode for a 4-port ATM OC-3c/STM-1c card for which one
or more ATM VPs or PVCs are configured:
[local]Redback(config)#card atm-oc3-4-port 5
[local]Redback(config-card)#atm mode atm-priority
Cannot modify atm-priority SAR Image Type on card atm-oc3-4-port in slot 5
: VPs or PVCs exist - remove all VPs and PVCs from this card first
[local]Redback(config-card)#exit
[local]Redback(config)#no port atm 5/1
The following example specifies the default mode for a 4-port ATM OC-3c/STM-1c card for which no
ATM VPs or PVCs are configured:
[local]Redback(config)#card atm-oc3-4-port 5
[local]Redback(config-card)#no atm mode
Note: disable atm-priority SAR image will cause card reload
commit to continue; abort to exit without change
[local]Redback(config-card)#commit
Related Commands
card
2-8
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
card
card card-type slot
no card card-type slot
Purpose
Specifies a card for a slot, or selects one for modification, and enters card configuration mode.
Command Mode
global configuration
Syntax Description
card-type
Type of card, according to one of the keywords in Table 2-3.
slot
Chassis slot number of the card. The range of values depends on the type of card and the
chassis in which the card is installed; see Table 2-3 for slot range data.
Default
None
Usage Guidelines
Use the card command to specify a card for a slot, or select one for modification, and enter card
configuration mode. Table 2-3 lists the types of cards, the keywords for the card-type argument, and slot
ranges for the slot argument.
Use this command only to configure a card and its associated ports, channels, and circuits before the card
is actually installed in the chassis of a SmartEdge router.
If you configure a card and then insert a different card type in the slot, the ports on that card do not come up.
Use the no form of this command to remove the configuration of a card from the configuration database.
Note For those cards that support on-demand diagnostics, this command is also documented in the
“Hardware Management” chapter in the Ports, Circuits, and Tunnels Operations Guide for the
SmartEdge OS.
Traffic Card Configuration
2-9
Command Descriptions
Table 2-3 lists the values for the card-type and slot arguments for each type of SmartEdge chassis; in the
table, ER, IR, LR, and SR abbreviations are used for Extended Reach, Intermediate Reach, Long Reach,
and Short Reach, respectively.
Table 2-3
Card Types and Slots for the card Command
slot Argument Range
Type of Traffic Card/Description
card-type Keyword
SmartEdge 800 Router
SmartEdge 400 Router
OC-48c/STM-16c SR
oc48-1-port
1 to 6 and 9 to 14
1 to 4
OC-48c/STM-16c LR
oc48-1-port
OC-48c/STM-16c ER
oc48-1-port
OC-12c/STM-4c IR
oc12-4-port
OC-3c/STM-1c IR
oc3-8-port
1 to 6 and 9 to 14
1 to 4
SONET/SDH
ATM
ATM OC-12c/STM-4c IR
atm-oc12-1-port
Enhanced ATM OC-12c/STM-4c IR
atm-oc12e-1-port
2-port ATM OC-3c/STM-1c IR
atm-oc3-2-port
4-port ATM OC-3c/STM-1c IR
atm-oc3-4-port
ATM DS-3 (12-port card)
atm-ds3-12-port
1 to 5 and 10 to 14
3 to 4
Channelized OC-12 to DS-1 IR
ch-oc12ds1-1-port
1 to 6 and 9 to 14
1 to 4
Channelized OC-12 to DS-3 IR
ch-oc12ds3-1-port
ch-stm1ds0-3-port
1 to 6 and 9 to 14
1 to 4
3-port Channelized DS-3
ch-ds3-3-port
1 to 5 and 10 to 14
3 to 4
12-port Channelized DS-3
ch-ds3-12-port
Clear-Channel DS-3
ds3-12-port
Clear-Channel E3
e3-6-port
Channelized E1
ch-e1ds0-24-port
1 to 6 and 9 to 14
1 to 4
10/100 Ethernet
ether-12-port
1 to 6 and 9 to 14
1 to 4
Gigabit Ethernet
gigaether-4-port
Advanced Gigabit Ethernet
gigaether-4-port
Gigabit Ethernet 3
ge3-4-port
Gigabit Ethernet 1020
ge-20-port
10 Gigabit Ethernet
10ge-1-port
Channelized SONET
Channelized SDH
Channelized STM-1 to E1 IR
PDH
Ethernet
Examples
The following example configures an ATM OC-12c/STM-4c card in slot 3:
[local]Redback(config)#card atm-oc12-1-port 3
[local]Redback(config-card)#
2-10
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
Related Commands
None
Traffic Card Configuration
2-11
Command Descriptions
clock-source
clock-source {global-reference | local}
default clock-source
Purpose
Specifies the source for the transmit clock on an Asynchronous Transfer Mode (ATM) DS-3 or
second-generation ATM OC card.
Command Mode
card configuration
Syntax Description
global-reference Specifies the system clock on the active controller card as the clock source.
local
Specifies the local clock located on the traffic card.
Default
The source for the transmit clock is the local clock located on the traffic card.
Usage Guidelines
Use the clock-source command to specify the source for the transmit clock on an ATM DS-3 or
second-generation ATM OC card. You can specify (during port configuration) whether the port uses this or
another clock source.
The choice of the clock source for an ATM DS-3 or second-generation ATM OC card allows its ports to
function without packet loss during a switchover to the standby controller card when the active controller
card is removed from the SmartEdge chassis. If the clock source is the system clock on the active controller
card, packets can be lost during the brief interval of the switchover.
For this reason, it is highly recommended that you specify the local clock on the ATM DS-3 or
second-generation ATM OC card as the clock source. Table 2-4 shows the possible clock source
configurations for the card and its ports and the impact during switchover.
Table 2-4
Clock Source Configurations and Potential Packet Loss
Card Clock Source
Port Clock Source
Impact During Switchover
global-reference
loop
Potential loss of packets
card-reference
Potential loss of packets
loop
No loss of packets
card-reference (the default)
No loss of packets
local (the default)
Use the default form of this command to set the clock source to the default.
2-12
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
Examples
The following example specifies the internal clock on the 4-port ATM OC-3c/STM-1c card in slot 4 as the
clock source:
[local]Redback(config)#card atm-oc3-4-port 4
[local]Redback(config-card)#clock-source local
This configuration prevents packet loss should the active controller card be removed from the chassis.
Related Commands
clock-source—ATM DS-3 configuration mode
clock-source—ATM OC configuration mode
Traffic Card Configuration
2-13
Command Descriptions
maximum ports
maximum ports num-ports
{no | default} maximum ports [num-ports]
Purpose
Specifies the number of software-configurable ports on an Asynchronous Transfer Mode (ATM) DS-3 card.
Command Mode
card configuration
Syntax Description
num-ports
Number of ports that can be configured. Optional only in the no and default forms.
The allowed values are 4, 8, and 12.
Default
All ports on the card are software configurable.
Usage Guidelines
Use the maximum ports command to specify the number of software-configurable ports on an ATM DS-3
card. Ports 1, 2, and so on (up to and including the name of the num-ports argument) are enabled with this
command. The effect of this command is to increase the number of permanent virtual circuits (PVCs) that
can be created on any of the software-configurable ports for each traffic class. For more information about
the number of PVCs that can be created on each port, see the “ATM Configuration Guidelines” section in
Chapter 6, “Circuit Configuration.”
You must enter this command before you enter any other port-level configuration commands for this card;
it fails if there are any existing ports configured for this card.
You must enter the commit command (in any configuration mode) before you configure any ports on the
card. The commit command reloads the segmentation and reassembly (SAR) image on the card, which
causes the limit specified by the maximum ports command to take effect.
The remaining ports are held (in shutdown mode) and cannot be configured. An error message displays if
you specify one of these ports when entering the port atm command (in global configuration mode).
Use the no or default form of this command to specify that all ports are software configurable.
Note The ATM DS-3 traffic card is not supported on the SmartEdge 800s chassis.
Examples
The following example specifies ports 1 to 8 on the ATM DS-3 card in slot 5 are software configurable:
[local]Redback(config)#card atm-ds3 5
[local]Redback(config-card)#maximum ports 8
[local]Redback(config-card)#commit
2-14
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
Related Commands
port atm
Traffic Card Configuration
2-15
Command Descriptions
sonet-eu
sonet-eu
no sonet-eu
Purpose
Enables the Synchronous Optical Network (SONET) path trace, path maintenance, and path alarm
monitoring features on a 2-port Asynchronous Transfer Mode (ATM) OC-3c/STM-1c, ATM
OC-12c/STM-4c, or a Packet over SONET/SDH (POS) card.
Command Mode
card configuration
Syntax Description
This command has no keywords or arguments.
Default
SONET path maintenance and path alarm monitoring features are disabled.
Usage Guidelines
Use the sonet-eu command to enable the SONET path trace, path maintenance, and path alarm monitoring
features on a 2-port ATM OC-3c/STM-1c, ATM OC-12c/STM-4c, or a POS card. Path alarm monitoring
includes remote defect indication (RDI-P), B3 error count, un-equipped (UNEQ-P), path label mismatch
(PLM-P), and far end bit error (FEBE) count. This information displays in the output for the show port
counters and show port detail commands (in any mode), and cleared using the clear port counters
command (in exec mode).
The flag “N” in the display of the show chassis command (in any mode) indicates that a card has this
feature enabled.
Note This command applies to any first-generation ATM OC card or any POS card, regardless of the
framing of its ports. POS cards include OC-48c/STM-16c, OC-12c/STM-4c, and OC-3c/STM-1c.
This command is not needed for a second-generation ATM OC card and is not available for any
channelized SONET and Synchronous Digital Hierarchy (SDH) card.
Use the no form of this command to disable SONET path trace, path maintenance, and path alarm
monitoring features.
Note The no form of this command does not disable the SONET path trace, path maintenance, and path
alarm monitoring features until the next time the card is reloaded. You must reload the card with the
reload command (in exec mode) to disable the feature.
2-16
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
Examples
The following example enables SONET path maintenance and alarm monitoring on a POS
OC-12c/STM-4c traffic card in slot 1:
[local]Redback(config)#card oc12-4-port 1
[local]Redback(config-card)#sonet-eu
[local]Redback(config-card)#end
The following example disables SONET path maintenance and alarm monitoring on a POS
OC-12c/STM-4c traffic card in slot 1:
[local]Redback(config)#card oc12-4-port 1
[local]Redback(config-card)#no sonet-eu
[local]Redback(config-card)#end
Related Commands
None
Traffic Card Configuration
2-17
Command Descriptions
2-18
Ports, Circuits, and Tunnels Configuration Guide
Chapter 3
ATM, Ethernet, and POS Port Configuration
This chapter provides an overview of Asynchronous Transfer Mode (ATM), Ethernet, and Packet over
SONET/SDH (POS) ports, describes the tasks used to configure them, provides configuration examples,
and detailed descriptions of the commands used to configure them through the SmartEdge® OS. The
commands described in this chapter are common to all these port types, except where noted.
For information about the tasks and commands used to monitor, troubleshoot, and administer these ports,
see the “Card, Port, and Channel Operations” chapter in the Ports, Circuits, and Tunnels Operations Guide
for the SmartEdge OS.
Other chapters with related tasks and commands include:
•
Configuration tasks and commands for traffic cards are described in Chapter 2, “Traffic Card
Configuration.”
•
Configuration tasks and commands for circuits are described in Chapter 6, “Circuit Configuration.”
For protocol- or feature-specific commands that appear in ATM, ATM DS-3, or port configuration mode,
see the appropriate chapter in this guide, in the Routing Protocols Configuration Guide, or the IP Services
and Security Configuration Guide for the SmartEdge OS.
Note In the following descriptions, the term, controller card, applies to the Cross-Connect Route
Processor (XCRP) or the XCRP Version 3 (XCRP3) Controller card, unless otherwise noted.
The term, Gigabit Ethernet, applies to any ethernet traffic card that supports a port speed of 1 Gbps
or greater; unless explicitly stated, the speed of any Gigabit Ethernet port is 1 Gbps.
The term, chassis, refers to any SmartEdge chassis; the term, SmartEdge 800, refers to any version
of the SmartEdge 800 chassis.
This chapter includes the following sections:
•
Overview
•
Configuration Tasks
•
Configuration Examples
•
Command Descriptions
ATM, Ethernet, and POS Port Configuration
3-1
Overview
Overview
In a SmartEdge system, traffic cards are the individual I/O cards; ports are the physical interfaces on the
traffic cards. The SmartEdge routers support many different types of traffic cards and ports. The ATM,
Ethernet, and POS ports described in this chapter are ports on the following traffic cards:
•
ATM cards: ATM OC-3c/STM-1c, ATM OC-12c/STM-4c, Enhanced ATM OC-12c/STM-4c, and
ATM DS-3
Note The ATM DS-3 traffic card is not supported on the SmartEdge 800s chassis.
•
Ethernet cards: 10/100 Ethernet, and Gigabit Ethernet (any version).
•
Ethernet management port on a controller card.
•
POS cards: OC-3c/STM-1c, OC-12c/STM-4c, and OC-48c/STM-16c.
Configuration Tasks
Note In this section, the command syntax in the task tables displays only the root command; for the
complete command syntax, see the full description for the command in the “Command
Descriptions” section.
Port configuration tasks for each type of port are described in the following sections:
•
Configuring ATM Ports
•
Configuring Ethernet Ports
•
Configuring POS Ports
Configuring ATM Ports
ATM ports are of two types: those on an OC card, such as the ATM OC-12c/STM-4c, and those on the ATM
DS-3 card. You configure ATM OC ports in ATM OC configuration mode and ATM DS-3 ports in ATM
DS-3 configuration mode. Not all configuration tasks apply to all types of cards and ports; in the task
descriptions that follow, the configuration mode indicates the type of port to which the task applies.
ATM OC cards are also of two kinds:
•
First-generation ATM OC—2-port ATM OC-3c/STM-1c and ATM OC-12c/STM-4c
•
Second-generation ATM OC—4-port ATM OC-3c/STM-1c and Enhanced ATM OC-12c/STM-4c
The second-generation cards have more memory and support more ATM permanent virtual circuits (PVCs)
and enhanced queuing and traffic shaping capabilities than the first-generation cards.
Note The term, first-generation ATM OC port, refers to a port on a 2-port ATM OC-3c/STM-1c or
ATM OC-12c/STM-4c traffic card; similarly, the term, second-generation ATM OC port, refers to
a port on a 4-port ATM OC-3c/STM-1c or Enhanced ATM OC-12c/STM-4c traffic card.
3-2
Ports, Circuits, and Tunnels Configuration Guide
Configuration Tasks
This section includes the following topics:
•
Configure Operational Features for an ATM Port
•
Configure Maintenance Features for an ATM Port
Configure Operational Features for an ATM Port
You configure operational features to support normal operations. To configure operational features for an
ATM port, perform the tasks described in Table 3-1. Unless otherwise noted, enter all commands in either
ATM DS-3 or ATM OC configuration mode, depending on the type of port you are configuring.
Table 3-1
Configure Operational Features for an ATM Port
#
Task
Root Command
Notes
1.
Select (begin the configuration of) an ATM
port and access either ATM OC or ATM
DS-3 configuration mode.
port atm
Enter this command in global configuration mode.
2.
Specify general attributes for the port (all
attributes are optional):
Associate a description with the port.
description
Enter this command in port configuration mode.
Specify the framing.
framing
Enter this command in port configuration mode.
Framing options vary depending on the type of ATM
port.
Specify the MTU payload size without
fragmentation.
mtu
Enter this command in port configuration mode.
Assign a different MAC address.
mac-address
The default MAC address is assigned based on the
MAC address extracted from the EEPROM of the card.
Disable ATM cell payload scrambling.
atm scramble
Use the no form to disable this feature.
Specify an over-subscription rate for the
port.
over-subscription-rate
Apply an existing bulkstats schema profile
to the port.
bulkstats schema
ATM, Ethernet, and POS Port Configuration
For a description of the bulkstats schema command
listed in this table, see the “Bulkstats Configuration”
chapter in the Basic System Configuration Guide for the
SmartEdge OS.
3-3
Configuration Tasks
Table 3-1
Configure Operational Features for an ATM Port (continued)
#
Task
3.
Specify port-type specific attributes for the port (all attributes are optional):
4.
Root Command
Notes
Enable port to remain up after alarm
reception.
alarm-report-only
Enter this command in ATM OC configuration mode.
This command is for ATM OC ports only.
Specify the cable length.
cablelength
Enter this command in ATMS DS-3 configuration mode.
This command is for ATM DS-3 ports only.
Specify the clock source.
clock-source
You can enter this command in port configuration mode
as well. This command (in card configuration mode) is
for ATM DS-3 and second-generation ATM OC ports
only.
Enable port listening mode.
ccod-mode port-listen
This command is not yet available.
Enable the port to respond to or ignore
remote loopback requests.
equipment-loopback
Enter this command in ATM DS-3 configuration mode.
This command is for ATM DS-3 ports only.
Enable the port to maintain steady state
for subscribers.
link-dampening
Use the no form to disable this feature.
Specify the exponent of the SD-BER and
SF-BER thresholds.
threshold
This command is for first- and second-generation
ATM OC ports only. Enter this command for each
threshold to be specified.
Enable the port (begin operations on it).
shutdown
Use the no form to enable the port.
You are now ready to configure ATM virtual paths (VPs) and permanent virtual circuits (PVCs) on the port.
See Chapter 6, “Circuit Configuration,” for information about configuring ATM VPs and PVCs.
Configure Maintenance Features for an ATM Port
You configure maintenance features only if the port is experiencing problems. To configure maintenance
features for an ATM port, perform one or both of the tasks described in Table 3-2.
Table 3-2
Configure Maintenance Features for an ATM Port
Task
Root Command
Notes
Specify a path trace message for an ATM OC port.
path-trace
This command is available only for ports on second-generation
ATM OC cards.
Enter this command in ATM OC configuration mode.
Change to a loopback state on a port to test port
operation.
loopback
Enter this command in ATM OC or ATM DS-3 configuration
mode.
Configuring Ethernet Ports
Ethernet ports are of three types: the management port on a controller card, ports on a 10/100 Ethernet, and
ports on any version of the Gigabit Ethernet cards. You configure any of these types of ports in port
configuration mode. Not all configuration tasks apply to all types of ports. In the task descriptions that
follow, the description applies to all types of ports unless otherwise noted. This section includes the
following topics:
3-4
•
Configure Operational Features for an Ethernet Port
•
Configure a Maintenance Feature for an Ethernet Port
Ports, Circuits, and Tunnels Configuration Guide
Configuration Tasks
Configure Operational Features for an Ethernet Port
You configure operational features to support normal operations. To configure operational features for an
Ethernet port, perform the tasks described in Table 3-3.
Table 3-3
Configure Operational Features for an Ethernet Port
#
Task
Root Command
Notes
1.
Select (begin the configuration of) an Ethernet
port and access port configuration mode.
port ethernet
Enter this command in global configuration mode.
2.
Specify general attributes for the port (all attributes are optional):
Associate a description with the port.
description
Enter this command in port configuration mode.
Specify the encapsulation for the port.
encapsulation
Enter this command in port configuration mode.
Specify pppoe encapsulation.
Use this command only if you do not intend to
create 802.1Q PVCs on it.
3.
Enable transport of packets with unrecognized
tags.
transport unmatchedencap
Enter this command in port configuration mode.
Specify the MTU payload size without
fragmentation.
mtu
Enter this command in port configuration mode
Apply an existing bulkstats schema profile to
the port.
bulkstats schema
Use this command only if you are not adding the
port to a link group. For a description of the
bulkstats schema command listed in this table,
see the “Bulkstats Configuration” chapter in the
Basic System Configuration Guide for the
SmartEdge OS.
Specify card-specific attributes for the port (all attributes are optional):
Specify the speed and duplex mode.
medium
Enter this command in port configuration mode.
This command is for a port on a 10/100 Ethernet
card only.
Disable flow control negotiation.
flow-control
Enter this command in port configuration mode. Use
the no form to disable this feature. This command is
for a port on any version of a Gigabit Ethernet card.
Enable the port to maintain steady state for
subscribers.
link-dampening
Enter this command in port configuration mode. Use
the no form to disable this feature.
4.
Add the port to an existing link group.
link-group
Enter this command in port configuration mode.
5.
Bind the port to an existing interface in an
existing context.
bind interface
Enter this command in the mode matching the type
of port you are configuring. Use this command only
if you have not added the port to a link group, or if
you do not intend to create 802.1Q PVCs on it.
6.
Enable the port (begin operations on it).
shutdown
Enter this command in the mode matching the type
of port you are configuring, or in port configuration
mode. Use the no form to enable the port.
You are now ready to use the port or configure 802.1Q PVCs on it. For information about configuring
802.1Q PVCs, see Chapter 6, “Circuit Configuration.”
ATM, Ethernet, and POS Port Configuration
3-5
Configuration Tasks
Configure a Maintenance Feature for an Ethernet Port
You configure a maintenance feature only if the port is experiencing problems. To configure a maintenance
feature for an Ethernet port, perform the task described in Table 3-4.
Table 3-4
Configure a Maintenance Feature for an Ethernet Port
Task
Root Command
Notes
Change to a loopback state on a port to test port operation.
loopback
Enter this command in port configuration mode.
Configuring POS Ports
A POS port is a port on an OC-3c/STM-1c, OC-12c/STM-4c, or OC-48c/STM-16c card. You configure a
POS port on any of these cards in port configuration mode.
To configure a POS port, perform the tasks described in the following sections:
•
Configure Operational Features
•
Configure a POS Port for APS
•
Configure Maintenance Features for a POS Port
Configure Operational Features
The following configuration guidelines apply to POS ports that are to be protected with APS:
3-6
•
To be a protect port in an Automatic Protection Switching (APS) group, you must configure it to have
the identical configuration as the working port.
•
If you need to change the configuration of a working port, you must ensure that you apply the
configuration changes to both the working and protect ports (the configurations must be identical).
•
If a port has already been assigned as a working or protect port in an APS group, then that port must
first be removed from the APS group before making any subsequent changes to the configuration for
that port.
•
Binding a working port to an interface is not considered a change to the port configuration; thus, this
action is allowed on an APS working port.
Ports, Circuits, and Tunnels Configuration Guide
Configuration Tasks
You configure operational features to support normal operations. To configure operational features for a
POS port, perform the tasks described in Table 3-5.
Table 3-5
Configure Operational Features for a POS Port
#
Task
Root Command
Notes
1.
Select (begin the configuration of) a POS port and
access port configuration mode.
port pos
Enter this command in global configuration
mode.
2.
Specify general attributes for the port (all attributes are optional):
Associate a description with the port.
description
Enter this command in port configuration
mode.
Specify the framing.
framing
Enter this command in port configuration
mode.
Specify the MTU payload size without fragmentation.
mtu
Enter this command in port configuration
mode.
Specify the exponent of the SD-BER and SF-BER
thresholds.
threshold
Enter this command in port configuration
mode. Enter this command for each
threshold to be specified.
Disable SPE scrambling.
scramble
Enter this command in port configuration
mode. Use the no form to disable this
feature.
Define the value for the C2 byte.
c2byte
Enter this command in port configuration
mode.
Specify a 16-bit CRC.
crc16
Enter this command in port configuration
mode. Redback® recommends the 32-bit
CRC.
Specify the encapsulation type.
encapsulation
Enter this command in port configuration
mode.
Apply an existing bulkstats schema profile to the port.
bulkstats schema
Enter this command in port configuration
mode. For more information about the
bulkstats schema command, see “Bulkstats
Configuration” chapter in the Basic System
Configuration Guide for theSmartEdge OS.
3.
Specify the parameters for the Cisco HDLC keepalive
function.
keepalive
Enter this command in port configuration
mode.
4.
Bind the port to an existing interface in an existing
context.
bind interface
Enter this command in the mode matching
the type of port you are configuring. Use this
command only if you do not intend to create
Frame Relay PVCs on it, or add it to an APS
group.
5.
Enable the port (begin operations on it).
shutdown
Enter this command in port configuration
mode. Use this command only if you do not
intend to add it to an APS group.
Use the no form to enable the port.
You are now ready to add the port to an APS group, use the port, or configure Frame Relay PVCs on it. For
information about configuring Frame Relay PVCs, see Chapter 6, “Circuit Configuration.”
ATM, Ethernet, and POS Port Configuration
3-7
Configuration Examples
Configure a POS Port for APS
To configure a POS port for APS, perform the tasks described in Table 3-6.
Table 3-6
Configure a POS Port for APS
#
Task
Root Command
Notes
1.
Enable the port (begin operations on it).
shutdown
Enter this command in port configuration mode.
Use the no form to enable the port.
2.
Assign the port as a working or protect port in an
APS group.
aps
Enter this command in port configuration mode.
You must enable the port before you can add it
to an APS group.
3.
Bind the port to an existing interface in an
existing context.
bind interface
Enter this command in port configuration mode.
You bind only the working port after you assign
it to an APS group; you do not bind the protect
port.
Configure Maintenance Features for a POS Port
You configure the maintenance features only if the port is experiencing problems. To configure the
maintenance features for a POS port, perform one or both of the tasks described in Table 3-7. Enter all
commands in port configuration mode.
Table 3-7
Configure Maintenance Features for a POS Port
Task
Root Command
Specify a path trace message.
path-trace
Change to a loopback state on a port to test port operation.
loopback
Notes
Configuration Examples
This section includes the following sections:
•
ATM Port Examples
•
Ethernet Port Examples
•
POS Port Examples
ATM Port Examples
The follow example configures port 1 on a 2-port ATM OC-3c/STM-1c card in slot 4. ATM cell payload
scrambling and Synchronous Optical Network (SONET) framing are enabled by default. The port is not
bound to an interface because it will have ATM PVCs configured on it.
[local]Redback(config)#port atm 4/1
[local]Redback(config-atm-oc)#description 2-port ATM OC-3c/STM-1c port
[local]Redback(config-atm-oc)#alarm-report-only plm-p
[local]Redback(config-atm-oc)#mtu 4000
[local]Redback(config-atm-oc)#threshold sd-ber 6
[local]Redback(config-atm-oc)#threshold sf-ber 5
3-8
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
[local]Redback(config-atm-oc)#over-subscription-rate 100
[local]Redback(config-atm-oc)#no shutdown
Ethernet Port Examples
The following example configures port parameters for port 1 on a 12-port 10/100 Ethernet card in slot 2.
The port is not bound to an interface because it will have 802.1Q PVCs configured on it.
[local]Redback(config)#port ethernet 2/1
[local]Redback(config-port)#description SNMP port
[local]Redback(config-port)#mtu 1000
[local]Redback(config-port)#medium auto
[local]Redback(config-port)#no shutdown
POS Port Examples
The following example configures port parameters for port 1 on a 4-port POS OC-12c/STM-4c traffic card
in slot 3. Payload scrambling is enabled (by default) with the default value for the C2 byte along with the
default CRC32. The port is not bound to an interface because it will have Frame Relay PVCs configured
on it.
[local]Redback(config-card)#port pos 3/1
[local]Redback(config-port)#description POS OC-12c/STM-4c port
[local]Redback(config-port)#framing sdh
[local]Redback(config-port)#encapsulation frame-relay
[local]Redback(config-port)#no shutdown
Command Descriptions
This section describes the syntax and usage guidelines for the commands used to configure ATM, Ethernet,
and POS ports. The commands are presented in alphabetical order.
alarm-report-only
atm scramble
c2byte
cablelength
ccod-mode port-listen
clock-source
crc16
description
encapsulation
equipment-loopback
flow-control
framing
keepalive
link-dampening
loopback
ATM, Ethernet, and POS Port Configuration
mac-address
medium
mtu
over-subscription-rate
path-trace
port atm
port ethernet
port pos
scramble
shutdown
threshold
transport unmatched-encap
3-9
Command Descriptions
alarm-report-only
alarm-report-only {plm-p | uneq-p | plm-p uneq-p}
{no | default} alarm-report-only {plm-p | uneq-p | plm-p uneq-p}
Purpose
Enables the port to remain up when the SmartEdge router receives the specified alarms.
Command Mode
ATM OC configuration
Syntax Description
plm-p
Specifies the payload label mismatch path alarms.
uneq-p
Specifies the unequipped path alarms.
Default
The reception of a path alarm causes the SmartEdge router to shut down the port.
Usage Guidelines
Use the alarm-report-only command to enable the port to remain up when the SmartEdge router receives
the specified alarms. Ignoring an alarm does not completely mask it. When you configure this command
for a particular alarm, the system still logs the alarm and displays it in the show port command (with the
detail keyword), but the SmartEdge router does not shut down the port. You can use successive calls to this
command to cumulatively build a list of alarms that will not trigger port shutdown.
Use the no or default form of this command to specify the default condition for the indicated alarm.
To view the state of alarm reporting, use the show configuration command (in any mode), or use the show
port detail command (in any mode). For more information on this command, see Chapter 2, “Card, Port,
and Channel Operations” in the Ports, Circuits, and Tunnels Operations Guide for the SmartEdge OS.
Note All ATM OC traffic cards support this command.
Examples
The following example enables ATM Port 1/1 to remain functional even if the SmartEdge router receives
a PLM-P alarm:
[local]Redback(config)#port atm 1/1
[local]Redback(config-atm-oc)#alarm-report-only plm-p
Related Commands
None
3-10
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
atm scramble
For an ATM OC port in ATM OC configuration mode, the command syntax is:
atm scramble
no atm scramble
For an ATM DS-3 port in ATM DS-3 configuration mode, the command syntax is:
atm scramble-ds3
no atm scramble-ds3
Purpose
Enables Asynchronous Transfer Mode (ATM) cell payload scrambling on an ATM OC or ATM DS-3 port.
Command Mode
ATM DS-3 configuration
ATM OC configuration
Syntax Description
This command has no keywords or arguments.
Default
ATM cell payload scrambling is enabled on the port.
Usage Guidelines
Use the atm scramble command on an ATM OC port, or the atm scramble-ds3 command on an ATM
DS-3 port, to enable ATM cell payload scrambling as specified in section 4.5.3 in the ITU-T I432
specification.
Note Enabling or disabling ATM cell payload scrambling on an ATM port has no impact on the C2 byte,
which is not included in the ATM cell payload; it is always set to 0x13.
Use the no form of this command to disable ATM cell payload scrambling.
Examples
The following example disables ATM cell payload scrambling on ATM port 1 of the ATM OC card
installed in slot 11:
[local]Redback(config)#port atm 11/1
[local]Redback(config-atm-oc)#no atm scramble
ATM, Ethernet, and POS Port Configuration
3-11
Command Descriptions
The following example disables ATM cell payload scrambling on ATM port 1 of the ATM DS-3 card
installed in slot 12:
[local]Redback(config)#port atm 12/1
[local]Redback(config-atm-ds3)#no atm scramble-ds3
Related Commands
port atm
3-12
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
c2byte
c2byte value
default c2byte
Purpose
Defines the value for the Path Signal Label (C2) byte for a Packet over SONET/SDH (POS) port.
Command Mode
port configuration
Syntax Description
value
Value to send in the C2 byte. The range of values is 0 to 255; the default value is 22
(hexadecimal 0x16).
Default
The default value is 22 (hexadecimal 0x16).
Usage Guidelines
Use the c2byte command to define the value for the C2 byte for a POS port. RFC 2615, PPP over
SONET/SDH, specifies that a C2 byte value of 22 (hexadecimal 0x16) is used to indicate Point-to-Point
Protocol (PPP) with X^43 + 1 scrambling, and the value of 207 (hexadecimal 0xCF) is used to indicate PPP
without scrambling.
Note The SmartEdge OS automatically configures the C2 byte to 22 (0x16) when synchronous payload
envelope (SPE) scrambling is enabled, and to 207 (0xCF) when SPE scrambling is disabled; see the
scramble command. If you need to define a different C2 byte value to interoperate with another
vendor’s equipment and you need to enable SPE scrambling, first enable SPE scrambling (it is
enabled by default), and then override the C2 byte value with this command.
Note This command applies only to a POS port on an OC-48c/STM-16c, OC-12c/STM-4c, or
OC-3c/STM-1c card.
Note The C2 byte for a port on any Asynchronous Transfer Mode (ATM) OC card is fixed at 0x13 and
cannot be changed.
Use the default form of this command to define the C2 byte with the default value.
Examples
The following example defines the value 22 (hexadecimal value 0x16) for the C2 byte for a POS port in
slot 9:
[local]Redback(config)#port pos 9/1
[local]Redback(config-port)#c2byte 22
ATM, Ethernet, and POS Port Configuration
3-13
Command Descriptions
Related Commands
port pos
scramble
3-14
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
cablelength
cablelength length
{no | default} cablelength
Purpose
Specifies the length of the cable connected to an Asynchronous Transfer Mode (ATM) DS-3 port.
Command Mode
ATM DS-3 configuration
Syntax Description
length
Length of the cable in feet. The range of values is 0 to 450.0 ft (137.2m).
Default
The default cable length is 349.0 ft (106.4m).
Usage Guidelines
Use the cablelength command to specify the length of the cable connected to an ATM DS-3 port.
Use the no or default form of this command to specify the default length.
Note The operating system recognizes only two categories of DS-3 cables: short, which is any length up
to and including 349.0 ft (106.4m), and long, which is any length over 349.0 ft (106.4m).
Note This command is also described in Chapter 4, “Clear-Channel and Channelized Port and Channel
Configuration,” for DS-3 ports on channelized or clear-channel DS-3 cards.
Examples
The following example specifies a cable length of 225.0 ft (68.6m):
[local]Redback(config)#port atm 3/1
[local]Redback(config-atm-ds3)#cablelength 225
Related Commands
port atm
ATM, Ethernet, and POS Port Configuration
3-15
Command Descriptions
ccod-mode port-listen
ccod-mode port-listen
{no | default} ccod-mode port-listen
Purpose
Enables port listening mode for this Asynchronous Transfer Mode (ATM) port.
Command Mode
ATM DS-3 configuration
ATM OC configuration
Syntax Description
This command has no keywords or arguments.
Default
Port listening mode is disabled for all ATM ports.
Usage Guidelines
Use the ccod-mode port-listen command to enable port listening mode for this ATM port. This command
is available only for ports on second-generation ATM OC and ATM DS-3 cards.
Note Enabling port listening mode with this command must precede the configuration of any ATM VPs
or PVCs on this port.
Use this command to allow you to specify the full range of ATM virtual path identifiers (VPIs) and virtual
circuit identifiers (VCIs) (VCI 0 to 255, VPI 1 to 65,535) when entering the atm pvc on-demand command
(in ATM OC or ATM DS-3 configuration mode) to create listening on-demand ATM permanent virtual
circuits (PVCs) for this port. Otherwise, the range that you specify must be within the limits for that type
of port.
This command does not change the maximum number of active PVCs that are supported on the type of
ATM port on which you are creating them, nor the number of active PVCs that are supported for each traffic
class on that type of ATM port. For PVC limits for ATM ports and traffic classes, see the tables that specify
PVC limits in the “ATM Configuration Guidelines” section.
Use the no or default form of this command to disable port listening mode for this port.
Examples
The following example enables port listening mode for port 2 on the 4-port ATM OC-3c/STM-1c card in
slot 3:
[local]Redback(config)#port atm 3/2
[local]Redback(config-atm-oc)#ccod-mode port-listen
3-16
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
Related Commands
None
ATM, Ethernet, and POS Port Configuration
3-17
Command Descriptions
clock-source
In ATM DS-3 and ATM OC configuration modes, the command syntax is:
clock-source {card-reference | loop}
default clock-source
In port configuration mode, the command syntax is:
clock-source {local | loop}
default clock-source
Purpose
Specifies the transmit clock source for a port on an Asynchronous Transfer Mode (ATM) DS-3,
second-generation ATM OC, or 10 Gigabit Ethernet (10GE) traffic card.
Command Mode
ATM DS-3 configuration
ATM OC configuration
port configuration
Syntax Description
card-reference
Specifies the clock source that has been specified for the traffic card. This is the
default clock source for ATM DS-3 and ATM OC ports.
loop
Specifies the receive clock derived from the incoming signal on the port as the
transmit clock source.
local
Specifies the onboard clock on a 10GE traffic card as the clock source. This is the
default clock source for 10GE ports.
Default
For ATM DS-3 and ATM OC ports, the transmit clock source is the clock source specified for the traffic
card. For 10GE ports, the transmit clock source is the onboard clock.
Usage Guidelines
Use the clock-source command to specify the transmit clock source for a port on an ATM DS-3,
second-generation ATM OC, or 10GE traffic card.
Use the card-reference keyword to specify the clock source that has been specified for the ATM traffic
card with the clock-source command (in card configuration mode).
Use the local keyword to specify the onboard clock on a 10GE traffic card as the clock source.
Use the loop keyword to specify the receive clock from the incoming signal on the port as the transmit clock
source.
3-18
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
Caution Risk of data loss. If you specify the onboard clock on the active controller card as the clock
source for the ATM card using the clock-source command with the global-reference keyword
(in card configuration mode), there might be a brief traffic interruption on all ports on the card
if the active controller card is removed from the system. To reduce the risk, specify the derived
received clock on the ATM card as the clock source (using the clock-source command with the
local keyword) for an ATM DS-3 or second-generation ATM OC card.
The clock source choice for an ATM DS-3, and second-generation ATM OC card allows its ports to
function without packet loss during a switchover to the standby controller card when the active controller
card is removed from the SmartEdge chassis. If the clock source for the traffic card is the system clock on
the active controller card, packets can be lost during the brief interval of the switchover. For this reason, we
highly recommend that you specify the local clock on the ATM DS-3 or second-generation ATM OC card
as the clock source for its ports.
Table 3-8 shows the possible clock source configurations for the ATM traffic card and its ports, and the
impact during switchover.
Table 3-8
ATM Port Configurations and Potential Packet Loss
ATM Card Clock Source
Port Clock Source
Impact During Switchover
global-reference
loop
Potential loss of packets
card-reference
Potential loss of packets
loop
No loss of packets
card-reference (the default
source)
No loss of packets
local (the default source)
Use the default form of this command to set the clock source to the default.
Note This command is also described in Chapter 4, “Clear-Channel and Channelized Port and Channel
Configuration,” for a DS-3 or E1 channel or port, E3 port, or DS-1 channel.
Examples
The following example specifies the derived receive clock for the ATM DS-3 port as the transmit clock
source:
[local]Redback(config)#card atm-oc3-4-port 3
[local]Redback(config-card)#clock-source global reference
[local]Redback(config)#port atm 3/1
[local]Redback(config-atm-ds3)#clock-source loop
In this configuration, packet loss can occur should the active controller card be removed from the chassis.
The following example specifies the local clock as the source for the transmit clock for a 4-port ATM
OC-3c/STM-1c card and its port 1:
[local]Redback(config)#card atm-oc3-4-port 4
[local]Redback(config-card)#clock-source local
[local]Redback(config)#port atm 4/1
[local]Redback(config-atm-oc)#clock-source card-reference
This configuration prevents packet loss should the active controller card be removed from the chassis.
ATM, Ethernet, and POS Port Configuration
3-19
Command Descriptions
Related Commands
clock-source—card configuration mode
port atm
port ethernet
3-20
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
crc16
crc16
no crc16
Purpose
Specifies a 16-bit cyclic redundancy check (CRC) on a Packet over SONET/SDH (POS) port.
Command Mode
port configuration
Syntax Description
This command has no keywords or arguments.
Default
A 32-bit CRC is used.
Usage Guidelines
Use the crc16 command to specify a 16-bit CRC on a POS port configured with either Synchronous Optical
Network (SONET) or Synchronous Digital Hierarchy (SDH) framing.
Note We recommend a 32-bit CRC.
Note This command applies only to a POS port on an OC-48c/STM-16c, OC-12c/STM-4c, or
OC-3c/STM-1c card.
Use the no form of this command to specify a 32-bit CRC.
Examples
The following example specifies a 16-bit CRC for a POS port in slot 9:
[local]Redback(config)#port pos 9/1
[local]Redback(config-port)#crc16
Related Commands
port pos
ATM, Ethernet, and POS Port Configuration
3-21
Command Descriptions
description
description text
{no | default} description
Purpose
Associates textual information with a port.
Command Mode
ATM DS-3 configuration
ATM OC configuration
port configuration
Syntax Description
text
Text string that identifies the port. Can be any alphanumeric string, including spaces, that is
not longer than 63 ASCII characters.
Default
No description is associated with a port.
Usage Guidelines
Use the description command to associate textual information with the port. This text displays by the show
port detail command for the port.
Use the no or default form of this command to delete the existing description. Because there can be only
one description for a port, when you use the no or default form of this command, it is not necessary to
include the text argument. To change a description, create a new one; it overwrites the existing one.
Examples
The following example associates a description with the management port on the controller card in slot 7:
[local]Redback(config)#port ethernet 7/1
[local]Redback(config-port)#description Management port
Related Commands
port atm
port ethernet
port pos
3-22
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
encapsulation
For a Packet over SONET/SDH (POS) port, the command syntax is:
encapsulation {cisco-hdlc | frame-relay | ppp}
no encapsulation
For an Ethernet port, the command syntax is:
encapsulation pppoe
no encapsulation
Purpose
Specifies the encapsulation type for a POS or Ethernet port.
Command Mode
port configuration
Syntax Description
cisco-hdlc
Specifies Cisco High-Level Data Link Control (HDLC) or other higher layer protocol
as the encapsulation type; this is the default.
frame-relay
Specifies Frame Relay as the encapsulation type as described in RFC 1490,
Multiprotocol Interconnect over Frame Relay.
ppp
Specifies Point-to-Point Protocol (PPP) encapsulation, as described in RFC 2615, PPP
over SONET/SDH and RFC 1662, PPP in HDLC-like Framing as the encapsulation
type.
pppoe
Specifies Point-to-Point over Ethernet (PPPoE) encapsulation.
Default
The encapsulation type for POS ports is Cisco HDLC; for Ethernet ports it is IP over Ethernet (IPoE).
Usage Guidelines
Use the encapsulation command to specify the encapsulation type for a POS or Ethernet port.
Note If this port is to be a working or protect port in an APS group, you must specify Cisco HDLC
encapsulation.
The commands that are available depend on the encapsulation type specified by this command. For
example, if you specify Cisco HDLC, none of the Frame Relay commands are available.
Use the no form of this command to specify the default encapsulation type.
ATM, Ethernet, and POS Port Configuration
3-23
Command Descriptions
Note This command is also described in Chapter 4, “Clear-Channel and Channelized Port and Channel
Configuration,” for a clear-channel DS-3 channel or port, E3 port, E1 channel or port, DS-1
channel, or DS-0 channel group; and in Chapter 6, “Circuit Configuration,”for Ethernet ports with
802.1Q permanent virtual circuits (PVCs).
Examples
The following example specifies Frame Relay encapsulation for a POS port:
[local]Redback(config)#port pos 4/1
[local]Redback(config-port)#encapsulation frame-relay
Related Commands
port pos
3-24
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
equipment-loopback
equipment-loopback {customer | network}
default equipment-loopback
Purpose
Enables an Asynchronous Transfer Mode (ATM) DS-3 port to respond to or ignore remote loopback
requests.
Command Mode
ATM DS-3 configuration
Syntax Description
customer
Configures the ATM DS-3 port to respond to remote loopback requests; this is the default.
network
Configures the ATM DS-3 port to ignore remote loopback requests.
Default
The ATM DS-3 port responds to remote loopback requests.
Usage Guidelines
Use the equipment-loopback command to configure an ATM DS-3 port to respond to or ignore remote
loopback requests.
Use the default form of this command to return to the port to its default behavior of responding to remote
loopback requests.
Note This command is also documented in Chapter 4, “Clear-Channel and Channelized
Port and Channel Configuration,” for a DS-3 channel or port or for a DS-1 channel.
Examples
The following example configures port 1 on the ATM DS-3 card in slot 3 to ignore remote loopback
requests:
[local]Redback(config)#port atm 3/1
[local]Redback(config-atm-ds3)#equipment-loopback network
Related Commands
port atm
ATM, Ethernet, and POS Port Configuration
3-25
Command Descriptions
flow-control
flow-control
no flow-control
Purpose
Enables flow control negotiation on a Gigabit Ethernet port.
Command Mode
port configuration
Syntax Description
This command has no keywords or arguments.
Default
Flow control is disabled for ports on the first and second versions of the Gigabit Ethernet (GE) cards; it is
enabled for ports on the Gigabit Ethernet 3 (GE3), Gigabit Ethernet 1020 (GE1020), and 10 Gigabit
Ethernet (10GE) cards.
Usage Guidelines
Use the flow-control command to enable flow control negotiation on a Gigabit Ethernet port.
Note This command applies only to Gigabit Ethernet ports.
Note Auto-negotiation (AN) is always on for all types of Gigabit Ethernet ports with the exception of
10GE ports; it is not applicable to 10GE ports AN is not configurable. When configuring a link, the
following guidelines apply to the near- and far-end ports:
•
For GE3 ports, AN must be on.
•
For all other types of GE ports (GE and GE1020), AN can be on or off.
Use the no form of this command to disable flow control negotiation.
Examples
The following example disables flow control on a Gigabit Ethernet port:
[local]Redback(config)#port ethernet 4/1
[local]Redback(config-port)#no flow-control
Related Commands
port ethernet
3-26
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
framing
For an Asynchronous Transfer Mode (ATM) DS-3 port, the syntax in ATM DS-3 configuration mode is:
framing {cbit-adm | cbit-plcp}
default framing
For an ATM OC or Packet over SONET/SDH (POS) port, the syntax in ATM OC or port configuration
mode is:
framing {sdh | sonet}
default framing
Purpose
Specifies the framing for an ATM DS-3, ATM OC, or POS port.
Command Mode
ATM DS-3 configuration
ATM OC configuration
port configuration
Syntax Description
cbit-adm
Uses ATM direct mapping (ADM) as the mechanism to map ATM cells in to a DS-3
frame. This is the default setting.
cbit-plcp
Uses the Physical Layer Convergence Protocol (PLCP) to map ATM cells in to a DS-3
frame.
sdh
Specifies Synchronous Digital Hierarchy (SDH) framing for an ATM OC or POS port.
sonet
Specifies Synchronous Optical Network (SONET) framing for an ATM OC or POS port;
this is the default framing.
Default
The default framing for an ATM DS-3 port is ADM. The default framing for an ATM OC or POS port is
SONET.
Usage Guidelines
Use the framing command to specify the framing for an ATM DS-3, ATM OC, or POS port.
Note This command does not apply to channelized OC-12 ports.
Framing changes can be made on an ATM DS-3 port only if it has no permanent virtual circuits (PVCs)
configured on it. The system provides the following error message if you attempt to change the framing on
a port with PVCs already configured on it:
Cannot change Framing while PVCs/VPs exist on any port on this card Please remove all PVCs/VPs on this card and try again
ATM, Ethernet, and POS Port Configuration
3-27
Command Descriptions
When the framing is changed on one ATM DS-3 port, all ports on the card are also changed automatically.
The framing on all ports must be the same.
Use the default form of this command to set the framing to the default setting.
Examples
The following command sets the framing for an ATM DS-3 port to cbit-plcp:
[local]Redback(config)#port atm 3/1
[local]Redback(config-atm-ds3)#framing cbit-plcp
The following command sets the framing for an ATM OC port to sdh:
[local]Redback(config)#port atm 3/1
[local]Redback(config-atm-oc)#framing sdh
Related Commands
port atm
3-28
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
keepalive
keepalive check-interval {minutes | seconds} time [retries retry-num]
no keepalive
default keepalive [check-interval] [retries]
Purpose
Enables the keepalive function on a Packet over SONET/SDH (POS) port that is encapsulated with Cisco
High-Level Data Link Control (HDLC).
Command Mode
port configuration
Syntax Description
check-interval
Sets the time interval between keepalive checks.
minutes
Specifies that the unit of measure for the time argument is minutes.
seconds
Specifies that the unit of measure for the time argument is seconds; the default.
time
Time in either minutes or seconds (depending on the preceding keyword) between
keepalive checks. The range of values is 1 to 60 minutes, or 1 to 300 seconds; the
default value is 10 seconds.
retries retry-num
Optional. Number of times the system is to retry an unsuccessful keepalive check.
The range of values is 2 to 10; the default value is 3.
Default
The keepalive function is enabled with an interval of 10 seconds and 3 retries.
Usage Guidelines
Use the keepalive command to enable the keepalive function on a POS port that is encapsulated with Cisco
HDLC. This command specifies the interval between keepalive messages and the number of unconfirmed
messages, either keepalive or packets, before declaring that the connection is broken.
•
If the remote end does not have the keepalive function enabled, the connection is declared broken after
the specified number of keepalive messages have been sent.
•
If the remote end does have the keepalive function enabled, the connection is declared broken after the
specified number of packet or keepalive messages have been sent and are unconfirmed.
•
The interval must be the same on both ends of the connection.
Note The keepalive function is disabled on a port in an Automatic Protection Switching (APS) group
when the traffic status of the port is Standby.
Use the no form of this command to disable the keepalive function.
ATM, Ethernet, and POS Port Configuration
3-29
Command Descriptions
Use the default form of this command or enter the command without keywords to specify the default values
for the interval and number of messages.
Note This command is also described in Chapter 4, “Clear-Channel and Channelized Port and Channel
Configuration,” for a clear-channel DS-3 channel or port, E3 port, DS-1 channel, or a DS-0 channel
group.
Examples
The following example specifies the keepalive interval as 20 and the number of unconfirmed messages as
5 on a POS port:
[local]Redback(config)#port pos 1/8
[local]Redback(config-port)#encapsulation cisco-hdlc
[local]Redback(config-port)#keepalive check-interval seconds 20 retries 5
Related Commands
port pos
3-30
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
link-dampening
link-dampening
no link-dampening
Purpose
Enables subscribers to maintain a steady state on an Asynchronous Transfer Mode (ATM) or Ethernet port.
Command Mode
ATM DS-3 configuration
ATM OC configuration
port configuration
Syntax Description
This command has no keywords or arguments.
Default
Disabled on all Gigabit Ethernet and ATM ports.
Usage Guidelines
Use the link-dampening command to enable subscribers to maintain a steady state on an ATM or Ethernet
port.
If the system declares that the ATM or Ethernet port is down, the port down event is delayed for
2.5 seconds, and the subscriber sees no state change for that port. When the ATM or Ethernet port comes
back up, the port must be up for 10 seconds before the system declares that the port is up.
Note This command is recommended for ports configured on a subscriber facing card.
Note This command does not apply to the shutdown or no shutdown command (in ATM DS-3, ATM
OC, and port configuration mode). Using these commands causes the port to go down immediately.
Use the no form of this command to disable link-dampening.
Examples
The following example enables subscribers to maintain a steady state on an Ethernet port:
[local]Redback(config)#port ethernet 2/1
[local]Redback(config-port)#link-dampening
The following example disables the link-dampening command on an Ethernet port:
[local]Redback(config)#port ethernet 2/1
[local]Redback(config-port)#no link-dampening
ATM, Ethernet, and POS Port Configuration
3-31
Command Descriptions
Related Commands
port atm
port ethernet
port pos
3-32
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
loopback
For an Ethernet port, the syntax in port configuration mode is:
loopback
no loopback
For an Asynchronous Transfer Mode (ATM) DS-3 port, the syntax in ATM DS-3 configuration mode is:
loopback {line | local | payload | remote}
no loopback {line | local | payload | remote}
For a port on a 4-port ATM OC-3c/STM-1c card, the syntax in ATM OC configuration mode is:
loopback {internal | line | payload}
no loopback
For a port on any other ATM OC card or a Packet over SONET/SDH (POS) port, the syntax in ATM OC
or port configuration mode is:
loopback {internal | line}
no loopback
Purpose
Changes the operation of an ATM DS-3, ATM OC, Ethernet, or POS port to a loopback state.
Command Mode
ATM DS-3 configuration
ATM OC configuration
port configuration
Syntax Description
internal
Tests the internal functions of an ATM OC or POS port by looping the transmit line to the
receive line.
line
Tests the line operation of an ATM DS-3, ATM OC, or POS port by looping the receive line
to the transmit line.
local
Tests the internal functions on an ATM DS-3 port by looping the transmit line to the receive
line.
payload
Indicates that when the DS-3 frame on an ATM DS-3 port or the SDH or SONET payload on
a port on a 4-port ATM OC-3c/STM-1c card is received and the frame or payload is
extracted, it is to be reframed and returned.
remote
Verifies remote link connectivity and quality at the DS-3 signal level for an ATM DS-3 port.
This option is available only if its admin state is up.
ATM, Ethernet, and POS Port Configuration
3-33
Command Descriptions
Default
Port operation is in a normal state.
Usage Guidelines
Use the loopback command to change the operation of a port or channel to a loopback state.
The internal keyword for all ports except a port on a second-generation ATM OC card, causes all
transmitted traffic to be looped back and not sent to the remote site; instead the remote site receives a loss
of signal (LOS). For a port on a second-generation ATM OC card, the port software injects an alarm
indication signal-line (AIS-L) and then resumes transmitting traffic.
Use the show port detail command (in exec mode) to display the administrative state of the port. The
Admin state field must be up to verify the remote link connectivity and quality with the remote keyword.
Note This command is also described in Chapter 4, “Clear-Channel and Channelized Port and Channel
Configuration,” for channelized STM-1 ports.
Use the no form of this command to restore the port operation to a normal state.
Examples
The following example changes the port operation of an ATM OC port to loop transmitted frames back to
the receive line:
[local]Redback(config)#port atm 3/1
[local]Redback(config-atm-oc)#loopback internal
The following example changes the port operation of an Ethernet port to a loopback state:
[local]Redback(config)#port ethernet 5/1
[local]Redback(config-port)#loopback
Related Commands
port atm
port ethernet
port pos
3-34
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
mac-address
mac-address mac-addr
default mac-address mac-addr
Purpose
Assigns a medium access control (MAC) address on an Asynchronous Transfer Mode (ATM) OC or ATM
DS-3 port.
Command Mode
ATM DS-3 configuration
ATM OC configuration
Syntax Description
mac-addr
MAC address to be used for the port in the form hh:hh:hh:hh:hh:hh.
Default
When the ATM OC or ATM DS-3 card is inserted in the SmartEdge chassis, the MAC address is extracted
from the EEPROM and assigned to each port on the card as sequential addresses starting with the base
address for port 1.
Usage Guidelines
Use the mac-address command to assign a MAC address on an ATM port.
Use the default form of this command to return the MAC address to the address that has been extracted
from the EEPROM on the ATM OC or ATM DS-3 card.
Examples
The following example assigns 00:03:04:10:a4:bc as the MAC address on port 1 of the ATM DS-3
card in slot 3:
[local]Redback(config)#port atm 3/1
[local]Redback(config-atmd3)#mac-address 00:03:04:10:a4:bc
Related Commands
port atm
ATM, Ethernet, and POS Port Configuration
3-35
Command Descriptions
medium
medium {auto | speed speed duplex mode}
default medium
Purpose
Specifies the Ethernet port speed and duplex mode.
Command Mode
port configuration
Syntax Description
auto
Specifies that the port should auto-sense whether it is connected to a 10-Mbps or
100-Mbps Ethernet segment and the duplex mode of that segment; this is the
recommended setting and the default for 10/100 Ethernet ports.
speed speed
Ethernet port speed. Specify as either 10 or 100 Mbps.
duplex mode
Port duplex mode. Specify as either half (half-duplex) or full (full-duplex).
Default
10/100 Ethernet ports auto-sense the speed in full-duplex mode.
Usage Guidelines
Use the medium command to specify the 10/100 Ethernet port speed and duplex mode. Use the speed and
duplex keywords to force an Ethernet port to use the specified speed and duplex mode.
Note This command does not apply to ports on Gigabit Ethernet cards.
Note The port does not come up if the medium speed or the duplex mode is configured incorrectly.
Use the default form of this command to restore the default speed and duplex mode.
Examples
The following example specifies the speed at 10 Mbps and full-duplex mode for port 1 in slot 4:
[local]Redback(config)#port ethernet 4/1
[local]Redback(config-port)#medium speed 10 duplex full
Related Commands
None
3-36
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
mtu
mtu size
default mtu
Purpose
Specifies the maximum transmission unit (MTU) size of the payload without fragmentation for an
Asynchronous Transfer Mode (ATM) OC port, an ATM DS-3 port, an Ethernet or Gigabit Ethernet port, or
a Packet over SONET/SDH (POS) port.
Command Mode
ATM DS-3 configuration
ATM OC configuration
port configuration
Syntax Description
size
MTU payload size in bytes. The range of values and the default depend on the type of
port; see Table 3-9.
Default
The default MTU payload size is dependent on the type of port; see Table 3-9.
Usage Guidelines
Use the mtu command to specify the MTU size of the payload without fragmentation for an ATM, Ethernet,
Gigabit Ethernet, or POS port. Table 3-9 lists the range of values and default for each type of port.
Table 3-9
Values for MTU Payload size Argument
Port Type
Range of Values (Bytes)
Default (Bytes)
ATM OC or DS-3
256 to 12,800
4,470
Ethernet
256 to 1,500
1,500
Gigabit Ethernet
256 to 9,198
1,500
POS
256 to 12,800
4,470
Note The MTU size for an ATM port is the size of the IP packet to be segmented into ATM cells.
The Layer 2 headers are automatically added to the payload size and do not cause fragmentation; you do
not include them when selecting the value of the size argument.
Note You can also specify the MTU size at the interface level; the MTU size used is the minimum of the
two values.
ATM, Ethernet, and POS Port Configuration
3-37
Command Descriptions
Note If you change the MTU value for a Point-to-Point Protocol (PPP)-encapsulated channel or port that
you have already configured and enabled with the no form of the shutdown command in the
appropriate configuration mode, the change does not take effect until you shut down the channel or
port, and then re-enable it.
Note This command is also described in Chapter 4, “Clear-Channel and Channelized Port and Channel
Configuration,” for a clear-channel DS-3 or E1 channel or port, E3 port, DS-1 channel, or DS-0
channel group.
Use the default form of this command to specify the default MTU payload size.
Examples
The following example specifies a MTU payload size of 1000 bytes for Ethernet port 1 in slot 4:
[local]Redback(config)#port ethernet 4/1
[local]Redback(config-port)#mtu 1000
In this example, the Layer 2 headers for an Ethernet port include an 18-byte Ethernet header, a 4-byte
802.1q header, and up to 4 4-byte multiprotocol label switching (MPLS) labels, for a total of 38 bytes. Thus,
in this example, the actual maximum packet size without fragmentation is 1038 bytes.
Related Commands
None
3-38
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
over-subscription-rate
over-subscription-rate rate
no over-subscription-rate
default over-subscription-rate
Purpose
Specifies the over-subscription rate allowed on an Asynchronous Transfer Mode (ATM) OC port or an
ATM DS-3 port.
Command Mode
ATM DS-3 configuration
ATM OC configuration
Syntax Description
rate
Over-subscription rate as a percentage. The range of values is 0 to 10,000%;
the default value is unlimited.
Default
The default rate is unlimited.
Usage Guidelines
Use the over-subscription-rate command to specify the over-subscription rate allowed on an ATM OC
port or on an ATM DS-3 port.
A rate of 0% allows permanent virtual circuits (PVCs) to be created on the port up to the bandwidth of the
port; a rate of 1,000% allows PVCs to be created on the port up to the bandwidth of the port +1000%.
Use the no form of this command to specify a rate of 0%.
Use the default form of this command to specify the default rate.
Examples
The following example specifies an over-subscription rate of 100% for port 1 of the ATM OC-3c/STM-1c
card in slot 4:
[local]Redback(config)#port atm 4/1
[local]Redback(config-atm-oc)#over-subscription-rate 100
With framing bits taken into account, the ATM OC-3c/STM-1c port has a bandwidth of 149.76 Mbps. With
an over-subscription rate of 100%, PVCs can be created up to a bandwidth of 299.52 Mbps on this port.
Related Commands
None
ATM, Ethernet, and POS Port Configuration
3-39
Command Descriptions
path-trace
path-trace message text
no path-trace message
Purpose
Specifies the text string to be traced on a port on a Packet over SONET/SDH (POS) or second-generation
Asynchronous Transfer Mode (ATM) OC card.
Command Mode
ATM OC configuration
port configuration
Syntax Description
message
Specifies that a text string follows.
text
Text string with up to 62 ASCII characters, depending on the type of port:
• POS ports—Maximum length is 62.
• Second-generation ATM OC ports—For Synchronous Optical Network
(SONET)-framed ports, the maximum length is 62; for Synchronous Digital
Hierarchy (SDH)-framed ports, the maximum length is 15.
Default
The transmitted text string is “Redback”.
Usage Guidelines
Use the path-trace command to specify the text string to be traced on a port on a POS or second-generation
ATM OC card.
The actual message length is 16 or 64 bytes, with one additional byte required for framing for a 15-character
message and two additional bytes required for a 62-character message.
Note For a POS port, you must first enable the path trace, path maintenance, and path alarm monitoring
features for the card on which the port is configured, using the sonet-eu command (in card
configuration mode). The sonet eu command is not needed for ports on a second-generation
ATM OC card.
Use the no form of this command to specify the default text string.
You cannot disable the path-trace feature for second-generation ATM OC cards; to disable the path-trace
feature for ports on POS cards, you must enter the no form for the sonet-eu command (in card configuration
mode).
Use the show port detail command (in any mode) to display the path-trace length and message.
3-40
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
Note This command is also described in Chapter 4, “Clear-Channel and Channelized Port and Channel
Configuration,” for channelized STM-1 ports.
Examples
The following example enables path trace and specifies the text string, this is a test, for port 1 on
the POS card in slot 9:
[local]Redback(config)#card oc48-1-port 9
[local]Redback(config-card)#sonet-eu
[local]Redback(config-card)#exit
[local]Redback(config)#port pos 9/1
[local]Redback(config-port)#path-trace message this is a test
Related Commands
sonet-eu
ATM, Ethernet, and POS Port Configuration
3-41
Command Descriptions
port atm
port atm slot/port
no port atm slot/port
Purpose
Selects an Asynchronous Transfer Mode (ATM) port and enters ATM OC or ATM DS-3 configuration
mode.
Command Mode
global configuration
Syntax Description
slot
Chassis slot number of the card. The range of values depends on the chassis in which the
card is installed; see Table 3-10.
port
Card port number. The range of values depends on the type of card; see Table 3-11.
Default
None
Usage Guidelines
Use the port atm command to select an ATM port on a card of any type and enter ATM OC or ATM DS-3
configuration mode. Table 3-10 lists the values for the slot argument for each type of SmartEdge chassis;
in the table, the IR abbreviation is used for Intermediate Reach.
Table 3-10 Slot Ranges for ATM Traffic Cards
slot Argument Range
Traffic Card Type
SmartEdge 800 Router
SmartEdge 400 Router
ATM OC-12c/STM-4c IR
1 to 6 and 9 to 14
1 to 4
1 to 5 and 10 to 14
3 to 4
Enhanced ATM OC-12c/STM-4c IR
2-port ATM OC-3c/STM-1c IR
4-port ATM OC-3c/STM-1c IR
ATM DS-3
3-42
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
Table 3-11 lists the range of values for the port argument; in the table, the IR abbreviation is used for
Intermediate Reach.
Table 3-11
Port Ranges for ATM Traffic Cards
Traffic Card Type
Physical
Ports
Low-Density
Version
Low-Density
Ports
ATM OC-12c/STM-4c IR
1
No
–
Enhanced ATM OC-12c/STM-4c IR
1
No
–
2-port ATM OC-3c/STM-1c IR
2
No
–
4-port ATM OC-3c/STM-1c IR
4
Yes
1, 3
ATM DS-3
12
No
–
If you have previously limited the number of software configurable ports, using the maximum ports
command (in card configuration mode), for an ATM DS-3 card, and the port that you specify is not a
software configurable port, this command fails and an error message displays.
To enable the port, use the no shutdown command in ATM OC or ATM DS-3 configuration mode.
Use the no form of this command to delete the port configuration from the configuration database.
Examples
The following example selects port 2 on an ATM OC card in slot 6, and enables the port:
[local]Redback(config)#port atm 6/2
[local]Redback(config-atm-oc)#no shutdown
The following example selects port 1 on the ATM DS-3 card in slot 3, and enables the port:
[local]Redback(config)#port atm 3/1
[local]Redback(config-atm-ds3)#no shutdown
Related Commands
maximum ports
shutdown—ATM DS-3 configuration mode
shutdown—ATM OC configuration mode
ATM, Ethernet, and POS Port Configuration
3-43
Command Descriptions
port ethernet
port ethernet slot/port
no port ethernet slot/port
Purpose
Selects an Ethernet port and enters port configuration mode.
Command Mode
global configuration
Syntax Description
slot
Chassis slot number of the card. The range of values depends on the chassis in which the
card is installed; see Table 3-12.
port
Card port number. The range of values depends on the type of card; see Table 3-13.
Default
None
Usage Guidelines
Use the port ethernet command to select an Ethernet port and enter port configuration mode. The Ethernet
port can be of any type, including Gigabit Ethernet ports and the Ethernet management port on the active
controller card. Table 3-12 lists the values for the slot argument for each type of SmartEdge chassis; the slot
number for the active controller card is always 7 in a SmartEdge 800 chassis and 6 in a SmartEdge 400
chassis.
Table 3-12 Slot Ranges for Ethernet Traffic Cards
slot Argument Range
Traffic Card Type
SmartEdge 800 Router
SmartEdge 400 Router
10/100 Ethernet
1 to 6 and 9 to 14
1 to 4
Gigabit Ethernet
1 to 6 and 9 to 14
1 to 4
Advanced Gigabit Ethernet
Gigabit Ethernet 3
Gigabit Ethernet 1020
10 Gigabit Ethernet
Note The SmartEdge 800s chassis, which does not have BNC connectors, does not support
Asynchronous Transfer Mode (ATM) DS-3 or Plesiochronous Digital Hierarchy (PDH) traffic
cards.
3-44
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
Table 3-13 lists the range of values for the port argument; the value of the port argument for the Ethernet
management port is always 1.
Table 3-13 Port Ranges for Ethernet Traffic Cards
Traffic Card Type
Physical
Ports
Low-Density
Version
Low-Density
Ports
10/100 Ethernet
12
No
–
Gigabit Ethernet
4
Yes
1, 3
Advanced Gigabit Ethernet
4
Yes
1, 3
Gigabit Ethernet 3
4
No
–
Gigabit Ethernet 1020
20
No
–
10 Gigabit Ethernet
1
No
–
To enable the port, use the no shutdown command in port configuration mode.
Note If the system has dual controller cards installed, it is sufficient to configure the Ethernet
management port on the controller card in slot 7 (SmartEdge 800 chassis) or 6 (SmartEdge 400
chassis), depending on the chassis. Access to the system is switched to the standby controller card
if it should become the active controller card during normal operations. Only the management port
on the active controller card is enabled.
Use the no form of this command to delete the port configuration from the configuration database.
Examples
The following example configures an Ethernet port on the Ethernet card installed in slot 2:
[local]Redback(config)#port ethernet 2/2
[local]Redback(config-port)#no shutdown
Related Commands
shutdown—port configuration mode
ATM, Ethernet, and POS Port Configuration
3-45
Command Descriptions
port pos
port pos slot/port
no port pos slot/port
Purpose
Configures a Packet over SONET/SDH (POS) port and enters port configuration mode.
Command Mode
global configuration
Syntax Description
slot
Chassis slot number of the card. The range of values depends on the chassis in which the card is
installed; see Table 3-14.
port
Card port number. The range of values depends on the type of card; see Table 3-15.
Default
None
Usage Guidelines
Use the port pos command to configure a POS port on an OC-3c/STM-1c, OC-12c/STM-4c, or
OC-48c/STM-16 card, and to enter port configuration mode. Table 3-14 lists the values for the slot
argument for each type of SmartEdge chassis; in the table, ER, IR, LR, and SR abbreviations are used for
Extended Reach, Intermediate Reach, Long Reach, and Short Reach, respectively.
Table 3-14 Slot Ranges for POS Traffic Cards
slot Argument Range
Traffic Card Type
SmartEdge 800 Router
SmartEdge 400 Router
OC-48c/STM-16c SR
1 to 6 and 9 to 14
1 to 4
OC-12c/STM-4c IR
1 to 6 and 9 to 14
1 to 4
OC-3c/STM-1c IR
1 to 6 and 9 to 14
1 to 4
OC-48c/STM-16c LR
OC-48c/STM-16c ER
Note The SmartEdge 800s chassis, which does not have BNC connectors, does not support
Asynchronous Transfer Mode (ATM) DS-3 or Plesiochronous Digital Hierarchy (PDH) traffic
cards.
3-46
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
Table 3-15 lists the range of values for the port argument.
Table 3-15 Port Ranges for POS Traffic Cards
Traffic Card Type
Physical
Ports
Low-Density
Version
Low-Density
Ports
OC-48c/STM-16c SR
1
No
–
OC-48c/STM-16c LR
1
No
–
OC-48c/STM-16c ER
1
No
–
OC-12c/STM-4c IR
1 to 4
No
–
OC-3c/STM-1c IR
1 to 8
No
–
To enable the port, use the no shutdown command in port configuration mode.
Use the no form of this command to delete the port configuration from the configuration database.
Examples
The following example configures an POS port on the OC card installed in slot 6:
[local]Redback(config)#port pos 6/1
[local]Redback(config-port)#no shutdown
Related Commands
shutdown—port configuration mode
ATM, Ethernet, and POS Port Configuration
3-47
Command Descriptions
scramble
scramble
no scramble
default scramble
Purpose
Enables X^43+1 synchronous payload envelope (SPE) scrambling on a Packet over SONET/SDH (POS)
port, as specified in RFC 2615, PPP over SONET/SDH.
Command Mode
port configuration
Syntax Description
This command has no keywords or arguments.
Default
SPE scrambling is enabled on the port.
Usage Guidelines
Use the scramble command to enable X^43 +1 scrambling on a POS port, as specified in RFC 2615, PPP
over SONET/SDH.
Note Enabling or disabling scrambling on a port also changes the Path Label Signal (C2) byte value to
the default specified in RFC 2615. See the c2byte command (in port configuration mode) on
page 13.
Note This command does not apply to Asynchronous Transfer Mode (ATM), Ethernet, or channelized
OC-12 ports.
Use the no form of this command to disable SPE payload scrambling.
Use the default form of this command to enable SPE payload scrambling.
Examples
The following example disables SPE scrambling for port 1 on the POS card in slot 11. It also results in the
C2 value being set to the value of 0xCF.
[local]Redback(config)#port pos 11/1
[local]Redback(config-port)#no scramble
Related Commands
c2byte
3-48
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
shutdown
shutdown
no shutdown
Purpose
Disables the specified Asynchronous Transfer Mode (ATM) OC, ATM DS-3, Ethernet, or Packet over
SONET/SDH (POS) port.
Command Mode
ATM DS-3 configuration
ATM OC configuration
port configuration
Syntax Description
This command has no keywords or arguments.
Default
All ports are disabled.
Usage Guidelines
Use the shutdown command to enable or disable the specified ATM, ATM DS-3, Ethernet, or POS port.
No data is transmitted or received when the port is disabled (shut down).
Note You must enable POS port before adding it to an Automatic Protection Switching (APS) group.
Note By default, any ATM permanent virtual circuits (PVCs) that you configure on an ATM port are
enabled, but you must enable the port for them to function.
Use the no form of this command to enable a port and have data transmitted or received on the port.
To display the port or channel state, enter the show port detail command (in any mode).
This command is also described in the following chapters:
•
Chapter 4, “Clear-Channel and Channelized Port and Channel Configuration,” for channelized OC-12
and STM-1 ports, DS-3 and E1 channels and ports, DS-1 channels, and DS-0 channel groups.
•
Chapter 6, “Circuit Configuration,” for ATM, Frame Relay, and 802.1Q permanent virtual circuits
(PVCs).
•
Chapter 11, “Cross-Connection Configuration,” for cross-connected circuits.
•
Chapter 12, “GRE Tunnel Configuration,” for Generic Routing Encapsulation (GRE) tunnel circuits.
ATM, Ethernet, and POS Port Configuration
3-49
Command Descriptions
Examples
The following example enables port 1 in for the Ethernet card installed in slot 2:
[local]Redback(config)#port ethernet 2/1
[local]Redback(config-port)#no shutdown
Related Commands
port atm
port ethernet
port pos
3-50
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
threshold
threshold {sd-ber sd-ber-exp | sf-ber sf-ber-exp}
{no | default} threshold {sd-ber | sf-ber}
Purpose
Specifies the Synchronous Optical Network/Synchronous Digital Hierarchy (SONET/SDH) signal degrade
bit error rate (SD-BER) or signal fail BER (SF-BER) threshold for a SONET/SDH port.
Command Mode
ATM OC configuration
port configuration
Syntax Description
sd-ber sd-ber-exp Value of the exponent for the threshold. The range of values is 5 to 9; the default
value is 7.
sf-ber sf-ber-exp
Value of the exponent for the threshold. The range of values is 3 to 5; the default
value is 4.
Default
The default thresholds for SD-BER and SF-BER are 10E-7 and 10E-4, respectively.
Usage Guidelines
Use the threshold command to specify the SONET/SDH SD-SER or SF-BER threshold for a SONET/SDH
port.
Note This command does not apply to channelized OC-12 ports.
Use the no or default form of this command to specify the default values for the SF-BER and SD-BER
thresholds.
Examples
The following example specifies the SD-BER and SF-BER thresholds as 10E-8 and 10E-6 for port 1 on the
ATM OC-12c/STM-4c card in slot 3:
[local]Redback(config)#port atm 3/1
[local]Redback(config-atm-oc)#threshold sd-ber 8
[local]Redback(config-atm-oc)#threshold sf-ber 6
Related Commands
port atm
port pos
ATM, Ethernet, and POS Port Configuration
3-51
Command Descriptions
transport unmatched-encap
transport unmatched-encap
no transport unmatched-encap
Purpose
Enables the transport of packets with unrecognized encapsulations by transporting the packet over a circuit
that best matches the unknown encapsulation.
Command Mode
port configuration
dot1q-pvc configuration
Syntax Description
This command has no keywords or arguments.
Default
The system drops any packets for which a recognized circuit matching the encapsulation cannot be
determined.
Usage Guidelines
Use the transport unmatched-encap command to enable the transport of packets with unrecognized
encapsulations by transporting the packet over a circuit that best matches the unknown encapsulation.
Note This command applies only on 802.1Q encapsulated ports and 802.1Q PVC tunnels.
When a packet arrives at an 802.1Q encapsulated port, the port must determine on which circuit the packet
is arriving, so the port can send the packet to the binding entity (router, bridge, or cross-connected circuit)
for transport out. There are three possible cases of packet arrival:
•
the packet carries a recognized encapsulation, one which matches a known circuit
•
the packet carries an unmatched encapsulation with one 802.1Q PVC VLAN ID tag
•
the packet carries an unmatched encapsulation with a combination of an outer 802.1q PVC tunnel ID
tag and an inner 802.1Q PVC VLAN ID tag
In the case of a recognized encapsulation, the port determines the circuit on which the packet arrived and
sends the packet on to the binding entity of that circuit. An example: a packet has a VLAN ID tag of 100,
and the port recognizes 100 as being associated with circuit “ethernet 4/1 vlan-ID 100.” The port then
determines that ethernet 4/1 vlan ID 100 has a binding to a bridge, and transports the packet using the
bridge.
However, if the 100 VLAN ID tag is unmatched, the port checks its own properties, determining if you
configured it with the transport unmatched-encap command (in port configuration mode). If so, the port
transports the packet using the circuit associated with the port. If not, the port drops the packet.
3-52
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
If the packet has a combination of an outer and inner VLAN ID, such as 100:500, the port first checks to
see if it recognizes that combination. If so, the port sends the packet to the binding entity of the circuit
associated with 100:500. However, if 100:500 is unmatched, the port checks to see if there is a known
encapsulation for 100 (the outer tunnel). If 100 is matched, the port checks to see if you configured the outer
802.1Q PVC tunnel 100 with the transport unmatched-encap command (in dot1q-pvc configuration
mode). If you have configured the PVC with this command, the port will send the packet to the binding
entity of the circuit associated with 100. If you didn’t configure the outer tunnel with this command, the
port will drop the packet. See Table 3-16 for a breakdown of the transport logic.
.
Table 3-16 Transporting Logic for Packets with Unrecognized Encapsulations
Ingress Port
Outer Tunnel
Circuit
(PVC 100)
Inner Circuit
(PVC
100:500)
transport
unmatched
unmatched
transport
unmatched
transport
no trans, any
unmatched
any
trans, no bind
unmatched
any
trans, no bind
transport
trans, bind
any
any, any
Received
Packet
(VLAN tags)
Matching
Circuit
Transport Tags
100
port
100
100:500
port
100:500
100:500
port
100:500
100
PVC 100
drop
100:500
PVC 100
drop
unmatched
100:500
PVC 100
500
no bind
100:500
PVC 100:500
drop
After the port determines which circuit to use, the port checks to see if its own binding is set either to a
bridged interface or to an L2VPN cross-connected tunnel. If either case is true, the port sends the packet
out. If neither case is true, the port drops the packet.
When the port transports the packet, it strips all VLAN ID tags from the packet. If an 802.1Q PVC tunnel
transports the packet, then the port strips only one VLAN ID, the outer tag. For instance, if the original tag
of the packet was 100:500, the port will strip the 100 tag, but leave the 500 tag on the packet.
Note For more information on bridged interfaces, see Chapter 10, “Bridging Configuration.” For more
information on cross-connected tunnels see Chapter 11, “Cross-Connection Configuration.”
Note You can only configure this command on ports whose configured encapsulation is dot1q. Also, a
tunnel should have its encapsulation set to 1qtunnel.
Use the no form of this command to disable transport of packets with unrecognized encapsulations; packets
will be dropped.
Examples
The following example configures an ethernet port to transport any unrecognized tagged traffic.
[local]Redback(mode)#
[local]Redback(config)#port ethernet 4/1
[local]Redback(config-port)#encapsulation dot1q
[local]Redback(config-port)#transport unmatched-encap
[local]Redback(config-port)#end
ATM, Ethernet, and POS Port Configuration
3-53
Command Descriptions
The following example configures a dot1q tunnel to transport any unrecognized PVC traffic:
[local]Redback(config)#port ethernet 4/2
[local]Redback(config-port)#encapsulation dot1q
[local]Redback(config-port)#dot1q pvc 100 encapsulation 1qtunnel
[local]Redback(config-dot1q-pvc)#transport unmatched-encap
[local]Redback(config-dot1q-pvc)#end
Related Commands
None
3-54
Ports, Circuits, and Tunnels Configuration Guide
Chapter 4
Clear-Channel and Channelized
Port and Channel Configuration
This chapter provides an overview of ports that support one or more data channels, describes the tasks used
to configure them, provides configuration examples, and detailed descriptions of the commands used to
configure them through the SmartEdge® OS. The commands described in this chapter are common to the
following port types, except where noted:
•
Clear-channel ports—DS-3, E1, E3 cards
•
Channelized ports—DS-3, E1, channelized OC-12, channelized STM-1 cards
For information about the tasks and commands used to monitor, troubleshoot, and administer these ports,
see the “Card, Port, and Channel Operations” chapter in the Ports, Circuits and Tunnels Operations Guide
for the SmartEdge OS.
Other chapters with related tasks and commands include:
•
Configuration tasks and commands for cards are described in Chapter 2, “Traffic Card Configuration.”
•
Configuration tasks and commands for circuits are described in Chapter 6, “Circuit Configuration.”
Note In the following descriptions, the term, controller card, applies to the Cross-Connect Route
Processor (XCRP) or the XCRP Version 3 (XCRP3) Controller card, unless otherwise noted.
The term, chassis, refers to any SmartEdge chassis; the term, SmartEdge 800, refers to any version
of the SmartEdge 800 chassis.
For protocol-specific, or feature-specific, commands that are present in DS-0, DS-1, DS-3, E1, and E3
configuration modes, see the appropriate chapter in this guide, or the Routing Protocols Configuration
Guide, or the IP Services and Security Configuration Guide for the SmartEdge OS.
This chapter includes the following sections:
•
Overview
•
Configuration Tasks
•
Configuration Examples
•
Command Descriptions
Clear-Channel and Channelized Port and Channel Configuration
4-1
Overview
Overview
In a SmartEdge system, traffic cards are the individual I/O cards; ports are the physical interfaces on the
traffic cards, and a channel is a logical subdivision of the bandwidth of a channelized port. The SmartEdge
routers support many types of ports and channels:
•
Channelized OC-12, channelized STM-1 ports
•
Clear-channel DS-3 and E1 ports and channels
•
Clear-channel E3 ports
•
Channelized DS-3 and E1 ports and channels
•
DS-1 channels and DS-0 channel groups
Note Throughout this guide, the term, port, refers to the physical entity on a traffic card; the term,
channel, refers to a logical subdivision of the bandwidth of a port or of a channel with greater
bandwidth.
Traffic cards that support the various types of channelized or clear-channel ports or channels are as follows:
•
The ports on a channelized OC-12-to-DS-3 card support clear-channel DS-3 channels only.
•
The ports on a channelized OC-12-to-DS-3/DS-1 card support channelized or clear-channel DS-3
channels.
•
The ports on a channelized STM-1 card support channelized or clear-channel E1 channels.
•
The ports on a clear-channel DS-3 card are clear-channel DS-3 ports only.
•
The ports on a channelized DS-3 card can be channelized or clear-channel ports.
•
The ports on a clear-channel E3 card are clear-channel E3 ports only.
•
The ports on a channelized E1 card can be channelized or clear-channel ports.
The bandwidth provided by channelized ports and channels is as follows:
•
Each port on a channelized OC-12 to DS-3 or OC-12 to DS-3/DS-1 card provides the bandwidth for up
to 12 DS-3 channels.
•
Each port on a channelized STM-1 card provides the bandwidth for up to 63 E1 channels; E1 channels
can be channelized or clear-channel.
•
A channelized DS-3 port or channel provides the bandwidth for 28 DS-1 channels, each of which has
the bandwidth for 24 DS-0 channels.
•
A channelized E1 port or channel supports up to 31 DS-0 channels for user traffic in a DS-0 channel
group.
Note The SmartEdge 800s chassis, which does not have BNC connectors, does not support
Asynchronous Transfer Mode (ATM) DS-3 or Plesiochronous Digital Hierarchy (PDH) cards.
4-2
Ports, Circuits, and Tunnels Configuration Guide
Configuration Tasks
Configuration Tasks
Note In this section, the command syntax in the task tables displays only the root command; for the
complete command syntax, see the full description for the command in the “Command
Descriptions” section.
Channelized port configuration tasks are described in the following sections:
•
Configuring Channelized OC-12 Ports
•
Configuring DS-3 Channels or Ports
•
Configuring DS-1 Channels
•
Configuring Clear-Channel E3 Port
•
Configuring Channelized STM-1 Ports
•
Configuring E1 Channels or Ports
•
Configuring a DS-0 Channel Group
Configuring Channelized OC-12 Ports
Each channelized OC-12 port supports 12 STS-1s; you can create a DS-3 channel in each STS-1.
Configuring a channelized OC-12 port is described in the following topics:
•
Configure Operational Features for a Channelized OC-12 Port
•
Configure the Maintenance Feature for a Channelized OC-12 Port
Configure Operational Features for a Channelized OC-12 Port
You configure operational features to support normal operations. To configure operational features for a
channelized OC-12 port, perform the tasks described in Table 4-1.
Table 4-1
Configure Operational Features for a Channelized OC-12 Port
#
Task
Root Command
Notes
1.
Select (begin the configuration of) a channelized
OC-12 port and access port configuration mode.
port channelized-oc12
Enter this command in global configuration
mode.
2.
Specify general attributes for the port (all attributes are optional):
3.
Associate a description with the port.
description
Enter this command in port configuration mode.
Apply an existing bulkstats schema profile to the
port.
bulkstats schema
For more information about the bulkstats
schema command, see the “Bulkstats
Configuration” chapter in the Basic System
Configuration Guide for the SmartEdge OS.
Enable the port (begin operations on it).
shutdown
Enter this command in port configuration mode.
Use the no form to enable the port.
Clear-Channel and Channelized Port and Channel Configuration
4-3
Configuration Tasks
You are now ready to configure the DS-3 channels on the port. Two types of DS-3 channels are supported:
channelized, with up to 28 DS-1 channels, and clear-channel. To configure DS-3 channels, see the
“Configuring DS-3 Channels or Ports” section.
Configure the Maintenance Feature for a Channelized OC-12 Port
You configure the maintenance feature only if a port is experiencing problems. To configure the
maintenance feature for a channelized OC-12 port, perform the task described in Table 4-2.
Table 4-2
Configure the Maintenance Feature for a Channelized OC-12 Port
Task
Root Command
Notes
Change to a loopback state on the port to test port operation.
loopback
Enter this command in port configuration mode.
Configuring DS-3 Channels or Ports
Configuring a DS-3 channel or port is described in the following topics:
•
Configure Operational Features
•
Configure the Maintenance Feature for a DS-3 Channel or Port
Configure Operational Features
You configure operational features to support normal operations. To configure a DS-3 channel or port for
normal operations, perform the tasks described in one of the following sections:
4-4
•
Clear-Channel DS-3 Channel or Port
•
Channelized DS-3 Channel or Port
Ports, Circuits, and Tunnels Configuration Guide
Configuration Tasks
Clear-Channel DS-3 Channel or Port
To configure operational features for a clear-channel DS-3 channel or port, perform the tasks described in
Table 4-3. Unless otherwise noted, enter all commands in DS-3 configuration mode.
Table 4-3
Configure Operational Features for a Clear-Channel DS-3 Channel or Port
#
Task
Root Command
Notes
1.
Select (begin the configuration of) a clear-channel
DS-3 channel or port and access DS-3
configuration mode.
port ds3
Enter this command in global configuration
mode.
2.
Specify general attributes for the channel or port (all
attributes are optional):
Associate a description with the channel or port.
description
You can enter this command in port
configuration as well.
Specify the framing.
framing
Specify the MTU packet size without fragmentation.
mtu
Set the CRC length.
crc32
Specify the clock source.
clock-source
Specify the idle character.
idle-character
Specify the cable length.
cablelength
This command does not apply to DS-3
channels on channelized OC-12 ports.
Enable the channel or port to respond to or ignore
remote loopback requests.
equipment-loopback
This command is only available in DS-1 or DS-3
configuration mode.
Specify the DSU vendor.
dsu mode
Specify the DSU subrate bandwidth.
dsu bandwidth
Enable DS-3 payload scrambling.
dsu scramble
Specify the type of encapsulation.
encapsulation
Specify the parameters for the Cisco HDLC
keepalive function.
keepalive
Apply an existing bulkstats schema profile to the
channel or port.
bulkstats schema
For more information about the bulkstats
schema command, see the “Bulkstats
Configuration” chapter in the Basic System
Configuration Guide for the SmartEdge OS.
3.
Bind the channel or port to an existing interface in
an existing context.
bind interface
Use this command only if you do not intend to
create Frame Relay PVCs on it.
4.
Enable the channel or port (begin operations on it).
shutdown
Use the no form to enable the channel or port.
.
You are now ready to use the channel or port or configure Frame Relay PVCs on it. For more information
about Frame Relay PVCs, see Chapter 6, “Circuit Configuration.”
Channelized DS-3 Channel or Port
To configure operational features for a channelized DS-3 channel or port, perform the tasks described in
Table 4-4. Unless otherwise noted, enter all commands in DS-3 configuration mode.
Clear-Channel and Channelized Port and Channel Configuration
4-5
Configuration Tasks
Table 4-4
Configure Operational Features for a Channelized DS-3 Channel or Port
#
Task
Root Command
Notes
1.
Create or select (begin the configuration of) a
channelized DS-3 channel or port and access DS-3
configuration mode.
port channelized-ds3
Enter this command in global configuration
mode.
2.
Specify general attributes for the channel or port
(all attributes are optional):
Associate a description with the channel or port.
description
You can enter this command in port
configuration mode as well.
Specify the framing.
framing
Specify the clock source.
clock-source
Specify the cable length.
cablelength
Enable the channel or port to respond to or ignore
remote loopback requests.
equipment-loopback
Apply an existing bulkstats schema profile to the
channel or port.
bulkstats schema
For more information about the bulkstats
schema command, see the “Bulkstats
Configuration” chapter in the Basic System
Configuration Guide for the SmartEdge OS.
Enable the channel or port (begin operations on it).
shutdown
You can enter this command in port
configuration as well. Use the no form to enable
the channel or port.
3.
This command does not apply to DS-3
channels on channelized OC-12 ports.
You are now ready to configure the constituent DS-1 channels on the channelized DS-3 channel or port.
For more information about DS-1 channels, see the “Configuring DS-1 Channels” section.
Configure the Maintenance Feature for a DS-3 Channel or Port
You configure the maintenance feature only if a channel or port is experiencing problems. To configure the
maintenance feature for a clear-channel or channelized DS-3 channel or port, perform the task described in
Table 4-5.
Table 4-5
Configure the Maintenance Feature for a DS-3 Channel or Port
Task
Root Command
Notes
Change to a loopback state on the channel or port to
test channel or port operation.
loopback
Enter this command in DS-3 configuration mode.
Configuring DS-1 Channels
Configuring a DS-1 channel is described in the following topics:
4-6
•
Configure Operational Features for a DS-1 Channel
•
Configure the Maintenance Feature for a DS-1 Channel
Ports, Circuits, and Tunnels Configuration Guide
Configuration Tasks
Configure Operational Features for a DS-1 Channel
You configure operational features to support normal operations. To configure operational features for a
DS-1 channel, perform the tasks described in Table 4-6. Unless otherwise noted, enter all commands in
DS-1 configuration mode.
Table 4-6
Configure Operational Features for a DS-1 Channel
#
Task
Root Command
Notes
1.
Create or select (begin the configuration of) a
DS-1 channel and access DS-1 configuration
mode.
port ds1
Enter this command in global configuration
mode.
2.
Specify general attributes for the channel (all
attributes are optional):
Associate a description with the channel.
description
You can enter this command in port
configuration mode as well.
Specify the framing.
framing
Set the speed of the channel.
speed
Specify the MTU packet size without
fragmentation.
mtu
Set the CRC length.
crc32
Specify the clock source.
clock-source
Specify the idle character.
idle-character
Define the range of time slots for the DS-0
channels on the channel.
timeslot
Enable the detection or generation of yellow
alarms.
yellow-alarm
Enable the channel to respond to or ignore
remote loopback requests.
equipment-loopback
Specify the type of encapsulation.
encapsulation
Specify the parameters for the Cisco HDLC
keepalive function.
keepalive
Enable the inversion of the data stream.
invert-data
Apply an existing bulkstats schema profile to the
channel.
bulkstats schema
Use this command only if you are not adding
the channel to an MP or MFR bundle. For more
information about the bulkstats schema
command, see the “Bulkstats Configuration”
chapter in the Basic System Configuration
Guide for the SmartEdge OS.
3.
Add the channel to an existing MP or MFR
bundle.
link-group
The channel must have PPP or Frame Relay
encapsulation to add it to an MP or MFR
bundle, respectively.
4.
Bind the channel to an existing interface in an
existing context.
bind interface
Use this command only if you have not added
the channel to an MP or MFR bundle or if you
do not intend to create Frame Relay PVCs on it.
5.
Enable the channel (begin operations on it).
shutdown
Use the no form to enable the channel.
You are now ready to use the channel or configure Frame Relay PVCs on the channel. For information
about configuring Frame Relay PVCs, see “Chapter 6, “Circuit Configuration.”
Clear-Channel and Channelized Port and Channel Configuration
4-7
Configuration Tasks
Configure the Maintenance Feature for a DS-1 Channel
You configure the maintenance feature only if a channel is experiencing problems. To configure the
maintenance feature for a DS-1 channel, perform the task described in Table 4-7.
Table 4-7
Configure the Maintenance Feature for a DS-1 Channel
Task
Root Command
Notes
Change to a loopback state on the channel to test
channel operation.
loopback
Enter this command in DS-1 configuration mode.
Configuring Clear-Channel E3 Port
Configuring a Clear-Channel E3 port is described in the following topics:
•
Configure Operational Features for a Clear-Channel E3 Port
•
Configure the Maintenance Feature for a Clear-Channel E3 Port
Configure Operational Features for a Clear-Channel E3 Port
You configure operational features to support normal operations. To configure operational features for a
clear-channel E3 port, perform the tasks described in Table 4-8. Unless otherwise noted, enter all
commands in E3 configuration mode.
4-8
Ports, Circuits, and Tunnels Configuration Guide
Configuration Tasks
Table 4-8
Configure Operational Features for a Clear-Channel E3 Port
#
Task
Root Command
Notes
1.
Select (begin the configuration of) a
clear-channel E3 port and access E3
configuration mode.
port e3
Enter this command in global configuration
mode.
2.
Specify general attributes for the port (all
attributes are optional):
Associate a description with the port.
description
Specify the framing.
framing
Specify the MTU packet size without
fragmentation.
mtu
Set the CRC length.
crc32
Specify the clock source.
clock-source
Specify the idle character.
idle-character
Enable the national bit.
national
Specify the type of encapsulation.
encapsulation
Specify the parameters for the Cisco HDLC
keepalive function.
keepalive
Apply an existing bulkstats schema profile to the
port.
bulkstats schema
For more information about the bulkstats
schema command, see the “Bulkstats
Configuration” chapter in the Basic System
Configuration Guide for the SmartEdge OS.
3.
Bind the port to an existing interface in an
existing context.
bind interface
Enter this command in port configuration mode.
Use this command only if you do not intend to
create Frame Relay PVCs on it.
4.
Enable the port (begin operations on it).
shutdown
Enter this command in port configuration mode.
as well. Use the no form to enable the port.
You are now ready to use the port or configure Frame Relay PVCs on it. For information about configuring
Frame Relay PVCs, see Chapter 6, “Circuit Configuration.”
Configure the Maintenance Feature for a Clear-Channel E3 Port
You configure the maintenance feature only if a port is experiencing problems. To configure the
maintenance feature for a clear-channel E3 port, perform the task described in Table 4-9.
Table 4-9
Configure the Maintenance Feature for a Clear-Channel E3 Port
Task
Root Command
Notes
Change to a loopback state on the port to test
port operation.
loopback
Enter this command in E3 configuration mode.
Configuring Channelized STM-1 Ports
Each channelized STM-1 port supports up to 63 E1 channels. Configuring a channelized STM-1 port is
described in the following topics:
Clear-Channel and Channelized Port and Channel Configuration
4-9
Configuration Tasks
•
Configure Operational Features for a Channelized STM-1 Port
•
Configure Maintenance Features for a Channelized STM-1 Port
Configure Operational Features for a Channelized STM-1 Port
You configure operational features to support normal operations. To configure operational features for a
channelized STM-1 port, perform the tasks described in Table 4-10. Unless otherwise noted, enter all
commands in STM-1 configuration mode.
Table 4-10 Configure Operational Features for a Channelized STM-1 Port
#
Task
Root Command
Notes
1.
Select (begin the configuration of) a channelized
STM-1 port and access STM-1 configuration
mode.
port channelized-stm1
Enter this command in global configuration
mode.
2.
Specify general attributes for the port (all
attributes are optional):
Associate a description with the port.
description
Enter this command in port configuration mode.
Enable an E1 mapping for the port.
channel-mapping
This can be used in either AU-3 or AU-4
mapping.
Select the AUG mapping.
aug-mapping
The default value is AU-4 mapping.
Select an AU-3 group.
au3
This command is not available unless you have
selected AU-3 mapping.
Apply an existing bulkstats schema profile to the
port.
bulkstats schema
For more information about the bulkstats
schema command, see the “Bulkstats
Configuration” chapter in the Basic System
Configuration Guide for the SmartEdge OS.
Enable the port (begin operations on it).
shutdown
Use the no form to enable the port.
3.
You are now ready to configure the E1 channels on the port. To configure an E1 channel, see the
“Configuring E1 Channels or Ports” section.
Configure Maintenance Features for a Channelized STM-1 Port
You configure the maintenance features only if a port is experiencing problems. To configure the
maintenance features for a channelized STM-1 port, perform the tasks described in Table 4-11. Enter all
commands in STM-1 configuration mode, unless otherwise noted.
Table 4-11
Configure Maintenance Features for a Channelized STM-1 Port
#
Task
Root Command
Notes
1.
Specify a path trace message or the message
length.
path-trace
Enter this command in STM-1 or AU3
configuration mode.
2.
Change to a loopback state on the port to test
port operation.
loopback
4-10
Ports, Circuits, and Tunnels Configuration Guide
Configuration Tasks
Configuring E1 Channels or Ports
Configuring an E1 channel or port is described in the following topics:
•
Configure Operational Features for an E1 Channel or Port
•
Configure the Maintenance Feature for an E1 Channel or Port
Configure Operational Features for an E1 Channel or Port
You configure operational features to support normal operations. To configure an E1 channel or port for
normal operations, perform the tasks described in one of the following sections:
•
Clear-Channel E1 Channel or Port
•
Channelized E1 Channel or Port
Clear-Channel E1 Channel or Port
To configure operational features for a clear-channel E1 channel or port, perform the tasks described in
Table 4-12. Unless otherwise noted, enter all commands in E1 configuration mode.
Table 4-12 Configure Operational Features for a Clear-Channel E1 Channel or Port
#
Task
Root Command
Notes
1.
Select (begin the configuration of) an E1 channel or
port and access E1 configuration mode.
port e1
Enter this command in global configuration
mode.
2.
Specify general attributes for the channel or port (all
attributes are optional):
3.
Associate a description with the channel or port.
description
Specify the framing.
framing
Specify the MTU packet size without fragmentation.
mtu
Set the CRC length.
crc32
Specify the clock source.
clock-source
Specify the idle character.
idle-character
Specify the type of encapsulation.
encapsulation
Specify the parameters for the Cisco HDLC
keepalive function.
keepalive
Enable the inversion of the data stream.
invert-data
Apply an existing bulkstats schema profile to the
channel or port.
bulkstats schema
Use this command only if you are not adding the
channel or port to an MP or MFR bundle.For
more information about the bulkstats schema
command, see the “Bulkstats Configuration”
chapter in the Basic System Configuration Guide
for the SmartEdge OS.
Add the channel or port to an existing MP or MFR
bundle.
link-group
The channel or port must have PPP or Frame
Relay encapsulation to add it to an MP or MFR
bundle, respectively.
Clear-Channel and Channelized Port and Channel Configuration
Specify the unframed keyword for a
clear-channel E1 channel or port.
4-11
Configuration Tasks
Table 4-12 Configure Operational Features for a Clear-Channel E1 Channel or Port (continued)
#
Task
Root Command
Notes
4.
Bind the channel or port to an existing interface in
an existing context.
bind interface
Use this command only if you have not added the
channel or port to an MP or MFR bundle or if you
do not intend to create Frame Relay PVCs on it.
5.
Enable the channel or port (begin operations on it).
shutdown
Use the no form to enable the channel or port.
If you have not added the clear-channel E1 channel or port to an MP or MFR bundle, you are now ready to
use the channel or port, or configure Frame Relay PVCs on it. For information about configuring Frame
Relay PVCs, see “Chapter 6, “Circuit Configuration.”
Channelized E1 Channel or Port
To configure operational features for a channelized E1 channel or port, perform the tasks described in
Table 4-13. Unless otherwise noted, enter all commands in E1 configuration mode.
Table 4-13 Configure Operational Features for an Channelized E1 Channel or Port
#
Task
Root Command
Notes
1.
Select (begin the configuration of) an E1 channel or port
and access E1 configuration mode.
port e1
Enter this command in global configuration
mode.
2.
Specify general attributes for the channel or port (all
attributes are optional):
3.
Associate a description with the channel or port.
description
Specify the framing.
framing
Specify the clock source.
clock-source
Apply an existing bulkstats schema profile to the
channel or port.
bulkstats schema
For more information about the bulkstats
schema command, see the “Bulkstats
Configuration” chapter in the Basic System
Configuration Guide for the SmartEdge OS.
Enable the channel or port (begin operations on it).
shutdown
Use the no form to enable the channel or port.
Specify either the crc4 or non-crc4 keyword for
a channelized E1 channel or port.
You are now ready to configure its DS-0 channel groups on the channelized E1 channel or port. For more
information, see the “Configuring a DS-0 Channel Group” section.
Configure the Maintenance Feature for an E1 Channel or Port
You configure the maintenance feature only if a channel or port is experiencing problems. To configure the
maintenance feature for a channelized or clear-channel E1 channel or port, perform the task described in
Table 4-14.
Table 4-14 Configure the Maintenance Feature for an E1 Channel or Port
Task
Root Command
Notes
Change to a loopback state on the channel or port to
test channel or port operation.
loopback
Enter this command in E1 configuration mode.
4-12
Ports, Circuits, and Tunnels Configuration Guide
Configuration Tasks
Configuring a DS-0 Channel Group
You configure a DS-0 channel group on a channelized E1 channel or port. Configuring a DS-0 channel
group is described in the following topics:
•
Configure Operational Features for a DS-0 Channel Group
•
Configure the Maintenance Feature for a DS-0 Channel Group
Configure Operational Features for a DS-0 Channel Group
You configure operational features to support normal operations. To configure operational features for a
DS-0 channel group, perform the tasks described in Table 4-15. Unless otherwise noted, enter all command
sin DS-0 configuration mode.
Table 4-15 Configure Operational Features for a DS-0 Channel Group
#
Task
Root Command
Notes
1.
Create or select (begin the configuration of) a
DS-0 channel group and access DS-0 group
configuration mode.
port ds0s
Enter this command in global configuration
mode.
2.
Specify general attributes for the channel group
(all attributes are optional):
Associate a description with the channel group.
description
Define the range of time slots for the group.
timeslot
Specify the MTU packet size without
fragmentation.
mtu
Set the CRC length.
crc32
Specify the idle character.
idle-character
Specify the type of encapsulation.
encapsulation
Specify the parameters for the Cisco HDLC
keepalive function.
keepalive
Enable the inversion of the data stream.
invert-data
Enable notifications of up and down conditions for
Cisco HDLC, PPP, and Frame Relay
encapsulation layers.
traps
Apply an existing bulkstats schema profile to the
channel.
bulkstats schema
For more information about the bulkstats
schema command, see the “Bulkstats
Configuration” chapter in the Basic System
Configuration Guide for the SmartEdge OS.
3.
Bind the channel group to an existing interface in
an existing context.
bind interface
Use this command only if you do not intend to
create Frame Relay PVCs on the channel group.
4.
Enable the channel group (begin operations on it).
shutdown
Use the no form to enable the channel group.
You are now ready to use the channel group or configure Frame Relay PVCs on it. See Chapter 6, “Circuit
Configuration,” for information about configuring Frame Relay PVCs.
Clear-Channel and Channelized Port and Channel Configuration
4-13
Configuration Examples
Configure the Maintenance Feature for a DS-0 Channel Group
You configure the maintenance feature only if a channel group is experiencing a problem. To configure the
maintenance feature for a DS-0 channel group, perform the tasks described in Table 4-1.
Table 4-16 Configure the Maintenance Feature for a DS-0 Channel Group
Task
Root Command
Notes
Change to a loopback state on the channel group to
test channel group operation.
loopback
Enter this command in DS-0 group configuration mode.
Configuration Examples
This section includes the following types of examples:
•
Channelized OC-12 Port
•
DS-3 Channel and Port
•
DS-1 Channel
•
Clear-Channel E3 Port
•
Channelized STM-1 Port
•
E1 Channel and Port
•
DS-0 Channel Group
Channelized OC-12 Port
The following example configures port 1 on the channelized OC-12 card in slot 4 using all the defaults:
[local]Redback#config
[local]Redback(config)#port channelized-oc12 4/1
[local]Redback(config-port)#description channelized OC-12
[local]Redback(config-port)#no shutdown
DS-3 Channel and Port
The following example configures clear-channel DS-3 channel 1 on the first constituent STS-1 on port 1
on the channelized OC-12 in slot 4 using all the defaults, and sets the encapsulation to frame-relay:
[local]Redback#config
[local]Redback(config)#port ds3 4/1:1
[local]Redback(config-ds3)#description clear-channel ds3
[local]Redback(config-ds3)#encapsulation frame-relay
[local]Redback(config-ds3)#no shutdown
4-14
Ports, Circuits, and Tunnels Configuration Guide
Configuration Examples
The following example configures port 1 on the channelized DS-3 card in slot 2 using all the defaults:
[local]Redback#config
[local]Redback(config)#port channelized-ds3 2/1
[local]Redback(config-ds3)#description channelized ds3
[local]Redback(config-ds3)#no shutdown
DS-1 Channel
The following example configures a DS-1 channel 1 on DS-3 port 1 on the channelized DS-3 card in slot 2
using all the defaults, but specifying the encapsulation:
[local]Redback#config
[local]Redback(config)#port ds1 2/1:1
[local]Redback(config-ds1)#description ds1 on DS-3 port
[local]Redback(config-ds1)#encapsulation frame-relay
[local]Redback(config-ds1)#no shutdown
The following example configures a DS-1 channel 2 on DS-3 channel 1 on port 1 on the channelized
OC-12 card in slot 4 using all the defaults, but specifying the encapsulation:
[local]Redback#config
[local]Redback(config)#port ds1 4/1:1:2
[local]Redback(config-ds1)#description ds1 on channelized OC-12 port
[local]Redback(config-ds1)#encapsulation frame-relay
[local]Redback(config-ds1)#no shutdown
Clear-Channel E3 Port
The following example configures clear-channel E3 port 1 on the clear-channel E3 card in slot 4 using all
the defaults, and sets the encapsulation to frame-relay:
[local]Redback#config
[local]Redback(config)#port e3 4/1
[local]Redback(config-e3)#description clear-channel e3
[local]Redback(config-e3)#encapsulation frame-relay
[local]Redback(config-e3)#no shutdown
Channelized STM-1 Port
The following example configures port 1 on the channelized STM-1 card in slot 3 using all the defaults:
[local]Redback#config
[local]Redback(config)#port channelized-stm1 3/1
[local]Redback(config-stm1)#description channelized STM-1
[local]Redback(config-stm1)#no shutdown
Clear-Channel and Channelized Port and Channel Configuration
4-15
Configuration Examples
E1 Channel and Port
The following example configures clear-channel E1 channel 1 on port 1 on the channelized STM-1 card in
slot 3 using all the defaults but specifying the encapsulation:
[local]Redback#config
[local]Redback(config)#port e1 3/1:1
[local]Redback(config-e1)#description clear-channel E1
[local]Redback(config-e1)#framing unframed
[local]Redback(config-e1)#encapsulation frame-relay
[local]Redback(config-e1)#no shutdown
The following example configures port 1 on the E1 card in slot 5 using all the defaults:
[local]Redback#config
[local]Redback(config)#port e1 5/1
[local]Redback(config-e1)#description channelized E1
[local]Redback(config-e1)#no shutdown
DS-0 Channel Group
The following example configures a DS-0 channel group with time slots 7, 9, 11, 13, 15, on channelized
E1 port 1 on the E1 card in slot 5 using all the defaults:
[local]Redback#config
[local]Redback(config)#port ds0s 5/1:7
[local]Redback(config-ds0-group)#description DS-0 channel group
[local]Redback(config-ds0-group)#timeslot 7,9,13,15
[local]Redback(config-ds0-group)#no shutdown
4-16
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
Command Descriptions
This section describes the syntax and usage guidelines for the commands used to configure channelized
ports. The commands are presented in alphabetical order.
au3
aug-mapping
cablelength
channel-mapping
clock-source
crc32
description
dsu bandwidth
dsu mode
dsu scramble
encapsulation
equipment-loopback
framing
idle-character
invert-data
keepalive
loopback
mtu
national
path-trace
port channelized-ds3
port channelized-oc12
port channelized-stm1
port ds0s
port ds1
port ds3
port e1
port e3
shutdown
speed
timeslot
traps
yellow-alarm
Clear-Channel and Channelized Port and Channel Configuration
4-17
Command Descriptions
au3
au3 au-num
Purpose
Selects an administrative unit-3 (AU-3) on a channelized STM-1 port and enters AU-3 configuration mode.
Command Mode
STM-1 configuration
Syntax Description
au-num
AU number. The range of values is 1 to 3.
Default
None
Usage Guidelines
Use the au3 command to select an AU-3 on a channelized STM-1 port and enter AU-3 configuration mode.
Note The au3 command is only available in STM-1 configuration mode after you have specified the
AUG mapping for the port using the aug-mapping command with the au3 keyword (in STM-1
configuration mode). By default, a channelized STM-1 port is configured with AU-4.
Examples
The following example selects an AU-3 on a channelized STM-1 port:
[local]Redback(config-stm1)#au3 3
[local]Redback(config-au3)#
Related Commands
aug-mapping
path-trace
port channelized-stm1
4-18
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
aug-mapping
aug-mapping {au3 | au4}
default aug-mapping
Purpose
Specifies the administrative unit group (AUG) mapping for the channelized STM-1 port.
Command Mode
STM-1 configuration
Syntax Description
au3
Specifies AU-3 mapping.
au4
Specifies AU-4 mapping; this is the default mapping.
Default
The AUG mapping is AU-4.
Usage Guidelines
Use the aug-mapping command to specify the AUG mapping for the channelized STM-1 port.
If you specify the au3 keyword, the au3 command is available (in STM-1 configuration mode) and the
path-trace command is not available (in STM-1 configuration mode).
If you specify the au4 keyword, the path-trace command is available (in STM-1 configuration mode).
Use the default form of this command to return the port to AU4 mapping.
Examples
The following example specifies AU-3 mapping for port 1 on the channelized STM-1 card in slot 1:
[local]Redback(config)#port channelized-stm1 1/1
[local]Redback(config-stm1)#aug-mapping au3
Related Commands
au3
path-trace
port channelized-stm1
Clear-Channel and Channelized Port and Channel Configuration
4-19
Command Descriptions
cablelength
cablelength length
default cablelength
Purpose
Specifies the length of the cable connected to a DS-3 port.
Command Mode
DS-3 configuration
Syntax Description
length
Length of the cable in feet. The range of values is 0 to 450.0 ft (137.2m) for a DS-3 port.
Default
The default cable length is 349.0 ft (106.4m) for a DS-3 port.
Usage Guidelines
Use the cablelength command to specify the length of the cable connected to a DS-3.
Use the default form of this command to specify the default length.
Note The operating system recognizes only two categories of DS-3 cables: short, which is any length up
to and including 349.0 ft (106.4m), and long, which is any length over 349.0 ft (106.4m).
Note This command does not apply to channelized OC-12 ports or to clear-channel E3 ports.
Note This command is also described in Chapter 3, “ATM, Ethernet, and POS Port Configuration,” for
Asynchronous Transfer Mode (ATM) DS-3 ports.
Examples
The following example specifies a cable length of 225.0 ft (68.6m) for a DS-3 port:
[local]Redback(config-ds3)#cablelength 225
Related Commands
port channelized-ds3
port ds3
4-20
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
channel-mapping
channel-mapping itu
{no | default} channel-mapping
Purpose
Enables an E1 channel mapping for an STM-1 port.
Command Mode
STM-1 configuration
Syntax Description
itu
Specifies the International Telecommunication Union (ITU) mapping.
Default
The default mapping, as shown in Table 4-18, is enabled.
Usage Guidelines
Use the channel-mapping command to enable the E1 channel mapping for a port on the channelized
STM-1 card.
Note This command is available for either AU-3 or AU-4 mapping.
The command-line interface (CLI) prevents you from using this command if there are any E1 channels
created on the STM-1 port. Therefore, before using this command, you must first delete any E1 channels
on this STM-1 port. If you have not deleted the E1 channels, a message displays prompting you to delete
the appropriate channels on the port.
To display the current mapping configurations, use the show configuration command (in any mode), with
the port keyword, to display the current channel mapping for this port. Use the show port command (in
any mode), with the detail keyword, to show the port details. Both commands are described in the ‘Card,
Port, and Channel Operations’ chapter in the Basic System Operations Guide for the SmartEdge OS.
Note In AU-3 configuration mode, the AU-4 and TUG-3 columns do not appear in the default and ITU
mappings. These columns are replaced by the AU-3 column only. All other mapping information
remains the same.
Use the no or default form of this command to specify the default mapping.
Examples
The following example enables the ITU mapping for port 1 on the channelized STM-1 card in slot 12:
[local]Redback(config)#port channelized-stm1 12/1
[local]Redback(config-stm1)#channel-mapping itu
Clear-Channel and Channelized Port and Channel Configuration
4-21
Command Descriptions
Table 4-17 shows the itu channel mapping that is listed using the show port command (in any mode),
with the detail keyword, for port 1, in slot 12 configured for AU-4. This example only shows the first eight
channels.
Table 4-17 ITU Channel Mapping
Slot/Port: E1 Channel
AU-4
TUG-3
TUG-2
C-12
12/1:1
AU-4 1
TUG-3 1
TUG-2 1
C-12 1
12/1:2
AU-4 1
TUG-3 1
TUG-2 1
C-12 2
12/1:3
AU-4 1
TUG-3 1
TUG-2 1
C-12 3
12/1:4
AU-4 1
TUG-3 1
TUG-2 2
C-12 1
12/1:5
AU-4 1
TUG-3 1
TUG-2 2
C-12 2
12/1:6
AU-4 1
TUG-3 1
TUG-2 2
C-12 3
12/1:7
AU-4 1
TUG-3 1
TUG-2 3
C-12 1
12/1:8
AU-4 1
TUG-3 1
TUG-2 3
C-12 2
The following example disables the ITU mapping for port 1 on the channelized STM-1 card in slot 12:
[local]Redback(config)#port channelized-stm1 12/1
[local]Redback(config-stm1)#no channel-mapping
Table 4-18 shows the default channel mapping that is listed using the show port command (in any mode),
with the detail keyword, for port 1, in slot 12 configured for AU-4. This example only shows the first eight
channels.
Table 4-18 Default Channel Mapping
Slot/Port: E1 Channel
AU-4
TUG-3
TUG-2
C-12
12/1:1
AU-4 1
TUG-3 1
TUG-2 1
C-12 1
12/1:2
AU-4 1
TUG-3 1
TUG-2 2
C-12 1
12/1:3
AU-4 1
TUG-3 1
TUG-2 3
C-12 1
12/1:4
AU-4 1
TUG-3 1
TUG-2 4
C-12 1
12/1:5
AU-4 1
TUG-3 1
TUG-2 5
C-12 1
12/1:6
AU-4 1
TUG-3 1
TUG-2 6
C-12 1
12/1:7
AU-4 1
TUG-3 1
TUG-2 7
C-12 1
12/1:8
AU-4 1
TUG-3 1
TUG-2 1
C-12 2
Related Commands
au3
4-22
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
clock-source
clock-source {global-reference | loop}
default clock-source
Purpose
Specifies the source for the transmit clock for a clear-channel DS-3 channel or port, clear-channel E3 port,
DS-1 channel, or for an E1 channel or port.
Command Mode
DS-1 configuration
DS-3 configuration
E1 configuration
E3 configuration
Syntax Description
global-reference Specifies the system clock on the active controller card as the clock source.
loop
Specifies the receive clock derived from the incoming signal on the channel as the
clock source.
Default
The source for the transmit clock is the source of the system clock on the active controller card.
Usage Guidelines
Use the clock-source command to specify the source for the transmit clock for a clear-channel DS-3
channel or port, clear-channel E3 port, DS-1 channel, or E1 channel or port.
Use the global-reference keyword to specify the system clock on the active controller card. Use the loop
keyword to select the receive clock from the incoming signal on the channel as the source.
You can specify a different clock source for each clear-channel DS-3 channel and each DS-1 channel on a
channelized OC-12 port.
You can specify a different clock source for each clear-channel E1 channel on a channelized STM-1 port.
You can specify a different clock source for each E3 port on a clear-channel E3 card.
Use the show port detail command (in any mode) to display the status of the clock source.
Note The clock source for the channelized OC-12 port is always derived from the system clock on the
active controller card, the source you specify by entering the system clock-source command (in
global configuration mode).
Clear-Channel and Channelized Port and Channel Configuration
4-23
Command Descriptions
Note If you specify a range of DS-0 time slots other than the default range (1–24) with the timeslot
command (in DS-1 configuration mode), you cannot specify the loop keyword as the clock source
for a DS-1 channel. You will receive an error message if you attempt to specify the loop keyword
with fewer time slots than the full range defined.
Use the default form of this command to set the clock source to the default.
Note This command is also described in Chapter 3, “ATM, Ethernet, and POS Port Configuration,” for
ATM DS-3 and 4-port ATM OC-3c/STM-1c ports.
Examples
The following example selects the derived receive clock for the DS-3 port as the source for the transmit
clock:
[local]Redback(config)#port ds3 3/1
[local]Redback(config-ds3)#clock-source loop
Related Commands
None
4-24
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
crc32
crc32
no crc32
Purpose
Set the cyclic redundancy check (CRC) length to 32 bits for the High-Level Data Link Control (HDLC)
frame for a clear-channel DS-3 channel or port, E3 port, DS-1 channel, E1 channel or port, or DS-0 channel
group.
Command Mode
DS-0 group configuration
DS-1 configuration
DS-3 configuration
E1 configuration
E3 configuration
Syntax Description
This command has no keywords or arguments.
Default
The default CRC length is 16 bits.
Usage Guidelines
Use the crc32 command to set the CRC length to 32 bits for the HDLC frames for a clear-channel DS-3
channel or port, E3 port, DS-1 channel, E1 channel or port, or DS-0 channel group. The CRC determines
if there have been any errors in data transmission, reading, or writing.
Use the no form of this command to set the CRC length to 16 bits.
Examples
The following example sets the CRC length to 32 bits:
[local]Redback(config)#port ds3 3/1
[local]Redback(config-ds3)#crc32
Related Commands
port ds0s
port ds1
port ds3
port e1
port e3
Clear-Channel and Channelized Port and Channel Configuration
4-25
Command Descriptions
description
description text
{no | default} description
Purpose
Associates a text description with a port or channel.
Command Mode
DS-0 group configuration
DS-1 configuration
DS-3 configuration
E1 configuration
E3 configuration
port configuration
STM-1 configuration
Syntax Description
text
Text string that identifies the channel. Can be any alphanumeric string, including spaces,
that is not longer than 63 ASCII characters.
Default
No description is associated with a port or channel.
Usage Guidelines
Use the description command to associate a text description with a port or channel. This text displays by
the show port detail (in any mode).
Use the no or default form of this command to delete the existing description. Because there can be only
one description for a port or channel; when you use the no or default form of this command, it is not
necessary to include the text argument. To change a description, create a new one; it overwrites the existing
one.
Examples
The following example associates a description with channelized OC-12 port 1 in slot 4:
[local]Redback(config)#port channelized-oc12 4/1
[local]Redback(config-port)#description channelized OC-12 in New York
4-26
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
Related Commands
port channelized-ds3
port channelized-oc12
port channelized-stm1
port ds0s
port ds1
port ds3
port e1
port e3
Clear-Channel and Channelized Port and Channel Configuration
4-27
Command Descriptions
dsu bandwidth
dsu bandwidth subrate
{no | default} dsu bandwidth
Purpose
Sets the subrate bandwidth for the data service unit (DSU) on a clear-channel DS-3 channel or port.
Command Mode
DS-3 configuration
Syntax Description
subrate
Subrate, in Kbps, of the DSU on a clear-channel DS-3 channel or port. The range of
values for a clear-channel DS-3 channel or port is 300 to 44,210; the default value is
44,210.
Default
The default value is 44,210 Kbps for a clear-channel DS-3 channel or port.
Usage Guidelines
Use the dsu bandwidth command to set the subrate bandwidth for the DSU on a clear-channel DS-3
channel or port if the DSU specified by the dsu mode command (in DS-3 configuration mode) is
digital-link or larscom. The CLI responds to the subrate argument with the closest acceptable bandwidth,
based on the time slot size for the DSU that you specified for this DS-3 channel or port.
Note This command is not supported if the DSU specified by the dsu mode command is Kentrox.
Use the no or default form of this command to set the bandwidth to the default.
Examples
The following command sets the bandwidth for the DSU on DS-3 channel 1 on channelized OC-12 port 1:
[local]Redback(config)#port ds3 3/1:1
[local]Redback(config-ds3)#dsu bandwidth 20000
Related Commands
dsu mode
dsu scramble
port ds3
4-28
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
dsu mode
dsu mode {digital-link | kentrox | larscom}
{no | default} dsu mode
Purpose
Specifies the data service unit (DSU) vendor for a clear-channel DS-3 channel or port.
Command Mode
DS-3 configuration
Syntax Description
digital-link
Specifies Digital-Link as the vendor of the DSU; this is the default DSU vendor.
kentrox
Specifies Kentrox as the vendor of the DSU.
larscom
Specifies Larscom as the vendor of the DSU.
Default
The default value is the Digital-Link DSU vendor.
Usage Guidelines
Use the dsu mode command to specify the vendor of the DSU on a clear-channel DS-3 channel or port.
Use the no or default form of this command to specify the default DSU.
Examples
The following command specifies the Larscom vendor for the DSU on clear-channel DS-3 channel 1 on
channelized OC-12 port 1 in slot 3:
[local]Redback(config)#port ds3 3/1:1
[local]Redback(config-ds3)#dsu mode larscom
Related Commands
dsu bandwidth
dsu scramble
port ds3
Clear-Channel and Channelized Port and Channel Configuration
4-29
Command Descriptions
dsu scramble
dsu scramble
{no | default} dsu scramble
Purpose
Enables payload scrambling on a clear-channel DS-3 channel or port.
Command Mode
DS-3 configuration
Syntax Description
This command has no keywords or arguments.
Default
Payload scrambling is disabled on the channel or port.
Usage Guidelines
Use the scramble command to enable payload scrambling on a clear-channel DS-3 channel or port. The
type of scrambling is dependent on the vendor selected for the DSU for a DS-3 channel or port by the dsu
mode command (in DS-3 configuration mode).
Note This command is not supported if the DSU specified by the dsu mode command is Larscom.
Use the no or default form of this command to disable payload scrambling.
Examples
The following example enables payload scrambling on clear-channel DS-3 channel 1 on channelized
OC-12 port 1 in slot 3:
[local]Redback(config)#port ds3 3/1:1
[local]Redback(config-ds3)#dsu scramble
Related Commands
dsu bandwidth
dsu mode
port ds3
4-30
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
encapsulation
encapsulation {cisco-hdlc | frame-relay | ppp}
no encapsulation
Purpose
Specifies the encapsulation type for a clear-channel DS-3 channel or port, E3 port, DS-1 channel on a
channelized DS-3 channel or port, E1 channel or port, or DS-0 channel group on a channelized E1 channel
or port.
Command Mode
DS-0 group configuration
DS-1 configuration
DS-3 configuration
E1 configuration
E3 configuration
Syntax Description
cisco-hdlc
Specifies the encapsulation type as Cisco High-Level Data Link Control (HDLC)
(Cisco’s proprietary HDLC encapsulation of IP); this is the default.
frame-relay
Specifies the encapsulation type as Frame Relay, as described in RFC 1490,
Multiprotocol Interconnect over Frame Relay.
ppp
Specifies the encapsulation type as Point-to-Point Protocol (PPP) encapsulation, as
described in RFC 1662, PPP in HDLC-like Framing.
Default
The default encapsulation type is Cisco HDLC.
Usage Guidelines
Use the encapsulation command to specify the encapsulation type for a clear-channel DS-3 channel or
port, E3 port, DS-1 channel on a channelized DS-3 channel or port, E1 channel or port, or DS-0 channel
group on a channelized E1 channel or port.
The commands that are available depend on the encapsulation type specified by this command. For
example, if you specify Cisco HDLC, none of the Frame Relay commands are available.
Use the no form of this command to specify the default encapsulation type.
Caution Risk of data loss. If the encapsulation of a channel or port is changed, some channel or port
information and all circuits and circuit configurations, including any binding information, for
that channel or port are deleted. To reduce the risk, postpone creating circuits and bindings until
you have determined the encapsulation of the channel or port.
Clear-Channel and Channelized Port and Channel Configuration
4-31
Command Descriptions
Note This command is also described in Chapter 3, “ATM, Ethernet, and POS Port Configuration,” for
Packet over SONET/SDH (POS) ports.
Examples
The following example specifies Frame Relay encapsulation on a clear-channel DS-3 channel:
[local]Redback(config)#port ds3 3/1:1
[local]Redback(config-ds3)#encapsulation frame-relay
Related Commands
bind interface
keepalive
port ds0s
port ds1
port ds3
port e1
port e3
4-32
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
equipment-loopback
equipment-loopback {customer | network}
default equipment-loopback
Purpose
Configures a DS-3 channel or port, either clear-channel or channelized, or a DS-1 channel, to respond to or
ignore remote loopback requests.
Command Mode
DS-1 configuration
DS-3 configuration
Syntax Description
customer
Configures the channel or port to respond to remote loopback requests; this is the
default.
network
Configures the channel or port to ignore remote loopback requests.
Default
The channel or port responds to remote loopback requests.
Usage Guidelines
Use the equipment-loopback command to configure a DS-3 channel or port, either clear-channel or
channelized, or a DS-1 channel, to respond to or ignore remote loopback requests.
Note This command is not available for a fractional DS-1 channel, using the timeslot command (in DS-1
configuration mode) with any assignment of DS-0 time slots other than the default range (1 to 24).
Use the default form of this command to configure the channel or port to respond to remote loopback
requests.
Note This command is also documented in Chapter 3, “ATM, Ethernet, and POS Port Configuration,” for
Asynchronous Transfer Mode (ATM) DS-3 ports.
Examples
The following example configures DS-3 channel 1 on port 1 on the channelized OC-12 card in slot 3 to
ignore remote loopback requests:
[local]Redback(config)#port ds3 3/1:1
[local]Redback(config-ds3)#equipment-loopback network
Clear-Channel and Channelized Port and Channel Configuration
4-33
Command Descriptions
Related Commands
loopback
port channelized-ds3
port channelized-oc12
port ds1
port ds3
4-34
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
framing
For a clear-channel DS-3 channel or port, the syntax in DS-3 configuration mode is:
framing {c-bit | m13}
default framing
For a clear-channel E3 port, the syntax in E3 configuration mode is:
framing g751
{no | default} framing
For a channelized DS-3 channel or port, the syntax in DS-3 configuration mode is:
framing {c-bit | m23}
default framing
For a DS-1 channel, the syntax in DS-1 configuration mode is:
framing {esf | sf}
default framing
For an E1 channel or port, the syntax is in E1 configuration mode:
framing {crc4 | no-crc4 | unframed}
{no | default} framing
Purpose
Specifies the framing for a clear-channel or channelized DS-3 channel or port, a clear-channel E3 port, a
DS-1 channel, or an E1 channel or port.
Command Mode
DS-1 configuration
DS-3 configuration
E1 configuration
E3 configuration
Syntax Description
c-bit
Specifies C-bit format. Available only for DS-3 channels or ports, either channelized or
clear-channel; this is the default for clear-channel DS-3 channels or ports.
g751
Specifies ITU-T G.751 format. Available only for clear-channel E3 ports; this is the
default.
m13
Specifies M13 framing. Available only for clear-channel DS-3 channels or ports. This
option is not currently supported.
m23
Specifies M23 format. Available only for channelized DS-3 channels or ports; this is the
default for channelized DS-3 channels or ports.
Clear-Channel and Channelized Port and Channel Configuration
4-35
Command Descriptions
esf
Specifies Extended Superframe Format (ESF). Available only for DS-1 channels; this is
the default.
sf
Specifies Superframe Format (SF). Available only for DS-1 channels.
crc4
Specifies CRC-4 framing. Available only for E1 channels or ports; this is the default,
which channelizes the E1 channel or port.
no-crc4
Specifies non-CRC-4 framing. Available only for E1 channels or ports, it removes the
channelization for an E1 channel or port.
unframed
Specifies no framing. Available only for E1 channels or ports, it removes the
channelization for an E1 channel or port.
Default
The framing for clear-channel and channelized DS-3 channels or ports is C-bit format. The framing for
clear-channel E3 ports is G.751 format. The framing for DS-1 channels is ESF. The framing for E1 channels
or ports is CRC-4 format.
Usage Guidelines
Use the framing command to specify the framing for a clear-channel or channelized DS-3 channel or port,
clear-channel E3 port, DS-1 channel, or El channel or port.
For clear-channel E3 ports, use the no form of this command to specify the framing as unframed.
For DS-1 channels, the following caution applies:
Caution Risk of data loss. To specify a different framing for a DS-1 channel, where the DS-1 channel is
operating in a remote (line fdl ansi, line inband, or payload) loopback state, and the new framing
is not compatible with the type of remote loopback that you have operating, the system will
terminate the remote loopback (change the DS-1 channel operation to a normal state) before
changing the framing. To reduce the risk, postpone issuing the framing command until you are
ready to terminate the remote loopback. The description of the loopback command in this
chapter includes the framing format compatible with each type of remote loopback.
For E1 channels or ports, the following guidelines apply:
•
Specify the crc4 or no-crc4 keyword to create a channelized E1 channel or port. If an E1 channel or
port is channelized, you can create a DS-0 channel group that consists of one or more DS-0 time slots.
•
Use the unframed keyword specify a clear-channel E1 channel or port.
•
Specify the no form of this command to return the E1 channel or port to its default CRC-4 framing.
Use the default form of this command to set the framing to the default, regardless of channel or port type.
Examples
The following command sets the framing for a channelized DS-3 channel 2 on port 1 to C-bit format
(c-bit):
[local]Redback(config)#port channelized-ds3 3/1:2
[local]Redback(config-ds3)#framing c-bit
4-36
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
The following example configures a clear-channel E1 port:
[local]Redback(config)#port e1 4/1
[local]Redback(config-e1)#framing unframed
Related Commands
loopback
port ds0s
port ds1
port ds3
port e1
port e3
Clear-Channel and Channelized Port and Channel Configuration
4-37
Command Descriptions
idle-character
idle-character {flags | marks}
default idle-character
Purpose
Specifies the idle character to be sent between packets on a DS-0 channel group, a DS-1 channel, a
clear-channel DS-3 channel or port, an E3 port, or an E1 channel or port.
Command Mode
DS-0 group configuration
DS-1 configuration
DS-3 configuration
E1 configuration
E3 configuration
Syntax Description
flags
Specifies High-Level Data Link Control (HDLC) flag (0x7E) characters to be sent between
packets; this is the default.
marks
Specifies mark (0xFF) characters to be sent between packets.
Default
The default value is the HDLC flag character.
Usage Guidelines
Use the idle-character command to specify the idle character to be sent between packets on a DS-0 channel
group, a DS-1 channel, a clear-channel DS-3 channel or port, E3 port, or an E1 channel or port.
Use the default form of this command to set the idle character to the HDLC flag character.
Note Some systems interpret the mark character as an abort signal; therefore, the HDLC flag character is
preferred.
Examples
The following command specifies the HDLC flag as the idle character on DS-3 channel 1 on port 1 of the
channelized OC-12 card in slot 3:
[local]Redback(config)#port ds3 3/1:1
[local]Redback(config-ds3)#idle-character marks
4-38
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
Related Commands
port channelized-oc12
port ds0s
port ds1
port ds3
port e1
port e3
Clear-Channel and Channelized Port and Channel Configuration
4-39
Command Descriptions
invert-data
invert-data
{no | default} invert-data
Purpose
Inverts the polarity of all bits in the DS-0 channel group, DS-1, or E1 data stream.
Command Mode
DS-0 group configuration
DS-1 configuration
E1 configuration
Syntax Description
This command has no keywords or arguments.
Default
The default value is no inversion.
Usage Guidelines
Use the invert-data command to invert the polarity of all bits in the DS-0 channel group, DS-1, or E1 data
stream.
Use the no or default form of this command to return the bits in the data stream to the original polarity.
Examples
The following example inverts the polarity of all bits in the data stream on DS-1 channel 1 on DS-3
channel 1 on port 1 of the channelized OC-12 card in slot 3:
[local]Redback(config)#port ds1 3/1:1:1
[local]Redback(config-ds1)#invert-data
Related Commands
port ds0s
port ds1
port e1
4-40
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
keepalive
keepalive check-interval {minutes | seconds} time [retries retry-num]
no keepalive
default keepalive [check-interval] [retries]
Purpose
Enables the keepalive function on a DS-1 channel on a channelized DS-3 channel or port, clear-channel
DS-3 channel or port, E3 port, E1 channel or port, or DS-0 channel group on a channelized E1 channel or
port that is encapsulated with Cisco High-Level Data Link Control (HDLC).
Command Mode
DS-0 group configuration
DS-1 configuration
DS-3 configuration
E1 configuration
E3 configuration
Syntax Description
check-interval
Sets the time interval between keepalive checks.
minutes
Specifies that the unit of measure for the time argument is minutes.
seconds
Specifies that the unit of measure for the time argument is seconds; this is the
default.
time
Time in either minutes or seconds (depending on the preceding keyword) between
keepalive checks. The range of values is 1 to 60 minutes, or 1 to 300 seconds; the
default value is 10 seconds.
retries retry-num
Optional. Number of times the system is to retry an unsuccessful keepalive check.
The range of values is 2 to 10; the default value is 3.
Default
The keepalive function is enabled with an interval of 10 seconds and 3 messages.
Usage Guidelines
Use the keepalive command to enable the keepalive function on a DS-1 channel on a channelized DS-3
channel or port, clear-channel DS-3 channel or port, E3 port, E1 channel or port, or DS-0 channel group on
an channelized E1 channel or port that is encapsulated with Cisco HDLC.
Clear-Channel and Channelized Port and Channel Configuration
4-41
Command Descriptions
This command specifies the interval between keepalive messages and the number of unconfirmed
messages, either keepalive or packets, before declaring that the connection is broken:
•
If the remote end does not have the keepalive function enabled, the connection is declared broken after
the specified number of keepalive messages have been sent and are unconfirmed.
•
If the remote end does have the keepalive function enabled, the connection is declared broken after the
specified number of packet or keepalive messages have been sent and are unconfirmed.
•
The interval must be the same on both ends of the connection.
Use the no form of this command to disable the keepalive function.
Use the default form of this command or enter the keepalive command without keywords to set the interval
and number of messages to their defaults.
Note This command is also described in Chapter 3, “ATM, Ethernet, and POS Port Configuration,” for
Packet over SONET/SDH (POS) ports.
Examples
The following example sets the keepalive interval to 20 and the number of unconfirmed messages to 5 on
clear-channel DS-3 channel 1:
[local]Redback(config)#port ds3 3/1:1
[local]Redback(config-ds3)#encapsulation cisco-hdlc
[local]Redback(config-ds3)#keepalive check-interval seconds 20 retries
Related Commands
port ds0s
port ds1
port ds3
port e1
port e3
4-42
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
loopback
For a DS-1 channel, the syntax in DS-1 configuration mode is:
loopback {network net-type | remote rem-type}
no loopback
For a DS-3 channel or port, the syntax in DS-3 configuration mode is:
loopback {line | local | remote}
no loopback
For a clear-channel E3 port, the syntax in E3 configuration mode is:
loopback {line | local}
no loopback
For an E1 channel or port, the syntax in E1 configuration mode is:
loopback {line | local}
no loopback
For a channelized OC-12 or STM-1 port, the syntax in port or STM-1 configuration mode is:
loopback {internal | line}
no loopback
Purpose
Changes the operation of a DS-1 channel, DS-3 channel or port, E3 port, E1 channel or port, or channelized
OC-12 or STM-1 port to a loopback state.
Command Mode
DS-1 configuration
DS-3 configuration
E1 configuration
E3 configuration
port configuration
STM-1 configuration
Syntax Description
internal
Tests the internal functions of the port by looping the transmit line to the receive line.
line
Tests the line operation of the channel or port by looping receive line to the transmit
line.
local
Tests the internal functions of the channel or port by looping the transmit line to the
receive line.
Clear-Channel and Channelized Port and Channel Configuration
4-43
Command Descriptions
remote
Verifies remote link connectivity and quality of the DS-3 channel or port at the DS-3
signal level. This option is available only if the DS-3 channel or port has C-bit
framing and its admin state is up.
network net-type Type of loopback state for the DS-1 channel, according to one of the following
keywords:
• line—Specifies a full loopback (all bits) from the receive line to the transmit line.
• payload—Specifies a payload loopback from the receive line to the transmit line.
In either case, the DS-0 time slots (for DS-0 channels) on a DS-1 channel must be set
to the default (1–24).
remote rem-type
Type of loopback state for the far end equipment, according to one of the following
keywords:
• line fdl ansi—Specifies a facility data link (FDL) ANSI loopback. The
DS-1 channel must have Extended Superframe Format (ESF) framing.
• line fdl bellcore—Specifies an FDL Bellcore loopback. The DS-1 channel must
have ESF framing.
• line inband—Specifies an inband loopback. This option is compatible with either
ESF or Superframe Format (SF) framing. This option is available only if the admin
state of the DS-1 channel is up.
• payload—Specifies a payload loopback. This option is compatible only with ESF
framing.
Default
Port or channel operation is in a normal state.
Usage Guidelines
When you use the loopback command to change the operation of a DS-1 channel to a loopback state,
follow these guidelines:
•
For the network net-type construct:
— Use the line keyword to loop all received bits (a full loopback) to the transmit line. The time slots
(for DS-0 channels) must be set to the default (1–24).
— Use the payload keyword to loop back only the received payload to the transmit line. The time slots
(for DS-0 channels) must be set to the default (1–24).
•
For the remote rem-type construct:
— Use the line fdl ansi keywords to request the remote end, using the FDL, to loop back the bits
transmitted by the local end. This option is available only if the DS-1 channel has ESF framing and
its admin state is up.
— Use the line fdl bellcore keywords to request the remote end, using the FDL, to loop back the bits
transmitted by the local end. This option is available only if the DS-1 channel has ESF framing and
its admin state is up.
4-44
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
— Use the line inband keywords to request within the payload, that the remote end perform a full
loopback. This option is available only if the admin state of the DS-1 channel is up.
— Use the payload keyword to request that the remote end loop back only the payload. This option is
available only if the DS-1 channel has ESF framing and its admin state is up.
Caution Risk of data loss. To specify a different framing for a DS-1 channel, and the DS-1 channel is
operating in a remote (line fdl ansi, line inband, or payload) loopback state, and the new
framing is not compatible with the type of remote loopback that you have operating, the system
will terminate the remote loopback (change the DS-1 channel operation to a normal state) before
changing the framing. To reduce the risk, postpone issuing the framing command until you are
ready to terminate the remote loopback.
•
After changing a DS-1 channel to the loopback state, you can use the bert command to perform a bit
error rate test (BERT) to qualify the link.
When you use the loopback command to change the operation of a channelized or clear-channel DS-3
channel or port or E3 port to a loopback state, follow these guidelines:
•
Use the line keyword to loop received frames back to the transmit line.
•
Use the local keyword to loop transmitted frames back to the receive line without actually transmitting
them.
•
Use the remote keyword to verify remote link connectivity and quality at the DS-3 signal level. This
option is available only if the DS-3 channel or port has C-bit framing and the admin state is up.
•
After changing a DS-3 channel or port or E3 port to the loopback state, you can use the bert command
to perform a bit error rate test (BERT) to qualify the links.
When you use the loopback command to change the operation of an E1 channel or port to a loopback state,
follow these guidelines:
•
Use the line keyword to loop received frames back to the transmit line.
•
Use the local keyword to loop transmitted frames back to the receive line without actually transmitting
them.
When you use the loopback command to change the operation of a channelized OC-12 or STM-1 port to
a loopback state, follow these guidelines:
•
Use the internal keyword to test the internal functions of the port.
•
Use the line keyword to test the line operation.
Use the no form of this command to restore the port or channel operation to a normal state.
Note This command is also described in Chapter 3, “ATM, Ethernet, and POS Port Configuration,” for
Packet over SONET/SDH (POS) and Asynchronous Transfer Mode (ATM) OC ports.
Examples
The following example changes the channel operation of a DS-1 channel to a loopback state to verify
remote link connectivity:
[local]Redback(config)#port ds1 3/1:1
[local]Redback(config-ds1)#loopback remote
Clear-Channel and Channelized Port and Channel Configuration
4-45
Command Descriptions
The following example changes the channel operation of a DS-3 channel 1 to a loopback state to verify
remote link connectivity:
[local]Redback(config)#port ds3 3/1:1
[local]Redback(config-ds3)#loopback remote
The following example tests the internal functions of port 1 on the channelized E1 card in slot 1 by looping
the transmit line to the receive line:
[local]Redback(config)#port e1 1/1
[local]Redback(config-e1)#loopback line
The following example test the line operation of the channelized STM-1 port 1 on the card in slot 1 by
looping the receive line to the transmit line:
[local]Redback(config)#port channelized-stm1 1/1
[local]Redback(config-stm1)#loopback line
Related Commands
framing
port channelized-ds3
port channelized-oc12
port channelized-stm1
port ds1
port ds3
port e1
port e3
4-46
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
mtu
mtu size
default mtu
Purpose
Specifies the maximum transmission unit (MTU) payload size of the packet without fragmentation for a
clear-channel DS-3 channel or port, clear-channel E3 port, E1 channel or port, DS-1 channel on a
channelized DS-3 channel or port, or DS-0 channel group on a channelized E1 channel or port.
Command Mode
DS-0 group configuration
DS-1 configuration
DS-3 configuration
E1 configuration
E3 configuration
Syntax Description
size
MTU payload size of the packet in bytes. The range of values is 256 to 12,800. The default
depends on the type of channel or port; see Table 4-19.
Default
The default MTU payload size depends on the type of channel or port; see Table 4-19.
Usage Guidelines
Use the mtu command to specify the MTU payload size of the packet without fragmentation for a
clear-channel DS-3 channel or port, E3 port, E1 channel or port, a DS-1 channel on a channelized DS-3
channel or port, or a DS-0 channel group on a channelized E1 channel or port. Table 4-19 lists the range of
values and default for each type of channel or port.
Table 4-19 Values for the MTU Payload size Argument
Channel or Port Type
Range of Values (Bytes)
Default (Bytes)
Clear-channel DS-3
256 to 12,800
4,470
Clear-channel E3
256 to 9,192
4,470
E1
256 to 12,800
1,500
DS-1
256 to 12,800
1,500
DS-0 channel group
256 to 12,800
1,500
The Layer 2 headers are automatically added to the payload size and do not cause fragmentation; you do
not include them when selecting the value of the size argument.
Clear-Channel and Channelized Port and Channel Configuration
4-47
Command Descriptions
Note You can also specify the MTU size at the interface level; the MTU size used is the minimum of the
two values.
Note If you change the MTU value for a Point-to-Point Protocol (PPP)-encapsulated channel or port that
you have already configured and enabled with the no form of the shutdown command in the
appropriate configuration mode, the change does not take effect until you shut down the channel or
port and then re-enable it.
Note This command is also described in Chapter 3, “ATM, Ethernet, and POS Port Configuration,” for
Asynchronous Transfer Mode (ATM) OC, ATM DS-3, Ethernet, and Packet over SONET/SDH
(POS) ports.
Use the default form of this command to specify the default value of the MTU payload size of the packet.
Examples
The following example specifies the MTU payload size of the packet to be 2000 on clear-channel
DS-3 port 1:
[local]Redback(config)#port ds3 3/1
[local]Redback(config-ds3)#mtu 2000
Related Commands
port channelized-ds3
port ds0s
port ds1
port ds3
port e1
port e3
4-48
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
national
national
no national
Purpose
Enables or disables the national bit (bit 12 of set 1) in the E3 frame.
Command Mode
E3 configuration
Syntax Description
This command has no keywords or arguments.
Default
The national bit is disabled
Usage Guidelines
Use the national command to enable the national bit (bit 12 of set 1) in the E3 frame.
You enable the national bit if the digital path crosses a geographical border and only if the port is configured
with G.751 framing (the default).
Use the no form of this command to disable the national bit.
Examples
The following example enables the national bit for the E3 port 1 on the clear-channel E3 card in slot 4:
[local]Redback(config)#port e3 4/1
[local]Redback(config-e3)#framing g751
[local]Redback(config-e3)#national
Related Commands
framing
Clear-Channel and Channelized Port and Channel Configuration
4-49
Command Descriptions
path-trace
path-trace {length length | message text}
no path-trace message
Purpose
Specifies either the maximum length of the message or the text string to be traced on an administrative
unit-3 (AU-3) or an AU-4 on a channelized STM-1 port.
Command Mode
AU-3 configuration
STM-1 configuration
Syntax Description
length length
Maximum length of the message, in bytes, according to one of the following keywords:
• 16—Specifies the maximum length of the message to be 15 characters. This is the
default length.
• 64—Specifies the maximum length of the message to be 62 characters.
message text
Text string with up to 62 ASCII characters.
Default
The length is 16 and the message is “Redback”.
Usage Guidelines
Use the path-trace command to specify either the maximum length of the text or the text string to be traced
on an AU-3 or AU-4 on a channelized STM-1 port.
If you enter the aug-mapping au3 command (in STM-1 configuration mode), the path-trace command is
no longer available in STM-1 configuration mode; it is available in AU-3 configuration mode.
The first byte in a 16-character message is reserved for the results of a CRC7 calculated on the message.
The final two characters in a 64-character message are reserved for the CR/LF (0x0D/0x0A).
Use the no form of this command to set the maximum length to 16, and the message text to “Redback”.
You cannot disable the path-trace feature for channelized STM-1 ports.
Note The message keyword is used without the text argument in the no form of this command.
Note This command is also described in Chapter 3, “ATM, Ethernet, and POS Port Configuration,” for
ports on Packet over SONET/SDH (POS) and 4-port ATM OC-3c/STM-1c cards.
4-50
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
Examples
The following example specifies a path trace with a maximum message length of 64 and the text string for
port 1 of the channelized STM-1 card in slot 2; the port is mapped with the default administrative unit group
(AUG) mapping, AU-4:
[local]Redback(config)#port channelized-stm1 2/1
[local]Redback(config-stm1)#path-trace length 64
[local]Redback(config-stm1)#path-trace this is a test of an extended length message.
Related Commands
au3
aug-mapping
port channelized-stm1
Clear-Channel and Channelized Port and Channel Configuration
4-51
Command Descriptions
port channelized-ds3
For DS-3 channels on channelized OC-12 cards, the syntax is:
port channelized-ds3 slot/port:ds3-chan-num
no port channelized-ds3 slot/port:ds3-chan-num
For channelized ports on DS-3 cards, the syntax is:
port channelized-ds3 slot/port
no port channelized-ds3 slot/port
Purpose
Selects a channelized DS-3 channel or port and enters DS-3 configuration mode.
Command Mode
global configuration
Syntax Description
slot
Chassis slot number of the card. The range of values depends on the chassis in which
the card is installed; see Table 4-20.
port
Port number on the channelized OC-12 or DS-3 card. The range of values depends on
the type and version of the card; see Table 4-21.
ds3-chan-num
Number of the DS-3 channel on the channelized OC-12 port. The range of values is
1 to 12.
Default
No channelized DS-3 channels or ports are selected.
Usage Guidelines
Use the port channelized-ds3 command to select a channelized DS-3 channel on a channelized OC-12
port, or port on a DS-3 card, and enter DS-3 configuration mode. Table 4-20 lists the values for the slot
argument for each type of SmartEdge chassis; in the table, the IR abbreviation is used for Intermediate
Reach.
Table 4-20 Slot Ranges for Cards with Channelized DS-3 Ports and Channels
slot Argument Range
Traffic Card Type
SmartEdge 800 Router
SmartEdge 400 Router
Channelized OC-12 to DS-1 IR
1 to 6 and 9 to 14
1 to 4
1 to 5 and 10 to 14
3 to 4
Channelized OC-12 to DS-3 IR
3-port Channelized DS-3
12-port Channelized DS-3
4-52
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
Table 4-21 lists the range of values for the port argument; in the table, the IR abbreviation is used for
Intermediate Reach.
Table 4-21 Port Ranges for Cards with Channelized DS-3 Ports and Channels
Traffic Card Type
Physical
Ports
Low-Density Version
Low-Density Ports
Channelized OC-12 to DS-1 IR
1
No
–
Channelized OC-12 to DS-3 IR
1
No
–
3-port Channelized DS-3
3
No
–
12-port Channelized DS-3
12
No
–
Note If you issue this command for a port on a channelized OC-12 card without first configuring the port
you have specified with the slot and port arguments, the system creates the port channelized-oc-12
slot/port command in the configuration database for you.
To enable the DS-3 channel or port, use the no shutdown command (in DS-3 configuration mode).
Use the no form of this command to delete the port configuration from the configuration database.
Note This command is not available for ports on clear-channel DS-3 cards.
Examples
The following example selects channelized DS-3 channel 1 on port 1 of the channelized OC-12 card in
slot 4 and enters DS-3 configuration mode:
[local]Redback(config)#port channelized-ds3 4/1:1
[local]Redback(config-ds3)#
Related Commands
port channelized-oc12
port ds1
port ds3
shutdown—DS-3 configuration mode
Clear-Channel and Channelized Port and Channel Configuration
4-53
Command Descriptions
port channelized-oc12
port channelized-oc12 slot/port
no port channelized-oc12 slot/port
Purpose
Selects a channelized OC-12 port and enters port configuration mode.
Command Mode
global configuration
Syntax Description
slot
Chassis slot number of the card. The range of values depends on the chassis in which the card
is installed; see Table 4-22.
port
Port number on the channelized OC-12 card. The range of values depends on the type and
version of the card; see Table 4-23.
Default
No channelized OC-12 ports are created.
Usage Guidelines
Use the port channelized-oc12 command to create or select a channelized OC-12 port and enter port
configuration mode. Use this command to configure port parameters that apply to all channels on the port,
such as framing and loopback. Table 4-22 lists the values for the slot argument for each type of SmartEdge
chassis; in the table, the IR abbreviation is used for Intermediate Reach.
Table 4-22 Slot Ranges for Channelized OC-12 Cards
slot Argument Range
Traffic Card Type
SmartEdge 800 Router
SmartEdge 400 Router
Channelized OC-12 to DS-1 IR
1 to 6 and 9 to 14
1 to 4
Channelized OC-12 to DS-3 IR
Table 4-23 lists the range of values for the port argument; in the table, the IR abbreviation is used for
Intermediate Reach.
Table 4-23 Port Ranges for Channelized OC-12 Cards
Traffic Card Type
Physical
Ports
Low-Density
Version
Low-Density
Ports
Channelized OC-12 to DS-1 IR
1
No
–
Channelized OC-12 to DS-3 IR
4-54
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
You do not need to issue this command to select a channelized OC-12 port; the system creates the command
in the configuration database when you enter the port ds3 or port ds1 command (in global configuration
mode).
To enable the port, use the no shutdown command (in port configuration mode).
Use the no form of this command to delete the port configuration from the configuration database.
Examples
The following example selects the first channelized OC-12 port on the traffic card in slot 4 and enters port
configuration mode. The no shutdown command (in port configuration mode) enables the port.
[local]Redback(config)#port channelized-oc12 4/1
[local]Redback(config-port)#no shutdown
Related Commands
shutdown—port configuration mode
Clear-Channel and Channelized Port and Channel Configuration
4-55
Command Descriptions
port channelized-stm1
port channelized-stm1 slot/port
no port channelized-stm1 slot/port
Purpose
Selects a port on a channelized STM-1 card and enters STM-1 configuration mode.
Command Mode
global configuration
Syntax Description
slot
Chassis slot number of the card. The range of values depends on the chassis in which
the card is installed; see Table 4-24.
port
Port number on the channelized STM-1 card. The range of values depends on the type
and version of the card; see Table 4-25.
Default
No channelized STM-1 ports are created.
Usage Guidelines
Use the port channelized-stm1 command to select a port on a channelized STM-1 card and enter STM-1
configuration mode. Use this command to configure port parameters that apply to all channels on the port,
such as administrative unit group (AUG) mapping and loopback. Table 4-24 lists the values for the slot
argument for each type of SmartEdge chassis; in the table, the IR abbreviation is used for Intermediate
Reach.
Table 4-24 Slot Ranges for Channelized STM-1 Cards
slot Argument Range
Traffic Card Type
SmartEdge 800 Router
SmartEdge 400 Router
Channelized STM-1 to E1 IR
1 to 6 and 9 to 14
1 to 4
Table 4-25 lists the range of values for the port argument; in the table, the IR abbreviation is used for
Intermediate Reach.
Table 4-25 Port Ranges for Channelized STM-1 Cards
4-56
Traffic Card Type
Physical
Ports
Low-Density
Version
Low-Density
Ports
Channelized STM-1 to E1 IR
3
No
–
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
To enable the port, use the no shutdown command (in STM-1 configuration mode).
Use the no form of this command to delete the port configuration from the configuration database.
Caution Risk of data loss. The no form of this command removes all configured E1 channels and DS-0
channel groups associated with the channelized STM-1 port. To reduce the risk, consider the
associated E1 channels and DS-0 channel groups before removing a channelized STM-1 port.
Examples
The following example selects a channelized STM-1 port:
[local]Redback(config)#card ch-stm1ds0-3-port 1
[local]Redback(card)#exit
[local]Redback(config)#port channelized-stm1 1/1
[local]Redback(config-stm1)#
Related Commands
port ds0s
port e1
shutdown—STM-1 configuration mode
Clear-Channel and Channelized Port and Channel Configuration
4-57
Command Descriptions
port ds0s
For ports on channelized STM-1 cards, the syntax is:
port ds0s slot/port:e1-chan-num:ds0-chan-num
no port ds0s slot/port:e1-chan-num:ds0-chan-num
For channelized ports on E1 cards, the syntax is:
port ds0s slot/port:ds0-chan-num
no port ds0s slot/port:ds0-chan-num
Purpose
Selects a DS-0 channel group on a channelized E1 channel or port and enters DS-0 group configuration
mode.
Command Mode
global configuration
Syntax Description
slot
Chassis slot number of the card. The range of values depends on the chassis in which
the card is installed; see Table 4-26.
port
Port number for the channelized STM-1 or E1 port. The range of values depends on the
type and version of the card; see Table 4-27.
e1-chan-num
E1 channel number on the STM-1 port. The range of values is 1 to 63.
ds0-chan-num
First time slot in the DS-0 channel group. The range of values is 1 to 31.
Default
No DS-0 channel groups are created or selected.
Usage Guidelines
Use the port ds0s command to create or select a DS-0 channel group on a channelized E1 channel or port
and enter DS-0 group configuration mode. Table 4-26 lists the values for the slot argument for each type of
SmartEdge chassis; in the table, the IR abbreviation is used for Intermediate Reach.
Table 4-26 Slot Ranges for Cards with DS-0 Channel Groups
slot Argument Range
4-58
Traffic Card Type
SmartEdge 800 Router
SmartEdge 400 Router
Channelized STM-1 to E1 IR
1 to 6 and 9 to 14
1 to 4
Channelized E1
1 to 6 and 9 to 14
1 to 4
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
Table 4-27 lists the range of values for the port argument; in the table, the IR abbreviation is used for
Intermediate Reach.
Table 4-27 Port Ranges for Cards with DS-0 Channel Groups
Traffic Card Type
Physical
Ports
Low-Density
Version
Low-Density
Ports
Channelized STM-1 to E1 IR
3
No
–
Channelized E1
24
No
–
Note This command requires that the E1 channel or port have either CRC-4 or non-CRC-4 framing.
If you are creating the DS-0 channel group on a channelized STM-1 port, you must verify that the field
programmable gate array (FPGA) on the card supports this feature. Use the show hardware detail
command (in any mode) to determine the version of the FPGA file installed in the channelized STM-1 card,
and compare it to the version of the FPGA file bundled into the software image. If the version of the FPGA
file in the card is older, use the reload fpga command (in exec mode) to upgrade to the latest version.
Caution It takes three to seven minutes for the reload fpga command to successfully complete an
upgrade. Do not interrupt the process in the middle of an FPGA upgrade.
If you have not selected the E1 channel or port using the port e1 command (in global configuration mode)
before you enter this command, this command automatically creates the E1 channel or port with the default
CRC-4 framing.
The DS-0 channel number that you specify becomes the only assigned DS-0 channel in the channel group.
Any other DS-0 channel that you assign to this group using the timeslot command (in DS-0 group
configuration mode) must have a time slot equal to or greater than that specified with the ds0-chan-num
argument.
The DS-0 channel group cannot include any time slot less than the value you specify for the ds0-chan-num
argument. For example, if you specify 13 as the value for the ds0-chan-num argument, you cannot include
time slots 1 to 12 in the DS-0 channel group when you enter the timeslot command (in DS-0 group
configuration mode).
To enable the DS-0 channel group, use the no shutdown command (in DS-0 group configuration mode).
Use the no form of this command to remove a DS-0 channel group from a channelized E1 channel or port.
Examples
The following example selects a channelized E1 port on a channelized E1 card and creates an associated
DS-0 channel group:
[local]Redback(config)#card ch-e1ds0-24-port 1
[local]Redback(config-card)#exit
!select the channelized E1 port on the channelized E1 card
[local]Redback(config)#port e1 1/1
[localRedback(config-e1)#no shutdown
[local]Redback(config-e1)#exit
Clear-Channel and Channelized Port and Channel Configuration
4-59
Command Descriptions
!create the DS-0 channel group with a base time slot of 5
[local]Redback(config)#port ds0s 1/1:5
[local]Redback(config-ds0-group)#no shutdown
[local]Redback(config-ds0-group)#timeslot 5, 7, 9, 12, 15
[local]Redback(config-ds0-group)#no shutdown
[local]Redback(config-ds0-group)#exit
The following example selects a channelized E1 channel on a port on an channelized STM-1 card and an
associated DS-0 channel group:
[local]Redback(config)#card ch-stm1ds0-3-port 2
[local]Redback(card)#exit
!select the channelized STM-1 port
[local]Redback(config)#port channelized-stm1 2/1
[local]Redback(config-stm1)#no shutdown
[local]Redback(config-stm1)#exit
!create the channelized E1 channel on the channelized STM-1 port
[local]Redback(config)#port e1 2/1:1
[local]Redback(config-e1)#no shutdown
[local]Redback(config-e1)#exit
!create the DS-0 channel group with a base time slot of 3
[local]Redback(config)#port ds0s 2/1:1:3
[local]Redback(config-ds0-group)#timeslot 3, 7, 9, 12, 15
[local]Redback(config-ds0-group)#no shutdown
[local]Redback(config-ds0-group)#exit
Related Commands
port channelized-stm1
port e1
shutdown—DS-0 group configuration mode
timeslot
4-60
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
port ds1
For ports on channelized OC-12 cards, the syntax is:
port ds1 slot/port:ds3-chan-num:ds1-chan-num
no port ds1 slot/port:ds3-chan-num:ds1-chan-num
For channelized ports on DS-3 cards, the syntax is:
port ds1 slot/port:ds1-chan-num
no port ds1 slot/port:ds1-chan-num
Purpose
Selects a constituent DS-1 channel on a channelized DS-3 channel or port and enters DS-1 configuration
mode.
Command Mode
global configuration
Syntax Description
slot
Chassis slot number of the card. The range of values depends on the chassis in which
the card is installed; see Table 4-28.
port
Port number on the channelized OC-12 or DS-3 port. The range of values depends on
the type and version of the card; see Table 4-29.
ds3-chan-num
Number of the DS-3 channel on the channelized OC-12 port. The range of values is 1
to 12.
ds1-chan-num
Number of the DS-1 channel you want to select. The range of values is 1 to 28.
Default
No DS-1 channels are selected.
Usage Guidelines
Use the port ds1 command to select a constituent DS-1 channel in a channelized DS-3 channel or port and
enter DS-1 configuration mode. Table 4-28 lists the values for the slot argument for each type of SmartEdge
chassis; in the table, the IR abbreviation is used for Intermediate Reach.
Table 4-28 Slot Ranges for Cards with DS-1 Channels
slot Argument Range
Traffic Card Type
SmartEdge 800 Router
SmartEdge 400 Router
Channelized OC-12 to DS-1 IR
1 to 6 and 9 to 14
1 to 4
3-port Channelized DS-3
1 to 5 and 10 to 14
3 to 4
12-port Channelized DS-3
Clear-Channel and Channelized Port and Channel Configuration
4-61
Command Descriptions
Table 4-29 lists the range of values for the port argument; in the table, the IR abbreviation is used for
Intermediate Reach.
Table 4-29 Port Ranges for Cards with DS-1 Channels
Traffic Card Type
Physical
Ports
Low-Density
Version
Low-Density
Ports
Channelized OC-12 to DS-1 IR
1
No
–
3-port Channelized DS-3
3
No
–
12-port Channelized DS-3
12
No
–
Note If you issue this command for a port on a channelized OC-12 card without first configuring the port
and the DS-3 channel that you have specified with the slot, port, and ds3-chan-num arguments, the
system creates the port channelized-oc-12 slot/port and port channelized-ds3
slot/port:ds3-chan-num commands in the configuration database for you.
Note This command is not available for ports on a clear-channel DS-3 card or for ports on a channelized
DS-3 card that you have created with the port ds3 command (in global configuration mode).
To enable the DS-1 channel, use the no shutdown command (in DS-1 configuration mode).
Use the no form of this command to delete the channel or port configuration from the configuration
database.
Examples
The following example selects DS-1 channel 4 in DS-3 channel 1 on port 1 on a channelized OC-12 card
in slot 4 and enters DS-1 configuration mode:
[local]Redback(config)#port ds1 4/1:1:4
[local]Redback(config-ds1)#
The following example selects DS-1 channel 4 on port 1 on a channelized DS-3 card in slot 3 and enters
DS-1 configuration mode:
[local]Redback(config)#port ds1 3/1:4
[local]Redback(config-ds1)#
Related Commands
port channelized-oc12
shutdown—DS-1 configuration mode
4-62
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
port ds3
For ports on channelized OC-12 cards, the syntax is:
port ds3 slot/port:ds3-chan-num
no port ds3 slot/port:ds3-chan-num
For clear-channel ports on DS-3 cards, the syntax is:
port ds3 slot/port
no port ds3 slot/port
Purpose
Selects a clear-channel DS-3 channel or port and enters DS-3 configuration mode.
Command Mode
global configuration
Syntax Description
slot
Chassis slot number of the card. The range of values depends on the chassis in which
the card is installed; see Table 4-30
port
Port number on the channelized OC-12 or DS-3 port. The range of values depends on
the type and version of the card; see Table 4-31.
ds3-chan-num
Number of the DS-3 channel on the channelized OC-12 port. The range of values is
1 to 12.
Default
No DS-3 channels or ports are selected.
Usage Guidelines
Use the port ds3 command to select a clear-channel DS-3 channel or port and enter DS-3 configuration
mode. Table 4-30 lists the values for the slot argument for each type of SmartEdge chassis; in the table, the
IR abbreviation is used for Intermediate Reach.
Table 4-30 Slot Ranges for Cards with Clear-Channel DS-3 Channels or Ports
slot Argument Range
Traffic Card Type
SmartEdge 800 Router
SmartEdge 400 Router
Channelized OC-12 to DS-1 IR
1 to 6 and 9 to 14
1 to 4
1 to 5 and 10 to 14
3 to 4
Channelized OC-12 to DS-3 IR
12-port Clear-Channel DS-3
Clear-Channel and Channelized Port and Channel Configuration
4-63
Command Descriptions
Table 4-31 lists the range of values for the port argument; in the table, the IR abbreviation is used for
Intermediate Reach.
Table 4-31 Port Ranges for Cards with Clear-Channel DS-3 Channels or Ports
Traffic Card Type
Physical Ports
Low-Density Version
Low-Density Ports
Channelized OC-12 to DS-1 IR
1
No
–
12
No
–
Channelized OC-12 to DS-3 IR
12-port Clear-Channel DS-3
Note If you issue this command for a channelized OC-12 port without first configuring the port you have
specified with the slot and port arguments, the system creates the port channelized-oc-12 slot/port
command in the configuration database for you.
To enable the DS-3 channel, use the no shutdown command (in DS-3 configuration mode).
Use the no form of this command to delete the channel or port configuration from the configuration
database.
Examples
The following example selects port 1 on the clear-channel DS-3 card in slot 4 and enters DS-3
configuration mode:
[local]Redback(config)#port ds3 4/1
[local]Redback(config-ds3)#
Related Commands
port channelized-ds3
port channelized-oc12
shutdown—DS-3 configuration mode
4-64
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
port e1
For ports on channelized STM-1 cards, the syntax is:
port e1 slot/port:e1-chan-num
no port e1 slot/port:e1-chan-num
For ports on E1 cards, the syntax is:
port e1 slot/port
no port e1 slot/port
Purpose
Selects an E1 channel or port and enters E1 configuration mode.
Command Mode
global configuration
Syntax Description
slot
Chassis slot number of the card. The range of values depends on the chassis in which
the card is installed; see Table 4-32.
port
Port number on the channelized STM-1 or E1 card. The range of values depends on the
version of the card; see Table 4-33.
e1-chan-num
E1 channel number on the channelized STM-1 port. The range of values is 1 to 63.
Default
No E1 channels or ports are selected.
Usage Guidelines
Use the port e1 command to select an E1 channel or port and enter E1 configuration mode. When selected,
the E1 channel or port is channelized with CRC4 framing. Table 4-32 lists the values for the slot argument
for each type of SmartEdge chassis; in the table, the IR abbreviation is used for Intermediate Reach.
Table 4-32 Slot Ranges for Cards with E1 Channels or Ports
slot Argument Range
Traffic Card Type
SmartEdge 800 Router
SmartEdge 400 Router
Channelized STM-1 to E1 IR
1 to 6 and 9 to 14
1 to 4
Channelized E1
1 to 6 and 9 to 14
1 to 4
Clear-Channel and Channelized Port and Channel Configuration
4-65
Command Descriptions
Table 4-33 lists the range of values for the port argument; in the table, the IR abbreviation is used for
Intermediate Reach.
Table 4-33 Port Ranges for Cards with E1 Channels or Ports
Traffic Card Type
Physical Ports
Low-Density Version
Low-Density Ports
Channelized STM-1 to E1 IR
3
No
–
Channelized E1
24
No
–
Use the no form of this command to delete the E1 channel or port configuration from the database.
Caution Risk of data loss. The no form of this command deletes any DS-0 channel groups configured for
the E1 channel or port. To reduce the risk, consider the associated DS-0 channel groups before
deleting an E1 channel or port.
Examples
The following example configures a channelized E1 port and a clear-channel E1port on a channelized E1
card:
[local]Redback(config)#card ch-e1ds0-24-port
[local]Redback(config-card)#exit
!select an E1 port and frame it as channelized
[local]Redback(config)#port e1 1/1
[local]Redback(config-e1)#framing crc4
[local]Redback(config-e1)#exit
!select an E1 port and frame it as clear-channel
[local]Redback(config)#port e1 1/2
[local]Redback(config-e1)#framing unframed
[localRedback(config-e1)#
The following example creates an E1 channel on a channelized STM-1 port:
!select the channelized STM-1 port
[local]Redback(config)#port channelized-stm1 1/1
[local]Redback(config-stm1)#exit
!select the E1 channel on the STM-1 port
[local]Redback(config)#port e1 1/1:1
[localRedback(config-e1)#
Related Commands
port channelized-stm1
port ds0s
shutdown—E1 configuration mode
4-66
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
port e3
port e3 slot/port
no port e3 slot/port
Purpose
Selects a port on a clear-channel E3 card and enters E3 configuration mode.
Command Mode
global configuration
Syntax Description
slot
Chassis slot number of the card. The range of values depends on the chassis in which
the card is installed; see Table 4-34
port
Port number on the E3 card. The range of values is listed in Table 4-35.
Default
No E3 ports are selected.
Usage Guidelines
Use the port e3 command to select a clear-channel E3 port on a clear-channel E3 card and enter E3
configuration mode. Table 4-34 lists the values for the slot argument for each type of SmartEdge chassis.
Table 4-34 Slot Ranges for Cards with Clear-Channel E3 Ports
slot Argument Range
Traffic Card Type
SmartEdge 800 Router
SmartEdge 400 Router
6-port Clear-Channel E3
1 to 5 and 10 to 14
3 to 4
Table 4-35 lists the range of values for the port argument.
Table 4-35 Port Ranges for Cards with Clear-Channel E3 Ports
Traffic Card Type
Physical
Ports
Low-Density
Version
Low-Density
Ports
6-port Clear-Channel E3
6
No
–
To enable the E3 port, use the no shutdown command (in E3 configuration mode).
Use the no form of this command to delete the port configuration from the configuration database.
Clear-Channel and Channelized Port and Channel Configuration
4-67
Command Descriptions
Examples
The following example selects port 1 on the clear-channel E3 card in slot 4 and enters E3 configuration
mode:
[local]Redback(config)#port e3 4/1
[local]Redback(config-e3)#
Related Commands
shutdown—E3 configuration mode
4-68
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
shutdown
shutdown
no shutdown
Purpose
Disables the specified port, channel, or channel group.
Command Mode
DS-0 group configuration
DS-1 configuration
DS-3 configuration
E1 configuration
E3 configuration
port configuration
STM-1 configuration
Syntax Description
This command has no keywords or arguments.
Default
All ports and channels are disabled.
Usage Guidelines
Use the shutdown command to enable or disable the specified port, channel, or channel group.
No data is transmitted or received when the port, channel, or channel group is shut down. You must use the
no form of this command to enable any port, channel, or channel group.
To display the port or channel state, enter the show port detail command (in any mode).
Use the no form of this command to enable a port, channel, or channel group.
This command is also described in the following chapters:
•
Chapter 3, “ATM, Ethernet, and POS Port Configuration,” for ATM OC, ATM DS-3, Ethernet, and
Packet over SONET/SDH (POS) ports.
•
Chapter 6, “Circuit Configuration,” for ATM, Frame Relay, and 802.1Q PVCs.
•
Chapter 11, “Cross-Connection Configuration,” for cross-connected circuits.
•
Chapter 12, “GRE Tunnel Configuration,” for Generic Routing Encapsulation (GRE) tunnel circuits.
Clear-Channel and Channelized Port and Channel Configuration
4-69
Command Descriptions
Examples
The following example enables DS-3 channel 1 on channelized OC-12 port 1 in slot 2:
[local]Redback(config)#card ch-oc12ds3-1-port 2
[local]Redback(config)#exit
[local]Redback(config)#port ds3 2/1:1
[local]Redback(config-ds3)#no shutdown
Related Commands
port channelized-ds3
port channelized-oc12
port channelized-stm1
port ds0s
port ds1
port ds3
port e1
port e3
4-70
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
speed
speed {56 | 64}
default speed
Purpose
Sets the speed for all DS-0 channels in a DS-1 channel on a channelized DS-3 channel or port.
Command Mode
DS-1 configuration
Syntax Description
56
Specifies that the DS-0 channel speed is 56 kbps.
64
Specifies that the DS-0 channel speed is 64 kbps; this is the default channel speed.
Default
The default value is 64 kbps.
Usage Guidelines
Use the speed command to set the speed for all DS-0 channels in a DS-1 channel on a channelized DS-3
channel or port.
Use the default form of this command to set the speed for all DS-0 channels in a DS-1 channel to the default
speed.
Examples
The following example sets the DS-0 channel speed to 56 kbps:
[local]Redback(config-ds1)#speed 56
Related Commands
port channelized-ds3
port channelized-oc12
port ds1
Clear-Channel and Channelized Port and Channel Configuration
4-71
Command Descriptions
timeslot
timeslot range
default timeslot
Purpose
Defines a range of time slots for DS-0 channels in a DS-1 channel or for a DS-0 channel group in an E1
channel or port.
Command Mode
DS-0 group configuration
DS-1 configuration
Syntax Description
range
Range of time slots for the DS-0 channels. The range of values and the format of the range
argument are dependent on the configuration mode and card type:
• DS-0 group configuration (DS-0 channel group)—The range of values is 1 to 31. You can
specify time slots using any combination of contiguous ranges and individual odd and even
time slots. Use hyphens when specifying a range of contiguous time slots; use commas
when specifying individual time slots.
• DS-1 configuration—The range of values is 1 to 24. For the channelized OC-12 and
12-port channelized DS-3 cards, you can specify only a single contiguous range. For the
3-port channelized DS-3 card, you can specify time slots using any combination of
contiguous ranges and individual odd and even time slots. Use hyphens when specifying a
range of contiguous time slots; use commas when specifying individual time slots.
Default
For DS-0 channels in a DS-1 channel, the default range is 1 to 24; for DS-0 channel groups in an E1 channel
or port, the default value is the DS-0 channel that was specified using the port ds0s command (in global
configuration mode).
Usage Guidelines
Use the timeslot command to define a range of time slots for the DS-0 channels in a DS-1 channel or for a
DS-0 channel group in an E1 channel or port.
You specify the range only once; if you enter the this command more than once, it overwrites the previous
range.
The following guidelines apply to DS-0 channels in a DS-0 channel group (DS-0 group configuration
mode):
4-72
•
Time slots must be equal to or greater than the DS-0 channel number you specified with the port ds0s
command (in global configuration mode).
•
Time slots can be listed in any order.
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
The following guidelines apply to DS-0 channels in a DS-1 channel (DS-1 configuration mode):
•
You must specify the default range if you have specified the loop keyword with the clock-source
command (in DS-1 configuration mode) as the clock source for a DS-1 channel. You will receive an
error message if you have specified loop as the clock source and attempt to define fewer time slots than
the full range.
•
You must specify the default range to enter the loopback command (in DS-1 configuration mode) with
either the network line or network payload keywords.
•
You must specify the default range to enter the equipment-loopback command (in DS-1 configuration
mode).
Use the default form of this command to set the range of time slots to the default range.
Examples
The following example assigns contiguous time slots to DS-0 channels 1-10 on DS-1 channel 2 on DS-3
port 1 on the 12-port channelized DS-3 card in slot 5:
[local]Redback(config)#port ds1 5/1:2
[local]Redback(config-ds1)#timeslot 1-10
The following example assigns consecutively odd time slots to DS-0 channels 13, 15, 17, and 19 on DS-1
channel 2 on DS-3 port 1 on the 3-port channelized DS-3 card in slot 4:
[local]Redback(config)#port ds1 4/1:2
[local]Redback(config-ds1)#timeslot 13,15,17,19
The following example assigns consecutively odd time slots to DS-0 channels 13, 15, 17, and 19 on E1
channel 2 on port 1 on the channelized STM-1 card in slot 13:
[local]Redback(config)#port ds0s 13/1:2:13
[local]Redback(config-ds0-group)#timeslot 13,15,17,19
Related Commands
port channelized-ds3
port channelized-stm1
port ds1
port e1
Clear-Channel and Channelized Port and Channel Configuration
4-73
Command Descriptions
traps
traps ifmib {enabled | disabled}
{no | default} traps ifmib
Purpose
Enables linkUp and linkDown notifications for Cisco HDLC, Point-to-Point Protocol (PPP), and Frame
Relay encapsulation layers (IF-MIB encapsulation layers) on the DS-0 channel group.
Command Mode
DS-0 group configuration
Syntax Description
ifmib enabled
Enables notifications for encapsulation layers on the DS-0 channel group.
ifmib disabled Disables notifications for encapsulation layers on the DS-0 channel group.
Default
If this command is not entered, notification of up and down conditions is enabled or disabled by the traps
command in (SNMP server configuration mode).
Usage Guidelines
Use the traps command to enable linkUp and linkDown notifications locally for Cisco HDLC, PPP, and
Frame Relay encapsulation layers on the DS-0 channel group. This command overrides, for this DS-0
channel group, any global specification for encapsulation layers you have specified with the traps
command (in SNMP server configuration mode). Table 4-36 lists the combinations of global and local
settings and the resulting notifications for encapsulation layers.
Table 4-36 Command Settings and Encapsulation Layer Notifications
Global
Local
Encapsulation Layer Notifications
None
None or default
None
enabled
Locally enabled for this DS-0 channel group
disabled
Locally disabled for this DS-0 channel group
None or default
Globally enabled for all clear-channel or channelized ports and channels, including this DS-0
channel group
enabled
Both globally and locally enabled for this DS-0 channel group
disabled
Locally disabled for this DS-0 channel group
ifmib encaps
Use the no or default form of this command to disable encapsulation layer notifications locally; as a result,
encapsulation layer notifications are enabled or disabled globally as specified with the traps command in
(SNMP server configuration mode).
4-74
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
Examples
The following example enables encapsulation notifications globally and disables them locally for the DS-0
channel group on port 1 of a channelized E1 card:
[local]Redback(config)#snmp server enhance ifmib
[local]Redback(config-snmp-server)#traps ifmib encaps
[local]Redback(config-snmp-server)#exit
[local]Redback(config)#port ds0s 5/1:7
[local]Redback(config-ds0-group)#traps ifmib disabled
Related Commands
snmp server
traps—SNMP server configuration mode
Clear-Channel and Channelized Port and Channel Configuration
4-75
Command Descriptions
yellow-alarm
yellow-alarm {detection | generation}
no yellow-alarm {detection | generation}
default yellow-alarm {detection | generation}
Purpose
Enables the detection or generation of yellow alarms on the DS-1 channel.
Command Mode
DS-1 configuration
Syntax Description
detection
Enables yellow-alarm detection.
generation
Enables yellow-alarm generation.
Default
Detection and generation of yellow alarms are enabled.
Usage Guidelines
Use the yellow-alarm command to enable the detection or generation of yellow alarms on a DS-1 channel.
Use the no form of this command to disable the specified yellow alarm function.
Use the default form of this command to enable the specified yellow alarm function with its default values.
Examples
The following example disables yellow alarm detection on a DS-1 channel:
[local]Redback(config)#port ds1 4/1:1:1
[local]Redback(config-ds1)#no yellow-alarm detection
Related Commands
port ds1
4-76
Ports, Circuits, and Tunnels Configuration Guide
Chapter 5
APS Configuration
This chapter provides an overview of Automatic Protection Switching (APS) on Packet over SONET/SDH
(POS) ports, describes the tasks used to configure APS features, provides configuration examples, and
detailed descriptions of the commands used to configure APS through the SmartEdge® OS.
For information about the commands used to monitor, troubleshoot, and administer APS, see the “Card,
Port, and Channel Operations” chapter in the Ports, Circuits, and Tunnels Configuration Guide for the
SmartEdge OS.
This chapter includes the following sections:
•
Overview
•
Configuration Tasks
•
Configuration Examples
•
Command Descriptions
Overview
The SmartEdge OS supports a subset of Synchronous Optical Network/Synchronous Digital Hierarchy
(SONET/SDH) APS that is described in the Telcordia publication, GR-253-CORE, SONET Transport
Systems, Common Criteria, Section 5.3, and the equivalent SDH specification described in ITU-T G-783,
Appendix A. APS is supported only on POS ports with Cisco High-Level Data Link Control (HDLC)
encapsulation.
In addition to providing facility protection for traffic on the optical fiber ports, APS on the SmartEdge
router can be used to provide equipment protection for the traffic card hosting the working port. If the traffic
card fails, and the protect port is on another traffic card, the SmartEdge OS performs a protection switch to
preserve the affected traffic, and allow the failed card to be serviced.
Note Active subscriber counts are a function of configuration, memory, processing power, and the
bandwidth desired for each subscriber. Each platform and hardware variant has a maximum active
subscriber figure, which may or may not be achieved under deployment scenarios. Enabling APS
requires additional memory for each configured port, and may impact the maximum number of
subscribers that can be supported.
APS Configuration
5-1
Overview
The SmartEdge OS implementation of APS has the following features:
•
APS protection is offered for POS ports on these optical card types:
— OC-3c/STM-1c
— OC-12c/STM-4c
— OC-48c/STM-16c
•
The following protocols and services are required or supported on APS ports:
— HDLC encapsulation required
— SONET remote defect indication-path (RDI-P) and remote error indication-path (REI-P) generation
supported
•
For each working port, there is a single protect port, and each port must be of the same type. For
example, a port on an OC-3c/STM-1c card must be paired with a port on another OC-3c/STM-1c card;
an OC-3c/STM-1c card cannot be paired with an OC-12c/STM-4c card.
•
The SmartEdge OS APS implementation supports linear 1+1 APS operating in the bidirectional mode:
— Traffic is transmitted only on the working port; traffic is switched to the protect port based on the
quality of the received signal.
— The transmit and receive lines are switched as a pair.
•
By default, protection is nonrevertive, but revertive switching is offered as an option. When the APS
group is configured for revertive switching, if the working port becomes available after a switch to the
protect port, the working port enters the wait to restore (WTR) state. If the working port remains clear
throughout the WTR interval, a switch to the working port occurs when the WTR interval expires.
•
You can manage ports in an APS group, using the aps switch command (in port configuration mode),
to switch the working and protect ports, or temporarily disable APS switching.
Note Configuring and enabling APS can have a negative impact on the performance of the SmartEdge
router. Consult your Redback® representative for more information.
Caution Risk of service disruption. When an APS working or protect port is deleted from an APS group,
all sessions currently active on the ports are terminated. Only sessions configured on the
working port can be brought back up as normal. To reduce the risk of service disruption beyond
this temporary termination of sessions when deleting a working or protect port from an APS
group, do not remove either the working or protect port without first performing an APS force
on the active port to switch all sessions to the working port and locking out the protect port.
5-2
Ports, Circuits, and Tunnels Configuration Guide
Configuration Tasks
Configuration Tasks
Note In this section, the command syntax in the task tables displays only the root command; for the
complete command syntax, see the full description for the command in the “Command
Descriptions” section.
To configure APS and manage the ports in an APS group, perform the tasks described in the following
sections:
•
Configure an APS Group
•
Configure the Working and Protect Ports
•
Add Ports to an APS Group
•
Manage Ports in an APS Group
•
Change the Configuration of the Working and Protect Ports
Configure an APS Group
To configure an APS group, perform the tasks described in Table 5-1.
Table 5-1
Configure an APS Group
#
Task
Root Command
Notes
1.
Create an APS group, or select one for
modification, and access APS configuration
mode.
aps group
Enter this command is global configuration
mode.
2.
Associate a description with the group.
description
3.
Specify the revertive switching algorithm and the
WTR interval.
revert
The default value is nonrevertive.
Configure the Working and Protect Ports
Before you can assign a port as working port in an APS group, you must first configure it and the port that
you intend to be its protect port in the group. The following requirements apply to the configuration:
•
The configuration of the working and protect ports must be identical. To configure a POS port, see the
“Configuring POS Ports” section in Chapter 3, “ATM, Ethernet, and POS Port Configuration.”
•
You must specify Cisco HDLC encapsulation for the ports.
•
You do not bind either port before you assign it, either as a working or protect port, to the APS group,
but you must make them operational using the no shutdown command (in port configuration mode).
After you have added the ports to an APS group, you bind the working port to an existing interface, using
the bind interface command (in port configuration mode); you do not bind the protect port.
If you need to change the configuration of a working port you must ensure that you apply the configuration
changes to both the working and protect ports (the configurations must be identical).
APS Configuration
5-3
Configuration Tasks
If a port has already been assigned as a working or protect port in an APS group, then that port must first
be removed from the APS group before making any subsequent changes to the configuration for that port.
Note Binding a working port to an interface is not considered a change to the port configuration; thus this
action is allowed on an APS working port.
Add Ports to an APS Group
To add a port to an APS group, you assign it to the group as a working or protect port. To add ports to an
APS group, perform the tasks described in Table 5-2; you can add the ports in any order. Enter both
commands in port configuration mode.
Table 5-2
Assign a Working Port and a Protect Port
Task
Root Command
Notes
Assign the working port.
aps
Use the working keyword.
Assign the protect port.
aps
Use the protect keyword.
Manage Ports in an APS Group
To manage the ports in an APS group, perform one or more of the tasks described in Table 5-3. Enter all
commands in port configuration mode unless otherwise noted.
Table 5-3
Manage Ports in an APS Group
Task
Root Command
Notes
Request a lockout of the protect port.
aps switch
Use the lockout keyword.
Request a high-priority (forced) switch of either
the working or protect port.
aps switch
Use the forced keyword.
Request a low-priority (manual) switch of either
the working or protect port.
aps switch
Use the manual keyword.
Remove a posted request.
aps switch
Use the no form to remove a posted request.
Remove a port from a group.
Perform one of the procedures listed in Table 5-4.
Replace a port in a group.
Perform one of the procedures listed in Table 5-5.
Delete a group.
aps group
Enter this command is global configuration mode.
Use the no form to delete the group.
Delete a Port from an APS Group
Before deleting a port from an APS group, enter the show aps command with the detail keyword (in any
mode) to determine the status of the working and protect ports. To delete a port from an APS group,
perform the tasks described in Table 5-4. Enter all commands in port configuration mode.
Caution Risk of service disruption. When an APS working or protect port is deleted from an APS group,
all sessions currently active on the ports are terminated. Only sessions on the working port can
be brought back up as normal. To reduce the risk of service disruption beyond this temporary
termination of sessions when deleting a working or protect port from an APS group, perform
one of the procedures provided in Table 5-4. Otherwise, the system might enter an undesirable
state.
5-4
Ports, Circuits, and Tunnels Configuration Guide
Configuration Tasks
Note Table 5-4 documents the procedures for administering an APS group only; you do not perform them
if you must physically replace the traffic card on which the working port is configured.
Table 5-4
Delete a Port from an APS Group
Port to Delete
Status of Traffic
Procedure
Protect
Active
1. Force all sessions on the protect port to the working port with the aps switch force command
for the protect port.
2. Lock out the protect port with the aps switch lockout command for the protect port.
3. Remove the protect port with the no aps command for the protect port; the working port is not
removed.
Standby
1. Lock out the protect port with the aps switch lockout command for the protect port.
2. Remove the protect port with the no aps command for the protect port; the working port is not
removed.
Working
Active
1. Lock out the protect port with the aps switch lockout command for the protect port.
2. Remove the working port with the no aps command for the working port; the protect port is not
removed.
Standby
1. Force all sessions on the protect port to the working port with the aps switch force command
for the protect port.
2. Lock out the protect port with the aps switch lockout command for the protect port.
3. Remove the working port with the no aps command for the working port; the protect port is no
removed.
Replace a Port in an APS Group
Before you replace a port in an APS group, enter the show aps command with the detail keyword (in any
mode) to determine the traffic status of the working and protect ports; perform the tasks in Table 5-5.
Table 5-5
#
Replace a Port in an APS Group
Task
Root Command
Notes
Replace the working port:
1.
Remove the working port from the group.
Select the task in Table 5-4 based on the traffic status of the port; the protect port is
not removed.
2.
Assign the replacement port to the group
as the working port.
aps
Use the working keyword.
Replace the protect port:
1.
Remove the protect port from the group.
Select the procedure in Table 5-4 based on the traffic status of the port; the working
port is not removed.
2.
Assign the replacement port to the group
as the protect port.
aps
Use the protect keyword.
Change the Configuration of the Working and Protect Ports
You can change the configuration of a working port while it is a member of an APS group, but you must
ensure that the configuration of the protect port is identical to that of the working port.
APS Configuration
5-5
Configuration Examples
Configuration Examples
This section provides the following examples of APS configurations:
•
Configure an APS Group
•
Request a Lockout Switch
•
Request a Forced Switch
•
Request a Manual Switch
Configure an APS Group
The following example creates the APS group, lab48, with revertive switching and a WTR of 10 minutes,
configures the ports on two OC-48c/STM-16c cards for the group, and adds them to the group:
[local]Redback(config)#aps group lab48
[local]Redback(config-aps)#revert 10
[local]Redback(config-aps)#exit
[local]Redback(config)#port pos 2/1
[local]Redback(config-port)#encapsulation chdlc
[local]Redback(config-port)#aps working lab48
[local]Redback(config-port)#bind interface if-lab48 local
[local]Redback(config-port)#no shutdown
[local]Redback(config-port)#exit
[local]Redback(config)#port pos 3/1
[local]Redback(config-port)#encapsulation chdlc
[local]Redback(config-port)#aps protect lab48
[local]Redback(config-port)#no shutdown
[local]Redback(config-port)#exit
Request a Lockout Switch
The following example temporarily disables APS switching on port 3/1 (the protect port) by requesting a
lockout:
[local]Redback(config)#port pos 3/1
[local]Redback(config-port)#aps switch lockout
The following example re-enables switching by removing the lockout request:
[local]Redback(config)#port pos 3/1
[local]Redback(config-port)#no aps switch lockout
5-6
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
Request a Forced Switch
The following example posts a high-priority request to switch the sessions on working port 2/1 to the
protect port:
[local]Redback(config)#port pos 2/1
[local]Redback(config-port)#aps switch force
For the request to succeed, there must be no higher-priority APS request in effect.
The following example removes the high-priority request. Because the switching algorithm for the APS
group is revertive, port 2/1 becomes the working port for the APS group after the WTR interval expires
and no alarms have been posted against it:
[local]Redback(config)#port pos 2/1
[local]Redback(config-port)#no aps switch force
Request a Manual Switch
The following example posts a low-priority request to switch the sessions on working port 2/1 to the
protect port:
[local]Redback(config)#port pos 2/1
[local]Redback(config-port)#aps switch manual
For the request to succeed, there must be no higher-priority APS request in effect.
The following example removes the low-priority request. Because the switching algorithm for the APS
group is revertive, port 2/1 becomes the working port for the APS group after the WTR interval expires
and no alarms have been posted against it:
[local]Redback(config)#port pos 2/1
[local]Redback(config-port)#no aps switch manual
Command Descriptions
This section describes the syntax and usage guidelines for the commands used to configure APS. The
commands are presented in alphabetical order.
aps
aps group
aps switch
description
revert
APS Configuration
5-7
Command Descriptions
aps
aps {working | protect} aps-group-name
no aps {working | protect} aps-group-name
Purpose
Assigns the port, as a working or protect port, to an existing Automatic Protection Switching (APS) group.
Command Mode
port configuration
Syntax Description
working
Indicates that the port is a working port in the specified APS group.
protect
Indicates that the port is a protect port in the specified APS group.
aps-group-name
Unique alphanumeric string, used to identify a specific pair of optical ports.
Default
None
Usage Guidelines
Use the aps command to assign a port, as a working or protect port, to an existing APS group. You can add
the working and protect ports in any order.
Note This command applies to Cisco High-Level Data Link Control (HDLC)-encapsulated Packet over
SONET/SDH (POS) ports only.
Use the no form of this command to remove the port from the APS group, and return the port to normal,
non-APS operation.
Caution Risk of service disruption. When an APS working or protect port is deleted from an APS group,
all sessions currently active on the ports are terminated. Only sessions on the working port can
be brought back up as normal. To reduce the risk of service disruption beyond this temporary
termination of sessions when deleting a working or protect port from an APS group, perform
one of the procedures provided in Table 5-4. Otherwise, the system might enter an undesirable
state.
Note Removing a port from an APS group does not remove the other port.
Examples
The following example configures two ports for the APS group, lab48:
!Create the APS group
[local]Redback(config)#aps group lab48
[local]Redback(config-aps)#exit
5-8
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
!Configure the working port
[local]Redback(config)#port pos 1/8
[local]Redback(config-port)#encapsulation chdlc
[local]Redback(config-port)#aps working lab48
[local]Redback(config-port)#bind interface if-lab48 local
[local]Redback(config-port)#no shutdown
[local]Redback(config-port)#exit
!Configure the protect port
[local]Redback(config)#port pos 1/7
[local]Redback(config-port)#encapsulation chdlc
[local]Redback(config-port)#aps protect lab48
[local]Redback(config-port)#no shutdown
[local]Redback(config-port)#exit
Related Commands
aps group
aps switch
APS Configuration
5-9
Command Descriptions
aps group
aps group aps-group-name
no aps group aps-group-name
Purpose
Creates an Automatic Protection Switching (APS) group with the specified name, or selects an existing
APS group for modification, and enters APS configuration mode.
Command Mode
global configuration
Syntax Description
aps-group-name
Unique alphanumeric string, used to identify a specific pair of optical ports.
Default
None
Usage Guidelines
Use the aps group command to create an APS group, or select an existing APS group for modification, and
enter APS configuration mode.
Use the no form of this command to delete the specified APS group.
Note You cannot delete an APS group if there are working and protect ports in it. You must first delete
the ports from the group. (See Table 5-4 for the procedures to delete ports.)
Examples
The following example creates the APS group, lab48:
[local]Redback(config)#aps group lab48
[local]Redback(config-aps)#
Related Commands
aps
5-10
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
aps switch
aps switch {force | lockout | manual}
no aps switch {force | lockout | manual}
Purpose
Changes the traffic state of a port in an Automatic Protection Switching (APS) group.
Command Mode
port configuration
Syntax Description
force
Switches the sessions on the working port to the protect port or on the protect port to the
working port, unless a request of equal or higher priority is already in effect. This is a
high-priority request.
lockout
Prevents the sessions on the working port from being switched to the protect port.
manual
Switches the sessions on the working port to the protect port or on the protect port to the
working port, unless a request of equal or higher priority is already in effect. This is a
low-priority request.
Default
None
Usage Guidelines
Use the aps switch command to change the traffic state of a port in an APS group. The aps switch
command persists after the system is reset if the configuration has been saved using the save configuration
command (in exec mode).
Specify the force keyword to switch the sessions on the working port to the protect port or on the protect
port to the working port. The request succeeds if no request with higher priority is in effect, and remains in
effect until it is explicitly cleared with the no form of this command or implicitly cleared by a higher
priority request.
Specify the lockout keyword to prevent sessions on the working port from being switched to the protect
port. A lockout request persists after the system is reset, and remains in effect until it is explicitly cleared
with the no form of this command or implicitly cleared by a higher priority request. This option is only
available for the protect port; it is ignored if you specify it for a working port.
Caution Risk of disabling APS protection. Because the aps switch force command has higher priority
than signal degrade or signal fail conditions, it can cause sessions to be switched to a
nonfunctioning port for the APS group. To reduce the risk, use caution when using this
command, or post a lower priority request with the manual keyword instead.
APS Configuration
5-11
Command Descriptions
Specify the manual keyword to switch the sessions on the working port to the protect port or on the protect
port to the working port. The request succeeds if no request with higher priority is in effect, and remains in
effect until it is explicitly cleared with the no form of this command or implicitly cleared by a higher
priority request.
APS requests (generated either by the system or by an administrator) have priority levels, which determine
the order in which they are carried out. Lockout is the highest priority APS request that you can post on a
port. If a lockout is in effect and a lower-priority request is posted, it is rejected; however, it is posted, and
you must enter the no form of this command to clear it. Table 5-6 describes the relative priority levels, from
highest to lowest priority, for APS requests.
Table 5-6
Priority Levels for APS Requests
System or
Administrator Request
Priority
Request
Description
Highest
Lockout
Prevents the working port from being switched to the protect port, unless a
request of equal or higher priority (another lockout request) is already in
effect.
Administrator
Signal failure on
protect port
Generated by the system if one of the following fatal port error conditions is
detected:
Automatic
• Loss of signal
• Loss of frame
• Line alarm indication signal (AIS-L)
• Received bit error rate (BER) exceeds the configured signal fail (SF-BER)
threshold
• Port disabled (port is shut down)
• Traffic card failed or removed
Forced
Switches the sessions on the working port to the protect port or on the protect
port to the working port, unless a request of equal or higher priority is already
in effect.
Administrator
Signal failure on
working port
Generated by the system if one of the following fatal port error conditions is
detected:
Automatic
• Loss of signal
• Loss of frame
• AIS-L
• BER exceeds the configured SF-BER threshold
• Port disabled (port is shut down)
• Traffic card failed or removed
Lowest
Signal degrade
Received BER exceeds the configured signal degradation BER (SD-BER)
threshold.
Automatic
Manual
Switches the sessions on the working port to the protect port or on the protect
port to the working port, unless a request of equal or higher priority is already
in effect.
Administrator
Wait to restore
If revertive switching is configured, this switch is generated when a signal
failure or signal degrade condition has been cleared and the subsequent wait
to restore (WTR) timer has expired.
Automatic
Note In the event of equal priority requests on the working and protection ports (for example, if both of
them are in a signal failure state), the APS group switches to the working port.
Use the no form of this command to remove (clear) the request.
5-12
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
Examples
The following example locks out protect port 2/1 (disables APS switching to it), then removes the lockout:
[local]Redback(config)#port pos 2/1
[local]Redback(config-port)#aps protect lab48
[local]Redback(config-port)#aps switch lockout
[local]Redback(config-port)#no aps switch lockout
Related Commands
aps
aps group
APS Configuration
5-13
Command Descriptions
description
description text
{no | default} description [text]
Purpose
Associates textual information with an Automatic Protection Switching (APS) group.
Command Mode
APS configuration
Syntax Description
text
Text string that identifies the port. Can be any alphanumeric string, including spaces, that is
not longer than 80 ASCII characters.
Default
No description is associated with an APS group.
Usage Guidelines
Use the description command to associate textual information with an APS group. This text displays by
the show configuration command for the APS group.
Use the no or default form of this command to delete the existing description. Because there can be only
one description for a port, when you use the no or default form of this command, it is not necessary to
include the text argument. To change a description, create a new one; it overwrites the existing one.
Examples
The following example associates a description with the APS group, lab48:
[local]Redback(config)#aps group lab48
[local]Redback(config-aps)#description OC-48 APS
Related Commands
None
5-14
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
revert
revert wtr-interval
no revert
default revert
Purpose
Sets the switching algorithm to revertive switching and the wait-to-restore (WTR) interval for an
Automatic Protection Switching (APS) group with 1+1 architecture.
Command Mode
APS configuration
Syntax Description
wtr-interval
Time to wait before reverting to the working port after it is up. The range of values is
1 to 60 minutes; the default value is 5.
Default
The default WTR interval is 5 minutes; the switching algorithm is nonrevertive switching.
Usage Guidelines
Use the revert command to set the switching algorithm to revertive switching and the WTR value for an
APS group with 1+1 architecture.
Use the no form of this command to set the switching algorithm to nonrevertive switching.
Use the default form of this command to set the WTR to 5 minutes.
Examples
The following example sets the switching algorithm to revertive with a WRT of 3 minutes:
[local]Redback(config)#aps group lab48
[local]Redback(config-aps)#revert 3
Related Commands
None
APS Configuration
5-15
Command Descriptions
5-16
Ports, Circuits, and Tunnels Configuration Guide
Part 3
Circuits
This part describes the tasks and commands used to configure basic features for circuits, including
clientless IP service selection (CLIPS), encapsulated circuits with Point-to-Point Protocol (PPP) or PPP
over Ethernet (PPPoE), and link-aggregated circuits.
This part consists of the following chapters:
•
Chapter 6, “Circuit Configuration”
•
Chapter 7, “CLIPS Configuration”
•
Chapter 8, “PPP and PPPoE Configuration”
•
Chapter 9, “Link Aggregation Configuration”
Chapter 6
Circuit Configuration
This chapter provides an overview of permanent virtual circuits (PVCs) on ports or channels that have been
configured with Asynchronous Transfer Mode (ATM), 802.1Q, or Frame Relay encapsulation. It describes
the tasks used to configure these circuits, and provides configuration examples and detailed descriptions of
the commands used to configure them through the SmartEdge® OS.
For information about the tasks and commands used to monitor, troubleshoot, and administer circuits, see
the “Circuit Operations” chapter in the Ports, Circuits, and Tunnels Operations Guide for the
SmartEdge OS.
Other chapters with related tasks and commands include:
•
Configuration tasks and commands for all traffic cards are described in Chapter 2, “Traffic Card
Configuration.”
•
Configuration tasks and commands for ATM, Ethernet, or Packet over SONET/SDH (POS) ports are
described in Chapter 3, “ATM, Ethernet, and POS Port Configuration.”
•
Configuration tasks and commands for clear-channel and channelized ports and channels are described
in Chapter 4, “Clear-Channel and Channelized Port and Channel Configuration.”
•
Configuration tasks and commands for clientless IP service selection (CLIPS) circuits are described in
Chapter 7, “CLIPS Configuration.”
•
Configuration tasks and commands for Point-to-Point Protocol (PPP)- and PPP over Ethernet
(PPPoE)-encapsulated circuits are described in Chapter 8, “PPP and PPPoE Configuration.”
•
Configuration tasks and commands for link-aggregated circuits are described in Chapter 9, “Link
Aggregation Configuration.”
•
Configuration tasks and commands for bridged circuits are described in Chapter 10, “Bridging
Configuration.”
•
Configuration tasks and commands for cross-connected circuits are described in Chapter 11,
“Cross-Connection Configuration.”
For protocol- or feature-specific commands that appear in any of the circuit configuration modes, see the
appropriate chapter in this guide, or the Routing Protocols Configuration Guide, or the IP Services and
Security Configuration Guide for the SmartEdge OS.
Circuit Configuration
6-1
Overview
Note In the following descriptions, the term, controller card, applies to the Cross-Connect Route
Processor (XCRP) or the XCRP Version 3 (XCRP3) Controller card, unless otherwise noted.
The term, first-generation ATM OC card, refers to the 2-port ATM OC-3c/STM-1c or 1-port ATM
OC-12c/STM-4c card; similarly, the term, second-generation ATM OC card, refers to the 4-port
ATM OC-3c/STM-1c or Enhanced ATM OC-12c/STM-4c card.
The term, chassis, refers to any SmartEdge chassis; the term, SmartEdge 800, refers to any version
of the SmartEdge 800 chassis.
Note An 802.1Q PVC is also referred to as an 802.1Q virtual LAN (VLAN); however, within this
chapter, it is the PVC, not the VLAN, that is being configured.
This chapter includes the following sections:
•
Overview
•
Configuration Tasks
•
Configuration Examples
•
Command Descriptions
Overview
This section includes the following topics:
•
802.1Q PVCs
•
ATM Profiles, VPs, and PVCs
•
Frame Relay Profiles and PVCs
Note When IP Version 6 (IPv6) addresses are not referenced or explicitly specified, the term, IP address,
can refer generally to IP Version 4 (IPv4) addresses, IPv6 addresses, or IP addressing. In instances
where IPv6 addresses are referenced or explicitly specified, the term, IP address, refers only to IPv4
addresses. For a description of IPv6 addressing and the types of IPv6 addresses, see RFC 3513,
Internet Protocol Version 6 (IPv6) Addressing Architecture.
802.1Q PVCs
A VLAN is a separate, administratively defined, subgroup of a bridged LAN. Bridged LANs and 802.1Q
encapsulation are described in the 802.1Q IEEE Standard for Local and Metropolitan Area Networks:
Virtual Bridged Local Area Networks specification, which defines an architecture and bridging protocols
for the partitioning of a bridged LAN into VLANs.
In the SmartEdge OS, an 802.1Q PVC that connects an 802.1Q VLAN to the SmartEdge router can be
created on any 10/100, Gigabit Ethernet, or Gigabit Ethernet 3 port.
Note The 802.1Q features do not apply to the Ethernet management port on the controller card.
6-2
Ports, Circuits, and Tunnels Configuration Guide
Overview
The SmartEdge OS supports 802.1Q encapsulation on Ethernet ports. When an 802.1Q frame is received
on an 802.1Q PVC, the 802.1Q header is stripped from the packet. The Ethernet packet is then routed by
the system. When an outbound packet is forwarded to an 802.1Q PVC, the SmartEdge OS adds the
appropriate 802.1Q header to the packet. This feature also allows for the channelization of Ethernet ports.
Two types of 802.1Q PVCs are supported—static and on-demand. A static PVC is created in main memory
when it is configured, and is always considered active, even when there is no traffic on it. An on-demand
PVC is also created when it is configured, but it becomes active only when user traffic is detected on it.
On-demand PVCs have two modes—dormant (or listening) and active. When you configure a single
on-demand PVC, or a range of on-demand PVCs, the dormant version of each PVC is created in “listening”
mode; it does not occupy main memory.
When user traffic is detected on a dormant PVC, the PVC is created in active mode in main memory. When
the traffic ceases (there are no subscriber sessions connected on it), the PVC is said to be inactive. After a
configurable time interval, the inactive PVC is deleted from main memory and the dormant version is again
in listening mode. In this way, on-demand PVCs conserve main memory.
You can assign a profile and specify the encapsulation for a range of on-demand PVCs when you configure
them, or you can specify that the authentication, authorization, and accounting (AAA) and Remote
Authentication Dial-In User Service (RADIUS) features to provide the profile and encapsulation.
An 802.1Q PVC can be configured as a “tunnel” with static 802.1Q PVCs configured within it. Each static
802.1Q PVC within the tunnel has an outer VLAN tag value, which is the tunnel’s VLAN tag value, and a
unique inner VLAN tag value.
Four types of 802.1Q packets are supported; they are identified from their 802.1Q headers: 8100, 88a8,
9100, and 9200. You can also specify a user-defined type. You can configure one or more tunnels on each
port; configure all tunnels on a port for the same type of 802.1Q packets.
ATM Profiles, VPs, and PVCs
ATM encapsulation is described in RFC 1483, Multiprotocol Encapsulation over ATM Adaptation Layer 5.
ATM PVCs can be created on any ATM port.
Using ATM, data flows over PVCs on a virtual path (VP) on an ATM port. These PVCs are identified by a
virtual path identifier (VPI) and virtual circuit identifier (VCI). After you have configured an ATM port,
you can configure VPs and PVCs. ATM PVCs and shaped VPs are configured using ATM profiles.
(A shaped VP is a VP created with the atm vp command in ATM OC or ATM DS-3 configuration mode.)
Note A PVC created on a shaped VP is sometimes referred to as a virtual circuit (VC). VC is used in the
following descriptions only when it is necessary to distinguish it from a PVC configured on a
nonshaped VP; otherwise, PVC is used throughout this chapter. A shaped VP is also referred to as
a VP tunnel; the term, VP tunnel, is not used in this guide.
For ATM PVCs configured on ports on ATM DS-3 and second-generation ATM OC cards, you can also
create ATM VC tunnels by attaching a quality of service (QoS) ATM weighted-fair queuing (ATMWFQ)
policy to an ATM PVC.
Circuit Configuration
6-3
Overview
An ATMWFQ policy allows you to define either two, four, or eight class of service (CoS) queues of packets
on each ATM PVC. Each PVC then acts as a VC tunnel.
You can specify the queuing algorithm for the policy and for each queue its congestion avoidance
parameters, either weighted random early detection (RED) or early packet discard (EPD). For information
about attaching QoS policies of any type, see the “QoS Circuit Configuration” chapter in the IP Services
and Security Configuration Guide for the SmartEdge OS.
ATM profiles can be either static or nonstatic.
•
A static profile is one that you cannot modify or delete after you have assigned any ATM VP or PVC
to it; to modify or delete a static profile, you must delete every VP and PVC assigned to it or reassign
them to a different profile. However, you can assign an unlimited number of VPs and PVCs to a static
profile.
•
A nonstatic profile is one that you can modify at any time without deleting any VP or PVC assigned to
it, subject to the constraints listed in the “ATM Profiles” section in the “ATM Configuration Guidelines”
section for ATM. You can assign up to 16,000 combined VPs and PVCs to a nonstatic profile.
Note To assign a static or nonstatic profile dynamically to an ATM PVC, either by using
subscriber-specific RADIUS attributes at the time a subscriber session becomes active, or by using
the RADIUS Refresh function, you must have enabled the software license for dynamic services.
For more information about enabling software licenses, see the “Basic System Configuration”
chapter in the Basic System Configuration Guide for the SmartEdge OS.
Every ATM profile has a default traffic class, unspecified bit rate (UBR) without any option, which is
assigned to each shaped ATM VP or PVC that references that profile. Other supported traffic classes
include constant bit rate (CBR), variable bit rate-real time (VBR-rt), VBR nonreal-time (VBR-nrt), and
UBR extended (UBRe).
For ATM VPs and PVCs configured on first-generation ATM OC cards, only one mode of traffic shaping
and scheduling (the default mode) is supported by the segmentation and reassembly (SAR) image.
However, ATM DS-3 and second-generation ATM OC cards support multiple modes. These modes are:
•
ATM priority
This mode supports different ATM profiles with different shaping for VPs and the ATM VCs that you
configure on them. VPs and VCs are shaped using constant bit rate (CBR), variable bit rate-real time
(VBR-rt), VBR nonreal-time (VBR-nrt), or unspecified bit rate (UBR), subject to the restrictions given
in the “Configuring ATM” section in Chapter 6, “Circuit Configuration.”
It uses these traffic classes to perform VP and VC scheduling; VCs can also be scheduled with an
attached QoS ATMWFQ scheduling policy.
PVCs configured on a nonshaped VP are shaped using any traffic class, including UBR extended
(UBRe) and can be scheduled using traffic classes and an attached QoS ATMWFQ scheduling policy.
Note ATM priority mode replaces the hierarchical-shaped virtual circuit (HSVC) SAR image that was
supported in previous releases. ATM DS-3 and second-generation ATM OC cards that were
configured with the hierarchical shaping command (in card configuration mode) are
automatically configured using this command with the atm-priority keyword.
6-4
Ports, Circuits, and Tunnels Configuration Guide
Overview
•
IP priority
This mode supports different profiles with different shaping for VPs and their VCs, but restricts the
shaping for VPs to CBR, UBR with the peak cell rate (PCR) option, VBR-rt, and VBR-nrt; VCs are
restricted to UBR with the PCR option.
It uses the IP priorities specified by an attached QoS ATMWFQ policy to perform VP and VC
scheduling.
PVCs configured on a nonshaped VP are shaped using any traffic class except UBRe and can be
scheduled using traffic classes and an attached QoS ATMWFQ scheduling policy. (Configuring PVCs
in this mode is not recommended.)
Note The ATM priority and IP priority modes reduce the number of PVCs that you can configure on an
ATM DS-3 or second-generation ATM OC card; performance on an ATM DS-3 port might not
reach line rate for certain traffic patterns.
•
VC fairness
This mode supports different profiles with different shaping for shaped VPs and their VCs, but restricts
the shaping for VPs to CBR, UBR with the PCR option, VBR-rt, and VBR-nrt; VCs are restricted to
UBR without the PCR option.
It uses traffic classes to perform VP scheduling; VCs are scheduled using weighted round-robin (WRR)
scheduling. VCs can also be scheduled with an attached QoS ATMWFQ scheduling policy.
PVCs configured on a nonshaped VP are shaped and scheduled using any traffic class.
Two types of ATM PVCs are supported—explicitly configured (static) and on-demand. A static PVC is
created in main memory when it is configured, and is always considered active, even when there is no
traffic on it. An on-demand PVC is also created when it is configured, but it becomes active only when user
traffic is detected on it.
On-demand PVCs have two modes—dormant (or listening) and active. When you configure a single
on-demand PVC or a range of on-demand PVCs, the dormant version of each PVC is created in “listening”
mode; it does not occupy main memory.
When user traffic is detected on a dormant PVC, the PVC is created in active mode in main memory. When
the traffic ceases (there are no subscriber sessions connected on it), the PVC is said to be inactive. After a
configurable time interval, the inactive PVC is deleted from main memory and the dormant version is again
in listening mode. In this way, on-demand PVCs conserve main memory.
You can assign a profile and specify the encapsulation for a range of on-demand PVCs when you configure
them, or you can specify that the AAA and RADIUS functions provide the profile and encapsulation type.
The ATM profile that AAA and RADIUS “dynamically” assign can be either a static or nonstatic profile
that you have created previously. For more information about configuring AAA and RADIUS, see the
“AAA Configuration” and “RADIUS Configuration” chapters in the IP Services and Security
Configuration Guide for the SmartEdge OS.
Circuit Configuration
6-5
Configuration Tasks
Frame Relay Profiles and PVCs
Frame Relay encapsulation is described in RFC 1490, Multiprotocol Interconnect over Frame Relay, and
RFC 2115, Management Information Base for Frame Relay DTEs Using SMIv2. You can create Frame
Relay PVCs on any Packet over SONET/SDH (POS) port, clear-channel DS-3 or E1 channel or port, E3
port, DS-1 channel, or DS-0 channel group.
Configuration Tasks
Note In this section, the command syntax in the task tables displays only the root command; for the
complete command syntax, see the full description for the command in the “Command
Descriptions” section.
The following sections describe 802.1Q PVC, CLIPS, ATM, and Frame Relay configuration tasks:
•
Configuring 802.1Q PVCs
•
Configuring ATM
•
Configuring Frame Relay
Configuring 802.1Q PVCs
This section includes the following topics:
•
Configure an 802.1Q Profile
•
Configure an 802.1Q PVC
•
Configure an 802.1Q Tunnel and the 802.1Q PVCs Within It
Configure an 802.1Q Profile
An 802.1Q profile is required to collect bulk statistics, set the priority bits, or set the rate for any 802.1Q
PVC that uses the profile. To configure a profile for an 802.1Q PVC, perform the tasks described in
Table 6-1.
Table 6-1
Configure an 802.1Q Profile
#
Task
Root Command
Notes
1.
Create an 802.1Q profile, or select an existing
one for modification, and access dot1q profile
configuration mode.
dot1q profile
Enter this command in global configuration
mode.
2.
Specify general attributes for the profile (all attributes are optional):
6-6
Associate a description with the profile.
description
Enter this command in dot1q profile
configuration mode.
Apply an existing bulkstats schema profile to the
profile.
bulkstats schema
For more information about the bulkstats
schema command, see the “Bulkstats
Configuration”” chapter in the Basic System
Configuration Guide for the SmartEdge OS.
Ports, Circuits, and Tunnels Configuration Guide
Configuration Tasks
Configure an 802.1Q PVC
To configure an 802.1Q PVC on any Ethernet port, except the Ethernet management port, perform the tasks
described in Table 6-2. Unless otherwise noted, enter all commands in dot1q PVC configuration mode.
Table 6-2
Configure an 802.1Q PVC
#
Task
Root Command
Notes
1.
Bind the Ethernet port to an existing interface in
an existing context.
bind interface
Enter this command in port configuration mode
to allow untagged traffic on the port.
2.
Specify 802.1Q encapsulation for the Ethernet
port.
encapsulation
Enter this command in port configuration mode.
3.
Create one or more 802.1Q PVCs and access
dot1q PVC configuration mode.
dot1q pvc
Enter this command in port configuration mode.
Use the on-demand keyword to create a range
of 802.1Q PVCs that are made active only
when needed.
4.
Specify general attributes for the 802.1Q PVC
(all attributes are optional):
Associate a description with the PVC.
description
Enable a watchdog timer for 802.1Q PVCs
created on demand.
idle-down
This command applies only to 802.1Q PVCs
created using the on-demand keyword.
Associate the IP address of the remote host on
the circuit.
ip host
Perform this task only for a PVC that you intend
to bind directly to an interface.
You cannot perform this task if you have
created the PVC as part of a range of PVCs.
Assigns a medium access control (MAC)
address for a 802.1Q PVC.
5.
mac-address
This mode is not available when configuring
dot1qQ VLANS in a link group.
If you are not intending to cross-connect the PVC to another circuit or if you have not created child circuits on it, bind the PVC with
one of the following tasks:
For a single PVC with the default (IPoE) or multi encapsulation:
• Create a static binding to an interface.
bind interface
• Create a static binding through a subscriber
record to an interface.
bind subscriber
For a single PVC with PPPoE encapsulation:
• Create an unrestricted dynamic binding.
bind authentication
• Create a restricted dynamic binding.
bind authentication
You must specify the context to create a
restricted dynamic binding.
For a range of PVCs created using the on-demand keyword:
6.
• Create a static binding through subscriber
records to an interface.
bind auto-subscriber
Disable an 802.1Q PVC (stop operations on it)
until you are ready to begin operations on it.
shutdown
Circuit Configuration
By default, all circuits are enabled
(operational).
6-7
Configuration Tasks
Configure an 802.1Q Tunnel and the 802.1Q PVCs Within It
To configure an 802.1Q tunnel and any PVCs within the tunnel on any Ethernet port, except the Ethernet
management port, perform the tasks described in Table 6-3.
Table 6-3
Configure an 802.1Q PVC Tunnel and the 802.1Q PVCs Within It
#
Task
Root Command
Notes
1.
Bind the Ethernet port to an existing interface in
an existing context.
bind interface
Enter this command in port configuration mode
to allow untagged traffic on the port.
2.
Specify 802.1Q encapsulation for the Ethernet
port.
encapsulation
Enter this command in port configuration mode.
3.
Specify the tunnel type for this port.
dot1q tunnel
Enter this command in port configuration mode.
4.
Create a 802.1Q tunnel and access dot1q PVC
configuration mode.
dot1q pvc
Enter this command in port configuration mode.
Specify the encapsulation with the 1qtunnel
keyword.
5.
Associate a description with the tunnel (optional).
description
Enter this command in dot1q PVC configuration
mode.
6.
Bind the 802.1Q PVC tunnel.
bind interface
Enter this command in dot1q PVC configuration
mode.
7.
Create one or more 802.1Q PVCs within the
tunnel and access dot1q PVC configuration
mode.
dot1q pvc
Enter this command in port configuration mode.
Specify the VLAN ID of the tunnel followed by a
colon (:) before specifying the VLAN ID of the
PVC.
8.
Associate a description with the PVC (optional).
description
Enter this command in dot1q PVC configuration
mode.
9.
If you are not intending to cross-connect the PVC within the tunnel to another circuit or if you have not created child circuits on it,
bind the PVC using one of the following tasks:
For a PVC with the default (IPoE) or multi encapsulation:
• Create a static binding to an interface.
bind interface
Enter this command in dot1q PVC configuration
mode.
• Create a static binding through a subscriber
record to an interface.
bind subscriber
Enter this command in dot1q PVC configuration
mode.
• Create an unrestricted dynamic binding.
bind authentication
Enter this command in dot1q PVC configuration
mode.
• Create a restricted dynamic binding.
bind authentication
Enter this command in dot1q PVC configuration
mode. You must specify the context to create a
restricted dynamic binding.
Disable an 802.1Q PVC (stop operations on it)
until you are ready to begin operations on it.
shutdown
Enter this command in dot1q PVC configuration
mode. By default, all circuits are enabled
(operational).
For a PVC with PPPoE encapsulation:
10.
6-8
Ports, Circuits, and Tunnels Configuration Guide
Configuration Tasks
Configuring ATM
This section includes the following topics:
•
ATM Configuration Guidelines
•
Specify the Card Mode for the SAR Image
•
Configure an ATM Profile
•
Configure a Shaped ATM VP
•
Configure an ATM PVC
ATM Configuration Guidelines
This section includes the following configuration guidelines which affect more than one command or a
combination of commands:
•
ATM Profiles
•
ATM and Congestion Avoidance
•
ATM Modes and Traffic Shaping
•
ATM and OAM
•
ATM and QoS
•
Number of ATM VPs and PVCs
ATM Profiles
The following guidelines apply to ATM profiles:
•
The ATM profile must exist before you create the VP or PVC.
•
A nonstatic ATM profile can be referenced by a maximum 16,000 ATM PVCs and VPs; static profiles
can be referenced by an unlimited number of PVCs and VPs.
•
You can create multiple static and nonstatic profiles.
•
To modify a static profile, you must first delete all VPs and PVCs that reference it, or reassign them to
a different profile.
•
You can convert a nonstatic profile to a static one without disrupting traffic on any VPs or PVCs that
reference it, but you cannot convert a static profile to a nonstatic one; you must delete it first.
•
Deleting a profile deletes all VPs and PVCs that reference it.
•
If you assign a profile that includes the UBRe traffic class to a PVC created on a first-generation
ATM OC card, the system displays an error message and does not create the PVC.
Circuit Configuration
6-9
Configuration Tasks
The following guidelines apply to ATM profiles assigned to PVCs:
•
Changing an ATM profile can cause traffic disruption to all PVCs that reference that profile, as
described in the following statements:
Caution Risk of data loss. When you change the congestion algorithm or the traffic class for the profile
(in ATM profile configuration mode), all ATM PVCs that reference the profile are deleted and
recreated automatically by the system and an error message displays by the system. To reduce
the risk when making any change to a profile, determine if the change affects service:
• Create a new ATM profile with the changed configuration parameters.
• Use the atm pvc command (or its atm pvc explicit form) (in ATM OC or ATM DS-3
configuration mode) to assign the new profile to the ATM PVC.
If the change affects service, a warning message displays when you enter the command, and you
can cancel or commit the change, using the abort or commit command, respectively (in ATM
OC or ATM DS-3 configuration mode).
Changes to traffic class parameters, such as a rate change, the cell loss priority (CLP) bit, operations,
administration, and maintenance (OAM) mechanism and parameters, PVC statistics, congestion
avoidance parameters, or bulkstats functions do not affect traffic, and therefore, do not cause the error
message to be displayed.
•
To assign a different profile to an existing PVC, enter either form of the atm pvc command with the
new profile name and the encapsulation.
Caution Risk of data loss. The assignment of the new profile can cause traffic to be interrupted on the
affected PVC if the new profile changes the congestion algorithm or the traffic class. To reduce
the risk, if the system displays an error message, you can cancel or commit the change, using
the abort or commit command, respectively (in ATM OC or ATM DS-3 configuration mode).
The following guidelines apply to ATM profiles assigned to shaped VPs:
•
If you specify different ATM profiles when configuring shaped VPs and their VCs on a first-generation
ATM card, you must adhere to the following guidelines:
— If a shaped VP references an ATM profile with a different traffic class, all VCs created on the VP
must reference a profile configured with the UBR traffic class.
— If a PVC references an ATM profile with a different traffic class, then the VP on which it is created
must be unshaped. (The VP is created implicitly by the system when its VPI is specified in the
atm pvc command in ATM OC or ATM DS-3 configuration mode.)
6-10
•
You cannot create a shaped VP with a profile that specifies the UBRe traffic class, and you cannot
change the shaping of a profile to UBRe if that profile has been referenced by a shaped VP.
•
If you attempt to change the traffic class for an ATM profile that is assigned to a shaped VP that has
VCs configured on it, the system displays an error message and the command fails. You must delete all
VCs that are configured on the shaped VP before you change the profile, and then recreate them.
•
If you attempt to modify an existing shaped VP by assigning a different profile to it and that profile
changes the traffic class, the system displays an error message and the command fails. You must delete
all VCs configured on the shaped VP before you assign the new profile, and then recreate them.
•
If you reference an ATM profile that enables the OAM options with the oam fault-monitor, oam
manage, or oam xc commands (in ATM profile configuration mode), the OAM options are ignored.
Ports, Circuits, and Tunnels Configuration Guide
Configuration Tasks
ATM and Congestion Avoidance
The following guidelines apply to the congestion avoidance algorithm that you specify for an ATM profile:
•
The default congestion avoidance algorithm for an ATM profile (without the congestion command
entered in ATM profile configuration mode) is weighted RED with its default parameters. Therefore,
because the weighted RED algorithm is not supported for first-generation ATM OC cards, assigning an
ATM profile with the default congestion algorithm to either of those cards has the same affect as
assigning one that specifies the EPD algorithm with default parameters.
•
You cannot specify more than one congestion algorithm, either weighted RED or EPD, for an ATM
profile; if you specify a second algorithm, the first algorithm is silently replaced.
•
You cannot change the congestion algorithm or the parameters for a congestion algorithm for an ATM
static profile unless it is not assigned to any ATM VP or PVC.
•
The EPD algorithm used for PVCs on the first-generation ATM OC cards is slightly different from that
used for the ATM DS-3 and second-generation ATM OC cards; see the description of the congestion
command for details.
•
The default values for the EPD parameters are not the same as those applied to an ATM profile in
previous releases.
•
Changing the EPD parameters for an ATM profile that is already assigned to an ATM VP or PVC is not
service affecting (traffic is not disrupted) for any ATM card.
•
Changing the weighted RED parameters for an ATM profile that is already assigned to an ATM VP or
PVC is not service affecting (traffic is not disrupted) for the second-generation ATM OC and
ATM DS-3 cards.
•
Changing the congestion avoidance algorithm from weighted RED to EPD for a profile assigned to an
ATM VP or PVC on any ATM card can be service affecting:
— For second-generation ATM OC and ATM DS-3 cards, changing the algorithm is service affecting,
but the counters are preserved.
— For first-generation ATM OC cards, changing the algorithm effectively changes the EPD parameters
from the default values to the values of the parameters specified by the command; therefore, the
change is not service affecting.
•
Changing the congestion avoidance algorithm from EPD to weighted RED for a profile assigned to an
ATM VP or PVC on any ATM card can be service affecting:
— For ATM DS-3 and second-generation ATM OC cards, changing the algorithm is service affecting.
— For first-generation ATM OC cards, changing the algorithm effectively changes the EPD parameters
to their defaults, because weighted RED is not supported for these cards; therefore, the change is
not service affecting.
ATM Modes and Traffic Shaping
Traffic shaping restrictions for first-generation ATM OC cards include:
•
If you configure a VC on a shaped VP, the ATM profile that you specify for the VC must be configured
for the UBR traffic class without the PCR option.
Circuit Configuration
6-11
Configuration Tasks
•
If you configure a shaped VP, the traffic class for the profile that you reference can be any class, except
UBRe; however, any ATM VC configured on that shaped VP must reference a profile with the UBR
traffic class without PCR.
Traffic shaping restrictions for ATM DS-3 and second-generation ATM OC cards include:
•
For any mode, except VC fairness, the traffic class specified in an ATM profile can restrict the number
of ATM PVCs that you can configure on a port; see the “Number of ATM VPs and PVCs” section for
details.
•
If you configure a PVC and reference a profile that includes UBRe shaping, you cannot attach an
ATMWFQ QoS policy to that PVC.
•
For the ATM priority mode, the traffic class for a profile that you reference for the shaped VP can be
any class, except UBRe; however, any VC configured on that VP must reference a profile with a traffic
class that is equal to or less restrictive than that for the VP. Table 6-4 lists the traffic class combinations
for VPs and VCs.
Table 6-4
Traffic Class Combinations for ATM Priority Mode
VP Traffic Class
Valid VC Traffic Classes
CBR
CBR, VBR-rt, VBR-nrt, UBR with PCR option, UBR
VBR-rt
VBR-rt, VBR-nrt, UBR with PCR option, UBR
VBR-nrt
VBR-nrt, UBR with PCR option, UBR
UBR with PCR option
UBR with PCR option, UBR
UBR
UBR
ATM and OAM
The following OAM guidelines apply:
•
To enable end-to-end path-level (F4) fault monitoring or OAM management for a shaped VP, you must
create an ATM VC with VCI 4 on the VP that you intend to monitor; this VC must reference an ATM
profile that includes the oam fault-monitor, oam manage, or oam xc command (in ATM profile
configuration mode).
•
If you specify the oam fault-monitor or oam manage command for an ATM profile that is referenced
when creating a shaped VP, the OAM fault monitoring option is ignored.
•
The oam fault-monitor command and the oam manage command (in ATM profile configuration
mode) are mutually exclusive; you cannot specify fault monitoring and enable OAM management on
the same ATM profile. However, you can include both the oam fault-monitor and oam xc or the oam
manage and the oam xc commands (in ATM profile configuration mode) in the same profile.
•
The oam fault-monitor and oam manage commands are operational only for ATM PVCs that are not
cross-connected. If you also include an oam xc command (in ATM profile configuration mode) for this
profile, and an ATM PVC that references this profile is cross-connected at a later time, the oam
fault-monitor or oam manage command in the profile is disabled (ignored), and the oam xc command
is made operational instead.
ATM and QoS
The following guidelines apply:
6-12
Ports, Circuits, and Tunnels Configuration Guide
Configuration Tasks
•
QoS ATMWFQ policies can be attached to ATM PVCs on second-generation ATM OC and ATM DS-3
cards only.
•
QoS priority queuing (PQ) and enhanced deficit round-robin (EDRR) policies can be attached to ATM
PVCs on first-generation ATM OC cards only.
•
If you attach an ATMWFQ QoS policy to the outbound traffic on an ATM PVC on an ATM DS-3 or
second-generation ATM OCcard and that PVC references a profile with congestion parameters, the
policy overrides the weighted RED or EPD parameters specified by the profile.
•
If you attach a QoS policy, either PQ or EDRR, to the outbound traffic on an ATM PVC on a
first-generation ATM OC card, both the policy and the EPD parameters are enforced.
•
Using ATM on-demand PVCs, QoS policies cannot be configured directly on the circuit, but must be
configured and applied using the subscriber record referenced in the bind auto-subscriber command.
For information about creating QoS policies CoS queues, see the “QoS Scheduling Configuration” chapter
in the IP Services and Security Configuration Guide for the SmartEdge OS.
Number of ATM VPs and PVCs
The combined number of ATM PVCs and VPs that you can create for each ATM port depends on the type
of ATM card, the total number of circuits configured on that card, type and number of traffic classes, the
SAR image (mode) that is loaded, the type of QoS policy, the number of CoS queues, and the number of
dormant on-demand PVCs that are configured. It is also affected by your assignment of VPI and VCI values
and, for an ATM DS-3 card, the number of ports that you have specified as software configurable.
Note The tables in this section list these limits with no on-demand PVCs configured. For limits on the
number of PVCs for configurations with on-demand PVCs configured, consult your local technical
representative or the Redback Technical Assistance Center (TAC).
The following guidelines apply to the number of shaped VPs and PVCs that you can create on a card:
•
On any ATM card, each shaped VP is counted as a PVC.
•
The number of PVCs also includes all circuits configured on each port; for example, an ATM port with
multi encapsulation can have multiple IP over Ethernet (IPoE) and PPPoE circuits.
•
The number of PVCs that you can configure for a traffic class depends on the type of card and its mode.
Table 6-5 lists the PVC limits for each traffic class for each port on each type of card.
•
The number of PVCs that you can configure for a traffic class depends on the type of card and its mode.
Table 6-6 lists the PVC limits for each traffic class on first-generation ATM OC cards.
Table 6-5
PVC Limits on First-Generation ATM OC Ports
PVC Limits for each Traffic Class on each Port
Card
Default Mode
Notes
2-port ATM OC-3c/STM-1c
8,000
Only the default mode is supported.
1-port ATM OC-12c/STM-4c
8,000
Only the default mode is supported.
Table 6-6 lists the PVC limits for each traffic class on ATM DS-3 and second-generation ATM OC
cards.
Circuit Configuration
6-13
Configuration Tasks
Table 6-6
PVC Limits on ATM DS-3 and Second-Generation ATM OC Ports
PVC Limits for each Traffic Class on each Port
Card
ATM Priority Mode
IP Priority Mode
VC Fairness Mode
Notes
12-port ATM DS-3
1,000
1,000
2,000
All ports are software
configurable.
4-port ATM OC-3c/STM-1c
(including low-density version)
8,000
8,000
16,000
Enhanced ATM OC-12c/STM-4c
16,000
16,000
16,000
•
The maximum number of of PVCs on an ATM DS-3 card does not change if the number of software
configurable ports is limited. However, the maximum number of PVCs for each traffic class for each
port is increased.
Table 6-7 lists the number of PVCs for each ATM DS-3 port for each traffic class if the number of
software configurable ports has been limited using the maximum ports command (in card
configuration mode).
Table 6-7
PVC Limits for ATM DS-3 Cards with Limited Configurable Ports
PVC Limit for Each Traffic Class for Each Port
•
Number of Configurable
ATM DS-3 Ports
ATM and IP Priority Modes
VC Fairness Mode
4
4,000
8,000
8
2,000
4,000
12
1,000
2,000
If an ATM PVC references a profile with UBRe shaping, that PVC must be counted twice—once as a
PVC with UBR shaping and once as a PVC with VBR-nrt shaping. Therefore, the maximum number
of PVCs with UBR or VBR-nrt shaping and the number of PVCs with UBRe shaping cannot be be
greater than the maximum number of PVCs for each traffic class and ATM mode.
For example, for a port on an ATM DS-3 card (in VC fairness mode) and all ports software
configurable:
— If you create 2,000 ATM PVCs referencing a profile with UBRe shaping, you cannot create any
more PVCs with either UBR or VBR-nrt shaping. You can create 2,000 PVCs with CBR and 2,000
with VBR-rt shaping, for a total of 6,000 PVCs.
— If you do not create any ATM PVCs referencing a profile with UBRe shaping, you can create the
maximum of 8,000 ATM PVCs: 2,000 for each traffic class.
With the ATM DS-3 card in ATM or IP priority mode and all ports software configurable:
— If you create 1,000 ATM PVCs referencing a profile with UBRe shaping, you cannot create any
more ATM PVCs with UBR or VBR-nrt shaping. In this case, you can create 1,000 ATM PVCs with
CBR and 1,000 PVCs with VBR-rt shaping for a total of 3,000 PVCs.
— If you do not create any ATM PVCs referencing a profile with UBRe shaping, you can create the
maximum of 4,000 ATM PVCs: 1,000 for each traffic class.
6-14
Ports, Circuits, and Tunnels Configuration Guide
Configuration Tasks
•
If you are creating a range of on-demand PVCs on an ATM DS-3 or second-generation ATM OC port
and you have configured the port in listening mode using the ccod-mode port-listen command (in
ATMDS-3 or ATM OC configuration mode), you can specify the range of the listening PVCs with the
VPI spanning from 0 to 255, and the VCI spanning from 1 to 65,535. Otherwise, the range that you
specify must be within the limits for active PVCs; these limits depend upon the type of port, the SAR
image for the card, and the traffic class specified by the profile. An error message displays if the range
that you specify is not supported; see the tables (Table 6-5, Table 6-7, Table 6-9) that specify PVC
limits.
•
Regardless of the number of listening PVCs that you create, the number of active PVCs cannot be
greater than those specified for each traffic class and SAR image on the type of port on which they are
created; see the tables (Table 6-5, Table 6-7, Table 6-9) that specify PVC limits.
•
The number of PVCs on ports that are configured with an ATMWFQ QoS policy is dependent on the
number of CoS queues. You can create two, four, or eight CoS queues; see Table 6-11 for PVC limits.
For information about creating QoS policies and CoS queues, see the “QoS Scheduling Configuration”
chapter in the IP Services and Security Configuration Guide for the SmartEdge OS.
•
If you leave large gaps between VCI values, then the number of PVCs that you can create is reduced.
Whenever possible, to minimize the affect on the number of PVCs:
— Assign consecutive values for VCIs in groups of 64 PVCs.
— Limit the number of PVCs defined for each VPI to a multiple of 64.
You can create a maximum of 256 shaped and unshaped VPs on any ATM port (VPIs 0 to 255); Table 6-8
lists the limits for shaped VPs on each type of ATM card.
Table 6-8
Shaped VP Limits for ATM Cards
Card
Shaped VP Limits
12-port ATM DS-3
Determined by many factors, including the number of PVCs and number of CoS
queues created, up to a maximum of 256 shaped VPs on each port.
4-port ATM OC-3c/STM-1c
(including low-density version)
Determined by many factors, including the number of PVCs and number of CoS
queues created, up to a maximum of 256 shaped VPs on each port.
Enhanced ATM OC-12c/STM-4c
Determined by many factors, including the number of PVCs and number of CoS
queues created, up to a maximum of 256 shaped VPs on each port.
2-port ATM OC-3c/STM-1c
64 for each card; 32 for each port.
1-port ATM OC-12c/STM-4c
64 for each card.
Table 6-9 list the PVC limits on shaped VPs for each type of card.
Table 6-9
PVC Limits on Shaped VPs for ATM Cards
Card
VC Limits for Shaped VPs
12-port ATM DS-3
8,000 for each shaped VP; 8,000 for each card with all ports software
configurable.
4-port ATM OC-3c/STM-1c
(including low-density version)
16,000 for each shaped VP; 16,000 for each card.
Enhanced ATM OC-12c/STM-4c
16,000 for each shaped VP; 16,000 for each card.
2-port ATM OC-3c/STM-1c
256 for each shaped VP; 5,175 for each card.
Circuit Configuration
6-15
Configuration Tasks
Table 6-9
6-16
PVC Limits on Shaped VPs for ATM Cards (continued)
Card
VC Limits for Shaped VPs
1-port ATM OC-12c/STM-4c
256 for each shaped VP; 5,175 for each card.
Ports, Circuits, and Tunnels Configuration Guide
Configuration Tasks
Table 6-10 lists the circuit and PVC limits when no ATMWFQ policy is attached.
Table 6-10 PVC Limits for ATM Cards Without ATMWFQ Policy
Card
Mode
Circuit and PVC Limits
12-port ATM DS-3
VC fairness
8,000 for each port, 8,000 for each card with all ports
software configurable.
12-port ATM DS-3
ATM or IP priority
4,000 for each port, 8,000 for each card with all ports
software configurable.
4-port ATM OC-3c/STM-1c
(including low-density version)
VC fairness
16,000 for each port, 16,000 for each card.
4-port ATM OC-3c/STM-1c
(including low-density version)
ATM or IP priority
16,000 for each port, 16,000 for each card.
Enhanced ATM OC-12c/STM-4c
VC fairness
16,000 for each port, 16,000 for each card.
Enhanced ATM OC-12c/STM-4c
ATM or IP priority
16,000 for each port, 16,000 for each card.
2-port ATM OC-3c/STM-1c
Default
8,000 for each port, 8,000 for each card.
1-port ATM OC-12c/STM-4c
Default
8,000 for each port, 8,000 for each card.
Table 6-11 lists the circuit and PVC limits for ATM cards with ATMWFQ CoS Queues.
Table 6-11
PVC Limits for ATM Cards with ATMWFQ CoS Queues
Card
Mode
Circuit and PVC Limits
12-port ATM DS-3
VC fairness
• 0 or 2 CoS queues: 8,000 for each port, 8,000 total for
each card.
• 4 CoS queues: 8,000 for each port, 8,000 for each card.
• 8 CoS queues: 6,000 for each port, 6,000 for each card.
12-port ATM DS-3
ATM or IP priority
• 0 or 2 CoS queues: 4,000 for each port, 8,000 total for
each card.
• 4 CoS queues: 4,000 for each port, 8,000 for each card.
• 8 CoS queues: 4,000 for each port, 6,000 for each card.
4-port ATM OC-3c/STM-1c
(including low-density version)
VC fairness
• 0 or 2 CoS queues: 16,000 for each port, 16,000 total for
each card.
• 4 CoS queues: 10,000 for each port, 16,000 for each
card.
• 8 CoS queues: 6,000 for each port, 12,000 for each
card.
4-port ATM OC-3c/STM-1c
(including low-density version)
ATM or IP priority
• 0 or 2 CoS queues: 16,000 for each port, 16,000 total for
each card.
• 4 CoS queues: 10,000 for each port, 16,000 for each
card.
• 8 CoS queues: 6,000 for each port, 12,000 for each
card.
Circuit Configuration
6-17
Configuration Tasks
Table 6-11
PVC Limits for ATM Cards with ATMWFQ CoS Queues (continued)
Card
Mode
Circuit and PVC Limits
Enhanced ATM OC-12c/STM-4c
VC fairness
• 0 or 2 CoS queues: 16,000 for each port, 16,000 total for
each card.
• 4 CoS queues: 12,800 for each port, 12,800 for each
card.
• 8 CoS queues: 7,100 for each port, 7,100 for each card.
Enhanced ATM OC-12c/STM-4c
ATM or IP priority
• 0 or 2 CoS queues: 16,000 for each port, 16,000 total for
each card.
• 4 CoS queues: 12,800 for each port, 12,800 for each
card.
• 8 CoS queues: 7,100 for each port, 7,100 for each card.
Specify the Card Mode for the SAR Image
You must explicitly specify the card mode for the SAR image of a second-generation ATM OC or ATM
DS-3 card on which you want to use ATM priority or IP priority traffic scheduling. To specify the card
mode for the SAR image, perform the task described in Table 6-12; enter the command in card
configuration mode.
Table 6-12 Specify the Card Mode for the SAR Image
Task
Root Command
Notes
Specify the card mode.
atm mode
This command is available only for ATM DS-3 and second-generation ATM OC cards.
Configure an ATM Profile
An ATM profile is required to create ATM PVCs or shaped VPs for ATM PVCs. An ATM profile contains
common configuration information that is used by all shaped VPs and ATM PVCs that reference the profile.
Typically, you configure at least one ATM profile for each traffic class that you intend to support on a
SmartEdge router. You might also require additional ATM profiles for PVCs with other special
requirements, such as counters, or PVCs created on demand.
6-18
Ports, Circuits, and Tunnels Configuration Guide
Configuration Tasks
To configure an ATM profile, perform the tasks described in Table 6-13.
Table 6-13 Configure an ATM Profile
#
Task
Root Command
Notes
1.
Create a new ATM profile, or to select an existing ATM profile
for modification, and access ATM profile configuration mode.
atm profile
Enter this command global configuration
mode.
2.
Specify general attributes for the profile (all attributes are optional):
3.
4.
Associate a description with an ATM profile.
description
Enter this command in ATM profile
configuration mode.
Report the receive and transmit speeds of the ATM PVC to
which this profile is assigned.
report
Enter this command in ATM profile
configuration mode.
Set the CLP bit in all cells transmitted over PVCs referencing
this ATM profile.
clpbit
Enter this command in ATM profile
configuration mode.
Specify the traffic class for this ATM profile.
shaping
Enter this command in ATM profile
configuration mode. The default value is
UBR without the PCR option.
Enable statistics collection for all PVCs referencing this ATM
profile.
counters
Enter this command in ATM profile
configuration mode.
Specify the weighted RED or EPD parameters for congestion
avoidance.
congestion
Enter this command in ATM profile
configuration mode.
Apply an existing bulkstats schema profile to the profile.
bulkstats schema
For more information about the bulkstats
schema command, see the “Bulkstats
Configuration” chapter in the Basic
System Configuration Guide for the
SmartEdge OS.
For non-cross-connected ATM PVCs, enable OAM with one of the following tasks (optional):
• Enable alarm indication signal (AIS) and remote defect
indication (RDI) fault monitoring for any ATM PVC that
references this profile and is not cross-connected.
oam fault-monitor
Enter this command in ATM profile
configuration mode. The default value is
disabled.
• Enable the operational state of any ATM PVC that is not
cross-connected and that references this profile to be
reflected by its AIS and RDI (RDI/AIS) state at the F5 level.
oam manage
Enter this command in ATM profile
configuration mode. The default value is
disabled.
For cross-connected ATM PVCs, enable the OAM cells
received on one of the ATM PVCs to be forwarded to and
transmitted on the other ATM PVC.
oam xc
Enter this command in ATM profile
configuration mode. The default value is
disabled.
Configure a Shaped ATM VP
When you create an ATM PVC, you must specify a VP for it, using a VPI. An ATM VP can be shaped or
nonshaped:
•
A shaped VP is created explicitly.
You create it using the atm vp command (in ATM OC or ATM DS-3 configuration mode) and
specifying its VPI and an existing ATM profile.
•
A nonshaped VP is created implicitly.
SmartEdge OS creates it when you configure an ATM PVC and specify a VPI that has not be used to
create a shaped VP.
To configure a shaped ATM VP, perform the task described in Table 6-14; enter this command in ATM OC
or ATM DS-3 configuration mode.
Circuit Configuration
6-19
Configuration Tasks
Table 6-14 Configure a Shaped ATM VP
Task
Root Command
Notes
Create or modify a shaped ATM VP.
atm vp
Enter this command in ATM OC or ATM DS-3 configuration mode.
Configure an ATM PVC
To configure an ATM PVC, perform the tasks described in Table 6-15.
Table 6-15 Configure an ATM PVC
#
Task
1.
Create or modify one or more ATM PVCs, and access ATM PVC configuration mode with one of the following tasks:
• Create or modify one or more ATM PVCs.
Root Command
atm pvc
Notes
Enter this command in ATM OC or ATM DS-3
configuration mode.
Use the explicit keyword to create a range of
static PVCs.
Use the on-demand keyword to configure a
range of PVCs that are created only when
needed.
• Assign a different profile to an existing ATM PVC.
2.
atm pvc
You must specify the encapsulation in addition
to the new profile name.
Specify general attributes for the PVC (all attributes are optional):
Associate a description with an ATM PVC.
description
Enter this command in ATM PVC configuration
mode.
Enable a watchdog timer for PVCs created on
demand.
idle-down
Enter this command in ATM PVC configuration
mode. This command applies only to ATM
PVCs created using the on-demand keyword
without multi encapsulation.
Associate the IP address and MAC address of the
remote host on the circuit with the ATM PVC.
ip host
Enter this command in ATM PVC configuration
mode. Perform this task only for an ATM PVC
that you intend to bind directly to an interface.
You cannot perform this task if you have
created the PVC as part of a range of PVCs.
6-20
Ports, Circuits, and Tunnels Configuration Guide
Configuration Tasks
Table 6-15 Configure an ATM PVC (continued)
#
Task
Root Command
Notes
3.
If you do not intend to cross-connect the ATM PVC to another circuit, bind the ATM PVC with one of the following tasks:
For an ATM PVC with bridge1483, multi, or route1483 encapsulation:
• Create a static binding to an interface.
bind interface
Enter this command in ATM PVC configuration
mode. This option is not supported for
on-demand ATM PVCs.
• Create a static binding for a single PVC through a
subscriber record to an interface.
bind subscriber
Enter this command in ATM PVC configuration
mode. This option is supported for a single
ATM PVC; an on-demand ATM PVC must be
configured with the aaa keyword.
• Create static bindings for multiple PVCs through
subscriber records.
bind auto-subscriber
Enter this command in ATM PVC configuration
mode. Perform this option only if you are
binding a range of PVCs.
• Create an unrestricted dynamic binding.
bind authentication
Enter this command in ATM PVC configuration
mode.
• Create a restricted dynamic binding.
bind authentication
Enter this command in ATM PVC configuration
mode. You must specify the context to create a
restricted dynamic binding.
• Create a static binding for a single PVC through a
subscriber record to an interface.
bind subscriber
Enter this command in ATM PVC configuration
mode. This option is supported for a single
ATM PVC; an on-demand ATM PVC must be
configured with the aaa keyword.
• Create static bindings for multiple PVCs through
subscriber records.
bind auto-subscriber
Perform this option only if you are binding a
range of PVCs.
• Create an unrestricted dynamic binding.
bind authentication
Enter this command in ATM PVC configuration
mode.
• Create a restricted dynamic binding.
bind authentication
Enter this command in ATM PVC configuration
mode. You must specify the context to create a
restricted dynamic binding.
Disable an ATM PVC (stop operations on it) until
you are ready to begin operations on it.
shutdown
Enter this command in ATM PVC configuration
mode. By default, all circuits are enabled
(operational).
For an ATM PVC with ppp encapsulation:
For an ATM PVC with pppoe encapsulation:
4.
Configuring Frame Relay
This section includes the following topics:
•
Configure a Frame Relay Profile
•
Configure the Interface Type and LMI Parameters
•
Configure a Frame Relay PVC
Note You must enter the encapsulation command in DS-0, DS-1, DS-3, E1, E3, or port configuration
mode with the frame-relay keyword before you can enter Frame Relay commands in DS-0, DS-1,
DS-3, E1, E3, or port configuration mode.
Circuit Configuration
6-21
Configuration Tasks
Configure a Frame Relay Profile
To configure a Frame Relay profile, perform the tasks described in Table 6-16.
Table 6-16 Configure a Frame Relay Profile
#
Task
Root Command
Notes
1.
Create a new Frame Relay profile, or to select an existing
Frame Relay profile for modification, and access Frame Relay
profile configuration mode.
frame-relay profile
Enter this command in global
configuration mode.
2.
Apply an existing bulkstats schema profile to a Frame Relay
profile.
bulkstats schema
For more information about the
bulkstats schema command, see the
“Bulkstats Configuration” chapter in the
Basic System Configuration Guide for
the SmartEdge OS.
Configure the Interface Type and LMI Parameters
For Frame Relay to operate, you must configure the interface type and the Frame Relay LMI for the port
or channel with Frame Relay encapsulation. To configure the interface type and the LMI, perform the tasks
described in Table 6-17. Enter all commands in DS-0, DS-1, DS-3, E1, E3, or port configuration mode.
Table 6-17 Configure the Interface Type and LMI Parameters
#
Task
Root Command
Notes
1.
Specify the interface type.
frame-relay intf-type
Enter this command in port configuration
mode.
2.
Specify the interval for the polling verification timer
for a DCE interface type.
frame-relay lmi-t392dce
3.
Specify the Frame Relay LMI type.
frame-relay lmi-type
4.
Enable the automatic detection of the LMI type.
frame-relay auto-detect
This is the default; use the no form to
disable automatic detection.
5.
Enable the keepalive function and specify the
interval value for a Frame Relay DTE interface.
frame-relay keepalive
The keepalive function is enabled by
default with a 10-second interval.
6.
Specify the number of keepalive messages sent
before the status message request is sent for a
Frame Relay DTE interface.
frame-relay lmi-n391dte
7.
Specify the error threshold before LMI is considered to have failed:
8.
6-22
• For a Frame Relay DCE interface.
frame-relay lmi-n392dce
• For a Frame Relay DTE interface.
frame-relay lmi-n392dte
Specify the monitored event count:
• For a Frame Relay DCE interface.
frame-relay lmi-n393dce
• For a Frame Relay DTE interface.
frame-relay lmi-n393dte
Ports, Circuits, and Tunnels Configuration Guide
Configuration Examples
Configure a Frame Relay PVC
You can configure a Frame Relay PVC on a DS-0 channel group, DS-1 channel, a clear-channel DS-3
channel or port, an E3 port, an E1 channel or port, or a Packet over SONET/SDH (POS) port that is
configured with the encapsulation frame-relay command (in DS-0, DS-1, DS-3, E1, E3, or port
configuration mode). To configure a Frame Relay PVC, perform the tasks described in Table 6-18.
Table 6-18 Configure a Frame Relay PVC
#
Task
Root Command
Notes
1.
Create or select a Frame Relay PVC and access Frame
Relay PVC configuration mode.
frame-relay pvc
Enter this command in DS-0, DS-1, DS-3, E1,
E3, or port configuration mode. You must
have previously specified Frame Relay
encapsulation for this command to be
available.
2.
Associate the IP address of the remote host on the circuit.
ip host
Enter this command in Frame Relay PVC
configuration mode.
3.
Bind the Frame Relay PVC to an existing interface in an
existing context.
bind interface
Enter this command in Frame Relay PVC
configuration mode.
4.
Disable a Frame Relay PVC (stop operations on it) until
you are ready to begin operations on it.
shutdown
By default, all circuits are enabled
(operational).
Configuration Examples
This section includes the following examples:
•
802.1Q PVC Examples
•
ATM Examples
•
Frame Relay Examples
802.1Q PVC Examples
This section provides example configurations for:
•
802.1Q PVCs
•
802.1Q PVC Tunnel
802.1Q PVCs
The following example binds untagged traffic to an interface, untagged, creates two 802.1Q PVCs on an
Ethernet port, and binds them to the interfaces, vlan100 and vlan200:
1. First, the interfaces are created in the local context:
[local]Redback(config)#context local
[local]Redback(config-ctx)#interface untagged
[local]Redback(config-ctx)#ip address 15.1.0.1/24
[local]Redback(config-ctx)#interface vlan100
[local]Redback(config-ctx)#ip address 15.1.1.1/24
Circuit Configuration
6-23
Configuration Examples
[local]Redback(config-ctx)#interface vlan200
[local]Redback(config-ctx)#ip address 15.1.2.1/24
[local]Redback(config-ctx)#exit
2. Next, the Ethernet port is configured:
[local]Redback(config)#port ethernet 5/1
[local]Redback(config-port)#no shutdown
[local]Redback(config-port)#bind interface untagged local
[local]Redback(config-port)#encapsulation dot1q
3. Finally, the 802.1Q PVCs with VLAN tag values 100 and 200 are configured:
[local]Redback(config-port)#dot1q pvc 100
[local]Redback(config-dot1q-pvc)#description local vlan
[local]Redback(config-dot1q-pvc)#bind interface vlan100 local
[local]Redback(config-dot1q-pvc)#exit
[local]Redback(config-port)#dot1q pvc 200
[local]Redback(config-dot1q-pvc)#bind interface vlan200 local
[local]Redback(config-dot1q-pvc)#exit
802.1Q PVC Tunnel
The following example is identical to the previous example, but creates the 802.1Q PVCs in an 802.1Q
tunnel:
1. Create the interfaces in the local context:
[local]Redback(config)#context local
[local]Redback(config-ctx)#interface untagged
[local]Redback(config-ctx)#ip address 15.1.0.1/24
[local]Redback(config-ctx)#interface vlan-tunnel
[local]Redback(config-ctx)#ip address 15.1.4.1/24
[local]Redback(config-ctx)#interface vlan100
[local]Redback(config-ctx)#ip address 15.1.1.1/24
[local]Redback(config-ctx)#interface vlan200
[local]Redback(config-ctx)#ip address 15.1.2.1/24
[local]Redback(config-ctx)#exit
2. Confiugre the Ethernet port:
[local]Redback(config)#port ethernet 5/1
[local]Redback(config-port)#no shutdown
[local]Redback(config-port)#bind interface untagged local
[local]Redback(config-port)#encapsulation dot1q
3. Create the 802.1Q PVC tunnel:
[local]Redback(config-port)#dot1q tunnel 9100
[local]Redback(config-port)#dot1q pvc 50 encapsulation 1qtunnel
[local]Redback(config-dot1q-pvc)#description 802.1Q tunnel
[local]Redback(config-dot1q-pvc)#bind interface vlan-tunnel local
6-24
Ports, Circuits, and Tunnels Configuration Guide
Configuration Examples
4. Create the 802.1Q PVCs within the tunnel with VLAN tag values 100 and 200:
[local]Redback(config-port)#dot1q pvc
[local]Redback(config-dot1q-pvc)#bind
[local]Redback(config-dot1q-pvc)#exit
[local]Redback(config-port)#dot1q pvc
[local]Redback(config-dot1q-pvc)#bind
[local]Redback(config-dot1q-pvc)#exit
50:100
interface vlan100 local
50:200
interface vlan200 local
ATM Examples
This section provides several example configurations for the various ATM software features:
•
ATM Profiles
•
ATM VPs
•
ATM PVCs
•
ATM HSVCs
ATM Profiles
The following example shows the configuration of the following ATM profiles:
•
vbrnrt-basic provides a profile for ATM PVCs that support VBR-nrt traffic.
•
oam provides a profile for OAM-managed ATM PVCs.
•
monitor provides a profile for OAM monitoring of ATM PVCs.
•
cbr1 provides a profile for ATM PVCs and VPs that includes fault and continuity monitoring.
•
ubr1 provides a profile for ATM PVCs that will be configured on a shaped VP.
[local]Redback(config)#atm profile vbrnrt-basic
[local]Redback(config-atm-profile)#shaping vbr-nrt pcr 100000 cdvt 5000 scr 80000
bt 8000
[local]Redback(config-atm-profile)#exit
[local]Redback(config)#atm profile oam
[local]Redback(config-atm-profile)#shaping ubr
[local]Redback(config-atm-profile)#oam manage end-to-end auto-loopback
regular-timeout 45 retry-timeout 4
[local]Redback(config-atm-profile)#counters l2
[local]Redback(config-atm-profile)#exit
[local]Redback(config)#atm profile monitor
[local]Redback(config-atm-profile)#shaping ubr
[local]Redback(config-atm-profile)#oam fault-monitor end-to-end
[local]Redback(config-atm-profile)#counters l2
[local]Redback(config-atm-profile)#exit
Circuit Configuration
6-25
Configuration Examples
[local]Redback(config)#atm profile cbr1
[local]Redback(config-atm-profile)#shaping cbr rate 100000 cdvt 10
[local]Redback(config-atm-profile)#oam fault-monitor end-to-end
[local]Redback(config-atm-profile)#counters l2
[local]Redback(config-atm-profile)#exit
[local]Redback(config)#atm profile ubr1
[local]Redback(config-atm-profile)#shaping ubr
[local]Redback(config-atm-profile)#counters l2
[local]Redback(config-atm-profile)#exit
ATM VPs
The following example creates a shaped ATM VP on an ATM OC port:
[local]Redback(config)#port atm 4/1
[local]Redback(config-atm-oc)#atm vp 100 profile cbr1
ATM PVCs
The following example creates two ATM PVCs, 4 and 110, on an ATM OC port, using the oam and ubr1
profiles on shaped VP 100, and binds them to an existing interface atmpvc in the local context:
!Create VCI 4 on VP 100 for OAM cells
[local]Redback(config)#port atm 3/1
[local]Redback(config-atm-oc)#atm pvc 100 4 profile oam encapsulation bridge1483
!Create the PVC that will be managed with OAM
[local]Redback(config-atm-oc)#atm pvc 100 110 profile monitor encapsulation bridge1483
[local]Redback(config-atm-pvc)#description bridged 1483 PVC
[local]Redback(config-atm-pvc)#bind interface atmpvc local
[local]Redback(config-atm-pvc)#exit
ATM HSVCs
The following example loads the ATM priority SAR image for a 4-port ATM OC-3c/STM-1c card in slot 5,
creates a shaped VP using the cbr1 profile, creates an ATM HSVC using the vbrnrt-basic profile, and
then binds the HSVC to an existing atmpvc interface in the local context:
!Load the ATM priority SAR image
[local]Redback(config)#card atm-oc3-4-port 5
[local]Redback(config-card)#atm mode atm-priority
Note: enable atm-priority SAR image will cause card reload
commit to continue; abort to exit without change
[local]Redback(config-card)#commit
[local]Redback(config-card)#exit
!Create the shaped VP; OAM parameters will be ignored
[local]Redback(config)#port atm 5/1
[local]Redback(config-atm-oc)#atm vp 100 profile cbr1
6-26
Ports, Circuits, and Tunnels Configuration Guide
Configuration Examples
!Create the HSVC and bind it
[local]Redback(config-atm-oc)#atm pvc 100 101 profile vbrnrt-basic
encapsulation bridge1483
[local]Redback(config-atm-pvc)#description bridged 1483 HSVC
[local]Redback(config-atm-pvc)#bind interface atmpvc local
[local]Redback(config-atm-pvc)#exit
Frame Relay Examples
This section provides example configurations for:
•
Frame Relay PVC on DS-3 Channel
•
Frame Relay PVC on POS Port
Frame Relay PVC on DS-3 Channel
The following example shows the configuration of a Frame Relay PVC on a clear-channel DS-3 channel
on a channelized OC-12 port; the DS-3 channel is bound to an interface, fr3-1, in the local context:
1. First, the example selects a port on a channelized OC-12 traffic card, selects a DS-3 channel, and enters
DS-3 configuration mode. Then it configures a DS-3 channel with the appropriate LMI parameters.
[local]Redback(config)#port channelized-oc12 3/1
[local]Redback(config-port)#no shutdown
[local]Redback(config-port)#port channelized-ds3 3/1
[local]Redback(config-ds3)#encapsulation frame-relay
[local]Redback(config-ds3)#frame-relay lmi-type ansi
[local]Redback(config-ds3)#frame-relay keepalive 10
[local]Redback(config-ds3)#frame-relay lmi-n391dte 6
[local]Redback(config-ds3)#frame-relay lmi-n392dte 3
[local]Redback(config-ds3)#frame-relay lmi-n393dte 4
2. Next, the example creates and binds a Frame Relay PVC to an existing interface, fr3-1:
[local]Redback(config-ds3)#frame-relay pvc dlci 16
[local]Redback(config-fr-pvc)#bind interface fr3-1 local
[local]Redback(config-fr-pvc)#exit
Frame Relay PVC on POS Port
The following example shows the configuration of Frame Relay on a POS port, which is bound to an
interface, fr4-1, in the local context:
[local]Redback(config)#port pos 4/1
[local]Redback(config-port)#no shutdown
[local]Redback(config-port)#encapsulation frame-relay
[local]Redback(config-port)#frame-relay lmi-type ansi
[local]Redback(config-port)#frame-relay keepalive 10
[local]Redback(config-port)#frame-relay lmi-n391dte 6
[local]Redback(config-port)#frame-relay lmi-n392dte 3
[local]Redback(config-port)#frame-relay lmi-n393dte 4
[local]Redback(config-port)#frame-relay pvc dlci 16
Circuit Configuration
6-27
Command Descriptions
[local]Redback(config-fr-pvc)#bind interface fr4-1 local
[local]Redback(config-fr-pvc)#exit
Command Descriptions
This section describes the syntax and usage guidelines for the commands used to configure circuits. The
commands are presented in alphabetical order.
atm profile
atm pvc
atm vp
clpbit
congestion
counters
description
dot1q profile
dot1q pvc
dot1q tunnel
encapsulation
frame-relay auto-detect
frame-relay intf-type
frame-relay keepalive
frame-relay lmi-n391dte
frame-relay lmi-n392dce
6-28
frame-relay lmi-n392dte
frame-relay lmi-n393dce
frame-relay lmi-n393dte
frame-relay lmi-t392dce
frame-relay lmi-type
frame-relay profile
frame-relay pvc
idle-down
ip host
mac-address
oam fault-monitor
oam manage
oam xc
report
shaping
shutdown
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
atm profile
atm profile prof-name [static]
no atm profile prof-name
Purpose
Creates a new Asynchronous Transfer Mode (ATM) profile, or selects an existing one for modification, and
enters ATM profile configuration mode.
Command Mode
global configuration
Syntax Description
prof-name
Alphanumeric string to be used as the name of the particular profile.
static
Optional. Specifies the profile is to be created or modified to be a static profile.
Default
No ATM profiles are defined.
Usage Guidelines
Use the atm profile command to create a new ATM profile, or select an existing one, and enter ATM profile
configuration mode.
Use the static keyword to create a static ATM profile, or to modify an existing nonstatic ATM profile to
convert it to a static profile. A static profile cannot be modified or deleted until all ATM virtual paths (VPs)
and permanent virtual circuits (PVCs) that reference that profile are deleted or assigned to a different
profile.
You can convert an existing nonstatic profile to a static one even if there are ATM VPs and PVCs that
reference that profile; the conversion does not affect the VPs and PVCs that reference it. However, you
cannot convert a static profile to a nonstatic one; instead, you must delete it. Deleting a profile also deletes
all VPs and PVCs that reference it.
Note You must create an ATM profile before you can configure ATM PVCs or VPs that reference that
profile.
Note To assign a static or nonstatic profile dynamically to an ATM PVC, either by using
subscriber-specific RADIUS attributes at the time a subscriber session becomes active, or by using
the RADIUS Refresh function, you must have enabled the software license for dynamic services.
For more information about enabling software licenses, see the “Basic System Configuration”
chapter in the Basic System Configuration Guide for the SmartEdge OS.
Circuit Configuration
6-29
Command Descriptions
Do not change traffic class for an ATM profile that is referenced by an ATM VP without first deleting all
ATM PVCs configured on that ATM VP. If an error message displays when you attempt to change the traffic
class of the profile, you must then:
•
Use the no form of the atm pvc command (any of its forms) (in ATM OC or ATM DS-3 configuration
mode) to delete the ATM PVCs on all ATM VPs that reference that profile.
•
Use the shaping command (in ATM profile configuation mode) to specify the new traffic class and its
parameters.
•
Use the atm pvc command (any of its forms) (in ATM OC or ATM DS-3 configuration mode) to
recreate the ATM PVCs on all ATM VPs that reference that profile.
Note For more configuration guidelines for ATM profiles, VPs, and PVCs, see the “ATM Configuration
Guidelines” section.
Use the no form of this command to delete an ATM profile.
Caution Risk of data loss. This form deletes any ATM VPs and the PVCs on those VPs or any PVCs that
reference that profile.
Examples
The following example creates an ATM profile, low_rate, and enters ATM profile configuration mode:
[local]Redback(config)#atm profile low_rate
[local]Redback(config-atm-profile)#
The following example modifies the ATM profile, low_rate, to make it a static profile and enters ATM
profile configuration mode:
[local]Redback(config)#atm profile low_rate static
[local]Redback(config-atm-profile)#end
Related Commands
atm pvc
atm vp
6-30
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
atm pvc
For a single static Asynchronous Transfer Mode (ATM) permanent virtual circuit (PVC), the syntax is:
atm pvc vpi vci [profile prof-name encapsulation encaps-type]
no atm pvc vpi vci [profile prof-name encapsulation encaps-type]
For a range of static ATM PVCs, the syntax is:
atm pvc explicit start-vpi:start-vci through end-vpi:end-vci
[profile prof-name encapsulation encaps-type]
no atm pvc explicit start-vpi:start-vci through end-vpi:end-vci
[profile prof-name encapsulation encaps-type]
For a range of ATM PVCs to be created on demand, the syntax is:
atm pvc on-demand start-vpi:start-vci through end-vpi:end-vci
{[profile prof-name encapsulation encaps-type] | aaa context ctx-name [prefix-string text |
user-name subscriber]}
no atm pvc on-demand start-vpi:start-vci through end-vpi:end-vci
[[profile prof-name encapsulation encaps-type] | aaa context ctx-name [prefix-string text |
user-name subscriber]]
Purpose
Configures one or more ATM PVCs, or selects one or more PVCs for modification, and enters ATM PVC
configuration mode.
Command Mode
ATM DS-3 configuration
ATM OC configuration
Syntax Description
vpi
Virtual path identifier (VPI) for the virtual path (VP) when creating or
modifying a single PVC. The range of values is 0 to 255.
vci
Virtual circuit identifier (VCI) when creating or modifying a single PVC.
The range of values is 1 to 65,535. By convention, values 1 to 31 are
reserved for system use.
start-vpi
First virtual path identifier (VPI) when creating or modifying a range of
PVCs. The range of values is 0 to 255.
start-vci
First virtual circuit identifier (VCI) when creating or modifying a range of
PVCs. The range of values is 1 to 65,535. By convention, values 1 to 31 are
reserved for system use.
through
Specifies the end of the range.
end-vpi
Last VPI in the range of VPs for the range of PVCs to be configured. The
range of values is 0 to 255.
Circuit Configuration
6-31
Command Descriptions
end-vci
Last VCI in a range of PVCs to be configured. The range of values is 1 to
65,535. By convention, values 1 to 31 are reserved for system use.
profile prof-name
Optional. Existing ATM profile. Optional only when selecting an existing
PVC or range of PVCs for deletion or modification.
encapsulation encaps-type Optional. Specific encapsulation type, according to one of the keywords
listed in Table 6-19. Optional only when selecting an existing PVC or range
of PVCs for deletion or modification.
on-demand
Specifies a listening PVC or range of PVCs; a listening PVC is created in
memory only after traffic is detected on it.
aaa
Optional. Specifies that the profile for the PVCs is assigned dynamically,
using authentication, authorization, and accounting (AAA) and Remote
Authentication Dial-In User Service (RADIUS). Optional only when
selecting an existing PVC or range of PVCs for deletion or modification.
context ctx-name
Name of the context in which are configured the RADIUS servers that are
used to provide the encapsulation type and ATM profile for the on-demand
ATM PVCs.
prefix-string text
Optional. String to be used as a prefix in constructing the User-Name
attribute. Must not contain spaces, periods, underscores, or forward or
backward slashes.
user-name subscriber
Optional. String to be used for the subscriber name, in any valid structured
subscriber name format; it can be up to 253 characters.
Default
No ATM PVCs are configured.
Usage Guidelines
Use the atm pvc command to configure one or more ATM PVCs, or select one or more PVCs for
modification, and enter ATM PVC configuration mode. This command has the following forms:
•
Use the atm pvc form of the command to configure a single explicitly configured (static) ATM PVC,
or to select one for modification, and enter ATM PVC configuration mode.
•
Use the atm pvc explicit form of the command to configure a range of static PVCs with similar
characteristics, or to select the range for modification.
•
Use the atm pvc on-demand form of the command to configure a range of on-demand PVCs, with
similar characteristics, each of which is made active only when user traffic is detected on it.
Caution Risk of data loss. By convention, VCIs 1 to 31 are solely for system use, and any user data is
overwritten. To reduce the risk, create VCI 4 only in connection with the oam fault-monitor or
oam manage commands.
6-32
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
Table 6-19 lists the keywords for the encaps-type argument.
Table 6-19 Types of ATM Encapsulations
Keyword
Description
bridge1483
Specifies RFC 1483 bridged encapsulation.
multi
Specifies multiprotocol encapsulation. This option is only for ATM PVCs on which you will create child
circuits.
ppp
Specifies VC-multiplexed; the default.
ppp auto
Enables the auto-detect feature with regard to the PPP encapsulation type.
ppp llc
Specifies Logical Link Control-Subnetwork Access Protocol (LLC-SNAP) PPP encapsulation as
defined in RFC 2364, PPP over AAL5.
ppp nlpid
Specifies Network Layer Protocol Identifier (NLPID) PPP encapsulation.
ppp serial
Specifies Serial High-Level Data Link Control (HDLC) PPP encapsulation—used in
non-RFC-compliant configurations.
pppoe
Specifies PPP over Ethernet (PPPoE) encapsulation.
raw
Specifies raw mode; this option is for static PVCs only.
route1483
Specifies RFC 1483 routed encapsulation.
The following guidelines apply to encapsulation types:
•
You cannot change the encapsulation of a PVC unless you first delete it, and then recreate it.
•
RFC 1483 bridged encapsulation (bridge1483 keyword) requires a local medium access control (MAC)
address and the MAC address of the remote host. The SmartEdge OS provides these MAC addresses as
follows:
— The default local MAC address for the port is extracted from the EEPROM of the traffic card when
the card is installed in the SmartEdge chassis. You can override this address by entering the
mac-address command (in ATM OC or ATM DS-3 configuration mode).
— You can associate the MAC address of the remote host with the ATM PVC by entering the ip host
command (in ATM PVC configuration mode).
•
The multi keyword configures the parent PVC to carry IPoE traffic. The following guidelines apply:
— This keyword is applicable only to PVCs that will have child circuits to carry PPPoE, but IPoE
version 6 (IPv6oE) traffic is limited to explicit ATM PVCs. For commands to create child circuits
on multiprotocol ATM PVCs and cross-connect them, see Chapter 9, “Link Aggregation
Configuration.”
— You must configure the interface to which you will bind the IPoE traffic with the multibind
keyword.
— Binding types include static (bind interface command in ATM PVC configuration mode) for ATM
PVC (IPoE) parent circuit and dynamic (bind authentication command in ATM child protocol
configuration mode) for PPoE child circuit.
— PVCs with multi encapsulation are supported on all ATM traffic cards, and in port listening mode,
if enabled.
Circuit Configuration
6-33
Command Descriptions
•
If you specify the ppp auto construct, the commands that become visible are a union of those available
for PPPoE and the non-PPPoE encapsulations. The SmartEdge OS handles the information entered in
these commands appropriately, after the encapsulation is auto-detected.
The following guidelines apply to the atm pvc explicit form of this command:
•
The range you specify must not overlap or encompass any range of PVCs created previously with the
atm pvc explicit form of the command; it can include PVCs previously created with the atm pvc form
of the command.
•
The range of PVCs can be on a range of ATM VPs.
•
Any PVCs in the specified range that do not already exist are created with the specified profile and
encapsulation.
•
The range of PVCs can be on a range of ATM VPs. However, an error message displays if the range
includes VCIs 3 or 4. These VCIs are reserved for operations, administration, and maintenance (OAM)
use. In general, avoid specifying VCIs 1 to 31.
•
You cannot use the no atm pvc command to remove PVCs from an explicit range, but you can use the
atm pvc form of the command to overwrite one or more PVCs created by the atm pvc explicit form of
the command. If you subsequently use the no atm pvc command to delete such a PVC, the PVC reverts
to the atm pvc explicit definition.
•
You cannot use the bind subscriber and ip host commands in conjunction with the PVCs created by
the atm pvc explicit form of the command; however, if you first modify individual PVCs in the range
with the atm pvc form of the command, you can then use the bind subscriber and ip host commands
with the modified PVCs.
•
When you use the no form of the atm pvc explicit form of the command, all the PVCs in the range are
deleted except for those in the range that were explicitly created with the atm pvc form of the command.
The following guidelines apply to the atm pvc on-demand form of this command:
Note On-demand PVC configuration does not support more PVCs than static PVC configuration
supports, although on-demand configuration does conserve memory.
•
Raw mode encapsulation is not supported for on-demand PVCs.
•
Otherwise, the range that you specify must be within the limits for active PVCs; these limits depend
upon the type of port, the SAR image for the card, and the traffic class specified by the profile. An error
message displays if the range that you specify is not supported; see the tables (Table 6-5, Table 6-7,
Table 6-9) that specify PVC limits in the “Number of ATM VPs and PVCs” section.
Note Enabling port listening mode with the ccod-mode port-listen command must precede the
configuration of any ATM VPs or PVCs on that ATM port.
6-34
•
The range of PVCs can be on a range of ATM VPs. However, an error message displays if the range
includes VCIs 3 or 4. These VCIs are reserved for operations, administration, and maintenance (OAM)
use. In general, avoid specifying VCIs 1 to 31.
•
Regardless of the number of listening PVCs that you create, the number of active PVCs cannot be
greater than those specified for each traffic class and SAR image on the type of port on which they are
created; see the tables (Table 6-5, Table 6-7, Table 6-9) that specify PVC limits in the “Number of ATM
VPs and PVCs” section.
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
•
You cannot overwrite a PVC range that you previously configured with the atm pvc explicit or atm
pvc on-demand form of the command, unless the new range completely encompasses that previous
range.
•
If you overwrite a PVC range that was previously defined with the atm pvc explicit form of the
command, the circuits are not cleared. You must use the clear atm circuit command to manually clear
these circuits.
•
If you overwrite an on-demand PVC with the atm pvc form of the command and subsequently delete
such a PVC with the no atm pvc command, the PVC reverts to the atm pvc on-demand definition.
•
You cannot use the no atm pvc command to remove PVCs from a range of on-demand PVCs.
•
When you create a range of on-demand PVCs, you can:
— Use the profile and encapsulation keywords to specify the profile and encapsulation type explicitly.
— Use the aaa keyword to use AAA and RADIUS to assign the profile, encapsulation, and binding of
the PVCs in the range at the time the PVC becomes active.
•
If you use the aaa keyword, you must include the context ctx-name construct to specify the context in
which the RADIUS server is configured. You can also define a prefix string that is used to construct the
User-Name attribute.
By default, the RADIUS User-Name attribute is in the form hostname.port.slot.vpi.vci. If you define a
prefix string, the RADIUS User-Name attribute is in the form prefix-string.vpi.vci.
For information about RADIUS attributes and Redback VSAs, see the “RADIUS Attributes” appendix
in the IP Services and Security Configuration Guide for the SmartEdge OS.
•
The subscriber argument can include both the subscriber name and the domain name in any valid
format, such as sub-name@ctx-name, but it must match an entry in the RADIUS user database. The
format, including the separator character, is configurable; for information about configuring the format,
see the “AAA Configuration” chapter in the IP Services and Security Configuration Guide for the
SmartEdge OS.
Note If you assign a static or nonstatic profile dynamically to an ATM PVC, either by using
subscriber-specific RADIUS attributes at the time a subscriber session becomes active, or by using
the RADIUS Refresh function (the aaa keyword), you must have enabled the software license for
dynamic services. For more information about enabling software licenses, see the “Basic System
Configuration” chapter in the Basic System Configuration Guide for the SmartEdge OS.
Note For more configuration guidelines for ATM profiles, VPs, and PVCs, see the Chapter 3, “ATM,
Ethernet, and POS Port Configuration.”
Use the no form of this command to delete a previously created PVC or range of PVCs; when deleting a
range of PVCs, you must specify the same circuit range as specified in the atm pvc explicit or atm pvc
on-demand form of the command. If you specify the optional constructs, the system checks the PVC
configuration against the input arguments and does not delete the PVC or range of PVCs unless there is a
match.
Circuit Configuration
6-35
Command Descriptions
Examples
The following example configures a static PVC that references a previously defined ATM profile, dslam1,
an encapsulation of bridge1483, and a VPI:VCI of 0:32 on an ATM OC port:
[local]Redback(config)#port atm 2/1
[local]Redback(config-atm-oc)#atm pvc 0 32 profile dslam1 encapsulation bridge1483
[local]Redback(config-atm-pvc)#
The following example configures a static PVC on an ATM OC port, encapsulates it with ppp mode, and
specifies the auto-detect feature:
[local]Redback(config)#port atm 3/1
[local]Redback(config-atm-oc)#atm pvc 0 32 profile ubr encapsulation ppp auto
[local]Redback(config-atm-pvc)#
The following example configures a static PVC on an ATM OC port and encapsulates it with raw mode:
[local]Redback(config)#port atm 3/1
[local]Redback(config-atm-oc)#atm pvc 0 32 profile ubr encapsulation raw
[local]Redback(config-atm-pvc)#
The following example creates a range of 32 static PVCs on a single VP on an ATM OC port; all PVCs use
the ATM profile, adam, and bridge1483 encapsulation:
[local]Redback(config)#port atm 3/2
[local]Redback(config-atm-oc)#atm pvc explicit 10:32 through 10:63 profile adam
encapsulation bridge1483
[local]Redback(config-atm-pvc)#
The following example creates a range of 32 on-demand PVCs on a single VP on an ATM OC port; all
PVCs use the ATM profile, adam, and pppoe encapsulation:
[local]Redback(config)#port atm 3/3
[local]Redback(config-atm-oc)#atm pvc on-demand 10:32 through 10:63 profile adam
encapsulation pppoe
[local]Redback(config-atm-pvc)#
The following example displays explicit and on-demand ATM PVCs with circuits in the down state (no
PPPoE or IPoE activity):
card atm-oc3-4-port 12
port atm 12/1
atm pvc explicit 20:32 through 20:41 profile ubr encapsulation multi
bind interface b_itf20 b
circuit protocol pppoe
bind authentication chap
atm pvc on-demand 40:32 through 40:41 profile ubr encapsulation multi
bind interface b_itf40 b
circuit protocol pppoe
bind authentication chap
!
6-36
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
[local]Redback#show atm pvc 12/1 vpi 20 vci 32
Port:Channel 12/1 :1
VPI: 20
VCI: 32
Profile: ubr
Description:
Status: Down Counters:
L2 Encapsulation:
multi
Bound to: --QoS - outbound ATMWFQ policy: (None Specified)
Circuit Range: yes
CCOD: no
First Created: Wed Oct 5 20:59:31 2005
Status Change: Wed Oct 5 20:59:31 2005
OAM Cross Connect
: Disabled
OAM Managed
: Disabled
OAM Fault Monitoring: Disabled
[local]Redback#show atm pvc on-dem 12/1 vpi 40 vci 32
Port:Channel VPI VCI
12/1 :1
40 32
active: 0
idle:
static: 0
wait:
total: 1
VC HANDLE State Encaps
--Down on-demand
0
idle-down: 0
0
dormant:
1
Binding
no binding
Mode
dormant
[local]Redback#show atm pvc 12/1 all
Port:Channel
12/1 :1
12/1 :1
12/1 :1
12/1 :1
12/1 :1
12/1 :1
12/1 :1
12/1 :1
12/1 :1
12/1 :1
12/1 :1
12/1 :1
12/1 :1
12/1 :1
12/1 :1
12/1 :1
12/1 :1
12/1 :1
12/1 :1
12/1 :1
pvcs up: 0
Traffic
VPI VCI
Profile
20 32
ubr
20 32
ubr
20 33
ubr
20 33
ubr
20 34
ubr
20 34
ubr
20 35
ubr
20 35
ubr
20 36
ubr
20 36
ubr
20 37
ubr
20 37
ubr
20 38
ubr
20 38
ubr
20 39
ubr
20 39
ubr
20 40
ubr
20 40
ubr
20 41
ubr
20 41
ubr
pvcs down: 10
State Ctrs Encaps
Down L2
multi
Down L2
pppoe
Down L2
multi
Down L2
pppoe
Down L2
multi
Down L2
pppoe
Down L2
multi
Down L2
pppoe
Down L2
multi
Down L2
pppoe
Down L2
multi
Down L2
pppoe
Down L2
multi
Down L2
pppoe
Down L2
multi
Down L2
pppoe
Down L2
multi
Down L2
pppoe
Down L2
multi
Down L2
pppoe
total pvcs: 10
[local]Redback#show atm pvc on-demand 12/1 all
Port:Channel VPI VCI
VC HANDLE State Encaps
12/1 :1
40 32
--Down on-demand
Circuit Configuration
Binding
b_itf20
--b_itf20
--b_itf20
--b_itf20
--b_itf20
--b_itf20
--b_itf20
--b_itf20
--b_itf20
--b_itf20
---
Binding
no binding
[b]
[b]
[b]
[b]
[b]
[b]
[b]
[b]
[b]
[b]
Mode
dormant
6-37
Command Descriptions
12/1 :1
12/1 :1
12/1 :1
12/1 :1
12/1 :1
12/1 :1
12/1 :1
12/1 :1
12/1 :1
active: 0
static: 0
total: 10
40
40
40
40
40
40
40
40
40
33
34
35
36
37
38
39
40
41
idle:
wait:
------------------0
0
Down on-demand
Down on-demand
Down on-demand
Down on-demand
Down on-demand
Down on-demand
Down on-demand
Down on-demand
Down on-demand
idle-down: 0
dormant:
10
no
no
no
no
no
no
no
no
no
binding
binding
binding
binding
binding
binding
binding
binding
binding
dormant
dormant
dormant
dormant
dormant
dormant
dormant
dormant
dormant
Related Commands
atm profile
atm vp
bind auto-subscriber
bind interface
bind subscriber
idle-down
ip host
mac-address
shaping
6-38
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
atm vp
atm vp vpi profile prof-name
no atm vp vpi
Purpose
Creates or modifies a shaped virtual path (VP) on an Asynchronous Transfer Mode (ATM) OC or
ATM DS-3 port.
Command Mode
ATM DS-3 configuration
ATM OC configuration
Syntax Description
vpi
Virtual path identifier (VPI). The range of values is 0 to 255.
profile prof-name
Profile to use for the VP.
Default
No VPs are defined.
Usage Guidelines
Use the atm vp command to create or modify a shaped VP on an ATM OC or DS-3 port.
When you create an ATM permanent virtual circuit (PVC), you must specify a VP for it, using a VPI. An
ATM VP can be shaped or nonshaped:
•
Shaped VP—Is associated with an ATM profile.
•
Nonshaped VP— Has no profile associated with it.
SmartEdge OS creates a nonshaped VP when you configure an ATM PVC and specify a VPI that has not
be used to create a shaped VP. To create a shaped VP, you must create it explicitly using this command.
You cannot convert a nonshaped VP to a shaped VP unless and until you delete all the PVCs that reference
it. Deleting all the PVCs that reference it effectively deletes the nonshaped VP.
Note Hierarchical-shaped virtual circuits (HSVCs), by definition, always use a shaped VP.
The only modification possible for a shaped VP is to specify a different profile. To modify a shaped VP,
enter this command with the name of the new profile. If the shaped VP has PVCs configured on it, the
current and new profiles must specify the same traffic class; otherwise, the system displays an error
message. You must then delete the PVCs or HSVCs on the shaped VP before specifying the new profile
and recreate them afterwards.
Note For more configuration guidelines for ATM profiles, VPs, and PVCs, see the “ATM Configuration
Guidelines” section.
Circuit Configuration
6-39
Command Descriptions
Use the no form of this command to delete a shaped VP.
Note If a shaped VP is deleted, all associated PVCs or HSVCs are deleted from the configuration.
Examples
The following example creates a shaped VP on an ATM OC port and references a profile, cbr-profile:
[local]Redback(config-atm-oc)#atm vp 20 profile cbr-profile
Related Commands
atm profile
atm pvc
6-40
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
clpbit
clpbit [propagate qos to atm]
{no | default} clpbit [propagate qos to atm]
Purpose
Sets the cell loss priority (CLP) bit in all cells transmitted over Asynchronous Transfer Mode (ATM)
permanent virtual circuits (PVCs) and that reference this ATM profile.
Command Mode
ATM profile configuration
Syntax Description
propagate qos to atm
Optional. Specifies that the CLP bit is set based on the IP precedence and
Differentiated Services Code Point (DSCP) bits as assigned by the quality of
service (QoS) policy attached to an ATM PVC that references this profile.
Default
The CLP bit is set to zero.
Usage Guidelines
Use the clpbit command to set the CLP bit in all cells transmitted over ATM PVCs that reference this ATM
profile. If you do not specify the optional propagate qos to atm construct, the CLP bit is set to one; if you
do specify this, the CLP bit is set based on the IP precedence and DSCP bits.
Note For more information about the use of this command for QoS propagation, see the “QoS Circuit
Configuration” chapter in the IP Services and Security Configuration Guide for the SmartEdge OS.
Use the no or default form of this command to set the CLP bit to zero in all circuits referencing that ATM
profile.
Example
The following example sets the CLP bit to one in an ATM profile, low_rate. All cells transmitted over
PVCs that reference this profile will have the CLP bit set to one.
[local]Redback(config)#atm profile low_rate
[local]Redback(config-atmpro)clpbit
Related Commands
None
Circuit Configuration
6-41
Command Descriptions
congestion
congestion {red min_threshold min max_threshold max probability prob weight weight-exp |
epd [[min_threshold min] max_threshold max]}
no congestion {red | epd}
default congestion {red | epd}
Purpose
Specifies the congestion avoidance algorithm, either weighted random early detection (RED) or early
packet discard (EPD), and its parameters for the specified Asynchronous Transfer Mode (ATM) profile.
Command Mode
ATM profile configuration
Syntax Description
red
Specifies the weighted RED algorithm.
epd
Specifies the EPD algorithm.
min-threshold min
For the weighted RED algorithm, the average buffer or queue occupancy in
packets below which no packets are dropped. For the EPD algorithm, the
number of packets below which no packets are dropped. Optional only when
specifying the EPD algorithm. The range of values is 1 to 9,999; the default
value is 8 packets.
max-threshold max
For the weighted RED algorithm, the average buffer or queue occupancy in
packets above which all packets are dropped. For the EPD algorithm, the
number of packets above which all packets are dropped. The range of values
is 2 to 10,000; the default value is 26 packets.
probability prob
Inverse of the probability of dropping a packet as the average queue
occupancy approaches the maximum threshold. The resulting probability
(1/prob) is the fraction of packets dropped when the average queue depth is at
the maximum threshold. The range of values is 8 to 32,768; the default value
is 16.
weight weight-exp
Exponent representing the inverse of the exponentially weighted moving
average. The range of values is 7 to 10; the default value is 9.
Default
The default congestion avoidance algorithm is weighted RED with the default parameters.
6-42
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
Usage Guidelines
Use the congestion command to set the weighted RED or EPD parameters for the specified ATM profile.
These parameters specify how buffer utilization is to be managed under congestion by signaling to the
sources of traffic that the network is on the verge of entering a congested state.
This signaling is accomplished by dropping packets according to the type of congestion algorithm and the
type of port on which the ATM VP or PVC is configured:
•
For the weighted RED algorithm, which is supported for second-generation ATM OC and ATM DS-3
cards only, packets are dropped with a probability that varies as a function of how many packets are
waiting in a queue at any particular time, and of the values of the max, min, prob, and weight-exp
arguments.
•
For the EPD algorithm, packets are dropped based on the type of port:
— For ports on first-generation ATM OC cards, when the congestion exceeds the value of the max
argument, packets are dropped until the buffers are below the value of the min argument.
— For ports on second-generation ATM OC and ATM DS-3 cards, when the congestion exceeds the
value of the max argument, packets are dropped until the buffers are below the value of the max
argument.
Use the min-threshold min construct as follows:
•
For the weighted RED algorithm, use this construct to set the average buffer or queue occupancy in
packets at or below which no packets are dropped.
•
For the EPD algorithm, use this construct to specify the minimum value below which no packets are
dropped. This construct is ignored if the profile is assigned to a shaped VP or PVC on an ATM DS-3 or
second-generation ATM OC card.
Use the max-threshold max construct as follows:
•
For the weighted RED algorithm, use this construct to set the average buffer or queue occupancy in
packets above which packets are dropped; as the average occupancy approaches the maximum
threshold value, packets are dropped with increasing probability, as a function of the value of the prob
argument.
•
For the EPD algorithm, use this construct to set the value above which all packets are dropped.
Use the probability prob construct to establish the probability of a packet being dropped as the average
queue occupancy approaches the maximum threshold value. The value of the prob argument is the inverse
of the probability of a packet being dropped. The higher the value of the prob argument, the lower the
probability of a packet being dropped.
The average queue occupancy is computed as a moving average of the instantaneous queue occupancy. Use
the weight weight-exp construct to set the inverse of the exponential moving average. The larger the value
of the weight-exp argument, the longer term the average.
If you reference an ATM profile that includes weighted RED parameters when creating ATM PVCs on
ports on first-generation ATM OC cards, the RED parameters are ignored; in this case, these ports use the
EPD congestion algorithm with the default parameters.
If this command is not entered, any PVC that is created on a port on a second-generation ATM OC or
ATM DS-3 card and that references this profile uses weighted RED for the congestion avoidance algorithm
with the default values for the parameters.
Circuit Configuration
6-43
Command Descriptions
Note For more configuration guidelines for ATM profiles, VPs, and PVCs with regard to congestion
avoidance, see the “ATM Configuration Guidelines” section.
Use the no and default forms of this command to perform the functions listed in Table 6-20.
Table 6-20 Functions of Default and No Forms of the congestion Command
Command
Function
no congestion red
Enables RED default parameters if RED is configured; generates an error message if
EPD is configured.
default congestion red
Enables RED default parameters if RED is configured; generates an error message if
EPD is configured.
no congestion epd
Enables RED default parameters if EPD is configured; generates an error message if
RED is configured.
default congestion epd
Enables EPD default parameters if EPD is configured; generates an error message if
RED is configured.
Examples
The following example specifies the RED parameters for an existing profile, atm-pro:
[local]Redback(config)#atm profile atm-pro
[local]Redback(config-atm-profile)#congestion red min-threshold 1 max-threshold 255
probability 15 weight 10
Related Commands
atm profile
atm pvc
6-44
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
counters
counters l2
{no | default} counters
Purpose
Enables statistics to be collected for Asynchronous Transfer Mode (ATM) permanent virtual circuits
(PVCs) that reference the ATM profile.
Command Mode
ATM profile configuration
Syntax Description
l2
Enables statistics collection for layer 2 traffic, both at the cell and segmentation and
reassembly (SAR) packet level.
Default
ATM counters are enabled.
Usage Guidelines
Use the counters command to enable or disable the collection of statistics for ATM PVCs that reference
the ATM profile.
This command is useful if the profile will be referenced by ATM PVCs that are used for OAM traffic
(VCIs 1 to 31).
Use the no or default form of this command to disable statistics collection for PVCs that reference the
profile.
Examples
The following example configures an ATM profile, low_rate, to enable statistics collection for layer 2
traffic (l2) on all ATM PVCs that reference the profile:
[local]Redback(config)#atm profile low_rate
[local]Redback(config-atm-profile)#counters l2
Related Commands
atm pvc
Circuit Configuration
6-45
Command Descriptions
description
description text
{no | default} description
Purpose
Associates a textual description with an Asynchronous Transfer Mode (ATM), 802.1Q, or Frame Relay
profile or permanent virtual circuit (PVC).
Command Mode
ATM profile configuration
ATM PVC configuration
dot1q profile configuration
dot1q PVC configuration
Frame Relay profile configuration
Frame Relay PVC configuration
Syntax Description
text
Text string that identifies the profile or PVC. Can be any alphanumeric string, including
spaces, that is not longer than 63 ASCII characters.
Default
No description is associated with any profile or PVC.
Usage Guidelines
Use the description command to associate textual information with an ATM, 802.1Q, or Frame Relay
profile or PVC. This text displays by the appropriate show command.
Use the no or default form of this command to delete the existing description. Because there can be only
one description for a profile or PVC, when you use the no or default form of this command, it is not
necessary to include the text argument. To change a description, create a new one; it overwrites the existing
one.
Examples
The following example associates a description with an ATM PVC configured on an ATM OC port:
[local]Redback(config)#port atm 2/1
[local]Redback(config-atm-oc)#atm pvc 0 32 profile dslam1 encapsulation bridge1483
[local]Redback(config-atm-pvc)#description ATM bridged 1483 circuit
Related Commands
None
6-46
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
dot1q profile
dot1q profile prof-name
no dot1q profile prof-name
Purpose
Creates a new 802.1Q profile or selects an existing one for modification, and enters dot1q profile
configuration mode.
Command Mode
global configuration
Syntax Description
prof-name
Alphanumeric string to be used as the name of the particular profile.
Default
No 802.1Q profiles are defined.
Usage Guidelines
Use the dot1q profile command to create a new 802.1Q profile or to select an existing profile for
modification, and to enter dot1q profile configuration mode.
Note You must create an 802.1Q profile before you can configure 802.1Q permanent virtual circuits
(PVCs) that reference the profile name.
Use the no form of this command to delete an 802.1Q profile. This form deletes any PVCs that reference
that profile.
Examples
The following example creates an 802.1Q profile, dot1q-pro, and enters dot1q profile configuration
mode:
[local]Redback(config)#dot1q profile dot1q-pro
[local]Redback(config-dot1q-profile)#
Related Commands
dot1q pvc
Circuit Configuration
6-47
Command Descriptions
dot1q pvc
In link group configuration mode, the syntax is:
dot1q pvc vlan-id
no dot1q pvc vlan-id
In port configuration mode, the syntax for a 802.1Q tunnel is:
dot1q pvc tunl-vlan-id [profile prof-name] encapsulation 1qtunnel
no dot1q pvc tunl-vlan-id
In port configuration mode, the syntax for a range of static 802.1Q PVCs is:
dot1q pvc start-vlan-id [through end-vlan-id] [profile prof-name] [encapsulation encaps-type]
no dot1q pvc start-vlan-id [through end-vlan-id]
In port configuration mode, the syntax for a range of static 802.1Q PVCs within a tunnel is:
dot1q pvc tunl-vlan-id:start-vlan-id [through end-vlan-id] [profile prof-name]
[encapsulation encaps-type]
no dot1q pvc tunl-vlan-id:start-vlan-id [through end-vlan-id]
In port configuration mode, the syntax for a range of 802.1Q PVCs to be configured on demand is:
dot1q pvc on-demand start-vlan-id [through end-vlan-id]
[[profile prof-name] [encapsulation pppoe] | aaa context ctx-name [prefix-string text |
user-name subscriber]]
no dot1q pvc on-demand start-vlan-id
Purpose
Creates or selects an 802.1Q tunnel or one or more 802.1Q PVCs on an Ethernet port, and enters dot1q PVC
or link PVC configuration mode.
Command Mode
link group configuration
port configuration
Syntax Description
6-48
tunl-vlan-id
802.1Q virtual LAN (VLAN) tag value for the 802.1Q tunnel. The range of
values is 1 to 4,095.
vlan-id
VLAN tag value for the 802.1Q PVC. The range of values is 1 to 4,095.
start-vlan-id
First 802.1Q VLAN tag value for a range of PVCs to be configured. The
range of values is 1 to 4,095.
through end-vlan-id
Optional. Last 802.1Q VLAN tag value for a range of PVCs to be
configured.
profile prof-name
Optional. Existing 802.1Q profile.
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
encapsulation 1qtunnel
Specifies that the PVC is a tunnel.
encapsulation encaps-type Optional. Encapsulation, according to one of the following keywords:
• multi—Specifies multiprotocol encapsulation. This option is intended
only for 802.1Q PVCs on which you will create child circuits for
cross-connecting; it is not applicable to on-demand PVCs.
• pppoe—Specifies Point-to-Point Protocol over Ethernet (PPPoE)
encapsulation. Required for on-demand 802.1Q PVCs.
If this option is not specified, the default encapsulation is IP over Ethernet
(IPoE).
on-demand
Specifies a listening PVC or range of PVCs; a listening PVC is created in
memory only after traffic is detected on it.
aaa
Specifies that the 802.1Q PVCs are created using Remote Authentication
Dial-In User Service (RADIUS).
context ctx-name
Name of the context in which the RADIUS servers are configured for AAA
configurations.
prefix-string text
String to be used as a prefix in generate the name of the subscriber record
in RADIUS. Must not contain spaces, periods, underscores, or forward or
backward slashes.
user-name subscriber
String to be used for the exact name of the subscriber record in RADIUS,
in any valid structured subscriber name format; it can be up to 253
characters.
Default
No 802.1Q PVCs or tunnels are defined.
Usage Guidelines
Use the dot1q pvc command to create or select an 802.1Q tunnel or one or more static 802.1Q PVCs on an
Ethernet port, and enter dot1q PVC or link group configuration mode.
Use the dot1q pvc on-demand form of the command to create or select a range of on-demand 802.1Q
PVCs, with similar characteristics, each of which is made active only when traffic is detected on it.
Note You cannot create 802.1Q PVCs or tunnels on the Ethernet management port on a controller card.
When entered in link group configuration mode, this command creates or selects an aggregated 802.1Q
PVC in the link group. When an Ethernet port is added to the link group, an 802.1Q PVC with that vlan-id
tag is created on that port.
When entered in port configuration mode, it creates or selects an 802.1Q tunnel or one or more 802.1Q
PVCs on the single-link Ethernet port.
Many 802.1Q implementations use VLAN tag value 1 as a management PVC. To ensure interoperability,
we recommend that you do not use VLAN tag value 1 for non-management traffic.
Circuit Configuration
6-49
Command Descriptions
You cannot specify the same VLAN tag value for an 802.1Q tunnel and an 802.1Q PVC that is not
configured within the tunnel.
The dot1q profile that you specify must exist before you enter this command.
The encapsulation multi construct is applicable only to static 802.1Q PVCs that will have child circuits to
carry PPPoE or IPv6oE traffic. In this case, the parent 802.1Q PVC carries IPoE traffic. For commands to
create child circuits on 802.1Q PVCs and cross-connect them, see Chapter 11, “Cross-Connection
Configuration.”
You cannot change the encapsulation of an 802.1Q PVC unless you first delete it and then recreate it.
Use the through end-vlan-id construct to create or select groups of similar PVCs on an Ethernet port. The
following guidelines apply when you use the through keyword:
•
Any 802.1Q PVCs in the specified range that do not already exist are created with the specified profile
and encapsulation.
•
Any 802.1Q PVCs in the specified range that already exist and do not have the specified encapsulation
cause the command to fail; you must delete these PVCs, and then enter the dot1q pvc command again.
•
When you use the no form of this command in conjunction with the through keyword, all 802.1Q PVCs
in the range are deleted, regardless of whether those PVCs have the same profile and encapsulation.
The subscriber argument can include both the subscriber name and the domain name in any valid format,
such as sub-name@ctx-name, but it must match an entry in the RADIUS user database. The format,
including the separator character, is configurable; for information about configuring the format, see the
“AAA Configuration” chapter in the IP Services and Security Configuration Guide for the SmartEdge OS.
Use the no form of this command to delete an 802.1Q PVC or tunnel. If you delete a tunnel, all 802.1Q
PVCs configured within that tunnel are also deleted.
Examples
The following example creates an 802.1Q PVC with VLAN tag value 20 on an Ethernet port:
[local]Redback(config)#port ethernet 3/1
[local]Redback(config-port)#encapsulation dot1q
[local]Redback(config-port)#dot1q pvc 20
[local]Redback(config-dot1q-pvc)#
The following example creates two 802.1Q PVCs with tag values 26 and 27 for two aggregated 802.1Q
PVCs in the link group, lg1:
[local]Redback(config)#link-group lg1 dot1q
[local]Redback(config-link-group)#dot1q pvc 26
[local]Redback(config-link-pvc)#exit
[local]Redback(config-link-group)#dot1q pvc 27
[local]Redback(config-link-pvc)#exit
6-50
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
The following example creates an 802.1Q tunnel with VLAN tag value 30 and an 802.1Q PVC with VLAN
tag value 100 within it:
[local]Redback(config)#port ethernet 3/1
[local]Redback(config-port)#encapsulation dot1q
[local]Redback(config-port)#dot1q pvc 30 encapsulation 1qtunnel
[local]Redback(config-dot1q-pvc)#exit
[local]Redback(config-port)#dot1q pvc 30:100 encapsulation multi
[local]Redback(config-dot1q-pvc)#
Related Commands
dot1q profile
link-group
Circuit Configuration
6-51
Command Descriptions
dot1q tunnel
dot1q tunnel ethertype tunl-type
{no | default} dot1q tunnel ethertype tunl-type
Purpose
Specifies the type of traffic (the type found in the 802.1Q header) for any 802.1Q tunnel configured on this
port.
Command Mode
port configuration
Syntax Description
ethertype tunl-type
Type of 802.1Q traffic for this port, according to one of the following argument
or keywords (in hexadecimal format):
• user—Custom traffic type; the range of values is 0x0 to 0xffff.
• 8100—Specifies the 8100 packet type; this is the default packet type.
• 88a8—Specifies the 88a8 packet type.
• 9100—Specifies the 9100 packet type.
• 9200—Specifies the 9200 packet type.
Default
The default packet type is 8100.
Usage Guidelines
Use the dot1q tunnel command to specify the type of traffic (the type found in the 802.1Q header) for any
802.1Q tunnel configured on this port.
Use the no or default form of this command to specify the default packet type.
Examples
The following example specifies 9100 as the packet type:
[local]Redback(config)#port ethernet 3/1
[local]Redback(config-port)#encapsulation dot1q
[local]Redback(config-port)#dot1q tunnel ethertype 9100
Related Commands
dot1q pvc
6-52
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
encapsulation
encapsulation dot1q
no encapsulation
Purpose
Specifies the encapsulation for an Ethernet port to create 802.1Q permanent virtual circuits (PVCs).
Command Mode
port configuration
Syntax Description
dot1q
Specifies 802.1Q encapsulation to support 802.1Q PVCs on the Ethernet port.
Default
The encapsulation is IP over Ethernet (IPoE).
Usage Guidelines
Use the encapsulation command to specify the encapsulation for an Ethernet port to create 802.1Q PVCs.
Note This command is also described for Ethernet ports without 802.1Q PVCs in Chapter 3, “ATM,
Ethernet, and POS Port Configuration.”
Use the no form of this command to specify IP over Ethernet encapsulation.
Caution Risk of data loss. When you use the no form of this command to specify IPoE encapsulation, all
802.1Q PVCs defined on the port are deleted. To reduce the risk, ensure that the PVCs are not
active before issuing the no form of this command.
Examples
The following example specifies 802.1Q encapsulation for port 1 in slot 4:
[local]Redback(config)#port ethernet 4/1
[local]Redback(config-port)#encapsulation dot1q
Related Commands
dot1q pvc
port ethernet
Circuit Configuration
6-53
Command Descriptions
frame-relay auto-detect
frame-relay auto-detect
no frame-relay auto-detect
default frame-relay auto-detect
Purpose
Enables the automatic detection of the type of Local Management Interface (LMI) for a Frame
Relay-encapsulated channel or port, or Multilink Frame Relay (MFR) bundle.
Command Mode
DS-0 group configuration
DS-1 configuration
DS-3 configuration
E1 configuration
E3 configuration
link group configuration
port configuration
Syntax Description
This command has no keywords or arguments.
Default
Auto-detection is enabled.
Usage Guidelines
Use the frame-relay auto-detect command to enable the automatic detection of the type of LMI for a
Frame Relay-encapsulated channel or port, or MFR bundle. The auto-detect feature tells the system to look
at the first LMI message received from the remote end, determine from the message the LMI type of the
remote end, and reconfigure the LMI type at the local end to match.
The original “group of 4” LMI uses DLCI number 1023 as the PVC number; both the ANSI and ITU LMI
use DLCI number 0. If the LMI type is not set to group-of-4 (using the frame-relay lmi-type command in
DS-0, DS-1, DS-3, E1, E3, link group, or port configuration mode) and the local Frame Relay interface type
is data communications equipment (DCE), this command allows the software to detect which LMI type is
being used by the remote end, and use that same LMI type at the local end.
Because the default interface type is data terminal equipment (DTE), the auto-detect function does not
normally operate. However, if you configure the interface type to be DCE, then the auto-detect function
takes effect (unless previously disabled using the no form of this command).
Use the no form of this command to disable the automatic detection of the LMI type.
Use the default form of this command to enable the automatic detection of the LMI type.
6-54
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
Examples
The following example enables automatic detection of the LMI type for a Packet over SONET/SDH (POS)
port in slot 9:
[local]Redback(config)#port pos 9/1
[local]Redback(config-port)#frame-relay auto-detect
Related Commands
frame-relay lmi-type
Circuit Configuration
6-55
Command Descriptions
frame-relay intf-type
frame-relay intf-type {dce | dte}
default frame-relay intf-type
Purpose
Configures the Frame Relay interface as data communications equipment (DCE) or data terminal
equipment (DTE) for a Frame Relay-encapsulated channel or port or Multilink Frame Relay (MFR) bundle.
Command Mode
DS-0 group configuration
DS-1 configuration
DS-3 configuration
E1 configuration
E3 configuration
link group configuration
port configuration
Syntax Description
dce
Specifies that the port functions as a Frame Relay switch connected to a router.
dte
Specifies that the port is connected to a Frame Relay network.
Default
Frame Relay interfaces are set to DTE.
Usage Guidelines
Use the frame-relay intf-type command to configure the interface type for a Frame Relay-encapsulated
channel or port or MFR bundle.
If you configure the interface type as DCE and the Local Management Interface (LMI) is not disabled, LMI
Status Enquiries are expected to be received by the port, and Status messages are sent as a response.
If you configure the interface type as DTE and LMI is not disabled, LMI Status Enquiries are sent by the
port, and Status messages are expected to be received.
Use the default form of this command to return the Frame Relay interface setting to its default of DTE.
Examples
The following example configures a Packet over SONET/SDH (POS) port in slot 9 as a DCE interface:
[local]Redback(config)#port pos 9/1
[local]Redback(config-port)#frame-relay intf-type dce
6-56
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
Related Commands
frame-relay auto-detect
frame-relay lmi-type
Circuit Configuration
6-57
Command Descriptions
frame-relay keepalive
frame-relay keepalive seconds
no frame-relay keepalive
default frame-relay keepalive
Purpose
Enables the Frame Relay keepalive function and specifies the interval between the transmissions of
keepalive messages by a data terminal equipment (DTE) interface for a Frame Relay-encapsulated channel
or port, or Multilink Frame Relay (MFR) bundle.
Command Mode
DS-0 group configuration
DS-1 configuration
DS-3 configuration
E1 configuration
E3 configuration
link group configuration
port configuration
Syntax Description
seconds
Number of seconds between keepalive messages. The range of values is 0 to 60; the default
value is 10.
Default
The Frame Relay keepalive function is enabled, with a 10-second interval between messages.
Usage Guidelines
Use the frame-relay keepalive command to enable the Frame Relay keepalive function and specify the
interval between the transmissions of keepalive messages by a DTE interface for a Frame
Relay-encapsulated channel or port, or MFR bundle.
Use the no form of this command (or the frame-relay keepalive 0 command) to disable the transmission
of keepalive messages completely. This allows connections to time out and terminate during periods of
inactivity.
Use the default form of this command to specify the default values.
Examples
The following example specifies the Frame Relay keepalive interval on DS-3 channel 1 on a channelized
OC-12 port to 20 seconds:
[local]Redback(config)#port ds3 4/1:1
[local]Redback(config-ds3)#frame-relay keepalive 20
6-58
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
The following example specifies the Frame Relay keepalive interval on a Packet over SONET/SDH (POS)
port to 20 seconds:
[local]Redback(config)#port pos 9/1
[local]Redback(config-port)#frame-relay keepalive 20
Related Commands
frame-relay lmi-n391dte
Circuit Configuration
6-59
Command Descriptions
frame-relay lmi-n391dte
frame-relay lmi-n391dte exchanges
default frame-relay lmi-n391dte
Purpose
Specifies the number of keepalive messages to be sent before a request for a full status message is sent for
a Frame Relay-encapsulated channel or port, or Multilink Frame Relay (MFR) bundle.
Command Mode
DS-0 group configuration
DS-1 configuration
DS-3 configuration
E1 configuration
E3 configuration
link group configuration
port configuration
Syntax Description
exchanges
Number of keepalive messages (exchanges) to be sent before a full status request
message is sent. The range of values is 0 to 255; the default value is 6.
Default
The number of keepalive messages sent is 6.
Usage Guidelines
Use the frame-relay lmi-n391dte command to specify the number of keepalive messages to be sent before
a request for a full status message is sent for a Frame Relay-encapsulated channel or port, or MFR bundle.
Use the default form of this command to specify the default value.
Examples
The following example specifies 10 as the number of keepalive messages before a request for a full status
message is sent on DS-3 channel 1 on a channelized OC-12 port:
[local]Redback(config)#port ds3 4/1:1
[local]Redback(config-ds3)#frame-relay lmi-n391dte 10
The following example specifies 10 as the number of keepalive messages before a request for a full status
message is sent on a Packet over SONET/SDH (POS) port:
[local]Redback(config)#port pos 9/1
[local]Redback(config-port)#frame-relay lmi-n391dte 10
6-60
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
Related Commands
frame-relay keepalive
Circuit Configuration
6-61
Command Descriptions
frame-relay lmi-n392dce
frame-relay lmi-n392dce threshold
no frame-relay lmi-n392dce
default frame-relay lmi-n392dce
Purpose
Sets the error threshold before the Local Management Interface (LMI) is considered to have failed on a data
communications equipment (DCE) interface for a Frame Relay-encapsulated channel or port, or Multilink
Frame Relay (MFR) bundle.
Command Mode
DS-0 group configuration
DS-1 configuration
DS-3 configuration
E1 configuration
E3 configuration
link group configuration
port configuration
Syntax Description
threshold
Error threshold in number of errors. The range of values is 0 to 10; the default value is 3.
Default
The threshold is 3.
Usage Guidelines
Use the frame-relay lmi-n392dce command to set the error threshold before LMI is considered to have
failed on a DCE interface for a Frame Relay-encapsulated channel or port, or MFR bundle. You can only
use this command when you have configured the Frame Relay interface type as DCE (using the
frame-relay intf-type command in DS-0, DS-1, DS-3, E1, E3, link group, or port configuration mode).
The error threshold should never be greater than the monitored event count (configured with the
frame-relay lmi-n393dce command in DS-1, DS-3, E1, link group, or port configuration mode) because
when the error threshold meets or exceeds the monitored event count, the LMI is considered to have failed.
Use the no form of this command to set the threshold value to 0.
Use the default form of this command to set the error threshold to the default value of 3.
6-62
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
Examples
The following example sets the error threshold to 5 on a DCE interface:
[local]Redback(config)#port pos 9/1
[local]Redback(config-port)#frame-relay intf-type dce
[local]Redback(config-port)#frame-relay lmi-n392dce 5
Related Commands
frame-relay intf-type
frame-relay lmi-n392dte
frame-relay lmi-n393dce
Circuit Configuration
6-63
Command Descriptions
frame-relay lmi-n392dte
frame-relay lmi-n392dte threshold
default frame-relay lmi-n392dte
Purpose
Specifies the error threshold before the Local Management Interface (LMI) is considered to have failed on
a Frame Relay data terminal equipment (DTE) interface for a Frame Relay-encapsulated channel or port,
or Multilink Frame Relay (MFR) bundle.
Command Mode
DS-0 group configuration
DS-1 configuration
DS-3 configuration
E1 configuration
E3 configuration
link group configuration
port configuration
Syntax Description
threshold
Error threshold in number of errors. The range of values is 0 to 10; the default value is 3.
Default
The threshold is 3.
Usage Guidelines
Use the frame-relay lmi-n392dte command to specify the error threshold before the LMI is considered to
have failed on a Frame Relay DTE interface for a Frame Relay-encapsulated channel or port, or MFR
bundle.
The error threshold should never be greater than the monitored event count (configured with the
frame-relay lmi-n393dte command in DS-0, DS-1, DS-3, E1, E3, link group, or port configuration mode).
When the error threshold meets or exceeds the monitored event count, the LMI is considered to have failed.
Use the default form of this command to specify the default value.
Examples
The following example specifies 5 as the error threshold on a DTE interface, which is on DS-3 channel 1
on channelized OC-12 port 1:
[local]Redback(config)#port ds3 4/1:1
[local]Redback(config-ds3)#frame-relay lmi-n392dte 5
6-64
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
The following example specifies 5 as the error threshold on a DTE interface on a Packet over SONET/SDH
(POS) port:
[local]Redback(config)#port pos 9/1
[local]Redback(config-port)#frame-relay lmi-n392dte 5
Related Commands
frame-relay lmi-n393dte
Circuit Configuration
6-65
Command Descriptions
frame-relay lmi-n393dce
frame-relay lmi-n393dce event-count
no frame-relay lmi-n393dce
default frame-relay lmi-n393dce
Purpose
Sets the monitored event count on a data communications equipment (DCE) interface for a Frame
Relay-encapsulated channel or port, or Multilink Frame Relay (MFR) bundle.
Command Mode
DS-0 group configuration
DS-1 configuration
DS-3 configuration
E1 configuration
E3 configuration
link group configuration
port configuration
Syntax Description
event-count
Number of events (receipts of messages across the interface) to be included in the
monitored event count. The range of values is 0 to 10; the default value is 4.
Default
The monitored event count is enabled and set to 4.
Usage Guidelines
Use the frame-relay lmi-n393dce command to set the monitored event count on a DCE interface. You can
only use this command if you have configured the Frame Relay interface type as DCE for a Frame
Relay-encapsulated channel or port, or MFR bundle.
The event count should never be less than the error threshold count (configured by the frame-relay
lmi-n392dce command in DS-0, DS-1, DS-3, E1, E3, link group, or port configuration mode). When the
error threshold meets or exceeds the monitored event count, the Local Management Interface (LMI) is
considered to have failed.
Use the no form of this command to set the monitored event count value to 0.
Use the default form of this command to set the monitored event count to the default value of 4.
6-66
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
Examples
The following example sets the monitored event count to 5 on a DCE interface:
[local]Redback(config)#port pos 9/1
[local]Redback(config-port)#frame-relay intf-type dce
[local]Redback(config-port)#frame-relay lmi-n393dce 5
Related Commands
frame-relay intf-type
frame-relay lmi-n392dce
Circuit Configuration
6-67
Command Descriptions
frame-relay lmi-n393dte
frame-relay lmi-n393dte event-count
default frame-relay lmi-n393dte
Purpose
Specifies the monitored event count on a data terminal equipment (DTE) interface for a Frame
Relay-encapsulated channel or port, or Multilink Frame Relay (MFR) bundle.
Command Mode
DS-0 group configuration
DS-1 configuration
DS-3 configuration
E1 configuration
E3 configuration
link group configuration
port configuration
Syntax Description
event-count
Number of events (receipts of messages across the interface) to be included in the
monitored event count. The range of values is 0 to 10; the default value is 4.
Default
The monitored event count is 4.
Usage Guidelines
Use the frame-relay lmi-n393dte command to specify the monitored event count on a DTE interface for
a Frame Relay-encapsulated channel or port, or MFR bundle.
The event count should never be less than the error threshold count, which you specify by entering the
frame-relay lmi-n392dte command (in DS-0, DS-1, DS-3, E1, E3, link group, or port configuration
mode). When the error threshold meets or exceeds the monitored event count, the Local Management
Interface (LMI) is considered to have failed.
Use the default form of this command to specify the default value.
Examples
The following example specifies 5 as the monitored event count on a DTE interface, which is on DS-3
channel 1 on channelized OC-12 port 1:
[local]Redback(config)#port ds3 4/1:1
[local]Redback(config-ds3)#frame-relay lmi-n393dte 5
6-68
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
The following example specifies 5 as the monitored event count on a DTE interface on a Packet over
SONET/SDH (POS) port:
[local]Redback(config)#port pos 9/1
[local]Redback(config-port)#frame-relay lmi-n393dte 5
Related Commands
frame-relay lmi-n393dte
Circuit Configuration
6-69
Command Descriptions
frame-relay lmi-t392dce
frame-relay lmi-t392dce seconds
default frame-relay lmi-t392dce
Purpose
Specifies the interval for the polling verification timer when the interface type is data communications
equipment (DCE) for a Frame Relay-encapsulated channel or port, or Multilink Frame Relay (MFR)
bundle.
Command Mode
DS-0 group configuration
DS-1 configuration
DS-3 configuration
E1 configuration
E3 configuration
link group configuration
port configuration
Syntax Description
seconds
Number of seconds after which an error is counted if a message has not been received. The
range of values is 5 to 60; the default value is 15.
Default
The timer interval is 15 seconds.
Usage Guidelines
Use the frame-relay lmi-t392dce command to specify the interval for the polling verification timer when
the interface type is DCE for a Frame Relay-encapsulated channel or port, or MFR bundle.
The polling verification timer starts each time a keepalive message is received from the remote end. If no
keepalive message is received before the timer expires, an error is counted. If the number of errors exceeds
the error threshold, the LMI is declared down. The value specified for the timer should be greater than the
keepalive timer that is set by the remote end.
Use the default form of this command to specify the default interval of 15 seconds.
Examples
The following example specifies a 10 second interval for the polling verification timer for a DCE interface
type on a DS-3 channel 1 on a channelized OC-12 port:
[local]Redback(config)#port ds3 10/1:1
[local]Redback(config-ds3)#frame-relay intf-type dce
[local]Redback(config-ds3)#frame-relay lmi-t392dce 10
6-70
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
Related Commands
frame-relay intf-type
Circuit Configuration
6-71
Command Descriptions
frame-relay lmi-type
frame-relay lmi-type {ansi | group-of-4 | itu}
default frame-relay lmi-type
Purpose
Specifies the Frame Relay Local Management Interface (LMI) type for a Frame Relay-encapsulated
channel or port, or Multilink Frame Relay (MFR) bundle.
Command Mode
DS-0 group configuration
DS-1 configuration
DS-3 configuration
E1 configuration
E3 configuration
link group configuration
port configuration
Syntax Description
ansi
Specifies the LMI type for Annex D as defined by ANSI standard T1.617; this is the
default.
group-of-4
Specifies the original LMI as defined by Cisco, DEC, Northern Telecom, and StrataCom.
itu
Specifies the LMI type for ITU-T Q933 Annex A (formerly labeled as “CCITT”).
Default
The LMI type is ANSI.
Usage Guidelines
Use the frame-relay lmi-type command to specify the LMI type for the Frame Relay interface for a Frame
Relay-encapsulated channel or port, or MFR bundle.
Note A Packet over SONET/SDH (POS) ports support only the ANSI LMI type.
Use the default form of this command to specify the default LMI type.
Examples
The following example specifies an LMI type of ITU-T Q933 Annex A for DS-3 channel 1 on a
channelized OC-12 port:
[local]Redback(config)#port ds3 3/1:1
[local]Redback(config-ds3)#frame-relay lmi-type itu
6-72
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
The following example specifies an LMI type of ITU-T Q933 Annex A for a POS port:
[local]Redback(config)#port pos 9/1
[local]Redback(config-port)#frame-relay lmi-type itu
Related Commands
frame-relay lmi-n391dte
Circuit Configuration
6-73
Command Descriptions
frame-relay profile
frame-relay profile prof-name
no frame-relay profile prof-name
Purpose
Creates a new Frame Relay profile or selects an existing one for modification, and enters Frame Relay
profile configuration mode.
Command Mode
global configuration
Syntax Description
prof-name
Alphanumeric string to be used as the name of the particular profile.
Default
No Frame Relay profiles are defined.
Usage Guidelines
Use the frame-relay profile command to create a new Frame Relay profile or to select an existing profile
for modification, and enter Frame Relay profile configuration mode.
Note You must create a Frame Relay profile before you can configure Frame Relay permanent virtual
circuits (PVCs) that reference the profile.
Use the no form of this command to delete a Frame Relay profile. This form deletes any PVCs that
reference that profile.
Examples
The following example configures the Frame Relay profile, fr-pro, and enters Frame Relay profile
configuration mode:
[local]Redback(config)#frame-relay profile fr-pro
[local]Redback(config-fr-profile)#
Related Commands
frame-relay pvc
6-74
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
frame-relay pvc
In link group configuration mode, the syntax is:
frame-relay pvc dlci
no frame-relay pvc dlci
In all other configuration modes, the syntax is:
frame-relay pvc {dlci | default [profile prof-name]}
no frame-relay pvc dlci
Purpose
Creates or selects a Frame Relay permanent virtual circuit (PVC) on a Frame Relay-encapsulated channel
or port, or Multilink Frame Relay (MFR) bundle, and enters Frame Relay PVC or link PVC configuration
mode.
Command Mode
DS-0 group configuration
DS-1 configuration
DS-3 configuration
E1 configuration
E3 configuration
link group configuration
port configuration
Syntax Description
dlci
Data-link connection identifier (DLCI) of the individual circuit be created. The
range of values is 16 to 991.
default
Specifies the default profile and encapsulation. Not available in link group
configuration mode.
profile prof-name
Optional. Name of an existing Frame Relay profile. Not available in link group
configuration mode.
Default
No Frame Relay PVCs are defined.
Usage Guidelines
Use the frame-relay pvc command to create or select a Frame Relay PVC on a Frame Relay-encapsulated
channel or port, or MFR bundle, and enter Frame Relay PVC or link PVC configuration mode.
When entered in link group configuration mode, this command creates or selects an aggregated Frame
Relay PVC in the MFR bundle. When a DS-1 channel, or clear-channel E1 channel or port, is added to the
MFR bundle, a Frame Relay PVC with the specified dlci is created on that channel or port.
Circuit Configuration
6-75
Command Descriptions
When entered in DS-0, DS-1, DS-3, E1, E3, or port configuration mode, creates or selects a Frame Relay
PVC on the single-link channel, channel group, or port.
Use the no form of this command to delete a previously configured Frame Relay PVC.
Examples
The following example encapsulates DS-3 channel 1 on channelized OC-12 port 1 for Frame Relay, creates
a Frame Relay PVC with DLCI 16 to use the frame20 profile, and enters Frame Relay PVC configuration
mode:
[local]Redback(config)#frame-relay profile frame20
[local]Redback(config-fr-profile)#bulkstats schema fr
[local]Redback(config-fr-profile)#exit
[local]Redback(config)#port ds3 3/1:1
[local]Redback(config-ds3)#no shutdown
[local]Redback(config-ds3)#encapsulation frame-relay
[local]Redback(config-ds3)#frame-relay pvc 16 profile frame20
[local]Redback(config-fr-pvc)#
The following example encapsulates a POS port for Frame Relay, creates a Frame Relay PVC with DLCI
16, and enters Frame Relay PVC configuration mode:
[local]Redback(config)#frame-relay profile frame20
[local]Redback(config-fr-profile)#bulkstats schema fr-port
[local]Redback(config-fr-profile)#exit
[local]Redback(config)#port pos 3/1
[local]Redback(config-port)#encapsulation frame-relay
[local]Redback(config-port)#frame-relay pvc 16 profile frame20
[local]Redback(config-fr-pvc)#
The following example creates a Frame Relay link group and two aggregated Frame Relay PVCs with
DLCIs 26 and 27 for two sets of constituent Frame Relay PVCs to be aggregated in the MFR bundle lg1:
[local]Redback(config)#link-group lg1 mfr
[local]Redback(config-link-group)#frame-relay pvc 26
[local]Redback(config-link-pvc)#exit
[local]Redback(config-link-group)#frame-relay pvc 27
[local]Redback(config-link-pvc)#exit
Related Commands
frame-relay profile
6-76
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
idle-down
idle-down seconds
{no | default} idle-down
Purpose
Enables a watchdog timer to delete any inactive Asynchronous Transfer Mode (ATM) or 802.1Q permanent
virtual circuit (PVC) in a range of on-demand PVCs.
Command Mode
ATM PVC configuration
dot1q PVC configuration
Syntax Description
seconds
Time (in seconds) to wait before deleting an inactive on-demand 802.1Q or ATM PVC.
The range of values is 0 to 600; the default value is 0. An inactive on-demand PVC is a
circuit where no active subscriber sessions are present.
Default
The watchdog timer is disabled; inactive 802.1Q or ATM PVCs are not deleted.
Usage Guidelines
Use the idle-down command to enable a watchdog timer to delete any inactive ATM or 802.1Q PVC in a
range of on-demand PVCs. A PVC is inactive if there are no connected subscriber sessions on it.
Note The inactive circuit is deleted only from memory and becomes dormant (returns to listening mode).
Note
This command is not supported for on-demand ATM PVCs that you have configured with multi
encapsulation.
If the timer is set and a subscriber session is initiated before the timer expires, the timer is cancelled.
Use the no or default form of this command to disable the watchdog timer.
Examples
The following example sets a watchdog timer to 1 minute for a range of on-demand ATM PVCs on an
ATM OC port:
[local]Redback(config)#port atm 3/3
[local]Redback(config-atm-oc)#atm pvc on-demand 10:32 through 10:63 profile adam
encapsulation pppoe
[local]Redback(config-atm-pvc)#idle-down 60
Circuit Configuration
6-77
Command Descriptions
Related Commands
atm pvc
dot1q pvc
6-78
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
ip host
ip host ip-addr[/prefix-length | mac-addr]
no ip host ip-addr[/prefix-length | mac-addr]
Purpose
Associates an 802.1Q, Asynchronous Transfer Mode (ATM), or Frame Relay permanent virtual circuit
(PVC) with the IP address and medium access control (MAC) address of the remote host on the circuit.
Command Mode
ATM PVC configuration
dot1q PVC configuration
Frame Relay PVC configuration
link PVC configuration
Syntax Description
ip-addr
IP address of the host on this circuit in the form A.B.C.D.
prefix-length
Optional. Destination subnet. The range of values is 0 to 32.
mac-addr
Optional. MAC address of the remote host on this circuit in the form
hh:hh:hh:hh:hh:hh.
Default
No IP host address is associated with the PVC.
Usage Guidelines
Use the ip host command to associate an 802.1Q, ATM, or Frame Relay PVC with the IP address of the
host on the circuit.
Use this command only for an 802.1Q, ATM, or Frame Relay PVC that you intend to bind to an interface.
Note This command is available only for individual PVCs; you cannot enter it if you have created or
selected a range of PVCs. You must first select the individual PVC before you can enter this
command.
Note This command is not available for an 802.1Q or ATM PVC that you intend to cross-connect.
Note The mac-addr argument is not available for a Frame Relay PVC or for an ATM PVC for which you
have specified route1483 encapsulation.
Use the no form of this command to delete the association.
Note This command is also documented in Chapter 11, “Cross-Connection Configuration,” for IP over
Ethernet (IPoE) circuits and in Chapter 12, “GRE Tunnel Configuration,” for Generic Routing
Encapsulation (GRE) tunnel circuits.
Circuit Configuration
6-79
Command Descriptions
Examples
The following example associates an ATM PVC on an ATM OC port with the IP address of the host on the
PVC:
[local]Redback(config)#port atm 2/1
[local]Redback(config-atm-oc)#atm pvc 3 32 profile 1.vbrrt encapsulation route1483
[local]Redback(config-atm-pvc)#ip host 10.10.10.14/24
Related Commands
atm pvc—ATM DS-3 configuration mode
atm pvc—ATM OC configuration mode
bind interface
dot1q pvc
frame-relay pvc
6-80
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
mac-address
mac-address mac-addr
{no | default} mac-address mac-addr
Purpose
Assigns a medium access control (MAC) address for a 802.1Q permanent virtual circuit (PVC).
Command Mode
dot1q PVC configuration
Syntax Description
mac-addr
MAC address to be used for the port in the form hh:hh:hh:hh:hh:hh.
Default
When the Gigabit or Fast Ethernet card is inserted in the SmartEdge chassis, the MAC address is extracted
from the EEPROM and assigned to each port on the Gigabit or Fast Ethernet card as sequential addresses
starting with the base address for port 1. Every tunnel and PVC on a port has the same default address as
the port.
Usage Guidelines
Use the mac-address command to assign a MAC address on a Gigabit or Fast Ethernet port.
The mac-address command is only available under the dot1q PVC configuration mode. This command is
not available when configuring 802.1Q PVCs virtual LAN (VLAN) link group.
Note Do not enter a point-to-multipoint MAC address. There must not be an odd number in the first byte
of the mac-address.
Use the no or default form of this command to return the MAC address to the MAC address of the parent
circuit.
Examples
The following example assigns 02:03:04:05:06:07 as the MAC address on a 802.1Q PVC within a
tunnel on port 2 of the Gigabit or Fast Ethernet card in slot 1:
[local]Redback(config)#port ethernet 2/1
[local]Redback(config-port)#no shutdown
[local]Redback(config-port)#encapsulation dot1q
[local]Redback(config-port-dot1q)#dot1q pvc 2 lqtunnel
[local]Redback(config-port-dot1q)#dot1q pvc 2:1
[local]Redback(config-dot1q-pvc)#mac-address 02:03:04:05:06:07
As a result, the port and the 802.1Q tunnel have the same default address stored in the EEPROM. Only the
802.1Q PVC has an assigned MAC address.
Circuit Configuration
6-81
Command Descriptions
Related Commands
dot1q pvc
port ethernet
6-82
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
oam fault-monitor
oam fault-monitor end-to-end
{no | default} oam fault-monitor
Purpose
Enables alarm indication signal (AIS) and remote defect indication (RDI) fault monitoring for any
Asynchronous Transfer Mode (ATM) permanent virtual circuit (PVC) that references this profile and is not
cross-connected.
Command Mode
ATM profile configuration
Syntax Description
end-to-end
Specifies that the fault monitoring is end to end.
Default
Fault monitoring is disabled.
Usage Guidelines
Use the oam fault-monitor command to enable AIS and RDI fault monitoring of any ATM PVC that
references this profile.
In compliance with the ITU standard, AIS is used to report faults in the upstream (forward) direction; RDI
is used to report faults in the downstream (backward) direction.
If you reference this profile when configuring an ATM PVC that is later cross-connected, this command is
disabled (ignored) in the profile.
Note For more configuration guidelines for ATM profiles, VPs, and PVCs with regard to fault
monitoring, see the “ATM Configuration Guidelines” section.
Use the no or default form of this command to disable fault monitoring.
Examples
The following example enables fault monitoring for an ATM profile, oam:
[local]Redback(config)#atm profile oam
[local]Redback(config-atm-profile)#oam fault-monitor end-to-end
Related Commands
atm pvc
oam manage
Circuit Configuration
6-83
Command Descriptions
oam manage
oam manage end-to-end [heartbeat [backwards] | auto-loopback [down-retry-count retries]
[regular-timeout interval] [retry-timeout interval] [up-retry-count retries]]
no oam manage [end-to-end [heartbeat [backwards] | auto-loopback [down-retry-count retries]
[regular-timeout interval] [retry-timeout interval] [up-retry-count retries]]]
default oam manage end-to-end {heartbeat | auto-loopback}
Purpose
Enables the operational state of any Asynchronous Transfer Mode (ATM) permanent virtual circuit (PVC)
that is not cross-connected and that references this profile to be controlled by the state of its remote defect
indication (RDI) and alarm indication signal (AIS) state at the F5 level.
Command Mode
ATM profile configuration
Syntax Description
end-to-end
Specifies that the operations, administration, and maintenance (OAM)
management is end to end.
heartbeat
Optional. Specifies continuity monitoring.
backwards
Optional. Specifies downstream continuity monitoring.
auto-loopback
Optional. Causes the system to detect and clear the RDI and AIS state.
down-retry-count retries
Optional. Number of unsuccessful retries before declaring the connection
to be Down. The range of values is 0 to 10; the default value is 3 retries.
regular-timeout interval
Optional. Loopback interval in seconds when connectivity is stable. The
range of values is 1 to 300; the default value is 30 seconds.
retry-timeout interval
Optional. Loopback interval in seconds when connectivity is changing.
The range of values is 1 to 30; the default value is 3 seconds.
up-retry-count retries
Optional. Number of successful retries before declaring the connection to
be up. The range of values is 0 to 10; the default value is 2 retries.
Default
OAM management is disabled.
Usage Guidelines
Use the oam manage command to enable the operational state of any ATM PVC that references this profile
to be controlled by the state of its RDI and AIS state at the F5 level. If the F5 RDI and AIS state is active,
the operational state of the ATM PVC is down; if F5 RDI and AIS state is not active, the operational state
is up.
6-84
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
If you reference this profile when configuring an ATM PVC that is later cross-connected, this command is
disabled (ignored) in the profile.
Use the heartbeat construct to enable continuity monitoring. Cells are issued repetitively with a periodicity
of one cell each second independently of user cell traffic. After enabling continuity monitoring, if the PVC
does not receive any monitoring cell within a time interval of 3.5 seconds, with a margin of ±.5 seconds,
from a peer that is configured with continuity checking (heartbeat backward), the system declares a VP-AIS
or a virtual circuit (VC)-AIS (or both) state due to a loss of continuity.
Use the auto-loopback keyword to cause the system to detect and clear the RDI/AIS state by using
OAM F4 and F5 loopback cells to be periodically transmitted and its response cells monitored when
appropriate.
If you specify either the heartbeat or the auto-loopback keyword, the operational state is controlled by
both RDI/AIS, and either continuity check cells or ATM OAM loopback cells.
If you specify neither the heartbeat nor the auto-loopback keyword, OAM management is enabled with
only the fault monitoring function.
In every case, the system monitors and reacts to an RDI/AIS state by declaring the ATM PVC down and
sending an Simple Network Management Protocol (SNMP) trap.
Note By default, because an ATM PVC is enabled when you create it, OAM management is in effect for
any ATM PVC that references a profile that includes the oam manage command. However, if you
disable the ATM PVC with the shutdown command (in ATM PVC configuration mode), then OAM
management is not in effect. You must enable the ATM PVC with the no shutdown command (in
ATM PVC configuration mode) for OAM management to determine the state of the ATM PVC.
Note For more configuration guidelines for ATM profiles, VPs, and PVCs with regard to OAM, see the
“ATM Configuration Guidelines” section.
Use the no or default form of this command to disable OAM management of any ATM PVC that references
this profile.
To display the values of the auto-loopback parameters and the ATM PVC status, enter the show atm pvc
command (in any mode).
Examples
The following example enables the operational state of any ATM PVC that references the oam profile to be
controlled by both the state of its RDI/AIS and by OAM loopback:
[local]Redback(config)#atm profile oam
[local]Redback(config-atm-profile)#oam manage end-to-end auto-loopback
regular-timeout 45
Related Commands
atm pvc
oam fault-monitor
oam xc
Circuit Configuration
6-85
Command Descriptions
oam xc
oam xc end-to-end {[loopback] [heartbeat] [ais/rdi]}
{no | default} oam xc
Purpose
Enables operations, administration, and maintenance (OAM) cells received on one of a pair of
cross-connected Asynchronous Transfer Mode (ATM) permanent virtual circuits (PVCs) that reference this
profile to be forwarded to and transmitted on the other ATM PVC.
Command Mode
ATM profile configuration
Syntax Description
end-to-end Specifies that the operations, administration, and maintenance (OAM) management is
end to end.
loopback
Optional. Specifies that the OAM loopback cells are to be forwarded.
heartbeat
Optional. Specifies continuity monitoring; the OAM continuity check cells are forwarded.
ais/rdi
Optional. Specifies that the OAM alarm indication signal (AIS) and remote defect
indication (RDI) fault monitoring cells are to be forwarded.
Default
No OAM cells are forwarded
Usage Guidelines
Use the oam xc command to enable the OAM cells received on one of a pair of cross-connected ATM PVCs
that reference this profile to be forwarded to and transmitted on the other ATM PVC.
If you reference this profile when configuring an ATM PVC that is not cross-connected, this command is
disabled (ignored) in the profile; if the profile is also configured with either the oam fault-monitor or
oam manage command (in ATM profile configuration mode), that command is enabled instead. If the
ATM PVC is cross-connected at a later time, this command in the profile is enabled and either the oam
fault-monitor or oam manage command is disabled.
Note For more configuration guidelines for ATM profiles, VPs, and PVCs with regard to OAM, see the
“ATM Configuration Guidelines” section.
Use the no or default form of this command to disable the forwarding of all OAM cells.
6-86
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
Examples
The following example selectively disables the heartbeat option:
[local]Redback(config)#atm profile oam-xc
[local]Redback(config-atm-profile)#oam xc end-to-end loopback ais/rdi
The following example enables all OAM cells to be forwarded across the cross-connection of two ATM
PVCs on ATM OC ports:
[local]Redback(config)#atm profile oam-xc
[local]Redback(config-atm-profile)#oam xc
[local]Redback(config-atm-profile)#exit
[local]Redback(config)#port atm 3/1
[local]Redback(config-atm-oc)#atm pvc 100
[local]Redback(config)#port atm 4/1
[local]Redback(config-atm-oc)#atm pvc 100
[local]Redback(config-atm-oc)#exit
[local]Redback(config)#xc 3/1 vpi-vci 100
end-to-end loopback heartbeat ais/rdi
100 profile oam-xc encapsulation raw
100 profile oam-xc encapsulation raw
100 to 4/1 vpi-vci 100 100
Related Commands
oam fault-monitor
oam manage
Circuit Configuration
6-87
Command Descriptions
report
report {tx-speed tx-kbps rx-speed rx-kbps}
{no | default} report {tx-speed | rx-speed}
Purpose
Specifies the transmit and receive speeds to be included in the IEFT standard, Layer 2 Tunneling Protocol
(L2TP) Rx Connect Speed attribute-value pair (AVP) #24 and Tx Connect Speed AVP #38 for any
Asynchronous Transfer Mode (ATM) permanent virtual circuit (PVC) that references this ATM profile.
Command Mode
ATM profile configuration
Syntax Description
tx-speed tx-kbps Transmit speed, in kbps, to be included in L2TP AVP #38; the range of values is 1 to
4,294,967,296.
rx-speed rx-kbps Receive speed, in kbps, to be included in L2TP AVP #24; the range of values is 1 to
4,294,967,296.
Default
The RxConnect Speed is the port speed. The TxConnect Speed depends on the ATM traffic class specified
for the profile; see Table 6-21.
Usage Guidelines
Use the report command to specify the receive and transmit speeds to be included in the IEFT standard
L2TP Rx Connect Speed AVP #24 and Tx Connect Speed AVP #38 for any ATM PVC that references this
ATM profile.
Use the no or default form of this command to report default values in L2TP AVPs #24 and #38. Table 6-21
lists the default values for the TxConnect speed; for all traffic classes except UBR, the reported default
value is the value of the specified argument in the shaping command (in ATM profile configuration mode).
Table 6-21 Default Values for TxConnect Speed
6-88
ATM Traffic
Class
Default TxConnect Speed Reported
CBR
Value of the rate argument
UBR
Port speed
UBR pcr
Value of the pcr argument
UBRe
Value of the pcr argument
VBR-nrt
Value of the scr argument
VBR-rt
Value of the scr argument
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
Examples
The following example specifies the receive and transmit speeds as 2400 kbps in an ATM profile,
low_rate:
[local]Redback(config)#atm profile low_rate
[local]Redback(config-atm-profile)#shaping vbr-nrt pcr 2500 cdvt 20 scr 2400 bt 10
[local]Redback(config-atm-profile)#report tx-speed 2500
[local]Redback(config-atm-profile)#report rx-speed 2500
Related Commands
shaping
Circuit Configuration
6-89
Command Descriptions
shaping
shaping {cbr rate rate cdvt cdvt | ubr [pcr pcr | weight weight] | ubre mcr mcr pcr pcr bt bt |
vbr-nrt pcr pcr cdvt cdvt scr scr bt bt | vbr-rt pcr pcr cdvt cdvt scr scr bt bt}
default shaping
Purpose
Specifies the corresponding traffic class to use for any Asynchronous Transfer Mode (ATM) permanent
virtual circuit (PVC) or shaped virtual path (VP) that references this profile.
Command Mode
ATM profile configuration
Syntax Description
6-90
cbr
Specifies traffic class based on a constant bit rate (CBR).
rate rate
Traffic bit rate in kbps. The range of values is 64 to 599,040.
cdvt cdvt
Cell delay variation tolerance (CDVT), defined as the maximum cell delay (in
microseconds) between the expected arrival time and the actual arrival time. It controls
how much cell clustering is allowed. The range of values is 1 to 10,000.
ubr
Configures traffic class based on an unspecified bit rate (UBR).
pcr pcr
Optional. Peak cell rate (PCR); the upper limit on traffic (in kbps), that can be applied to
an ATM connection. The range of values is 65 to 599,040, but it must be greater than the
value specified for MCR, if specified. Optional for the UBR traffic class; required for
the UBRe traffic class.
weight weight
Optional. Weight, in number of ATM cells, to assign to any shaped VP or PVC;
applicable only to VPs and PVCs on ATM DS-3 and second-generation ATM OC cards
(in VC fairness mode). This option is ignore otherwise. The range of values is 1 to
32,000 cells; the default value is 4 cells.
ubre
Configures traffic class based on an unspecified bit rate extended (UBRe) that
guarantees the specified MCR and allows bursts up to the specified PCR.
mcr mcr
Minimum cell rate (MCR); specifies lower limit on traffic (in kbps), that can be applied
to an ATM connection. The range of values is 64 to 599,039, but it must be less than the
value specified for PCR.
bt bt
Burst tolerance (BT); specifies the number of microseconds that traffic can be
transmitted at the peak cell rate. The range of values is 1 to 10,000.
vbr-nrt
Configures traffic class based on variable bit rate-nonrealtime (VBR-nrt).
scr scr
Sustained cell rate (SCR); specifies the rate (in kbps) that should be maintained during
transmission of cells across a particular ATM connection. The range of values is 64 to
599,040.
vbr-rt
Configures traffic class based on variable bit rate-realtime (VBR-rt).
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
Default
Shaping is UBR with the maximum line rate.
Usage Guidelines
Use the shaping command to specify the corresponding traffic class to use for any ATM PVC or VP that
references this profile. The following traffic classes are supported:
•
Constant bit rate (CBR)—CBR supports realtime applications that are sensitive to delay variations; for
example, voice and video.
•
Unspecified bit rate (UBR)—UBR is the simplest type of traffic class.
It provides no specific quality of service or guaranteed throughput. UBR mode is typically used to carry
LAN and WAN traffic.
You can optionally allow bursts of traffic up to a specified peak cell rate (PCR); PCR is the maximum
rate at which traffic can be sent, measured in kbps. If PCR is not specified, the default value is the line
rate.
•
Unspecified bit rate-extended (UBRe)—UBRe distributes otherwise unused bandwidth across
designated connections.
If there is sufficient traffic it guarantees the specified minimum cell rate (MCR) and allows bursts up to
the PCR.
Note UBRe is available only for ATM PVCs configured on ports on second-generation ATM OC and
ATM DS-3 cards. It is not available for shaped VPs or PVCs on these cards under either of the
following conditions:
•
The VP or PVC has a QoS ATMWFQ policy attached.
•
The PVC is configured on a shaped VP and the card has the ATM priority segmentation and
reassembly (SAR) image loaded.
•
Variable bit rate nonrealtime (VBR-nrt)—VBR-nrt supports applications that have variable rate, bursty
traffic characteristics. This traffic class is suitable for critical data applications.
•
Variable bit rate realtime (VBR-rt)—VBR-rt supports time-sensitive applications that also require
constrained delay and delay variation; for example, compressed audio.
Note For more configuration guidelines for ATM profiles, VPs, and PVCs with regard to traffic classes,
see the “ATM Configuration Guidelines” section.
Successive shaping commands replace the previous shaping configuration for the profile.
Performance restrictions include:
•
The following bandwidth restrictions apply to ports on the first-generation ATM OC cards:
— For individual PVCs, the maximum supported transmit rate is 50% of the usable bandwidth. The
only exceptions are CBR- and UBR-shaped PVCs that can be established at 100% of the usable
bandwidth; transmit rates between 50% and 100% of the usable bandwidth are not supported.
— Transmit rates greater than 50% of the usable bandwidth are not supported for a shaped VP.
Circuit Configuration
6-91
Command Descriptions
•
The PVCs shaped with VBR-rt or VBR-nrt can experience performance limitations when other PVCs
on on the same port are configured with other traffic classes.
To avoid these limitations, the following settings are recommended for both VBR traffic classes:
— When the sustainable cell rates (SCR) is less than 50% of line rate, set the peak cell rate (PCR) to
50% of the usable bandwidth and set the burst tolerance (BT) to a value greater than 20
microseconds.
— When SCR is set between 50% and 100% of the usable bandwidth, set the PCR to 100% of the
usable bandwidth and the BT to a value greater than 20 microseconds.
— VBR shaping requires the ability to increase the cell rate during a specified period. This burst period
is proportional to the difference between the specified values for the PCR and SCR. Setting the
values to be equal implies that no burst period is allowed. In most cases, the PCR should exceed the
SCR value by a minimum of 20% of the usable bandwidth. When the PCR and SCR values are
equal, the SARC switches to an enhanced VBR shaping algorithm. This algorithm provides shaping
behavior similar to CBR, and the system does not display an error message.
Note No burst period is allowed when the values for the PCR and SCR are equal; in this case, the BT
has no effect on VBR shaping behavior.
The aggregated transmit rates for all ATM PVCs on a port must be less than its usable bandwidth or its
oversubscribed bandwidth, whichever is larger. You can oversubscribe the bandwidth of an ATM port using
the over-subscription-rate command (in ATM OC or ATM DS-3 configuration mode).
Note The usable bandwidth (the effective speed for user traffic) of a port displays by the show port detail
command (in any mode).
Use the default form of this command to specify the default shaping.
Examples
The following example specifies the vbr-nrt traffic class for an ATM profile with a PCR of 2500 kbps;
a CDVT of 20 ms; an SCR of 2400 kbps; and a BT of 10 ms:
[local]Redback(config)#atm profile low_rate
[local]Redback(config-atm-profile)#shaping vbr-nrt pcr 2500 cdvt 20 scr 2400 bt 10
Related Commands
atm pvc
6-92
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
shutdown
shutdown
no shutdown
Purpose
Disables the specified link group or Asynchronous Transfer Mode (ATM), Frame Relay, or 802.1Q
permanent virtual circuit (PVC).
Command Mode
ATM PVC configuration
dot1q PVC configuration
Frame Relay PVC configuration
link group configuration
link PVC configuration
Syntax Description
This command has no keywords or arguments.
Default
All PVCs are enabled.
Usage Guidelines
Use the shutdown command to disable the specified link group or ATM, Frame Relay, or 802.1Q PVC. No
data is transmitted or received when a PVC or link group is shut down.
Use the no form of this command to enable an ATM PVC, Frame Relay PVC, 802.1Q PVC, or link group.
Note You must also enable the port, channel, or both port and channel, on which circuits are configured
for the circuits to function.
This command is also described in the following chapters:
•
Chapter 3, “ATM, Ethernet, and POS Port Configuration,” for ATM OC, ATM DS-3, Ethernet, and
Packet over SONET/SDH (POS) ports.
•
Chapter 4, “Clear-Channel and Channelized Port and Channel Configuration,” for channelized OC-12
and STM-1 ports, DS-3 and E1 channels and ports, E3 ports, DS-1 channels, and DS-0 channel groups.
•
Chapter 11, “Cross-Connection Configuration,” for cross-connected circuits.
•
Chapter 12, “GRE Tunnel Configuration,” for Generic Routing Encapsulation (GRE) tunnel circuits.
Circuit Configuration
6-93
Command Descriptions
Examples
The following example configures DS-3 channel 1 on port 1 of a channelized OC-12 card in slot 3:
[local]Redback(config)#
[local]Redback(config)#port ds3 3/1:1
[local]Redback(config-ds3)#encapsulation frame-relay
[local]Redback(config-port)#frame-relay pvc 16 profile frame20
[local]Redback(config-fr-pvc)#no shutdown
Related Commands
atm pvc
dot1q pvc
frame-relay pvc
6-94
Ports, Circuits, and Tunnels Configuration Guide
Chapter 7
CLIPS Configuration
This chapter describes the tasks and commands used to configure SmartEdge® OS clientless IP service
selection (CLIPS) features.
For information about the tasks and commands used to monitor, troubleshoot, and administer CLIPS
features, see the “Circuit Configuration” chapter in the Ports, Circuits, and Tunnels Operations Guide for
the SmartEdge OS.
This chapter contains the following sections:
•
Overview
•
Configuration Tasks
•
Configuration Examples
•
Command Descriptions
Overview
With CLIPS, you can preconfigure the local configuration or the database on a Remote Authentication
Dial-In User Service (RADIUS) server to contain the medium access control (MAC) address and
corresponding ISP or context name for a subscriber’s PC. When the a subscriber is authenticated, a virtual
circuit is created for each medium access control (MAC) address so that multiple sessions are possible from
a single customer site.
The SmartEdge OS supports two types of CLIPS circuits—static and dynamic; both types of circuits allow
incoming packets on an clear-channel source, such as an Ethernet port, an 802.1Q permanent virtual circuit
(PVC), or an Asynchronous Transfer Mode (ATM) PVC, to be treated as if they came from a channelized
source.
By channelizing the port or PVC, packets from an individual subscriber are treated as if they are on a virtual
subscriber circuit, which can be bound to an interface in a specific context. The system treats this virtual
subscriber circuit as it would any other circuit; for example, you can attach a quality of service (QoS)
policy, an access control list (ACL), or an HTTP redirect policy to it.
CLIPS Configuration
7-1
Configuration Tasks
Another advantage to using CLIPS is that there is no need for client software, other than Dynamic Host
Configuration Protocol (DHCP) client software to support dynamic CLIPS sessions on the subscriber’s PC.
CLIPS is extensible and can be used as more complex configurations are required for new services. A
sample of current applications includes aggregated cable modem, digital subscriber line (DSL), wireless,
and Ethernet-to-the-home environments.
You configure a static CLIPS circuit on a physical circuit and bind it to a specific interface. The static
CLIPS circuit uses the IP address that you specify in the subscriber record.
The SmartEdge OS creates a dynamic CLIPS circuit on a port or PVC that you have configured for dynamic
CLIPS service when a subscriber initiates a session. At that time, the Dynamic Host Configuration Protocol
(DHCP) assigns the IP address for the session. (You must configure a DHCP server in the same context for
which the subscriber is authenticated.)
You can create groups of ports and PVCs on which dynamic CLIPS circuits will be created. These CLIPS
groups provide port and PVC redundancy for the subscriber sessions initiated on those ports and PVCs. If
a port or PVC that is a member of a CLIPS group becomes inoperable, traffic on its dynamic CLIPS circuits
is not disrupted, but is moved to another port or PVC that is a member of the group.
Members of CLIPS groups can include Ethernet or Gigabit Ethernet ports, or 802.1Q PVCs configured on
those ports.
CLIPS exclusion allows you to configure a port or PVC to support both dynamic CLIPS sessions and
DHCP sessions. With CLIPS exclusion, you can specify which sessions are DHCP hosts; all other sessions
are dynamic CLIPS sessions. You must configure a DHCP internal or relay server in each context in which
a CLIPS subscriber is bound.
Configuration Tasks
To configure CLIPS circuits, perform the tasks described in the following sections:
•
Configuring CLIPS Static Circuits
•
Configuring Dynamic CLIPS Circuits
•
Configuring a CLIPS Group
•
Configuring CLIPS Exclusion
Note To configure any CLIPS circuit, you must have enabled the software license for active subscribers;
CLIPS dynamic circuits also require a license for dynamic services. For more information about
enabling software licenses, see the “Basic System Configuration” chapter in the Basic System
Configuration Guide for the SmartEdge OS.
Note In this section, the command syntax in the task tables displays only the root command; for the
complete command syntax, see the full description for the command in the “Command
Descriptions” section.
7-2
Ports, Circuits, and Tunnels Configuration Guide
Configuration Tasks
Configuring CLIPS Static Circuits
To configure one or more CLIPS static circuits on an Ethernet port, 802.1Q PVC, or ATM PVC, perform
the tasks described in Table 7-1. Enter all commands in CLIPS PVC configuration mode, unless otherwise
noted.
Table 7-1
Configure CLIPS Static Circuits
#
Task
Root Command
Notes
1.
Enable the CLIPS feature for static CLIPS
PVCs.
service clips
Enter this command in port, dot1q PVC, or ATM PVC
configuration mode.
2.
Create one or more CLIPS static circuits on
an Ethernet port, 802.1Q PVC, or ATM
PVC, and access CLIPS PVC configuration
mode.
clips pvc
Enter this command in port, dot1q PVC, or ATM PVC
configuration mode.
3.
4.
CLIPS PVCs are not supported by ATM or 802.1Q
PVCs.
Create a static binding, using one of the
following commands:
.
• A single CLIPS PVC.
bind subscriber
Enter this command in CLIPS PVC configuration mode
• A range of CLIPS PVCs.
bind auto-subscriber
Enter this command in CLIPS PVC configuration mode
Disable a CLIPS PVC (stop operations on it)
until you are ready to begin operations on it.
shutdown
By default, all circuits are enabled (operational).
Configuring Dynamic CLIPS Circuits
To configure dynamic CLIPS circuits, perform the tasks described in Table 7-2. For information about the
DHCP commands, and the Redback® vendor-specific attributes (VSAs), see the “DHCP Configuration”
chapter and the “RADIUS Attributes” appendix, respectively, in the IP Services and Security Configuration
Guide for the SmartEdge OS.
Table 7-2
Configure Dynamic CLIPS Circuits
#
Task
Root Command
Notes
1.
Configure the IP address of a reachable
DHCP server.
dhcp relay server
Enter this command in context configuration mode.
2.
Configure one or more DHCP proxy
interfaces in the context in which the
subscriber circuit is to be bound.
dhcp proxy
Enter this command in interface configuration mode.
3.
Configure hosts to use DHCP to
dynamically acquire address
information for a subscriber’s circuit and
to set the maximum number of IP
addresses that can be assigned to
hosts associated with the circuit.
dhcp max-addrs
Enter this command in subscriber configuration mode.
CLIPS Configuration
The subscriber record or profile must have no IP address
configured; enter 1 as the value for the max-num argument.
You can configure this information in the subscriber record with
the RADIUS database instead of with this command. Use the
®
Redback vendor-specific attributes (VSAs) VSA 3,
DHCP-Max-Leases attribute.
7-3
Configuration Tasks
Table 7-2
Configure Dynamic CLIPS Circuits (continued)
#
Task
Root Command
4.
Configure the subscriber password.
password
Notes
Enter this command in subscriber configuration mode.
Enter Redback as the value for the passwd argument.
You can configure this information in the subscriber record with
the RADIUS database instead of with this command. By
default, the SmartEdge OS authenticates subscribers through
the local configuration.
5.
Enable CLIPS service.
service clips
Enter this command in ATM PVC, dot1q PVC, or port
configuration mode.
Enter the dhcp keyword.
Configuring a CLIPS Group
To configure a CLIPS group and assign a port or 802.1Q PVC to it, perform the tasks described in
Table 7-3.
Note CLIPS groups are available only for Ethernet and Gigabit Ethernet ports and 802.1Q PVCs that are
configured on them.
Table 7-3
Configure a CLIPS Group
#
Task
Root Command
Notes
1.
Configure the IP address of a reachable
DHCP server.
dhcp relay server
Enter this command in context configuration mode.
2.
Configure one or more DHCP proxy
interfaces in the context in which the
subscriber circuit is to be bound.
dhcp proxy
Enter this command in interface configuration mode.
3.
Configure hosts to use DHCP to
dynamically acquire address
information for a subscriber’s circuit and
to set the maximum number of IP
addresses that can be assigned to
hosts associated with the circuit.
dhcp max-addrs
Enter this command in subscriber configuration mode.
Configure the subscriber password.
password
4.
The subscriber record or profile must have no IP address
configured; enter 1 as the value for the max-num argument.
You can configure this information in the subscriber record
with the RADIUS database instead of with this command.
Use Redback VSA 3, DHCP-Max-Leases attribute.
Enter this command in subscriber configuration mode.
Enter Redback as the value for the passwd argument.
You can configure this information in the subscriber record
with the RADIUS database instead of with this command. By
default, the SmartEdge OS authenticates subscribers through
the local configuration.
5.
Create the CLIPS group.
clips-group
Enter this command in global configuration mode.
6.
Assign a port or 802.1Q PVC to the
CLIPS group.
service clips-group
Enter this command in port or dot1q PVC configuration mode
for each port and PVC to be assigned to the group.
7-4
Ports, Circuits, and Tunnels Configuration Guide
Configuration Examples
Configuring CLIPS Exclusion
To configure CLIPS exclusion for a port or PVC, perform the tasks described in Table 7-4.
Note CLIPS exclusion is available only for ports and PVCs that are configured for dynamic CLIPS
service; you must configure the external DHCP relay or internal DHCP server and subscribers in
the same context for which you configure the subscribers, as described in Table 7-4.
Table 7-4
Configure CLIPS Exclusion
#
Task
Root Command
Notes
1.
Configure the IP address of a reachable
DHCP server.
dhcp relay server
Enter this command in context configuration mode.
2.
Configure one or more DHCP proxy
interfaces in the context in which the
subscriber circuit is to be bound.
dhcp proxy
Enter this command in interface configuration mode.
3.
Configure hosts to use DHCP to
dynamically acquire address information
for a subscriber’s circuit and to set the
maximum number of IP addresses that
can be assigned to hosts associated with
the circuit.
dhcp max-addrs
Enter this command in subscriber configuration mode.
Configure the subscriber password.
password
4.
The subscriber record or profile must have no IP address
configured; enter 1 as the value for the max-num argument.
You can configure this information in the subscriber record
with the RADIUS database instead of with this command. Use
the Redback VSA 3, DHCP-Max-Leases attribute.
Enter this command in subscriber configuration mode.
Enter Redback as the value for the passwd argument.
You can configure this information in the subscriber record
with the RADIUS database instead of with this command. By
default, the SmartEdge OS authenticates subscribers through
the local configuration.
5.
Enable CLIPS service.
service clips
Enter this command in ATM PVC, dot1q PVC, or port
configuration mode.
Enter the dhcp keyword.
6.
Specify an exclusion condition for DHCP
hosts on an ATM PVC, dot1q PVC, or
Ethernet port.
service clips-exclude
Enter this command in ATM PVC, dot1q PVC, or port
configuration mode.
Configuration Examples
This following sections provide CLIPS configuration examples:
•
Static CLIPS Circuit for a Single PVC
•
Static CLIPS for a Range of PVCs
•
Static CLIPS Circuits Using an IP Address Pool
•
Dynamic CLIPS Circuits Using Local Authentication
•
Dynamic CLIPS Using Global RADIUS Authentication
•
CLIPS Group
•
CLIPS Exclusion
CLIPS Configuration
7-5
Configuration Examples
Static CLIPS Circuit for a Single PVC
The following example configures a CLIPS static circuit on a single PVC:
[local]Redback(config)#service multiple-contexts
[local]Redback(config)#context c1
[local]Redback(config-ctx)#interface i1 multibind
[local]Redback(config-if)#ip address 10.1.1.254/24
[local]Redback(config-if)#exit
[local]Redback(config-ctx)#subscriber name s1
[local]Redback(config-sub)#ip address 10.1.1.1
[local]Redback(config-ctx)#exit
[local]Redback(config)#card ether-12-port 9
[local]Redback(config-card)#exit
[local]Redback(config)#port ethernet 9/1
[local]Redback(config-port)#no shutdown
[local]Redback(config-port)#service clips
[local]Redback(config-port)#clips pvc 1
[local]Redback(config-clips-pvc)#bind subscriber s1@c1
Static CLIPS for a Range of PVCs
The following example configures 10 static CLIPS circuits on an Ethernet port:
[local]Redback(config)#service multiple-contexts
[local]Redback(config)#context c1
[local]Redback(config-ctx)#interface i1 multibind
[local]Redback(config-if)#ip address 10.1.1.254/24
[local]Redback(config-if)#exit
[local]Redback(config-ctx)#subscriber name s1
[local]Redback(config-if)#ip address 10.1.1.1
[local]Redback(config-if)#exit
[local]Redback(config-ctx)#subscriber name s2
[local]Redback(config-sub)#ip address 10.1.1.2
[local]Redback(config)#subscriber name s3
[local]Redback(config-sub)#ip address 10.1.1.3
[local]Redback(config-sub)#exit
[local]Redback(config-ctx)#subscriber name s4
[local]Redback(config-sub)#ip address 10.1.1.4
[local]Redback(config-sub)#exit
[local]Redback(config-ctx)#subscriber name s5
[local]Redback(config-sub)#ip address 10.1.1.5
[local]Redback(config-sub)#exit
[local]Redback(config-ctx)#subscriber name s6
[local]Redback(config-sub)#ip address 10.1.1.6
[local]Redback(config-sub)#exit
[local]Redback(config-ctx)#subscriber name s7
[local]Redback(config-sub)#ip address 10.1.1.7
[local]Redback(config-sub)#exit
[local]Redback(config-ctx)#subscriber name s8
[local]Redback(config-sub)#ip address 10.1.1.8
[local]Redback(config-sub)#exit
7-6
Ports, Circuits, and Tunnels Configuration Guide
Configuration Examples
[local]Redback(config-ctx)#subscriber name s9
[local]Redback(config-sub)#ip address 10.1.1.9
[local]Redback(config-sub)#exit
[local]Redback(config-ctx)#subscriber name s10
[local]Redback(config-sub)#ip address 10.1.1.10
[local]Redback(config-sub)#exit
[local]Redback(config-ctx)#exit
[local]Redback(config)#card ether-12-port 9
[local]Redback(config-card)#exit
[local]Redback(config)#port ethernet 9/1
[local]Redback(config-port)#no shutdown
[local]Redback(config-port)#service clips
[local]Redback(config-port)#clips pvc 1 through 10
[local]Redback(config-pvc-clips)#bind auto-subscriber s c1
Static CLIPS Circuits Using an IP Address Pool
The following example automatically configures static CLIPS circuits for subscribers 1 through 253 on an
Ethernet port, and assigns each subscriber an IP address from the IP pool, pool1:
[local]Redback(config)#context BASIC
[local]Redback(config-ctx)#interface ingress
[local]Redback(config-if)#ip address 200.1.1.1/24
[local]Redback(config-if)#exit
[local]Redback(config-ctx)#interface pool1 multibind
[local]Redback(config-if)#ip address 20.1.1.253/24
[local]Redback(config-if)#ip pool 20.1.1.0/24
[local]Redback(config-if)#exit
[local]Redback(config-ctx)#subscriber default
[local]Redback(config-sub)#ip address pool name pool1
[local]Redback(config-sub)#exit
[local]Redback(config-ctx)#exit
[local]Redback(config)#port ethernet 9/2
[local]Redback(config-port)#no shutdown
[local]Redback(config-port)#bind interface ingress BASIC
[local]Redback(config-port)#service clips
[local]Redback(config-port)#clips pvc 1 through 253
[local]Redback(config-pvc-clips)#bind auto-subscriber subscriber BASIC
Dynamic CLIPS Circuits Using Local Authentication
The following example configures dynamic CLIPS circuits on an ATM PVC and an Ethernet port using
local authentication and an external DHCP proxy server:
!Configure the system for an external DHCP server
[local]Redback(config)#service multiple-contexts
[local]Redback(config)#context c1
[local]Redback(config-ctx)#dhcp relay server 10.2.1.1
[local]Redback(config-dhcp-relay)#exit
CLIPS Configuration
7-7
Configuration Examples
!Configure an interface for a DHCP proxy server
[local]Redback(config-ctx)#interface i1 multibind
[local]Redback(config-if)#ip address 10.1.255.254/16
[local]Redback(config-if)#dhcp proxy 65535
[local]Redback(config-if)#exit
!Configure an interface for ports and PVCs with dynamic CLIPS circuits using the DHCP
proxy server
[local]Redback(config-ctx)#interface dhcp-server
[local]Redback(config-if)#ip address 10.2.1.2/24
[local]Redback(config-if)#exit
!Configure the subscriber default profile for the DHCP proxy server
[local]Redback(config-ctx)#subscriber default
[local]Redback(config-sub)#dhcp max-addrs 1
[local]Redback(config-sub)#exit
[local]Redback(config-ctx)#subscriber name 02:dd:00:00:00:01
[local]Redback(config-sub)#password Redback
[local]Redback(config-sub)#exit
[local]Redback(config-ctx)#exit
!Configure an ATM profile for an ATM PVC for dynamic CLIPS circuits in context c1
[local]Redback(config)#atm profile a1
[local]Redback(config-atm-profile)#shaping ubr
[local]Redback(config-atm-profile)#exit
[local]Redback(config)#card atm-oc3-4-port 1
[local]Redback(config-card)#exit
[local]Redback(config)#port atm 1/1
[local]Redback(config-atm-oc)#no shutdown
[local]Redback(config-atm-oc)#atm pvc 0 32 profile a1 encapsulation bridge1483
[local]Redback(config-atm-pvc)#bind interface dhcp-server c1
[local]Redback(config-atm-pvc)#service clips dhcp context c1
[local]Redback(config-atm-pvc)#exit
[local]Redback(config-atm-oc)#exit
!Configure an Ethernet port for dynamic CLIPS circuits in context c1
[local]Redback(config)#card ether-12-port 9
[local]Redback(config-card)#exit
[local]Redback(config)#port ethernet 9/1
[local]Redback(config-port)#no shutdown
[local]Redback(config-port)#service clips dhcp context c1
[local]Redback(config-port)#bind interface dhcp-server c1
Dynamic CLIPS Using Global RADIUS Authentication
The following example configures dynamic CLIPS circuits on an Ethernet port, using global RADIUS
authentication and an external DHCP proxy server:
!Configure global RADIUS authentication
[local]Redback(config)#aaa global authentication subscriber radius context local
[local]Redback(config)#service multiple-contexts
[local]Redback(config)#context local
!Configure the RADIUS server
[local]Redback(config-ctx)#radius server 10.0.154.2 key Redback
7-8
Ports, Circuits, and Tunnels Configuration Guide
Configuration Examples
!Configure an interface for circuits without dynamic CLIPS
[local]Redback(config-ctx)#interface i2
[local]Redback(config-if)#ip address 10.0.154.7/24
[local]Redback(config-if)#exit
[local]Redback(config-ctx)#exit
!Configure RADIUS authentication for a context and an external DHCP server
[local]Redback(config)#context c1
[local]Redback(config-ctx)#aaa authentication subscriber radius global
[local]Redback(config-ctx)#dhcp relay server 10.2.1.1
!Configure an interface for the DHCP proxy server
[local]Redback(config-ctx)#interface i1 multibind
[local]Redback(config-if)#ip address 10.1.255.254/16
[local]Redback(config-if)#dhcp proxy 65535
[local]Redback(config-if)#exit
!Configure an interface for the ports and PVCs with dynamic CLIPS circuits
[local]Redback(config-ctx)#interface dhcp-server
[local]Redback(config-if)#ip address 10.2.1.2/24
[local]Redback(config-if)#exit
!Configure the subscriber default profile for the DHCP proxy server
[local]Redback(config-ctx)#subscriber default
[local]Redback(config-sub)#dhcp max-addrs 1
[local]Redback(config-sub)#exit
[local]Redback(config-ctx)#exit
!Configure two Ethernet ports for dynamic CLIPS service, using the DHCP proxy server
[local]Redback(config)#card ether-12-port 9
[local]Redback(config-card)#exit
[local]Redback(config)#port ethernet 9/1
[local]Redback(config-port)#no shutdown
[local]Redback(config-port)#service clips dhcp context c1
[local]Redback(config-port)#bind interface dhcp-server c1
[local]Redback(config-port)#exit
[local]Redback(config)#port ethernet 9/2
[local]Redback(config-port)#no shutdown
[local]Redback(config-port)#service clips dhcp context c1
[local]Redback(config-port)#bind interface dhcp-server c1
[local]Redback(config-port)#exit
!Configure an Ethernet port that does not enable dynamic CLIPS service
[local]Redback(config)#port ethernet 9/12
[local]Redback(config-port)#no shutdown
[local]Redback(config-port)#bind interface i2 local
CLIPS Group
The following example configures a CLIPS group and assign three Ethernet ports:
[local]Redback(config)#service multiple-contexts
!Configure an empty CLIPS group for the c2 context
[local]Redback(config)#clips-group dclips dhcp context c2
!Configure an external DHCP server
[local]Redback(config)#context c2
[local]Redback(config-ctx)#dhcp relay server 10.2.1.3
CLIPS Configuration
7-9
Configuration Examples
!Configure an interface for the DHCP proxy server
[local]Redback(config-ctx)#interface i2 multibind
[local]Redback(config-if)#ip address 10.1.255.254/16
[local]Redback(config-if)#dhcp proxy 65535
[local]Redback(config-if)#exit
!Configure an interface for the ports with dynamic CLIPS circuits
[local]Redback(config-ctx)#interface dhcp-server
[local]Redback(config-if)#ip address 10.2.1.3/24
[local]Redback(config-if)#exit
!Configure the subscriber default profile for the DHCP proxy server
[local]Redback(config-ctx)#subscriber default
[local]Redback(config-sub)#dhcp max-addrs 1
[local]Redback(config-sub)#exit
[local]Redback(config-ctx)#exit
!Configure three Ethernet ports for dynamic CLIPS service, using the DHCP proxy server
!Assign each port to the CLIPS group
[local]Redback(config)#card ether-12-port 9
[local]Redback(config-card)#exit
[local]Redback(config)#port ethernet 4/1
[local]Redback(config-port)#service clips-group dclips
[local]Redback(config-port)#bind interface dhcp-server c2
[local]Redback(config-port)#no shutdown
[local]Redback(config-port)#exit
[local]Redback(config)#port ethernet 4/2
[local]Redback(config-port)#service clips-group dclips
[local]Redback(config-port)#bind interface dhcp-server c2
[local]Redback(config-port)#no shutdown
[local]Redback(config-port)#exit
[local]Redback(config)#port ethernet 4/3
[local]Redback(config-port)#service clips-group dclips
[local]Redback(config-port)#bind interface dhcp-server c2
[local]Redback(config-port)#no shutdown
[local]Redback(config-port)#exit
CLIPS Exclusion
The following example specifies exclusion conditions for a CLIPS group of Ethernet ports:
[local]Redback(config)#service multiple-contexts
!Configure an empty CLIPS group for the c2 context
[local]Redback(config)#clips-group dclips dhcp context c2
!Configure an external DHCP server
[local]Redback(config)#context c2
[local]Redback(config-ctx)#dhcp relay server 10.2.1.3
!Configure an interface for the DHCP proxy server
[local]Redback(config-ctx)#interface i2 multibind
[local]Redback(config-if)#ip address 10.1.255.254/16
[local]Redback(config-if)#dhcp proxy 65535
[local]Redback(config-if)#exit
7-10
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
!Configure an interface for the ports with dynamic CLIPS circuits
[local]Redback(config-ctx)#interface dhcp-server
[local]Redback(config-if)#ip address 10.2.1.3/24
[local]Redback(config-if)#exit
!Configure the subscriber default profile for the DHCP proxy server
[local]Redback(config-ctx)#subscriber default
[local]Redback(config-sub)#dhcp max-addrs 1
[local]Redback(config-sub)#exit
[local]Redback(config-ctx)#exit
!Configure three Ethernet ports, assign to the CLIPS group, and exclude the DHCP host
[local]Redback(config)#card ether-12-port 9
[local]Redback(config-card)#exit
[local]Redback(config)#port ethernet 4/1
[local]Redback(config-port)#service clips dhcp context c2
[local]Redback(config-port)#clips exclude vendor-class-id 0xAABP2798
[local]Redback(config-port)#bind interface dhcp-server c2
[local]Redback(config-port)#no shutdown
[local]Redback(config-port)#exit
[local]Redback(config)#port ethernet 4/2
[local]Redback(config-port)#service clips-group dclips
[local]Redback(config-port)#clips exclude vendor-class-id 0xAABP2798
[local]Redback(config-port)#bind interface dhcp-server c2
[local]Redback(config-port)#no shutdown
[local]Redback(config-port)#exit
[local]Redback(config)#port ethernet 4/3
[local]Redback(config-port)#service clips-group dclips
[local]Redback(config-port)#clips exclude vendor-class-id 0xAABP2798
[local]Redback(config-port)#bind interface dhcp-server c2
[local]Redback(config-port)#no shutdown
[local]Redback(config-port)#exit
Command Descriptions
This section describes the syntax and usage guidelines for the commands used to configure CLIPS. The
commands are presented in alphabetical order.
clips-group
clips pvc
service clips
CLIPS Configuration
service clips-exclude
service clips-group
7-11
Command Descriptions
clips-group
clips-group group-name dhcp [maximum max-num] [context ctx-name]
no clips-group group-name
Purpose
Creates an empty group to which you can assign redundant ports and permanent virtual circuits (PVCs) on
which will be created dynamic clientless IP service selection (CLIPS) circuits.
Command Mode
global configuration
Syntax Description
group-name
Name for a group of ports and PVCs on which dynamic CLIPS circuits will be
created.
dhcp
Specifies that the Dynamic Host Configuration Protocol (DHCP) will be used
for a group of ports and PVCs on which dynamic CLIPS circuits will be created.
maximum max-num
Optional. Maximum number of CLIPS sessions allowed on this group. The
range of values is 1 to 16,000; the default value is 16,000.
context ctx-name
Optional. Name of the context in which the subscriber is authenticated.
Default
No CLIPS groups are created.
Usage Guidelines
Use the clips-group command to create an empty group to which you can assign redundant ports and PVCs
on which will be created dynamic CLIPS circuits. CLIPS groups are available only for Ethernet and Gigabit
Ethernet ports and the 802.1Q PVCs configured on them.
Note The SmartEdge OS associates the CLIPS group with the slot of the first port or PVC that you assign
to the group. To change the slot, you must delete the group, re-create it, and then assign to it as the
first member, a port or PVC that you have configured on the card in the new slot.
Use the no form of this command to delete the CLIPS group.
Examples
The following example creates the dynamic-clips group for the dhccp context:
[local]Redback(config)#clips-group dynamic-clips dhcp context dhccp
7-12
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
Related Commands
clips pvc
service clips
service clips-group
CLIPS Configuration
7-13
Command Descriptions
clips pvc
clips pvc start-ses-num [through end-ses-num]
no clips pvc start-ses-num [through end-ses-num]
Purpose
Creates a static circuit or a range of clientless IP service selection (CLIPS) static circuits on an Ethernet
port, a static 802.1Q permanent virtual circuit (PVC) on an Ethernet port, or an Asynchronous Transfer
Mode (ATM) PVC, and enters CLIPS PVC configuration mode.
Command Mode
ATM PVC configuration
dot1q PVC configuration
port configuration
Syntax Description
start-ses-num
Numeric session ID or first numeric session ID in a range of IDs for the static
circuits being created; the range of values is 1 to 131,072.
through end-ses-num
Optional. Final numeric session ID in a range of IDs for the static circuits
being created; the range of values is 2 to 131,072.
Default
No static circuits are created.
Usage Guidelines
Use the clips pvc command to create a static circuit or a range of static circuits on an Ethernet port, an
802.1Q PVC on an Ethernet port, or an ATM PVC, and enter CLIPS PVC configuration mode.
You must first enter the service clips command in ATM PVC, dot1q PVC, or port configuration mode for
this command to be available.
You must have encapsulated the ATM PVC with RFC 1483 bridged encapsulation (bridge1483 keyword)
for this command to be available in ATM PVC configuration mode.
You cannot create static CLIPS PVCs on on-demand ATM or 802.1Q PVCs.
You can specify any type of encapsulation for an 802.1Q PVC or Ethernet port, but if you encapsulate the
PVC using the multi keyword, you cannot create a CLIPS PVC on a child circuit on the PVC.
If you create a range of static circuits, the session ID for each circuit is appended to the prefix1 argument
in the bind auto-subscriber command (in CLIPS PVC configuration mode).
You can create up to 8,000 static circuits on an Ethernet port, an 802.1Q PVC on an Ethernet port, or an
ATM PVC.
Use the no form of this command to delete an existing static circuit or range of static circuits.
7-14
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
Examples
The following example creates 10 circuits with session numbers 1 to 10 on port 1 of an Ethernet card in
slot 4:
[local]Redback(config)#port ether 4/1
[local]Redback(config-port)#service clips
[local]Redback(config-port)#clips pvc 1 through 10
[local]Redback(config-clips-pvc)#
Related Commands
bind auto-subscriber—CLIPS PVC configuration mode
bind subscriber—CLIPS PVC configuration mode
service clips
CLIPS Configuration
7-15
Command Descriptions
service clips
service clips [dhcp [maximum max-num] [context ctx-name]]
no service clips
Purpose
Enables either static or dynamic clientless IP service selection (CLIPS) on an Ethernet port, an 802.1Q
permanent virtual circuit (PVC) on an Ethernet port, or an Asynchronous Transfer Mode (ATM) PVC.
Command Mode
ATM PVC configuration
dot1q PVC configuration
port configuration
Syntax Description
dhcp
Optional. Enables dynamic CLIPS service through the Dynamic Host
Configuration Protocol (DHCP).
maximum max-num
Optional. Maximum number of CLIPS sessions allowed on this circuit. The
range of values is 1 to 16,000; the default value is 16,000.
context ctx-name
Optional. Name of the context in which the subscriber is authenticated.
Default
CLIPS is disabled.
Usage Guidelines
Use the service clips command to enable static or dynamic CLIPS on an Ethernet port, an 802.1Q PVC on
an Ethernet port, or an ATM PVC.
To configure static CLIPS service, enter the service clips command without the dhcp keyword. Specify the
dhcp keyword only to configure dynamic CLIPS service.
For static CLIPS circuits, you must also configure one or more CLIPS PVCs using the clips pvc command
(in port configuration mode); see the clips pvc command description.
To use the context ctx-name construct, you must configure the IP address of a reachable Remote
Authentication Dial-In User Service (RADIUS) server and enable subscriber authentication in the context
in which the subscriber circuit is to be bound. Use the radius server and aaa authentication subscriber
commands (in context configuration mode), respectively. If the subscriber record is stored on a RADIUS
server and you do not enter the context ctx-name construct, the system authenticates the subscriber in the
context defined with the aaa last-resort command (in context configuration mode).
You can enable CLIPS service on this circuit, or you can assign this circuit to a CLIPS group, using the
service clips-group command (in dot1q PVC or port configuration mode), but you cannot do both.
Use the no form of this command to disable CLIPS service.
7-16
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
Examples
The following example creates eight CLIPS static circuits with session numbers ranging from 1 to 8 on
port 1 of the Ethernet card installed in slot 3, and then binds each circuit to an automatically generated
subscriber name beginning with the string 10-1-1:
[local]Redback(config)#port ethernet 3/1
[local]Redback(config-port)#service clips
[local]Redback(config-port)#clips pvc 1 through 8
[local]Redback(config-port)#bind auto-subscriber “10-1-1” local
The following example enables dynamic CLIPS on port 1 of the Ethernet card installed in slot 3:
[local]Redback(config)#port ethernet 3/1
[local]Redback(config-port)#service clips dhcp
Related Commands
clips pvc
CLIPS Configuration
7-17
Command Descriptions
service clips-exclude
service clips-exclude vendor-class-id id [offset position]
{no | default} service clips-exclude vendor-class-id id [offset position]
Purpose
Specifies a condition by which a Dynamic Host Configuration Protocol (DHCP) host can be excluded from
clientless IP service selection (CLIPS) service on this port or permanent virtual circuit (PVC).
Command Mode
ATM PVC configuration
dot1q PVC configuration
port configuration
Syntax Description
vendor-class-id id
Contents of the DHCP option 60 ID field that is to be excluded, in one of the
following formats:
• Alphanumeric string, enclosed in quotation marks (“ ”); for example,
“ABCD1234”
• Alphanumeric string, not enclosed in quotation marks; for example, redback1
• Hex numeric string, not enclosed in quotation marks and prefaced with 0x or
0X; for example, 0Xabcd1234
offset position
Optional. Position of the starting octet to which the exclusion condition is to be
matched, according to one of the following formats:
• +n or n—Starting octet is the nth octet in the received ID. The matching
operation is performed on the nth and succeeding octets for the length of the
string specified by the vendor-class-id id construct.
• -n—Starting octet is the last octet in the received ID minus the previous (n-1)
octets. The matching operation is performed on the succeeding octets for the
length of the string specified by the vendor-class-id id construct.
The default value is 1 (the first octet).
Default
No DHCP received IDs are excluded.
Usage Guidelines
Use the service clips-exclude command to specify a condition by which a DHCP host can be excluded
from CLIPS service on this port or PVC. Any host that matches the exclusion condition is ineligible for
CLIPS service and is treated as a normal DHCP client.
7-18
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
Note You must first enable dynamic CLIPS service for this port or PVC using the service clips or service
clips-group command (in ATM PVC, dot1q PVC, or port configuration mode). You must also
configure an external proxy or internal DHCP server in the same context as that in which the host
messages are received.
The following guidelines apply to the formats for the id argument:
•
When you surround a string with quotation marks, they are not part of the comparison.
•
You must enclose a string with quotation marks if the string includes a space.
•
A hex numeric string must have an even number of characters.
•
Any string format, alphanumeric or hex numeric, supports both uppercase and lowercase characters.
Matching is performed on an octet basis. The match fails, if after the calculation of the starting position of
the octets to be matched (using the offset position construct), there are fewer octets available for matching
in the received ID than are specified by the vendor-class-id id construct.
To specify multiple exclusion conditions, enter this command for each condition; a DHCP host is excluded
if it matches any of the specified conditions.
Use the no or default form of this command to remove an exclusion condition from the configuration for
this port or PVC.
Examples
The following example configures an Ethernet port for CLIPS service and excludes DHCP hosts with an
ID of “BP29” and an offset of 3 octets. The matching operation is performed on the 3rd through the 6th
octet. If the received ID is CCBP2945, the matching operation is successful.
[local]Redback(config)#port ethernet 14/1
[local]Redback(config-port)#service clips
[local]Redback(config-port)#clips exclude vendor-class-id “BP29” offset 3
In the following example, the same matching operation is performed but with an offset of –3. In this case
the matching operation starts at the 6th octet and the match always fails because the number of octets to be
matched (4) is greater than the number of octets available to be matched.
[local]Redback(config)#port ethernet 14/1
[local]Redback(config-port)#service clips
[local]Redback(config-port)#clips exclude vendor-class-id “BP29” offset -3
Related Commands
None
CLIPS Configuration
7-19
Command Descriptions
service clips-group
service clips-group group-name
no service clips-group group-name
Purpose
Assigns a port or permanent virtual circuit (PVC) to the specified clientless IP service selection (CLIPS)
group.
Command Mode
dot1q PVC configuration
port configuration
Syntax Description
group-name
Name for a CLIPS group of ports and PVCs on which dynamic CLIPS circuits will be
created.
Default
No ports or PVCs are assigned to any CLIPS group.
Usage Guidelines
Use the service clips-group command to assign this port or PVC to the specified CLIPS group. You can
assign any mix of ports and PVCs to a CLIPS group. When you assign the port or PVC to the CLIPS group,
you enable the creation dynamic CLIPS service on that port or PVC.
You must first create the CLIPS group, using the clips-group command (in global configuration mode),
before you can assign a port or PVC to it. You cannot assign ports and PVCs that you have configured on
different traffic cards to the same CLIPS group.
You can enable dynamic CLIPS service on this circuit using the service clips command (in ATM PVC,
dot1q PVC, or port configuration mode), or you can assign this port or PVC to a CLIPS group, but you
cannot do both.
Use the no form of this command to remove the port or PVC from the specified CLIPS group.
Note This command is available only for Ethernet and Gigabit Ethernet ports and the 802.1Q PVCs
configured on them.
Examples
The following example assigns an 802.1Q PVC on an Ethernet port to the dynamic-clips group:
[local]Redback(config)#port ethernet 4/1
[local]Redback(config-port)#encapsulation dot1q
[local]Redback(config-port)#dot1q pvc 3
[local]Redback(config-dot1q-pvc)#service clips-group dynamic-clips
7-20
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
Related Commands
clips-group
service clips
CLIPS Configuration
7-21
Command Descriptions
7-22
Ports, Circuits, and Tunnels Configuration Guide
Chapter 8
PPP and PPPoE Configuration
This chapter provides an overview of Point-to-Point Protocol (PPP) or PPP over Ethernet (PPPoE) on ports,
channels, or circuits that have been configured with PPP or PPPoE encapsulation, describes the tasks used
to configure PPP and PPPoE features, provides configuration examples, and detailed descriptions of the
commands used to configure them through the SmartEdge® OS.
For information about the tasks and commands used to monitor, troubleshoot, and administer PPP and
PPPoE features, see the “Circuit Operations” chapter in the Ports, Circuits, and Tunnels Operations Guide
for the SmartEdge OS.
Other chapters with related commands include:
•
Configuration tasks and commands for Asynchronous Transfer Mode (ATM), Ethernet, and Packet over
SONET/SDH (POS) ports, which support PPP or PPPoE encapsulation, are described in Chapter 3,
“ATM, Ethernet, and POS Port Configuration.”
•
Configuration tasks and commands for clear-channel and channelized ports and channels are described
in Chapter 4, “Clear-Channel and Channelized Port and Channel Configuration.”
•
Configuration tasks and commands for circuits that support PPP or PPPoE encapsulation are described
in Chapter 6, “Circuit Configuration.”
•
Configuration tasks and commands for child circuits that support PPPoE encapsulation are described in
Chapter 11, “Cross-Connection Configuration.”
Note An 802.1Q permanent virtual circuit (PVC) is also referred to as an 802.1Q virtual LAN (VLAN),
but within this chapter, it is the circuit that is being configured.
This chapter includes the following sections:
•
Overview
•
Configuration Tasks
•
Configuration Examples
•
Command Descriptions
PPP and PPPoE Configuration
8-1
Overview
Overview
This section provides an overview of the PPP and PPPoE support offered by the SmartEdge OS and
includes the following sections:
•
PPP-Encapsulated Circuits and Binding
•
PPP Oversubscription
•
Multilink PPP
•
PPP Keepalive Checks
•
PPPoE Features
PPP-Encapsulated Circuits and Binding
PPP and PPPoE features comply with the following RFCs:
•
RFC 1332, The PPP Internet Protocol Control Protocol (IPCP)
The current implementation does not support compression.
•
RFC 1334, PPP Authentication Protocols
•
RFC 1661, The Point-to-Point Protocol (PPP)
•
RFC 1877, PPP Internet Protocol Control Protocol Extensions for Name Server Addresses
•
RFC 1990, The Multilink Protocol (MP)
•
RFC 1994, PPP Challenge Handshake Authentication Protocol (CHAP)
•
RFC 2364, PPP Over AAL5
•
RFC 2516, A Method for Transmitting PPP Over Ethernet, including the Extensions to a Method for
Transmitting PPP over Ethernet (PPPoE)
•
RFC 2615, PPP over SONET/SDH
The SmartEdge OS supports PPP on the following ports, channels, and circuits:
•
POS ports
•
Clear-channel DS-3 channels or ports
•
Clear-channel E3 ports
•
DS-1 channels on channelized DS-3 channels or ports
•
Clear-channel E1 channels or ports
•
DS-0 channel groups
•
ATM PVCs on ATM OC and ATM DS-3 ports
On ATM PVCs, PPP encapsulation types include virtual circuit-multiplexed (VC-multiplexed), logical link
control (LLC), Network Layer Protocol Identifier (NLPID), and serial (High-Level Data Link Control
[HDLC]) encapsulations as described in RFC 2364.
8-2
Ports, Circuits, and Tunnels Configuration Guide
Overview
PPP-encapsulated ATM PVCs, unlike RFC 1483-encapsulated ATM PVCs, can be dynamically bound to
an interface; you can use the bind authentication command (in ATM PVC configuration mode) to
dynamically bind a PPP-encapsulated ATM PVC to an interface on the basis of authentication.
If you use the bind subscriber command (in ATM PVC configuration mode), the PPP-encapsulated PVC
is brought up unauthenticated, meaning that no authentication data is received from the PPP remote peer.
The subscriber name and password are then supplied through the command-line interface (CLI), similar to
a PVC with RFC 1483 bridged- or routed-encapsulation.
The bind authentication command allows you to specify the authentication protocol to be used in
negotiating the PPP link. If you use the chap pap construct, for example, you indicate that both the
Challenge Handshake Authentication Protocol (CHAP) and the Password Authentication Protocol (PAP)
can be used, with CHAP negotiated first. CHAP uses a challenge and response protocol to provide
authentication without sending clear text passwords over the network. Other authentication protocol
options are available. See the description of the bind authentication command in Chapter 15, “Bindings
Configuration,” for a complete description of all options.
If you are using remote authentication using the Remote Authentication Dial-In User Service (RADIUS),
the local subscriber records are replaced by the corresponding subscriber records in the RADIUS database.
If you are using the CHAP, PAP, or both authentication protocols, the response from the RADIUS server
(in attribute 18) is forwarded to the PPP client with the reason for the acceptance or rejection of the
subscriber.
Another binding option is to use the bind authentication command with the optional context ctx-name
construct to create a restricted dynamic binding of a PPP-encapsulated PVC to a specific context; this
binding method denies the subscriber the ability to dynamically select a context (service).
An IP address is required. This IP address is assigned to the remote end of the PPP link, and there must be
an interface with an IP address or network mask range that includes the IP address assigned to a subscriber
during the IP Control Protocol (IPCP) phase of PPP (or that includes the IP address that has been directly
configured for the subscriber). RADIUS servers must return an IP address for the subscriber that falls
within the range of the interface that is configured in the appropriate context.
If the authentication procedure is successful, the PPP link is established and the circuit is implicitly bound
to the interface with a network address mask that includes the address of the remote PPP endpoint. If no
such interface exists, then the bind command fails.
Note When a second PPP session attempts to authenticate using an IP address that is already in use by an
established session, the established session is terminated, and the second session is allowed to
complete authentication.
If the remote PPP device is a router (or the remote segment of any other encapsulation type contains a
router), it might be necessary to configure one or more static routes whenever the link is brought up. This
is accomplished by one or more Routing Information Protocol (RIP) configuration commands in the
subscriber record.
PPP and PPPoE Configuration
8-3
Overview
PPP Oversubscription
Ordinarily, any bind authentication command causes the subscriber’s session to be counted toward the
maximum number of PPP structures allocated (which depends on your platform and configuration),
whether or not the subscriber is active. The alternative is to configure the system to operate so that only
active PPP sessions count toward the maximum number of structures allocated. The effect is that the
number of bind authentications you can have is increased, beyond the number that could actually bind and
come up (PPP oversubscription).
Oversubscription does not affect the maximum number of subscribers that can be terminated in a particular
context (established by the aaa max subscribers command in context configuration mode) or the hard
limits allowed by the SmartEdge OS.
You configure PPP oversubscription using ppp auto encapsulation in the atm pvc (or its atm pvc explicit
form) command (in ATM OC or ATM DS-3 configuration mode). For a complete description of both forms,
see Chapter 6 “Circuit Configuration.”
Multilink PPP
Multilink PPP (MP) is an extension to PPP that allows a peer to use more than one physical link for
communication. When using more than one physical link to connect two peers, you need a mechanism to
load balance the connection across the two (or more) links in the bundle. MP is used to fragment the
datagrams and send them across the multiple links in the bundle in a way that achieves optimum use of the
media.
Both ends of the point-to-point links must be capable of supporting MP connections. The two ends
configure the data link by swapping Link Control Protocol (LCP) packets during a link establishment
phase. If MP is not successfully negotiated by the two ends of the link, MP is not enabled for the
connection.
MP is implemented on the SmartEdge router in two forms:
•
MP using PPP-encapsulated DS-1 channels and E1 channels and ports.
Using this form of MP, you create a static MP bundle and add specific DS-1 channels, E1 channels, or
E1 ports to it. For more information about configuring this form of MP and the constituent channels or
ports, see Chapter 9, “Link Aggregation Configuration.”
•
MP using PPP-encapsulated ATM PVCs
Using this form of MP, you do not create the MP bundles; instead, the SmartEdge OS creates them
dynamically, using the endpoint discriminator sent by the peer during the LCP negotiation and the
subscriber name to determine whether to create a new MP bundle or add the session to a current MP
bundle. The configuration for this form of MP and the constituent ATM PVCs is described later in this
chapter.
8-4
Ports, Circuits, and Tunnels Configuration Guide
Overview
PPP Keepalive Checks
Keepalive checks are LCP echo messages sent over PPP sessions in the context to determine if sessions are
still active (alive). Normally, when a PPP session is ending, the peer sends the SmartEdge OS an LCP
termination request (TERMREQ) message to indicate that it is ending. Keepalive checks detect abnormal
disconnects that the SmartEdge OS would not otherwise know about. In addition to facilitating accurate
timing of accounting information, it is important to detect these abnormal terminations so that allocated
system resources can be reallocated to new sessions.
The keepalive checks feature can be used with or without a data check option. The data check option is
recommended when it is preferred to limit the overhead for PPP keepalive processing. However, using the
data check option to determine that a session is no longer active can take longer than using the PPP
keepalive feature without the data check option, by a length of one check interval. This condition occurs
because with the data check enabled, the check interval timer is reset as long as data has been received since
the last successful keepalive check.
If a session sends data and then abnormally terminates between keepalive checks, the SmartEdge OS has
no indication that the session has terminated until the following check interval timer expires with no data
being received. At that point, the SmartEdge OS begins sending LCP echo requests. Without a data check,
the SmartEdge OS begins sending LCP echo requests, regardless of whether data has been received since
the last check.
Table 8-1 compares the two scenarios. In both cases, the following configuration applies:
Table 8-1
•
Keepalive check interval is set to 60 seconds
•
Response timer is set to 10 seconds
•
Number of retries is set to 2
Time Elapsed Before an Abnormally Terminated Session Is Torn Down
PPP Keepalives Without Data Check Enabled
Step in the Process
Seconds
Elapsed Since
Previous Step
Successful keepalive
check—check interval timer
reset to zero
Cumulative
Seconds
Elapsed
PPP Keepalives with Data Check Enabled
Step in the Process
0
Successful keepalive
check—check interval timer
reset to zero
Seconds
Elapsed Since
Previous Step
Cumulative
Seconds
Elapsed
0
Packets sent by the session
5
5
Packets sent by the session
5
5
Abnormal termination
2
7
Abnormal termination
2
7
Check interval timer expires;
LCP echo request sent
53
60
Check interval timer expires;
data check indicates data has
been received since the last
successful keepalive check;
check interval timer is reset
53
60
Response timer expires; first
retry LCP echo request sent
10
70
Check interval timer expires;
data check indicates no data
has been received since the
last successful keepalive
check; LCP echo request sent
60
120
Response timer expires;
second retry LCP echo
request sent
10
80
Response timer expires; first
retry LCP echo request sent
10
130
PPP and PPPoE Configuration
8-5
Overview
Table 8-1
Time Elapsed Before an Abnormally Terminated Session Is Torn Down (continued)
PPP Keepalives Without Data Check Enabled
Step in the Process
Response timer expires;
retry limit reached; session
is torn down
Seconds
Elapsed Since
Previous Step
Cumulative
Seconds
Elapsed
10
90
Time elapsed between abnormal session
termination and tear down
83
PPP Keepalives with Data Check Enabled
Seconds
Elapsed Since
Previous Step
Cumulative
Seconds
Elapsed
Response timer expires;
second retry LCP echo
request sent
10
140
Response timer expires; retry
limit reached; session is torn
down
10
150
Step in the Process
Time elapsed between abnormal session
termination and tear down
143
PPPoE Features
The SmartEdge OS implementation of PPPoE supports the following features:
•
PPPoE encapsulation on Ethernet ports and ATM and 802.1Q PVCs.
•
Both IP over Ethernet (IPoE) and PPPoE encapsulation on the same ATM or 802.1Q PVC. You must
specify the multi encapsulation for these circuits when creating the PVC.
•
Policing and rate-limiting on a per-PPP-session basis.
•
Ability to configure a maximum number of concurrent sessions allowed on a circuit.
•
Multiple simultaneous PPPoE sessions arriving over the same circuit while being bound to different
services (contexts).
•
Ability to advertise a list of services (domains) to a client during the discovery protocol.
•
Ability to send messages to subscribers, including messages of the minute (MOTMs).
•
Ability to direct the subscriber’s browser to open at a specific, optionally customized URL.
The SmartEdge OS supports PPPoE encapsulation on the following ports, channels, and circuits:
8-6
•
Ethernet ports
•
ATM PVCs on ATM OC and ATM DS-3 ports
•
802.1Q PVCs on Ethernet ports
•
Child circuits on ATM and 802.1Q PVCs
Ports, Circuits, and Tunnels Configuration Guide
Configuration Tasks
Configuration Tasks
Note In this section, the command syntax in the task tables displays only the root command; for the
complete command syntax, see the full description for the command in the “Command
Descriptions” section.
PPP and PPPoE configuration tasks are described in the following sections:
•
Configuring PPP
•
Configuring PPPoE
Configuring PPP
This section includes the following topics:
•
Configure PPP Global Attributes
•
Configure a PPP-Encapsulated Port
•
Configure a PPP-Encapsulated Channel
•
Configure a PPP-Encapsulated ATM PVC
•
Configure MP on ATM PVCs
•
Configure a Subscriber Record for PPP
Configure PPP Global Attributes
To configure PPP global attributes, perform one or more of the tasks described in Table 8-2.
Table 8-2
Configure PPP Global Attributes
#
Task
Root Command
Notes
1.
Specify the range with which the SmartEdge OS negotiates LCP option values for the MRU:
For the SmartEdge router end of PPP sessions.
ppp our-options mru
For the peer at the remote end of PPP sessions.
ppp peer-options mru
2.
Enable MRU negotiation.
ppp pppoe-large-mru
3.
Enable PPP keepalive checks.
ppp keepalive
Enter this command in context configuration
mode with the check-interval keyword.
4.
Specify timing attributes.
ppp keepalive
Enter this command in context configuration
mode without the check-interval keyword.
PPP and PPPoE Configuration
Enter these commands in global configuration
mode.
8-7
Configuration Tasks
Configure a PPP-Encapsulated Port
To configure a PPP-encapsulated port, perform the tasks described in Table 8-3.
Table 8-3
Configure a PPP-Encapsulated Port
#
Task
Root Command
Notes
1.
Specify PPP encapsulation for the DS-3, E3,
E1, or POS port.
encapsulation
Enter this command in DS-3, E3, E1, or port
configuration mode.
Specify the encapsulation as ppp.
2.
Create a static binding to an interface.
bind interface
Configure a PPP-Encapsulated Channel
To configure a PPP-encapsulated channel, perform the tasks described in Table 8-4.
Table 8-4
Configure a PPP-Encapsulated Channel
#
Task
Root Command
Notes
1.
Specify PPP encapsulation for the DS-3, DS-1,
E1 channel or DS-0 channel group.
encapsulation
Enter this command in DS-0, DS-1, DS-3, or E1
configuration mode.
Specify the encapsulation as ppp.
2.
Create a static binding to an interface.
bind interface
Configure a PPP-Encapsulated ATM PVC
To configure a PPP-encapsulated ATM PVC, perform the tasks described in Table 8-5.
Table 8-5
Configure a PPP-Encapsulated ATM PVC
#
Task
Root Command
Notes
1.
Create one or more PPP-encapsulated ATM
PVCs and access ATM PVC configuration
mode.
atm pvc
Enter this command in ATM OC or ATM DS-3
configuration mode.
2.
Specify the encapsulation as ppp.
Create a binding with one of the following tasks:
• Create a static binding for a single ATM PVC
through a subscriber record to an interface.
bind subscriber
This type of binding is not supported for ATM PVCs
in PPP multilink bundles.
• Create static bindings for a set of ATM PVCs
through the subscriber records.
bind auto-subscriber
This type of binding is not supported for ATM PVCs
in PPP multilink bundles.
• Create an unrestricted dynamic binding.
bind authentication
• Create a restricted dynamic binding.
bind authentication
You must specify the context to create a restricted
dynamic binding.
Note If you are configuring an ATM PVC that will be included in a PPP multilink bundle, you must
ensure that it and all other PVCs in that bundle are identical in their configuration and are on ports
on the same ATM traffic card.
8-8
Ports, Circuits, and Tunnels Configuration Guide
Configuration Tasks
Configure MP on ATM PVCs
To configure MP using PPP-encapsulated ATM PVCs, perform the tasks described in Table 8-6. Enter all
commands in global configuration mode.
Table 8-6
Configure MP on ATM PVCs
#
Task
Root Command
Notes
1.
Enable PPP multilink.
ppp multilink
2.
Specify the endpoint discriminator.
ppp our-options multilink
3.
Configure one or more PPP-encapsulated ATM PVCs.
See Table 8-5 for the commands to configure a PPP-encapsulated
ATM PVC.
Configure a Subscriber Record for PPP
To configure a circuit for PPP in the subscriber record, perform the tasks described in Table 8-7. Enter all
commands in subscriber configuration mode.
Table 8-7
Configure a Subscriber Record for PPP
#
Task
Root Command
1.
Set the MTU used by PPP for the subscriber circuit.
ppp mtu
2.
For subscriber sessions on PPP multilink bundles, limit the
number of sessions a subscriber can access simultaneously.
port-limit
Notes
The maximum number of PPP multilink
sessions (links) is 8. For more information
about this command, see the “Subscriber
Configuration” chapter of the Basic System
Configuration Guide for the
SmartEdge OS.
For descriptions of the basic tasks needed to configure a subscriber record, see the “Subscriber
Configuration” chapter in the Basic System Configuration Guide for SmartEdge OS.
Configuring PPPoE
This section includes the following topics:
•
Configure PPPoE Global Attributes
•
Configure a PPPoE-Encapsulated Ethernet Port
•
Configure a PPPoE-Encapsulated ATM PVC
•
Configure a PPPoE-Encapsulated 802.1Q PVC
•
Configure a PPPoE-Encapsulated Child Circuit on an ATM PVC
•
Configure a PPPoE-Encapsulated Child Circuit on an 802.1Q PVC
•
Configure a Subscriber Record for PPPoE
PPP and PPPoE Configuration
8-9
Configuration Tasks
Configure PPPoE Global Attributes
To configure PPPoE global attributes, perform one or more of the tasks described in Table 8-8. Enter all
commands in global configuration mode.
Table 8-8
Configure PPPoE Global Attributes
Task
Root Command
Notes
Configures an option inside PPPoE daemon that
terminates the PPPoE session after a PPP session is
terminated.
pppoe always-send-padt
Enable acceptance and advertisement of any service name
tag that is included in a PADI or PADR message.
pppoe service-name accept-all
Specify which domains in the SmartEdge OS are
advertised to PPPoE clients.
pppoe services
Replace the default AC-Name PPPoE tag value.
pppoe tag
Configure a PPPoE-Encapsulated Ethernet Port
To configure an Ethernet port for PPPoE, perform the tasks described in Table 8-9. Enter all commands in
port configuration mode, unless otherwise noted.
Table 8-9
Configure an PPPoE-Encapsulated Ethernet Port
#
Task
Root Command
Notes
1.
Encapsulate the Ethernet port.
encapsulation
Specify the encapsulation as pppoe.
2.
Bind the port with one of the following tasks:
• Create an unrestricted dynamic binding.
bind authentication
You must specify the context to create a restricted
dynamic binding.
• Create a restricted dynamic binding.
bind authentication
Configure a PPPoE-Encapsulated ATM PVC
To configure a PPPoE-encapsulated ATM PVC, perform the tasks described in Table 8-10.
Table 8-10 Configure a PPPoE-Encapsulated ATM PVC
#
Task
Root Command
Notes
1.
Create one or more PPPoE-encapsulated
ATM PVCs and access ATM PVC
configuration mode.
atm pvc
Enter this command in ATM OC or ATM DS-3
configuration mode.
Use the explicit keyword to create a range of PVCs.
Use the on-demand keyword to configure a range of
PVCs that are created only when needed.
Specify the encapsulation as pppoe.
2.
8-10
Bind the ATM PVC with one of the following tasks:
• Create an unrestricted dynamic binding.
bind authentication
• Create a restricted dynamic binding.
bind authentication
You must specify the context to create a restricted
dynamic binding.
Ports, Circuits, and Tunnels Configuration Guide
Configuration Tasks
Configure a PPPoE-Encapsulated 802.1Q PVC
To configure a PPPoE-encapsulated 802.1Q PVC, perform the tasks described in Table 8-11.
Table 8-11
Configure a PPPoE-Encapsulated 802.1Q PVC
#
Task
Root Command
1.
Create a PPPoE-encapsulated 802.1Q PVC and
access dot1q PVC configuration mode.
dot1q pvc
2.
Notes
Enter this command in port configuration mode.
Specify the encapsulation as pppoe.
Bind the 802.1Q PVC with one of the following tasks:
• Create an unrestricted dynamic binding.
bind authentication
• Create a restricted dynamic binding.
bind authentication
You must specify the context to create a restricted
dynamic binding.
Configure a PPPoE-Encapsulated Child Circuit on an ATM PVC
To configure a child circuit on an ATM PVC for PPPoE, perform the tasks described in Table 8-12.
Table 8-12 Configure a PPPoE-Encapsulated Child Circuit on an ATM PVC
#
Task
Root Command
Notes
1.
Create one or more parent ATM PVCs and
access ATM PVC configuration mode.
atm pvc
Enter this command in ATM OC or ATM DS-3
configuration mode.
Use the explicit keyword to create a range of PVCs.
Specify the encapsulation as multi.
2.
Create the PPPoE-encapsulated child circuit and
access ATM child protocol configuration mode.
3.
Bind the child circuit with one of the following tasks:
circuit protocol
• Create an unrestricted dynamic binding.
bind authentication
• Create a restricted dynamic binding.
bind authentication
Specify the encapsulation as pppoe.
You must specify the context to create a restricted
dynamic binding.
Configure a PPPoE-Encapsulated Child Circuit on an 802.1Q PVC
To configure a child circuit on an 802.1Q PVC for PPPoE, perform the tasks described in Table 8-13.
Table 8-13 Configure a PPPoE-Encapsulated Child Circuit on an 802.1Q PVC
#
Task
Root Command
1.
Create the parent 802.1Q PVC and access dot1q
PVC configuration mode.
dot1q pvc
2.
Create the PPPoE-encapsulated child circuit and
access dot1q child protocol configuration mode.
circuit protocol
3.
Bind the child circuit with one of the following tasks:
Enter this command in port configuration mode.
Specify the encapsulation as multi.
• Create an unrestricted dynamic binding.
bind authentication
• Create a restricted dynamic binding.
bind authentication
PPP and PPPoE Configuration
Notes
Specify the encapsulation as pppoe.
You must specify the context to create a restricted
dynamic binding.
8-11
Configuration Examples
Configure a Subscriber Record for PPPoE
To configure a subscriber record for PPPoE, perform the tasks described in Table 8-14. Enter all commands
in subscriber configuration mode.
Table 8-14 Configure a Subscriber Record for PPPoE
#
Task
Root Command
Notes
1.
Assign an IP address to a subscriber record or profile.
ip address
For more information about this command, see
the “Subscriber Configuration” chapter in the
Basic System Configuration Guide for the
SmartEdge OS.
2.
Specify a password in the subscriber record.
password
Use the same password that is specified in the
bind subscriber or bind auto-subscriber
command. For more information about this
command, see the “Subscriber Configuration”
chapter in the Basic System Configuration
Guide for the SmartEdge OS.
3.
Specify optional attributes in the subscriber record or profile:
Configure routes for multiple PPPoE sessions.
pppoe client route
Create a PPPoE MOTM and enable the sending of it
to subscribers.
pppoe motm
Point a subscriber’s PPPoE client browser to a
specified URL.
pppoe url
For descriptions of the basic tasks needed to configure a subscriber record, see the “Subscriber
Configuration” chapter in the Basic System Configuration Guide for the SmartEdge OS.
Configuration Examples
This section includes the following examples:
•
PPP Examples
•
PPPoE Examples
PPP Examples
This section contains the following PPP configuration examples:
8-12
•
PPP Configuration with Dynamic Binding
•
PPP Configuration with Restricted Dynamic Binding
•
MP Configuration on ATM PVCs
Ports, Circuits, and Tunnels Configuration Guide
Configuration Examples
PPP Configuration with Dynamic Binding
In Figure 8-1, the host on the left is configured to run PPP over ATM. The SmartEdge OS is configured to
dynamically bind the user to an IP interface assumed to be previously configured with an IP address of
10.1.3.1 and a mask of 255.255.255.0.
Figure 8-1 ATM-to-Ethernet Network (PPP)
The following example creates the ATM PVC, using an existing ATM profile, adsl, and indicates to the
system that the PVC is to be bound using an authentication process:
[local]Redback(config)#port atm 3/1
[local]Redback(config-port)#atm pvc 100 300 profile adsl encapsulation ppp
[local]Redback(config-pvc)#bind authentication chap pap
PPP Configuration with Restricted Dynamic Binding
The following example constrains a PPP-encapsulated ATM PVC on an ATM OC port to be bound only in
the isp.net context:
[local]Redback(config)#port atm 3/1
[local]Redback(config-atm-oc)#atm pvc 100 1011 profile ubr encapsulation ppp
[local]Redback(config-pvc)#bind authentication pap context isp.net
MP Configuration on ATM PVCs
The following example configures MP on PPP-encapsulated ATM PVCs using the IP address of the
Ethernet management port, two ATM PVCs with identical configuration on the ATM card in slot 3, and a
subscriber with a limit of 2 sessions:
!Configure PPP multilink global attributes with IP address of Ethernet management port
[local]Redback(config)#ppp multilink
[local]Redback(config)#ppp our-options multilink endpoint-discriminator
local-ip-address
!Configure the links
[local]Redback(config)#port atm 3/1
[local]Redback(config-port)#atm pvc 200 100 profile adsl encapsulation ppp
[local]Redback(config-pvc)#bind authentication chap pap
[local]Redback(config-pvc)#exit
[local]Redback(config-port)#exit
PPP and PPPoE Configuration
8-13
Configuration Examples
[local]Redback(config)#port atm 3/2
[local]Redback(config-port)#atm pvc 200 200 profile adsl encapsulation ppp
[local]Redback(config-pvc)#bind authentication chap pap
[local]Redback(config-pvc)#exit
[local]Redback(config-port)#exit
!Configure the subscriber
[local]Redback(config)#context local
[local]Redback(config-ctx)#subscriber joe
[local]Redback(config-sub)#port-limit 2
PPPoE Examples
This section contains the following PPPoE configuration examples:
•
Advertise a List of Services (Domains)
•
Create and Delete a MOTM
•
Point a Subscriber’s Browser to a URL
Advertise a List of Services (Domains)
The following example configures a SmartEdge OS to advertise all of its domains (isp1, isp2, and isp3)
during the PPPoE discovery protocol:
[local]Redback(config)#context isp1.net
[local]Redback(config-ctx)#domain isp1
[local]Redback(config-ctx)#exit
[local]Redback(config)#context isp2.net
[local]Redback(config-ctx)#domain isp2
[local]Redback(config-ctx)#exit
[local]Redback(config)#context isp3.net
[local]Redback(config-ctx)#domain isp3
[local]Redback(config-ctx)#exit
[local]Redback(config)#pppoe services all-domains
The next example configures a SmartEdge OS to advertise only the indicated domains, namely isp1 and
isp2. Domains, corp1 and corp2, are not advertised, because the advertise keyword is not specified in
the definitions of the two domains, and the marked-domains keyword is specified in the pppoe services
command.
[local]Redback(config)#context isp1.net
[local]Redback(config-ctx)#domain isp1 advertise
[local]Redback(config-ctx)#exit
[local]Redback(config)#context isp2.net
[local]Redback(config-ctx)#domain isp2 advertise
[local]Redback(config-ctx)#exit
[local]Redback(config)#context corp1.com
[local]Redback(config-ctx)#domain corp1
[local]Redback(config-ctx)#exit
8-14
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
[local]Redback(config)#context corp2.com
[local]Redback(config-ctx)#domain corp2
[local]Redback(config-ctx)#exit
[local]Redback(config)#pppoe services marked-domains
Create and Delete a MOTM
The following example creates a message of the minute (MOTM):
[local]Redback(config-sub)#pppoe motm System down 0400 today for scheduled maintenance
The following example replaces the first MOTM with a new one:
[local]Redback(config-sub)#pppoe motm Scheduled maintenance canceled for 03/29/2003.
The following example removes the existing MOTM so that no message is sent to subscribers:
[local]Redback(config-sub)#no pppoe motm
Point a Subscriber’s Browser to a URL
The following example causes a PADM with the URL, http://www.loe.com/members/joe@local
to be sent to the PPPoE client when the PPP session is established:
[local]Redback(config-ctx)#subscriber name joe
[local]Redback(config-sub)#pppoe url http://www.loe.com/members/%U
The next example uses the pppoe url command to configure the subscriber default profile. Unless
overridden by a named subscriber profile or the subscriber record itself, a PADM containing
http://www.loe.com/members/name is sent to the PPPoE client of each subscriber when the PPP
session is established:
[local]Redback(config-ctx)#subscriber default
[local]Redback(config-sub)#pppoe url http://www.loe.com/members/%u
Command Descriptions
This section describes the syntax and usage guidelines for the commands used to configured PPP and
PPPoE features. The commands are presented in alphabetical order.
ppp keepalive
ppp mtu
ppp multilink
ppp multilink lfi
ppp our-options mru
ppp our-options multilink
ppp peer-options mru
ppp pppoe-large-mru
PPP and PPPoE Configuration
pppoe always-send-padt
pppoe client route
pppoe motm
pppoe service-name accept-all
pppoe services
pppoe tag
pppoe url
8-15
Command Descriptions
ppp keepalive
The first time you run this command in a context, the command syntax is:
ppp keepalive check-interval {minutes | seconds} time
After you specify the check interval for a context, the command syntax is:
ppp keepalive {[data-check] [response-timeout seconds] [retries retry-num]}
no ppp keepalive [check-interval] [data-check]
default ppp keepalive {response-timeout | retries}
Purpose
Enables Point-to-Point Protocol (PPP) keepalive checks and specify PPP timing attributes.
Command Mode
context configuration
Syntax Description
check-interval
Sets the time interval between PPP keepalive checks. Optional after you
have specified the initial check interval.
minutes
Specifies that the unit of measure for the time argument is minutes.
seconds
Specifies that the unit of measure for the time argument is seconds.
time
Time, in either minutes or seconds (depending on the preceding keyword),
between keepalive checks.
data-check
Optional. Specifies that after the PPP keepalive check interval timer
expires and before a Link Control Protocol (LCP) echo request message is
sent, a check is performed to determine if data has been received on the
circuit since the last check interval timer expiration.
response-timeout seconds
Optional. Amount of time the system is to wait for a response to an LCP
echo request message before incrementing the PPP keepalive retries
counter. The range of values is 3 to 60 seconds; the default value is 10.
retries retry-num
Optional. Number of times the system is to retry an unsuccessful PPP
keepalive check. The range of values is 2 to 10; the default value is 2.
Default
Keepalive checks are not enabled, except in the case of circuits using PPP over Ethernet (PPPoE), for which
the period between keepalive checks is 5 minutes (300 seconds).
8-16
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
Usage Guidelines
Use the ppp keepalive command to enable PPP keepalive checks and specify PPP timing attributes. The
command keywords work together to configure when and how keepalives are sent, and what action is taken
as a result of the response, or lack of response.
Keepalive checks are LCP echo request messages sent over PPP sessions in the context to detect abnormal
session disconnects that the system would not otherwise know about. The check-interval keyword must
be entered before the other command keywords are available.
The check-interval keyword sets the time between LCP echo requests, in either minutes or seconds. When
this time expires, an LCP echo request is sent to the PPP peer and a response timer is started. The length of
the response timer is determined by the value of the response-timeout seconds construct. If a valid LCP
echo is received before the response timer expires, the response timer is canceled, and the check interval
timer is reset.
If the response timer expires without a valid LCP echo being received, an optional check, specified by the
data-check keyword, is performed to see if any data has been received on the circuit since the LCP echo
request was sent. Only valid PPP packets are considered data. If data has been received since the LCP echo
request was sent, the check interval timer is reset. If no data has been received, the retry counter is
incremented and another LCP echo request message is sent. When the configured number of retries has
been reached, set by the value of the retries retry-num construct, without a valid echo or data being
received, the session is considered to be no longer alive and is torn down.
The data-check keyword specifies that after the check interval timer expires and before an LCP echo
request message is sent, a check is performed to determine if data has been received on the circuit since the
last check interval timer expiration. If data has been received, the check interval timer is simply reset,
skipping the LCP echo request message altogether. This option is recommended when it is preferred to limit
the overhead for PPP keepalive processing. The tradeoff is that using the data-check keyword to determine
that a session is no longer active can take longer than using the PPP keepalive feature without the
data-check keyword. For an example illustrating this tradeoff, see the “PPP Keepalive Checks” section.
Although the default period between keepalive checks for PPPoE circuits is 5 minutes (300 seconds) if
keepalive checks are not enabled, PPPoE circuits take on the configured period between checks when
keepalive checks are enabled.
Use the no form of this command without options to disable all command options.
Note The no ppp keepalive data-check form is available only if you have previously specified the check
interval.
Note Entering the no ppp keepalive check-interval command does not disable the keepalive feature on
active sessions. Because it is a context configuration mode command, applying to all PPP sessions
in the context, the command takes effect when the last active session is torn down.
Use the default form of this command to specify the default value for the response timer or the number of
retries.
Note The default form is available only if you have previously specified the check interval.
PPP and PPPoE Configuration
8-17
Command Descriptions
Examples
The following example enables the PPP keepalive feature, sets the length of the response timer and the
number of retries, and specifies the data check option to minimize LCP echo traffic:
[local]Redback(config-ctx)#ppp keepalive check-interval seconds 500
[local]Redback(config-ctx)#ppp keepalive data-check response-timeout 30 retries 3
Related Commands
None
8-18
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
ppp mtu
ppp mtu mtu
Purpose
Sets the maximum transmission unit (MTU) used by Point-to-Point Protocol (PPP) for a subscriber’s
circuit.
Command Mode
subscriber configuration
Syntax Description
mtu
Maximum transmission unit in bytes. The range of values is 128 to 12,800.
Default
There is no default value for this command.
Usage Guidelines
Use the ppp mtu command to set the MTU used by PPP for a subscriber circuit. The effect of this command
is strictly local to the SmartEdge router, and therefore, does not force the router to negotiate a particular
PPP MRU.
Use the ppp mtu command to lower the size of data packets being sent over that subscriber link from the
MRU value that has been negotiated between the SmartEdge router and the PPP client. You cannot make
the size any larger than the negotiated MRU. If an MRU value lower than the value of the mtu argument in
the ppp mtu command has been negotiated, the MRU value takes precedence and the ppp mtu command
setting is ignored.
On a normal Ethernet interface, the standard MTU is 1500. For Point-to-Point Protocol over Ethernet
(PPPoE) implementation, the negotiated MTU will use the physical interface, minus eight bytes as the
default.
Examples
The following command sets the PPP MTU to 768 bytes:
[local]Redback(config-sub)#ppp mtu 768
Related Commands
ip mtu
ppp our-options mru
ppp peer-options mru
subscriber
PPP and PPPoE Configuration
8-19
Command Descriptions
ppp multilink
ppp multilink
no ppp multilink
Purpose
Enables Point-to-Point Protocol (PPP) multilink for subscriber sessions on Asynchronous Transfer Mode
(ATM) permanent virtual circuits (PVCs).
Command Mode
global configuration
Syntax Description
This command has no keywords or arguments.
Default
PPP multilink for subscriber sessions on ATM PVCs is disabled.
Usage Guidelines
Use the ppp multilink command to enable PPP multilink for subscriber sessions on ATM PVCs.
Use the no form of this command to disable PPP multilink for subscriber sessions on ATM PVCs.
Examples
The following example enables PPP multilink on ATM PVCs:
[local]Redback(config)#ppp multilink
Related Commands
port-limit
ppp our-options multilink
8-20
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
ppp multilink lfi
ppp multilink lfi fragment-threshold value [priority-threshold value]
no ppp multilink lfi
Purpose
Enables Point-to-Point Protocol (PPP) Link Fragmentation and Interleaving (LFI) within the specified
priority or fragmentation threshold value for subscriber sessions on Asynchronous Transfer Mode (ATM)
permanent virtual circuits (PVCs).
Command Mode
global configuration
Syntax Description
fragment-threshold value
Fragmentation on outgoing traffic. The range of values is 256 to 16,320;
the default value is 0.
priority-threshold value
Multiprotocol encapsulation priority level. The range of values is 0 to 7;
the default value is 0.
Default
The default does not enable LFI priority and fragmentation thresholds for subscriber sessions on ATM
PVCs.
Usage Guidelines
Use the ppp multilink lfi command to enable PPP LFI with the specified priority or fragmentation
threshold values for subscriber sessions on ATM PVCs.
Use the fragment-threshold value construct to set the fragmentation threshold on outgoing traffic. The
range of values is 256 to 16,320. The threshold size is not to exceed the value specified by the user, but does
not necessarily need to be the same as the fragment threshold. The default value is 0, with no packets
becoming fragmented.
Use the optional priority-threshold value construct to define the multiprotocol encapsulation priority
level. The packet is encapsulated only if it is of lower or equal priority than the configured threshold. If the
packet is not multiprotocol encapsulated, it is not fragmented, regardless of the size. All packets are
multiprotocol encapsulated if their priority is lower than or equal to the threshold. The default value of 0
results in all packets being multiprotocol encapsulated.
Use the no form of this command to disable LFI priority and fragmentation thresholds for subscriber
sessions on ATM PVCs.
Examples
The following example enables PPP LFI with a specified fragmentation threshold value of 256:
[local]Redback(config)#ppp multilink lfi fragment-threshold 256
PPP and PPPoE Configuration
8-21
Command Descriptions
The following example enables PPP LFI with a specified priority threshold value of 7:
[local]Redback(config)#ppp multilink lfi priority-threshold 7
Related Commands
port-limit
ppp multilink
ppp our-options multilink
8-22
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
ppp our-options mru
ppp our-options mru initial initial-mru maximum max-mru
default ppp our-options mru
Purpose
Specifies the range for the maximum receive unit (MRU) with which the SmartEdge OS negotiates Link
Control Protocol (LCP) option values for the SmartEdge router end of the Point-to-Point Protocol (PPP)
session.
Command Mode
global configuration
Syntax Description
initial initial-mru
MRU value at which negotiation begins. The range of values is 128 to 16,384; the
default value is 1,500 for PPP circuits, and 1,492 for PPP over Ethernet (PPPoE)
circuits.
maximum max-mru Maximum MRU value that the SmartEdge OS can negotiate. The range of values
is 128 to 16,384; the default value is 16,384.
Default
If you do not use this command, the SmartEdge OS uses the default option values. For MRU, that value
is 1,500 for PPP circuits and 1,492 for PPPoE circuits.
Usage Guidelines
Use the ppp our-options mru command to specify the range for the MRU with which the SmartEdge OS
negotiates LCP option values for the SmartEdge router end of PPP sessions.
Currently, the options available are the initial and maximum MRU values. When these values are specified,
the SmartEdge OS begins negotiation for its MRU at the value of the initial-mru argument, and does not
exceed the value of the max-mru argument. The resulting size guidelines are reflected in all packets sent to
the SmartEdge router by the remote peer.
If, after 10 attempts, an agreement with the peer can not be reached as to a local MRU between the
configured initial and maximum values, the SmartEdge OS establishes the PPP session without negotiating
the local MRU. In that case, the SmartEdge OS uses an MRU of 1,500 for PPP circuits and 1,492 for PPPoE
circuits.
Note This command affects only subscriber sessions.
Use the default form of this command to return the LCP options to their default values.
PPP and PPPoE Configuration
8-23
Command Descriptions
Examples
The following example sets the local initial and maximum MRU values:
[local]Redback(config)#ppp our-options mru initial 1800 maximum 11000
Related Commands
ppp peer-options mru
8-24
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
ppp our-options multilink
ppp our-options multilink endpoint-discriminator [addr]
no ppp our-options multilink endpoint-discriminator
Purpose
Specifies the address for the SmartEdge router end of multilink Point-to-Point Protocol (MP) bundles.
Command Mode
global configuration
Syntax Description
endpoint-discriminator
Specifies the endpoint discriminator for the SmartEdge router end of MP
bundles.
addr
Optional. The address, either IP or medium access control (MAC), for the
SmartEdge router, according to one of the constructs or keywords listed in
Table 8-15.
Default
If you do not use this command, the SmartEdge OS uses the hostname and IP address of the SmartEdge
router.
Usage Guidelines
Use the ppp our-options multilink command to specify the address for the SmartEdge router end of MP
bundles. This command is not available until you have enabled MP using the ppp multilink command (in
global configuration mode).
Note This command affects only MP bundles on Point-to-Point Protocol (PPP)-encapsulated
Asynchronous Transfer Mode (ATM) permanent virtual circuits (PVCs).
Table 8-15 lists the address types and their constructs for the addr argument.
Table 8-15 Address Types
ip-addr Argument
Description
class-1 text
Locally assigned address consisting of up to 20 characters.
class-2 ip-addr
IP address.
class-3 mac-addr
MAC address.
class-5 text
Public-switched network directory number consisting of up to 15 characters.
local-ip-address
IP address of the Ethernet management port on the controller card.
local-mac-addr
MAC address of the SmartEdge router; this is the default address.
PPP and PPPoE Configuration
8-25
Command Descriptions
Use the no form of this command to specify the local MAC address of the SmartEdge router.
Examples
The following example specifies the IP address of the Ethernet management port on the controller card as
the endpoint discriminator:
[local]Redback(config)#ppp our-options multilink endpoint-discriminator
local-ip-address
Related Commands
ppp multilink
8-26
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
ppp peer-options mru
ppp peer-options mru minimum min-mru maximum max-mru
default ppp peer-options mru
Purpose
Specifies the range for the maximum receive unit (MRU) with which the SmartEdge OS negotiates Link
Control Protocol (LCP) option values for the remote end of the Point-to-Point Protocol (PPP) session.
Command Mode
global configuration
Syntax Description
minimum min-mru
Minimum MRU value for the remote peer. The range of values is 128 to 16,384;
the default value is 128.
maximum max-mru Maximum MRU value for the remote peer. The range of values is 128 to 16,384;
the default value is 16,384.
Default
The SmartEdge OS negotiates LCP options with the default values.
Usage Guidelines
Use the ppp peer-options mru command to specify the range for the MRU with which the SmartEdge OS
negotiates LCP option values for the remote end of PPP sessions.
Note The use of this command can alter the values negotiated during LCP, but it does not force any
options to be negotiated or prevent any options from being negotiated. For MRU (the only option
supported at the moment), it controls the SmartEdge end of the MRU negotiation if the remote peer
is willing to negotiate MRU.
Currently, the options available are the minimum and maximum MRU values. When these values are
specified, the SmartEdge OS negotiates the remote peer’s MRU value to be at least the value specified by
the min-mru argument, and not greater than the value specified by the max-mru argument. The resulting
size guidelines are reflected in all packets that the SmartEdge OS sends to the remote peer.
If, after 10 attempts, the SmartEdge OS has not reached an agreement with the peer regarding the value of
the peer’s MRU between the specified minimum and maximum values, the SmartEdge OS establishes the
PPP session without negotiating the peer’s MRU. In that case, the SmartEdge OS uses the standard MRU
of 1,500 for PPP circuits, and 1,492 for PPP over Ethernet (PPPoE) circuits.
Note This command affects only subscriber sessions.
Use the default form of this command to return the options to their default values.
PPP and PPPoE Configuration
8-27
Command Descriptions
Examples
The following example sets the peer’s minimum and maximum MRU values:
[local]Redback(config)#ppp peer-options mru minimum 200 maximum 2000
Related Commands
ppp mtu
ppp our-options mru
8-28
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
ppp pppoe-large-mru
ppp ppoe-large-mru
no ppp ppoe-large-mru
Purpose
Enables the negotiation of the maximum receive unit (MRU) for Point-to-Point Protocol over Ethernet
(PPPoE) circuits.
Command Mode
global configuration
Syntax Description
This command has no keywords or arguments.
Default
MRU negotiation is disabled.
Usage Guidelines
Use the ppp ppoe-large-mru command to enable the negotiation of the MRU for PPPoE circuits.
Unless you enable MRU negotiation, the MRU cannot exceed 1,492 bytes.
Use the no form of this command to disable MRU negotiation.
Examples
The following example enables MRU negotiation:
[local]Redback(config)#ppp ppoe-large-mru
Related Commands
ppp our-options mru
ppp peer-options mru
PPP and PPPoE Configuration
8-29
Command Descriptions
pppoe always-send-padt
pppoe always-send-padt
no pppoe always-send-padt
Purpose
Configures a Point-to-Point Protocol (PPP)-encapsulated (PPPoE) option that will terminate the PPPoE
session by sending a PPPoE Active Discovery Terminate (PADT) packet after the PPP session is
terminated.
Command Mode
global configuration
Syntax Description
This command has no keywords or arguments.
Default
The PPPoE option does not terminate the PPPoE session when the PPP session is terminated.
Usage Guidelines
Use the pppoe always-send-padt command to configure a PPPoE option that terminates the PPPoE
session after a PPP session is terminated.
Use this command if the PPPoE client requires explicit termination of the PPPoE session.
This option is a global option that will be applied to all PPPoE sessions that are currently established and
for all future sessions.
Use the no form of this command to disable the PPPoE option that terminates the PPPoE session once the
PPP session has terminated.
Examples
The following example configures the PPPoE option to terminate the PPPoE session after the PPP session
has terminated:
[local]Redback(config)#pppoe always-send-padt
[local]Redback(config)#end
Related Commands
pppoe services
pppoe service-name accept-all
pppoe tag
8-30
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
pppoe client route
pppoe client route ip-addr netmask metric
no pppoe client route ip-addr netmask metric
Purpose
Configures routes to be installed on the subscriber’s PC when multiple Point-to-Point Protocol over
Ethernet (PPPoE) sessions exist.
Command Mode
subscriber configuration
Syntax Description
ip-addr
IP address of the destination host.
netmask
Network mask for the route entry.
metric
Cost (number of hops) to this destination.
Default
Routes are not sent to the subscriber’s PPPoE client.
Usage Guidelines
Use the pppoe client route command to configure the SmartEdge router to provide different routes for
different PPPoE sessions. For each PPPoE session, a route is sent in a PPPoE Active Discovery Network
(PADN) message, and installed on the subscriber’s PC. In this way, subscribers are enabled with seamless
client route provisioning on a per-PPPoE session basis. The subscriber’s PC client must support PADN. If
the PPPoE client ignores the routes, they have no effect.
As an example of this feature, one PPPoE session could provide Internet connectivity, while another session
connects corporate headquarters to a remote office site. Routes to the business site might be of a very
different nature than the routes that provide access to the Internet.
Use the no form of this command to remove the specified route from the configuration.
Examples
The following example specifies that a route at 200.1.1.0 255.255.255.0 is to be used for concurrent
multiple PPPoE sessions. This route has a metric, or hop count, of 1:
[local]Redback(config-sub)#pppoe client route 200.1.1.0 255.255.255.0 1
Related Commands
pppoe motm
pppoe url
PPP and PPPoE Configuration
8-31
Command Descriptions
pppoe motm
pppoe motm text
no pppoe motm
Purpose
Creates and enables the sending of a message of the minute (MOTM) to a subscriber when logging on.
Command Mode
subscriber configuration
Syntax Description
text
Text of the MOTM to be sent to a newly authenticated subscriber. The maximum length of an
MOTM is 256 characters. Only one MOTM can be active at a time.
Default
None
Usage Guidelines
Use the pppoe motm command to create and enable the sending of a message to the subscriber when
logging on. You can use this command to send any information of general use to subscribers; for example,
information about system downtime.
Note A newly created MOTM overwrites an existing MOTM.
Use the no form of this command to delete the MOTM so that the message is no longer sent to the
subscriber after logging on.
Examples
The following example establishes an MOTM:
[local]Redback(config-sub)#pppoe motm Network will be down for maintenance from
0100-0400 Saturday.
The following example deletes the active MOTM:
[local]Redback(config-sub)#no pppoe motm
Related Commands
pppoe url
8-32
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
pppoe service-name accept-all
pppoe service-name accept-all
no pppoe service-name accept-all
Purpose
Enables the SmartEdge router to accept any service name tag that is included in a Point-to-Point Protocol
over Ethernet (PPPoE) Active Discovery Initiation (PADI) or PPPoE Active Discovery Request (PADR)
message and include it among the advertised services in a PPP Active Discovery Offer (PADO) or PPPoE
Active Discovery Session (PADS) message, respectively.
Command Mode
global configuration
Syntax Description
This command has no keywords or arguments.
Default
The SmartEdge router accepts and advertises only those services (domains) that have been configured
through the SmartEdge OS.
Usage Guidelines
Use the pppoe service-name accept-all command to enable the SmartEdge router to accept any service
name tag that is included in a PPPoE PADI message, and include it among the advertised services in PPP
PADO messages. It also accepts any service name tag that is included in a PPPoE PADR message and
includes it in a PPPoE PADS message.
Use the no form of this command to disable the acceptance and advertisement of service name tags that are
not configured through the SmartEdge OS.
Examples
The following example enables the acceptance of all service names that might be included in PADI or
PADR messages:
[local]Redback(config)#pppoe service-name accept-all
Related Commands
pppoe services
PPP and PPPoE Configuration
8-33
Command Descriptions
pppoe services
pppoe services {all-domains | marked-domains}
{no | default} pppoe services
Purpose
Specifies which domains (services) are advertised to Point-to-Point Protocol over Ethernet (PPPoE) clients.
Command Mode
global configuration
Syntax Description
all-domains
Specifies that all domains are advertised.
marked-domains
Specifies that only domains that have the advertise keyword as part of their
definition are advertised.
Default
No domains are advertised to PPPoE clients.
Usage Guidelines
Use the pppoe services command to specify which domains (services) are advertised to PPPoE clients and
make public the services that the SmartEdge router provides.
Note Domain names, not context names, are advertised during the PPPoE discovery protocol.
Use the no or default form of this command to disable domain advertisement.
Examples
The following example enables the advertisement of marked domains to PPPoE clients:
[local]Redback(config)#pppoe services marked-domains
Related Commands
None
8-34
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
pppoe tag
pppoe tag {ac-name string | ac-cookie}
{no | default} pppoe tag {ac-name | ac-cookie}
Purpose
Replaces the default access concentrator (AC)-Name PPPoE tag value with the specified string or enables
AC-Cookie tag support.
Command Mode
global configuration
Syntax Description
ac-cookie
Enables AC-Cookie tag support.
ac-name string
Alphanumeric string to replace the default value for the AC-Name PPPoE tag.
Default
The SmartEdge OS uses an automatically generated (and guaranteed to be unique) value for the AC-Name
PPPoE tag and AC-cookie tag support is disabled.
Usage Guidelines
RFC 2516, Transmitting PPP Over Ethernet, specifies that the AC-Name PPPoE tag sent in PPPoE Active
Discovery Offer (PADO) messages must have a unique value. The SmartEdge OS ensures that this value
is unique by creating it from a combination of the backplane serial number and the hostname of the AC
device sending the PADO message. When it is preferred to override this default, use this command to
establish an alternate value for the AC-Name tag. After you change the default, the SmartEdge OS can no
longer guarantee that the value is unique.
SmartEdge OS also supports the AC-Cookie tag described in RFC 2516 to allow the AC to uniquely
regenerate the tag value based on the PADR source address. Using this feature, the AC can ensure that the
PADI source address is indeed reachable and can then limit concurrent sessions for that address.
Use the no or default form of this command to return the AC-Name value to the automatically generated
default name or to disable AC-Cookie tag support.
Examples
The following example replaces the AC-Name PPPoE tag with fortune-1:
[local]Redback(config)#pppoe tag ac-name fortune-1
Related Commands
None
PPP and PPPoE Configuration
8-35
Command Descriptions
pppoe url
pppoe url url
no pppoe url
Purpose
Sets the subscriber’s Point-to-Point Protocol over Ethernet (PPPoE) client to automatically point the web
browser to a specified URL as soon as the session is established.
Command Mode
subscriber configuration
Syntax Description
url
URL to which the subscriber’s browser is pointed after the subscriber’s PPP session is
established. See Table 8-16 for special-character sequences that can be used in the url
argument.
Default
None
Usage Guidelines
Use the pppoe url command to set the subscriber’s PPPoE client to point the subscriber’s browser to a
specific location after the subscriber’s PPP session is established.
This command can be configured in each subscriber record, in a named subscriber profile, or in the
subscriber default profile.
The url argument is a standard URL that can contain the special-character sequences listed in Table 8-16.
Table 8-16 Special-Character Sequences
Character Sequence
Expands to:
%U
The entire subscriber name used in PPP authentication.
%u
The user portion of the subscriber name used in PPP authentication. This is the portion of the subscriber name
that precedes the first @ or other divider character. If there is no divider character, then %u expands to the
entire subscriber name.
%d
The domain portion of the subscriber name used in PPP authentication. This is the portion of the subscriber
name that follows the first @ or other divider character. If there is no divider character, %d expands to a zero
length string.
%D
The name of the context to which the subscriber was authenticated. This may be different than the domain
portion of the subscriber name.
%%
Single % character.
8-36
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
These sequences are expanded by the SmartEdge router prior to inclusion in a PPP Active Discovery
Message (PADM) and can be used to personalize the URL to the subscriber.
Use the no form of this command to remove the URL association from the subscriber record.
Examples
For a subscriber, joe, in the context, local, the following example allows a PADM containing the URL
http://www.loe.com/members/joe@local to be sent to the PPPoE client when the PPP session is
established:
[local]Redback(config-ctx)#subscriber name joe
[local]Redback(config-sub)#pppoe url http://www.loe.com/members/%U
For every subscriber to which the subscriber default value is applied, the following example sends a PADM
containing http://www.loe.com/members/name to the PPPoE client when the PPP session is
established:
[local]Redback(config-ctx)#subscriber default
[local]Redback(config-sub)#pppoe url http://www.loe.com/members/%u
Related Commands
pppoe motm
PPP and PPPoE Configuration
8-37
Command Descriptions
8-38
Ports, Circuits, and Tunnels Configuration Guide
Chapter 9
Link Aggregation Configuration
This chapter provides an overview of link aggregation features, describes the tasks used to configure them,
provides configuration examples, and detailed descriptions of the commands used to configure link
aggregation features through the SmartEdge® OS.
For information about the tasks and commands used to monitor, troubleshoot, and administer link
aggregation features, see the “Circuits Configuration” chapter in the Ports, Circuits, and Tunnels
Operations Guide for the SmartEdge OS.
Other chapters with related tasks and commands include:
•
Configuration tasks and commands for Ethernet ports are described in Chapter 3, “ATM, Ethernet, and
POS Port Configuration.”
•
Configuration tasks and commands for DS-1 channels and E1 channels or ports are described in
Chapter 4, “Clear-Channel and Channelized Port and Channel Configuration.”
•
Configuration tasks and commands for 802.1Q and Frame Relay permanent virtual circuits (PVCs) are
described in Chapter 6, “Circuit Configuration.”
For protocol- or feature-specific commands that appear (in link group configuration mode), see the
appropriate chapter in this guide, in the Routing Protocols Configuration Guide for the SmartEdge OS, or
the IP Services and Security Configuration Guide for the SmartEdge OS.
This chapter includes the following sections:
•
Overview
•
Configuration Tasks
•
Configuration Examples
•
Command Descriptions
Link Aggregation Configuration
9-1
Overview
Overview
Link aggregation provides increased bandwidth and availability because the failure or replacement of a link
in the link group does not cause the link to be taken down.
Note In this chapter, the term, link group, refers to the link-aggregated Ethernet ports, with either IP over
Ethernet (IPoE) or 802.1Q encapsulation; Multilink Point-to-Point Protocol (MP) and Multilink
Frame Relay (MFR) bundles refer to link-aggregated Point-to-Point Protocol (PPP)- and Frame
Relay-encapsulated DS-1 channels or E1 channels or ports, respectively.
The SmartEdge OS supports the following types of link groups:
•
MP bundles that comply with the following RFCs:
— PPP encapsulation—RFC 1661, The Point-to-Point Protocol, and RFC 1377, The PPP OSI Network
Layer Control Protocol (OSINLCP)
— MP features—RFC 1990, The PPP Multilink Protocol (MP)
•
MFR bundles that comply with FRF.16.1, Multilink Frame Relay UNI/NNI Implementation Agreement.
•
Ethernet link groups that comply with the IEEE 802.3ad 2000 specification.
•
802.1Q link groups that comply with the IEEE 802.3ad 2000 specification.
MP is implemented on the SmartEdge router in two forms:
•
MP using PPP-encapsulated ATM PVCs
Using this form of MP, you do not create an MP bundle; instead, the SmartEdge OS creates it
dynamically. The configuration for this form of MP and the constituent ATM PVCs is described in
Chapter 8, “PPP and PPPoE Configuration.”
•
MP using PPP-encapsulated DS-1 channels and E1 channels and ports.
Using this form of MP, you create an MP bundle and add DS-1 channels, E1 channels, or E1 ports to it.
The configuration for this form of MP is described later in this chapter.
All link groups are created using DS-1 channels, E1 channels or ports, or Ethernet ports; link groups for
these channels and ports are described in the following sections:
•
PPP-Encapsulated Channels and Ports
•
Frame Relay-Encapsulated Channels and Ports
•
IPoE- and 802.1Q-Encapsulated Ethernet Ports
PPP-Encapsulated Channels and Ports
The SmartEdge OS supports the MP, as described in RFC 1990, for any PPP-encapsulated DS-1 channel,
E1 channel, or E1 port. MP is an extension to PPP that allows a router, such as the SmartEdge router, to use
more than one physical link for communication.
It is often used to provide bandwidth increments between DS-1 channels and DS-3 channels or DS-3 ports,
in areas where DS-3 channels or ports are unavailable, or the required bandwidth does not justify the cost
of a DS-3 channel or port.
9-2
Ports, Circuits, and Tunnels Configuration Guide
Overview
For example, four DS-1 channels can be linked together using the MP to provide an aggregate connection
of 6 Mbps. When using more than one physical link to connect two routers, MP provides a mechanism to
load-balance the connection across all links in the bundle. Both ends of point-to-point links must be capable
of supporting MP connections. The two routers configure the data link by swapping Link Control Protocol
(LCP) packets during a link establishment phase. If MP is not successfully negotiated, the connection is not
established and an error is logged.
Note All DS-1 channels, E1 channels, or E1 ports in an MP bundle must be configured on the same traffic
card, must have identical configurations, and must have PPP encapsulation. Fragmentation and
reassembly are not supported in this release; the maximum received reconstructed unit (MRRU) is
set to 1,500 bytes. Fragmentation must be disabled at the remote peer.
Frame Relay-Encapsulated Channels and Ports
The SmartEdge OS supports MFR bundles, which allow Frame Relay-encapsulated DS-1 channels,
clear-channel E1 channels, or clear-channel E1 ports to be aggregated. MFR bundles comply with
FRF.16.1, Multilink Frame Relay UNI/NNI Implementation Agreement, which defines the connections
between data terminal equipment (DTE) and data communications equipment (DCE) endpoints or between
DCE endpoints.
Note All DS-1 channels, E1 channels, or E1 ports in an MFR bundle must be configured on the same
traffic card, must have identical configurations, and must have Frame Relay encapsulation. MFR
bundles can include either DS-1 channels, E1 channels, or E1 ports. Fragmentation and reassembly
as described in FRF.12, Frame Relay Fragmentation Agreement, are not supported in this release.
Fragmentation must be disabled at the remote peer.
IPoE- and 802.1Q-Encapsulated Ethernet Ports
The SmartEdge OS also supports the aggregation of Gigabit or Fast Ethernet ports into a single, larger
logical pipe, as specified in Part 3 of the IEEE 802.3ad 2000 specification, Carrier sense multiple access
with collision detection (CSMA/CD) access method and physical layer specifications.
If the Ethernet or Gigabit Ethernet ports are configured with 802.1Q encapsulation, the 802.1Q PVCs and
the untagged traffic on each port, referred to as the constituent PVCs, are aggregated in separate logical
pipes, referred to as aggregated PVCs.
Ports in any Ethernet or 802.1Q link group must be of the same type and have identical configurations, but
need not be configured on the same traffic card. Up to eight Gigabit Ethernet ports, or up to eight Ethernet
ports, with IPoE encapsulation can be aggregated in a single, Ethernet link group. You can mix Ethernet
ports on 10/100 Ethernet cards, if the ports are configured to run at the same speed, or ports on Gigabit,
Gigabit Ethernet 3, Gigabit Ethernet 1020, 10 Gigabit Ethernet, and Advanced Gigabit Ethernet cards, but
you cannot mix Ethernet ports with Gigabit Ethernet ports in the same link group.
Link Aggregation Configuration
9-3
Configuration Tasks
Configuration Tasks
Note In this section, the command syntax in the task tables displays only the root command; for the
complete command syntax, see the full description for the command in the “Command
Descriptions” section.
Link aggregation configuration tasks are described in the following sections:
•
Configuring an MP Bundle
•
Configuring an MFR Bundle
•
Configuring an Ethernet Link Group for IPoE-Encapsulated Ports
•
Configuring an 802.1Q Link Group
Configuring an MP Bundle
This section includes the following topics:
•
Configure an MP Bundle
•
Configure and Add DS-1 Channels, E1 Channels, or E1 Ports to an MP Bundle
Configure an MP Bundle
To configure an MP bundle for PPP-encapsulated DS-1 channels, E1 channels, or E1 ports, perform the
tasks described in Table 9-1.
Table 9-1
Configure an MP Bundle
#
Task
Root Command
Notes
1.
Specify the context and access context
configuration mode.
context
Enter this command in global configuration
mode. For more information about this
command, see the “Context Configuration”
chapter in the Basic System Configuration
Guide for the SmartEdge OS.
2.
Create an interface for the MP bundle and
access interface configuration mode.
interface
Enter this command in context configuration
mode. For more information about this
command, see the “Interface Configuration”
chapter in the Basic System Configuration
Guide for the SmartEdge OS.
3.
Assign an IP address to the interface for the MP
bundle.
ip address
Enter this command in interface
configuration mode. For more information
about this command, see the “Subscriber
Configuration” chapter in the Basic System
Configuration Guide for the SmartEdge OS.
4.
Create an empty MP bundle for
PPP-encapsulated DS-1 channels, E1 channels,
or E1 ports, and access link group configuration
mode.
link-group
Enter this command in global configuration
mode.
5.
Specify the type of endpoint discriminator to be
used for negotiation with an MP bundle.
mp endpoint-discriminator
6.
Bind the MP bundle to the interface.
bind interface
9-4
Specify the mp keyword.
The default value is the system hostname.
Ports, Circuits, and Tunnels Configuration Guide
Configuration Tasks
Note An MP bundle is always enabled (operational). The shutdown command is not available in link
group configuration mode for MP bundles.
Configure and Add DS-1 Channels, E1 Channels, or E1 Ports to an MP Bundle
You configure the constituent DS-1 channels, E1 channels, or E1 ports for an MP bundle as described in
Chapter 4, “Clear-Channel and Channelized Port and Channel Configuration,” but with these restrictions:
•
All DS-1 channels must be configured on the same channelized DS-3 or channelized OC-12 to DS-1
card; all E1 channels or ports must be configured on the same channelized STM-1 or E1 card.
•
The configuration of each DS-1 channel, E1 channel, or E1 port to be added to the MP bundle must be
identical; the only exception is the description of the channel or port.
•
Each channel or port must be configured with PPP encapsulation.
•
All E1 channels or ports must be clear-channel channels or ports (using unframed mode).
•
You do not attach a QoS policy to the channel or port.
•
You do not bind any DS-1 channel, E1 channel, or E1 port that you are adding to an MP bundle; instead
you bind the MP bundle to its interface.
•
You must enable each DS-1 channel, E1 channel, or E1 port with the no shutdown command (in DS-1
or E1 configuration mode).
To configure and add a DS-1 channel, E1 channel, E1 port to an MP bundle, perform the task described in
Table 9-2. Enter this command in DS-1 or E1 configuration mode.
Table 9-2
Configure and Add DS-1 Channels, E1 Channels, or E1 Ports to an MP Bundle
Task
Root Command
Add a constituent DS-1 channel, E1 channel, or E1
port to an MP bundle.
link-group
Notes
Note There is a limit of 16 DS-1 channels, E1 channels, or E1 ports in each MP bundle.
Configuring an MFR Bundle
This section includes the following topics:
•
Configure an MFR Bundle
•
Configure an Aggregated Frame Relay PVC
•
Configure and Add DS-1 Channels, E1 Channels, or E1 Ports to the MFR Bundle
Configure an MFR Bundle
The number of MFR bundles that you can configure with DS-1 channels or E1 channels or ports on a card
and the Frame Relay PVCs in those bundles is restricted in this release. The maximum number of MFR
bundles and Frame Relay PVCs must be less than 164 per card according to the following formula:
3 x MFR bundles + MFR PVCs ≤ 164
Link Aggregation Configuration
9-5
Configuration Tasks
For Frame Relay to operate, you must configure the Local Management Interface (LMI) type and the Frame
Relay LMI.
Note The LMI is for the MFR bundle.
To configure an MFR bundle, perform the tasks described in Table 9-3.
Table 9-3
Configure an MFR Bundle
#
Task
Root Command
Notes
1.
Create an empty MFR bundle for DS-1 channels
or E1 channels or ports with Frame Relay
encapsulation, and access link group
configuration mode.
link-group
Enter this command in global configuration
mode.
Specify the interface type.
frame-relay intf-type
2.
Specify the mfr keyword.
Enter this command in link group
configuration mode.
The default value is DTE.
3.
Specify the Frame Relay LMI type.
frame-relay lmi-type
4.
Enable the automatic detection of the LMI type.
frame-relay auto-detect
5.
Specify attributes for a DCE interface:
6.
7.
9-6
Specify the interval for the polling verification
timer.
frame-relay lmi-t392dce
Specify the error threshold before LMI is
considered to have failed.
frame-relay lmi-n392dce
Specify the monitored event count.
frame-relay lmi-n393dce
This is the default condition; use the no form
to disable automatic detection.
Specify attributes for a DTE interface:
Specify the number of keepalive messages sent
before the status message request is sent.
frame-relay lmi-n391dte
Specify the interval for the polling verification
timer.
frame-relay lmi-n392dte
Specify the monitored event count.
frame-relay lmi-n393dte
Enable the keepalive function and specify the
interval value.
frame-relay keepalive
By default, the keepalive function is enabled,
with a 10-second interval.
Disable the MFR bundle.
shutdown
By default, the MFR bundle is enabled
(operational).
Ports, Circuits, and Tunnels Configuration Guide
Configuration Tasks
Configure an Aggregated Frame Relay PVC
You create an aggregated Frame Relay PVC to represent the PVCs with the same Data Link Connection
Identifier (DLCI) on the DS-1 channels, E1 channels, or E1 ports that you intend to add to the MFR bundle.
To configure an aggregated Frame Relay PVC, perform the tasks described in Table 9-4.
Table 9-4
Configure an Aggregated Frame Relay PVC
#
Task
Root Command
Notes
1.
Specify the context for the aggregated Frame
Relay PVC and access context configuration
mode.
context
Enter this command in global configuration
mode. For more information about this
command, see the “Context Configuration”
chapter in the Basic System Configuration
Guide for the SmartEdge OS.
2.
Create an interface for the PVC and access
interface configuration mode.
interface
Enter this command in context configuration
mode. For more information about this
command, see the “Interface Configuration”
chapter in the Basic System Configuration
Guide for the SmartEdge OS.
3.
Assign an IP address to the interface for the
PVC.
ip address
Enter this command in interface configuration
mode. For more information about this
command, see the “Subscriber Configuration”
chapter in the Basic System Configuration
Guide for the SmartEdge OS.
4.
Select an existing MFR bundle and access link
group configuration mode.
link-group
Enter this command in global configuration
mode.
5.
Create or select a Frame Relay PVC and access
Frame Relay PVC configuration mode.
frame-relay pvc
Enter this command in link group configuration
mode.
6.
Associate the IP address of the remote host on
the circuit.
ip host
7.
Bind the Frame Relay PVC to the interface
created in step 2.
bind interface
8.
Disable the PVC (stop operations on it) until you
are ready to begin operations on it.
shutdown
By default, all circuits are enabled (operational).
Configure and Add DS-1 Channels, E1 Channels, or E1 Ports to the MFR Bundle
You configure a constituent DS-1 channel, E1 channel, or E1 port with its Frame Relay encapsulation as
described in Chapter 4, “Clear-Channel and Channelized Port and Channel Configuration,” but with these
restrictions:
•
All DS-1 channels must be configured on the same channelized OC-12 to DS-1 card; all E1 channels
must be configured on the same channelized STM-1 card.
•
All DS-1 channels must be configured on the same channelized DS-3 card; all E1 ports must be
configured on the same channelized E1 card.
•
The configuration of each DS-1channel, E1 channel, or E1 port to be added to the MFR bundle must be
identical; the only exception is the description of the channel or port.
•
Each channel or port must be configured with Frame Relay encapsulation.
•
All E1 channels or ports must be clear-channel channels or ports (using unframed mode).
•
You do not attach a QoS policy to the channel or port.
Link Aggregation Configuration
9-7
Configuration Tasks
•
You do not bind any DS-1 channel, E1 channel, or E1 port that you are adding to an MFR bundle.
•
You must enable each DS-1 channel, E1 channel, or E1 port with the no shutdown command in DS-1
or E1 configuration mode.
To configure and add a constituent DS-1 channel, E1 channel, or E1 port to an MFR bundle, perform these
additional tasks described in Table 9-5.
Table 9-5
Configure and Add DS-1 or E1 Channels or E1 Ports to an MFR Bundle
#
Task
Root Command
Notes
1.
Add a DS-1 channel, E1 channel, or E1 port with
Frame Relay encapsulation to the MFR bundle.
link-group
Enter this command in DS-1 or E1 configuration
mode.
2.
Specify timing values for FRF.16 hello and
acknowledgement messages.
frame-relay multilink
Enter this command multiple times to specify
each parameter.
Note Adding a DS-1 channel, E1 channel, or E1 port to the MFR bundle creates a PVC on that channel
or port for each aggregated Frame Relay PVC that you have created.
Caution Risk of data loss. Adding a DS-1 channel, E1 channel, or E1 port to an MFR bundle, deletes any
Frame Relay PVCs that you have created on it. To reduce the risk, do not create Frame Relay
PVCs on any DS-1 channel, E1 channel, or E1 port that you intend to add to an MFR bundle.
Note If you remove a constituent DS-1 channel, E1 channel, or E1 port from an MFR bundle, either
directly with the no link-group command (in DS-1 or E1 configuration mode), or indirectly by
deleting the link group with the no link-group command (in global configuration mode), you
cannot use the channel as an single-link channel; you can only add it to another link group. To use
the channel as a single-link channel, you must first remove it from the configuration, using the no
port ds1 command (in DS-1 configuration mode) or the no port e1 command (in E1 configuration
mode), and then reconfigure it.
Configuring an Ethernet Link Group for IPoE-Encapsulated Ports
This section includes the following topics:
•
Configure an Ethernet Link Group for IPoE-Encapsulated Ports
•
Configure and Add an Ethernet Port to an Ethernet Link Group
Configure an Ethernet Link Group for IPoE-Encapsulated Ports
To configure an Ethernet link group for IP over Ethernet (IPoE)-encapsulated Ethernet ports, perform the
tasks described in Table 9-6.
Table 9-6
Configure an Ethernet Link Group for IPOE-Encapsulated Ports
#
Task
Root Command
Notes
1.
Specify the context and access context
configuration mode.
context
Enter this command in global configuration
mode. For more information about this
command, see the “Context Configuration”
chapter in the Basic System Configuration
Guide for the SmartEdge OS.
9-8
Ports, Circuits, and Tunnels Configuration Guide
Configuration Tasks
Table 9-6
Configure an Ethernet Link Group for IPOE-Encapsulated Ports (continued)
#
Task
Root Command
Notes
2.
Create an interface for the Ethernet link group
and access interface configuration mode.
interface
Enter this command in context configuration
mode. For more information about this
command, see the “Interface Configuration”
chapter in the Basic System Configuration
Guide for the SmartEdge OS.
3.
Assign an IP address to the interface for the
Ethernet link group.
ip address
Enter this command in interface configuration
mode. For more information about this
command, see the “Subscriber Configuration”
chapter in the Basic System Configuration
Guide for the SmartEdge OS.
4.
Create an empty Ethernet link group for
IPoE-encapsulated Ethernet ports and access
link group configuration mode.
link-group
Enter this command in global configuration
mode.
5.
Specify a MAC address for the Ethernet link
group.
mac-address
6.
Specify the minimum number of working links to
consider this link group to be in the up state.
minimum-links
7.
Bind the Ethernet link group to the interface.
bind interface
Specify the ether keyword.
Note An Ethernet link group is always enabled (operational). The shutdown command is not available
in link group configuration mode for Ethernet link groups.
Configure and Add an Ethernet Port to an Ethernet Link Group
You configure the constituent Ethernet ports for a link group as described in Chapter 3, “ATM, Ethernet,
and POS Port Configuration,” but with these restrictions:
•
The configuration of each Ethernet port to be added to the link group must be identical; the only
exception is the description of the port.
•
You can attach a quality of service (QoS) metering, policing, or scheduling policy to an Ethernet port.
•
All Ethernet ports must have IPoE encapsulation; this is the default encapsulation.
•
All Ethernet ports must run at the same speed.
•
You do not bind any Ethernet port that you are adding to a link group; instead, you bind the link group
to its interface.
•
You must enable each Ethernet port with the no shutdown command (in port configuration mode).
To add a constituent Ethernet port to an Ethernet link group, perform the task in Table 9-7. Enter this
command in port configuration mode.
Table 9-7
Add an Ethernet Port to an Ethernet Link Group
Task
Root Command
Add an Ethernet port to an Ethernet link group.
link-group
Link Aggregation Configuration
Notes
9-9
Configuration Tasks
There is a limit of eight Gigabit Ethernet ports or eight Ethernet ports in each Ethernet link group. Ethernet
ports cannot be mixed with Gigabit Ethernet ports in the same link group; however, you can mix ports on
any Gigabit Ethernet cards. You can also mix ports on 10/100 Ethernet cards if the ports on the 10/100
Ethernet cards are configured to run at 100 Mbps.
Configuring an 802.1Q Link Group
This section includes the following topics:
•
Configure an 802.1Q Link Group for 802.1Q-Encapsulated Ethernet Ports
•
Configure an Aggregated 802.1Q PVC in the 802.1Q Link Group
•
Configure and Add an Ethernet Port to the 802.1Q Link Group
Configure an 802.1Q Link Group for 802.1Q-Encapsulated Ethernet Ports
To configure an 802.1Q link group for 802.1Q-encapsulated Ethernet ports, perform the tasks described in
Table 9-8. Enter all commands in link group configuration mode, unless otherwise noted.
Table 9-8
Configure an 802.1Q Link Group for 802.1Q-Encapsulated Ethernet Ports
#
Task
Root Command
Notes
1.
Specify the context and access context configuration
mode.
context
Enter this command in global configuration mode.
For more information about this command, see
the “Context Configuration” chapter in the Basic
System Configuration Guide for the
SmartEdge OS.
2.
Create an interface for the 802.1Q link group and access
interface configuration mode.
interface
Enter this command in context configuration
mode. For more information about this command,
see the “Interface Configuration” chapter in the
Basic System Configuration Guide for the
SmartEdge OS.
3.
Assign an IP address to the interface for the link group.
ip address
Enter this command in interface configuration
mode. For more information about this command,
see the “Subscriber Configuration” chapter in the
Basic System Configuration Guide for the
SmartEdge OS.
4.
Create an empty 802.1Q link group for
IPoE-encapsulated Ethernet ports and access link group
configuration mode.
link-group
5.
Specify a MAC address for the 802.1Q link group.
mac-address
6.
Specify the minimum number of working links to consider
this link group to be in the up state.
minimum-links
7.
Bind the 802.1Q link group to the interface.
bind interface
Enter this command in global configuration mode.
Specify the dot1q keyword.
This command binds the untagged traffic on the
Ethernet port.
Note An 802.1Q link group is always enabled (operational). The shutdown command is not available in
link group configuration mode for 802.1Q link groups.
9-10
Ports, Circuits, and Tunnels Configuration Guide
Configuration Tasks
Configure an Aggregated 802.1Q PVC in the 802.1Q Link Group
You create an aggregated 802.1Q PVC to represent the PVCs with the same tag value on the Ethernet ports
that you intend to add to the 802.1Q link group. To configure an aggregated 802.1Q PVC in the 802.1Q
link group, perform the tasks described in Table 9-9.
Table 9-9
Configure an Aggregated 802.1Q PVC in the 802.1Q Link Group
#
Task
Root Command
Notes
1.
Specify the context and access context
configuration mode.
context
Enter this command in global configuration
mode.
2.
Create an interface for each aggregated 802.1Q
PVC to be created and access interface
configuration mode.
interface
Enter this command in context configuration
mode.
3.
Assign an IP address to the interface for each
aggregated 802.1Q PVC.
ip address
Enter this command in interface configuration
mode.
4.
Select an existing 802.1Q link group and access
link group configuration mode.
link-group
Enter this command in global configuration
mode.
5.
Create an aggregated 802.1Q PVC in the link
group and access link PVC configuration mode.
dot1q pvc
Enter this command in link group configuration
mode.
6.
Associate a description with the PVC.
description
7.
Bind the aggregated 802.1Q PVC to its interface.
bind interface
Configure and Add an Ethernet Port to the 802.1Q Link Group
You configure the Ethernet ports for a link group as described in Chapter 3, “ATM, Ethernet, and POS Port
Configuration,” but with these restrictions:
•
The configuration of each Ethernet port to be added to the link group must be identical; the only
exception is the description of the port.
•
All Ethernet ports must have 802.1Q encapsulation; the default value is IPoE encapsulation.
•
All Ethernet ports must be at the same speed.
•
You can attach a quality of service (QoS) metering, policing, or scheduling policy to an Ethernet port.
•
You do not bind any Ethernet port that you are adding to a link group; instead, you bind the link group
and the aggregated PVCs to their interfaces.
•
You must enable each Ethernet port with the no shutdown command (in port configuration mode).
To add a constituent Ethernet port to an 802.1Q link group, perform the task described in Table 9-10. Enter
this command in port configuration mode.
Table 9-10 Configure and Add an Ethernet Port to the 802.1Q Link Group
Task
Root Command
Add an Ethernet port to an 802.1Q link group.
link-group
Link Aggregation Configuration
Notes
9-11
Configuration Examples
There is a limit of eight Gigabit Ethernet ports or eight Ethernet ports in each 802.1Q link group. Ethernet
ports cannot be mixed with Gigabit Ethernet ports in the same link group; however, you can mix ports on
any Gigabit Ethernet cards. You can also mix ports on 10/100 Ethernet cards if the ports on the 10/100
Ethernet cards are configured to run at 100 Mbps.
Note Adding an Ethernet port to the link group creates an 802.1Q PVC on that port for each aggregated
802.1Q PVC that you created.
Configuration Examples
This section includes the following examples:
•
MP Bundle
•
MFR Bundle
•
Ethernet Link Group
•
802.1Q Link Group
MP Bundle
The following example creates an interface, multi, in the local context, assigns an IP address to it,
creates an MP bundle, lg-multi, specifies the IP address of the interface as the endpoint discriminator,
and binds the bundle to the interface; then, the example configures two DS-1 channels with PPP
encapsulation and includes them in the bundle:
!Create the MP bundle interface and assign an IP address to it
[local]Redback(config)#context local
[local]Redback(config-ctx)#interface multi
[local]Redback(config-if)#ip address 172.16.1.1/30
[local]Redback(config-if)#exit
[local]Redback(config-ctx)#exit
!Create an MP bundle and bind it to an interface
[local]Redback(config)#link-group lg-multi mp
[local]Redback(config-link-group)#mp endpoint-discriminator ip
[local]Redback(config-link-group)#bind interface multi local
[local]Redback(config-link-group)#exit
!Configure a DS-1 channel on DS-3 port 1 and add it to the bundle
[local]Redback(config)#port channelized-ds3 1/1
[local]Redback(config-ds3)#no shutdown
[local]Redback(config-ds3)#exit
[local]Redback(config)#port ds1 1/1:1
[local]Redback(config-ds1)#encapsulation ppp
[local]Redback(config-ds1)#no shutdown
[local]Redback(config-ds1)#link-group lg-multi
[local]Redback(config-ds1)#exit
9-12
Ports, Circuits, and Tunnels Configuration Guide
Configuration Examples
!Configure a DS-1 channel on DS-3 port 2 and add it to the bundle
[local]Redback(config)#port channelized-ds3 1/2
[local]Redback(config-ds3)#no shutdown
[local]Redback(config-ds3)#exit
[local]Redback(config)#port ds1 1/2:1
[local]Redback(config-ds1)#encapsulation ppp
[local]Redback(config-ds1)#no shutdown
[local]Redback(config-ds1)#link-group lg-multi
[local]Redback(config-ds1)#exit
MFR Bundle
The following example creates an MFR bundle, lg-mfr, with a data terminal equipment (DTE) interface
and an ITU Local Management Interface (LMI) type, and disables it until ready to begin operations. It
creates the interfaces, frpvc30 and frpvc40, in the local context for the aggregated Frame Relay
PVCs, and assigns an IP address to each one. Then it creates two aggregated Frame Relay PVCs and binds
them to the frpvc30 and frpvc40 interfaces. Finally, the DS-1 channels are configured and added to the
MFR bundle.
!Create the MFR bundle and configure the Frame Relay LMI
[local]Redback(config)#link-group lg-mfr mfr
[local]Redback(config-link-group)#frame-relay intf-type dte
[local]Redback(config-link-group)#frame-relay lmi-type itu
[local]Redback(config-link-group)#frame-relay keepalive 6
[local]Redback(config-link-group)#frame-relay lmi-n391dte 10
[local]Redback(config-link-group)#frame-relay lmi-n392dte 4
[local]Redback(config-link-group)#no shutdown
[local]Redback(config-link-group)#exit
!Create the Frame Relay PVC interfaces; assign an IP address to each one
[local]Redback(config)#context local
[local]Redback(config-ctx)#interface frpvc30
[local]Redback(config-if)#ip address 172.16.3.1/24
[local]Redback(config-if)#exit
[local]Redback(config-ctx)#interface frpvc40
[local]Redback(config-if)#ip address 172.16.4.1/24
[local]Redback(config-if)#exit
[local]Redback(config-ctx)#exit
!Create Frame Relay PVC 30 and bind it to its interface
[local]Redback(config)#link-group lg-mfr mfr
[local]Redback(config-link-group)#frame-relay pvc 30
[local]Redback(config-link-pvc)#bind interface frpvc30 local
[local]Redback(config-link-pvc)#exit
!Create Frame Relay PVC 40 and bind it to its interface
[local]Redback(config-link-group)#frame-relay pvc 40
[local]Redback(config-link-pvc)#bind interface frpvc40 local
[local]Redback(config-link-pvc)#exit
[local]Redback(config-link-group)#exit
[local]Redback(config-config)#
Link Aggregation Configuration
9-13
Configuration Examples
!Configure a DS-1 channel on DS-3 port 3 and add it to the bundle
[local]Redback(config)#port channelized-ds3 1/3
[local]Redback(config-ds3)#no shutdown
[local]Redback(config-ds3)#exit
[local]Redback(config)#port ds1 1/3:1
[local]Redback(config-ds1)#encapsulation frame-relay
[local]Redback(config-ds1)#no shutdown
[local]Redback(config-ds1)#link-group lg-mfr
[local]Redback(config-ds1)#frame-relay multilink ack-timer 12
[local]Redback(config-ds1)#frame-relay multilink hello-interval 6
[local]Redback(config-ds1)#frame-relay multilink retries 3
[local]Redback(config-ds1)#exit
!Configure a DS-1 channel on DS-3 port 4 and add it to the bundle
[local]Redback(config)#port channelized-ds3 1/4
[local]Redback(config-ds3)#no shutdown
[local]Redback(config-ds3)#exit
[local]Redback(config)#port ds1 1/4:1
[local]Redback(config-ds1)#encapsulation frame-relay
[local]Redback(config-ds1)#no shutdown
[local]Redback(config-ds1)#link-group lg-mfr
[local]Redback(config-ds1)#frame-relay multilink ack-timer 12
[local]Redback(config-ds1)#frame-relay multilink hello-interval 6
[local]Redback(config-ds1)#frame-relay multilink retries 3
[local]Redback(config-ds1)#exit
Ethernet Link Group
The following example creates an interface, etherx, in the local context, assigns an IP address to each
one, creates an Ethernet link group, lg-ether, and binds it to the interface, etherx. Then the Ethernet
ports are configured and added to the link group.
!Create the link group interface and assign an IP address to it
[local]Redback(config)#context local
[local]Redback(config-ctx)#interface etherx
[local]Redback(config-if)#ip address 172.16.0.1/24
[local]Redback(config-if)#exit
!Create the link group and bind it to its interface
[local]Redback(config)#link-group lg-ether ether
[local]Redback(config-link-group)#bind interface etherx local
!Configure an Ethernet port and add it to the link group
[local]Redback(config-config)#port ethernet 5/4
[local]Redback(config-port)#no shutdown
[local]Redback(config-port)#link-group lg-ether
[local]Redback(config-port)#exit
9-14
Ports, Circuits, and Tunnels Configuration Guide
Configuration Examples
!Configure another Ethernet port and add it to the link group
[local]Redback(config-config)#port ethernet 5/5
[local]Redback(config-port)#no shutdown
[local]Redback(config-port)#link-group lg-ether
[local]Redback(config-port)#exit
802.1Q Link Group
The following example creates the interfaces, vlans, vlan10, and vlan20, in the local context,
assigns an IP address to each one, creates an 802.1Q link group, lg-vlans, and binds it to the vlans
interface. Then, the example configures two 802.1Q PVCs and binds them to the vlan10 and vlan20
interfaces. Finally, the Ethernet ports are configured and added to the link group.
!Create the link group interface and assign an IP address to it
[local]Redback(config)#context local
[local]Redback(config-ctx)#interface vlans
[local]Redback(config-if)#ip address 172.16.0.1/24
[local]Redback(config-if)#exit
!Create the link group and bind it to its interface
[local]Redback(config)#link-group lg-vlans dot1q
[local]Redback(config-link-group)#bind interface vlans local
!Create the PVC interfaces and assign an IP address to each one
[local]Redback(config)#context local
[local]Redback(config-ctx)#interface vlan10
[local]Redback(config-if)#ip address 172.16.1.1/24
[local]Redback(config-if)#exit
[local]Redback(config-ctx)#interface vlan20
[local]Redback(config-if)#ip address 172.16.2.1/24
[local]Redback(config-if)#exit
[local]Redback(config-ctx)#exit
!Create PVC 10 and bind it to its interface
[local]Redback(config-link-group)#dot1q pvc 10
[local]Redback(config-link-pvc)#bind interface vlan10 local
[local]Redback(config-link-pvc)#exit
!Create PVC 20 and bind it to its interface
[local]Redback(config-link-group)#dot1q pvc 20
[local]Redback(config-link-pvc)#bind interface vlan20 local
[local]Redback(config-link-pvc)#exit
[local]Redback(config-link-group)#exit
[local]Redback(config-config)#
!Configure an Ethernet port and add it to the link group
[local]Redback(config-config)#port ethernet 5/2
[local]Redback(config-port)#encapsulation dot1q
[local]Redback(config-port)#no shutdown
[local]Redback(config-port)#link-group lg-vlans
[local]Redback(config-port)#exit
Link Aggregation Configuration
9-15
Command Descriptions
!Configure another Ethernet port and add it to the link group
[local]Redback(config-config)#port ethernet 5/3
[local]Redback(config-port)#encapsulation dot1q
[local]Redback(config-port)#no shutdown
[local]Redback(config-port)#link-group lg-vlans
[local]Redback(config-port)#exit
Command Descriptions
This section describes the syntax and usage guidelines for the commands used to configure link aggregation
features. The commands are presented in alphabetical order.
frame-relay multilink
link-group
mac-address
minimum-links
mp endpoint-discriminator
9-16
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
frame-relay multilink
frame-relay multilink {ack-timer seconds | hello-interval seconds | retries count}
{no | default} frame-relay multilink {ack-timer | hello-interval | retries}
Purpose
Specifies the timing for hello and acknowledgement messages for a channel in a Multilink Frame Relay
(MFR) bundle.
Command Mode
DS-1 configuration
E1 configuration
Syntax Description
ack-timer seconds
Interval, in seconds, to wait for an inbound acknowledgement message to an
outgoing control message before taking action. The range of values is 1 to 10;
the default value is 4.
hello-interval seconds Interval, in seconds, between sending outbound hello messages. The range of
values is 1 to 180; the default value is 10.
retries count
Number of times to resend an hello message before receiving an
acknowledgement message. The range of values is 1 to 5; the default value is 2.
Default
Timing for hello and acknowledgement messages is enabled according to the defaults.
Usage Guidelines
Use the frame-relay multilink command to specify the timing for hello and acknowledgement messages
for a channel or port in an MFR bundle. You can enter this command multiple times to specify each
construct for each channel or port in the MFR bundle.
You must add the channel or port to the MFR bundle using the link-group command (in DS-1 or E1
configuration mode) before you can enter the frame-relay multilink command.
Hello messages inform the peer at the remote end that the link is up; acknowledgement messages notify the
peer that a control message from the peer has been received by the SmartEdge router.
Control messages are those that add a link, remove a link, notify the peer that the link is up, or notify the
peer that an invalid control message has been received.
Link Aggregation Configuration
9-17
Command Descriptions
Note If an inbound acknowledgement message to an outgoing control message is not received before the
acknowledgement timer expires, the system removes the affected DS-1 channel, E1 channel, or E1
port from the MFR bundle (no user data is sent out and incoming user data is ignored). When the
system can successfully exchange control messages with the remote site, the system adds the DS-1
channel, E1 channel, or E1 port to the MFR bundle.
Use the no or default form of this command to specify the default values for the timing for hello and
acknowledgement messages.
Examples
The following example specifies the timing for hello and acknowledgement messages for a DS-1 channel
that is added to an MFR link group, lg-mfr:
[local]Redback(config)#port ds1 2/1:1
[local]Redback(config-ds1)#encapsulation frame-relay
[local]Redback(config-ds1)#link-group lg-mfr
[local]Redback(config-ds1)#frame-relay multilink ack-timer 5
[local]Redback(config-ds1)#frame-relay multilink hello-interval 5
[local]Redback(config-ds1)#frame-relay multilink retries 3
Related Commands
link-group
9-18
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
link-group
link-group lg-name [dot1q | ether | mfr | mp]
no link-group lg-name [dot1q | ether | mfr | mp]
Purpose
Creates a link group and enters link group configuration mode, or adds a Point-to-Point Protocol (PPP)- or
Frame Relay-encapsulated DS-1 channel, clear-channel E1 channel, or clear-channel E1port, or an IP- or
802.1Q-encapsulated Ethernet port, to a link group.
Command Mode
DS-1 configuration
E1 configuration
global configuration
port configuration
Syntax Description
lg-name
Name of the link group to be created.
dot1q
Optional. Specifies a link group for 802.1Q-encapsulated Ethernet ports. Entered only
when creating an 802.1Q link group; omitted when adding an Ethernet port with 802.1Q
permanent virtual circuit (PVC) encapsulation to an existing link group.
ether
Optional. Specifies a link group for IP-encapsulated Ethernet ports. Entered only when
creating an Ethernet link group; omitted when adding an Ethernet port with IP
encapsulation to an existing link group.
mfr
Optional. Specifies a link group for DS-1 channels, clear-channel E1 channels, or
clear-channel E1 ports with Frame Relay encapsulation. Entered only when creating a
Multilink Frame Relay (MFR) bundle; omitted when adding a DS-1 channel or
clear-channel E1 channel or clear-channel E1 port with Frame Relay encapsulation to an
existing MFR bundle.
mp
Optional. Specifies a link group for PPP-encapsulated DS-1 channels, clear-channel E1
channels, or clear-channel E1 ports. Entered only when creating a Multilink PPP (MP)
bundle; omitted when adding a PPP-encapsulated DS-1 channel or clear-channel E1
channel or clear-channel E1 port to an existing MP bundle.
Default
No link groups exist. No channels or ports are included in a newly created link group.
Link Aggregation Configuration
9-19
Command Descriptions
Usage Guidelines
Use the link-group command to create a link group and enter link group configuration mode, or add a PPPor Frame Relay-encapsulated DS-1 channel, E1 channel, or E1 port, or an IP- or 802.1Q-encapsulated
Ethernet port, to a link group.
Use the dot1q, ether, mfr, or mp keyword to specify the type of link group when you create it; do not enter
the keyword when adding a DS-1 channel, E1 channel, E1 port, or Ethernet port to a link group.
Note You do not use this command to add an 802.1Q or Frame Relay PVC to a link group. Instead, you
add the Ethernet ports, DS-1 channels, E1 channels, or E1 ports for which the PVCs are aggregated.
The following channel and port configuration restrictions apply:
•
All DS-1 channels, E1 channels, or E1 ports in a link group must be configured on the same traffic card
and must have identical configurations.
•
All DS-1 channels, E1 channels, or E1 ports to be added to an MP bundle must be configured with PPP
encapsulation.
•
All DS-1 channels, E1 channels, or E1 ports to be added to an MFR bundle must be configured with
Frame Relay encapsulation.
•
All Ethernet ports in a link group must have identical configurations with the exception of their
descriptions.
•
Ethernet ports cannot be mixed with Gigabit Ethernet ports in the same link group, and you cannot mix
ports on 10/100 Ethernet cards; you can mix ports on any Gigabit Ethernet cards.
Table 9-11 lists the types and numbers of ports, channels, 802.1Q PVCs, or Frame Relay PVCs that you
can add to each type of link group.
Table 9-11
Link Group Specifications
Link Group Type
Constituent Circuits
Maximum Links
Comment
802.1Q (dot1q)
802.1Q PVCs
8 Gigabit or Advanced Gigabit Ethernet ports
Ports are added to the link
group, not the PVCs.
8 10/100 Ethernet ports
Untagged traffic on an
Ethernet, Gigabit Ethernet, or
Gigabit Ethernet 3 port
configured with 802.1Q
encapsulation is also
aggregated.
Ethernet (ether)
Gigabit Ethernet ports
8 Gigabit or Advanced Gigabit Ethernet ports
Ethernet ports
8 10/100 Ethernet ports
Frame Relay (mfr)
Frame Relay PVCs
16 DS-1 channels or 16 clear-channel E1
channels or ports
Multilink bundle (mp)
DS-1 channels
16 channels
Clear-channel E1 channels
or ports
16 channels or ports
Channels are added to the
link group, not the PVCs.
The number of MFR bundles that you can configure with DS-1 channels, E1 channels, or E1 ports on a card
and the Frame Relay PVCs in those bundles is restricted in this release. The maximum number of MFR
bundles and Frame Relay PVCs must be less than 164 per card according to the following formula:
3 x MFR bundles + MFR PVCs ≤ 164
9-20
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
Use the no form of this command to delete the link group or to delete an Ethernet port, DS-1 channel, E1
channel, or E1 port from a link group.
Examples
The following example creates a link group as an MP bundle, lg-mppp, and binds it to an already existing
if-mppp interface in the local context; then, it configures two DS-1 channels with PPP encapsulation
and associates them with the MP bundle:
!Create an MP bundle and bind it to an interface
[local]Redback(config)#link-group lg-mppp mp
[local]Redback(config-link-group)#bind interface if-mppp local
!Configure two DS-1 channels on a channelized DS-3 card in slot 1
[local]Redback(config)#port ds1 1/1:1
[local]Redback(config-ds1)#encapsulation ppp
[local]Redback(config-ds1)#no shutdown
[local]Redback(config-ds1)#link-group lg-mppp
[local]Redback(config-ds1)#exit
[local]Redback(config)#port ds1 1/2:1
[local]Redback(config-ds1)#encapsulation ppp
[local]Redback(config-ds1)#no shutdown
[local]Redback(config-ds1)#link-group lg-mppp
[local]Redback(config-ds1)#exit
Related Commands
port ds1
port e1
port ethernet
Link Aggregation Configuration
9-21
Command Descriptions
mac-address
mac-address mac-addr
default mac-address mac-addr
Purpose
Specifies a medium access control (MAC) address for the Ethernet or 802.1Q link group.
Command Mode
link group configuration
Syntax Description
mac-addr
MAC address to be used for the link group in the form hh:hh:hh:hh:hh:hh.
Default
The MAC address of one of the constituent Ethernet ports in the link group is used as the MAC address for
the link group.
Usage Guidelines
Use the mac-address command to specify a MAC address for the Ethernet or 802.1Q link group.
Note This command is applicable only to an Ethernet or 802.1Q link group.
Use the default form of this command to specify that the MAC address of one of the constituent ports in
the link group is be used as the MAC address for the link group.
Note This command is also documented in Chapter 3, “ATM, Ethernet, and POS Port Configuration,” for
Asynchronous Transfer Mode (ATM) OC and ATM DS-3 ports (in ATM OC and ATM DS-3
configuration modes).
Examples
The following example specifies 00:00:26:26:26:26 as the MAC address for the Ethernet link group:
[local]Redback(config)#link-group lg-ether ether
[local]Redback(config-link-group)#mac-address 00:00:26:26:26:26
Related Commands
None
9-22
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
minimum-links
minimum-links min-num
{no | default} minimum-links [min-num]
Purpose
Specifies the minimum number of working links that a link group must have for the link group to be in an
up state. A working link is one whose associated port, PVC, or channel is itself in an up state.
Command Mode
link group configuration
Syntax Description
min-num
Number of working links under which the link group will be considered down. Optional
in the no and default forms.
Default
One working link is needed to keep the link group in an up state.
Usage Guidelines
Use the minimum-links command to specify when a link group is no longer considered viable after losing
member links’ functionality. Whenever fewer than the specified number of links are working, the link
group itself reverts to the down state, and no longer forwards any traffic, even on the links that are working.
As a result, the link group no longer appears in the routing table.
This command only applies to Ethernet and 802.1Q link groups.
Examples
The following example configures the lg-ether link group with a minimum of 2 working links:
[local]Redback(config)#link-group lg-ether ether
[local]Redback(config-link-group)#minimum-links 2
Related Commands
None
Link Aggregation Configuration
9-23
Command Descriptions
mp endpoint-discriminator
mp endpoint-discriminator {hostname | ip | user-defined text}
default mp endpoint-discriminator
Purpose
Specifies the type of endpoint discriminator to be used for negotiation for a Multilink Point-to-Point
Protocol (MP) bundle.
Command Mode
link group configuration
Syntax Description
hostname
Specifies the system hostname of the SmartEdge router.
ip
Specifies the IP address assigned to the interface to which you will bind the
MP bundle.
user-defined text
User-defined endpoint discriminator. The text argument is a string of up to 20
characters.
Default
The endpoint discriminator is the system hostname.
Usage Guidelines
Use the mp endpoint-discriminator command to specify the endpoint discriminator to be used for
negotiation for an MP bundle. The endpoint discriminator identifies peers to the system and distinguishes
peers from one another in the system. This identification ensures that the correct links are bundled together
in the same MP bundle.
Note This command is applicable only to an MP bundle.
Use the default form of this command to return the endpoint discriminator identification to the system
hostname.
Examples
The following command specifies the endpoint discriminator as the IP address of the interface to which the
MP bundle will be bound:
[local]Redback(config)#link-group lg-multi mp
[local]Redback(config-link-group)#mp endpoint-discriminator ip
[local]Redback(config-link-group)#exit
9-24
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
Related Commands
None
Link Aggregation Configuration
9-25
Command Descriptions
9-26
Ports, Circuits, and Tunnels Configuration Guide
Part 4
Bridging and Cross-Connecting
This part describes the tasks and commands used to configure basic features for bridges, bridge groups, and
cross-connections between circuits.
This part consists of the following chapters:
•
Chapter 10, “Bridging Configuration”
•
Chapter 11, “Cross-Connection Configuration”
Chapter 10
Bridging Configuration
This chapter provides an overview of bridging, describes the tasks used to configure bridges, provides
configuration examples, and provides detailed descriptions of the commands used to configure bridging
between circuits through the SmartEdge® OS.
For information about the tasks and commands used to monitor, troubleshoot, and administer bridges, see
the “Bridge and Cross-Connection Operations” chapter in the Ports, Circuits, and Tunnels Operations
Guide for the SmartEdge OS.
Other chapters with related tasks and commands include:
•
Configuration tasks and commands for ATM and Ethernet ports are described in Chapter 3, “ATM,
Ethernet, and POS Port Configuration.”
•
Configuration tasks and commands for circuits are described in Chapter 6, “Circuit Configuration.”
This chapter includes the following sections:
•
Overview
•
Configuration Tasks
•
Configuration Examples
•
Command Descriptions
Overview
The bridging feature in the SmartEdge OS implements transparent, self-learning bridges as described in
IEEE 802.1D. Bridging features specific to the SmartEdge OS include:
•
Bridges are context-specific and a context can support multiple bridges.
•
Circuits that can be bridged include Ethernet ports with 802.1D or 802.1Q encapsulation, 802.1Q
permanent virtual circuits (PVCs), and Asynchronous Transfer Mode (ATM) PVCs with RFC 1483
bridged encapsulation.
•
Circuits of different types can be associated with a bridge; you can connect any type of supported
tributary circuit to any type on trunk circuit.
Bridging Configuration
10-1
Overview
•
IP- or Point-to-Point Protocol (PPP)-encapsulated circuits cannot be bridged; however, bridging of IP
over Ethernet (IPoE)- and PPP over Ethernet (PPPoE)-encapsulated circuits is supported at the medium
access control (MAC) layer.
•
Bridges support both tributary and trunk circuits in any combination:
— Tributary circuits face subscribers; trunk circuits face service providers.
— Packets are never forwarded from a tributary circuit to another tributary circuit.
— Each tributary and all trunk circuits in a bridge form a private broadcast domain.
— Flood packets from a tributary circuit are sent to trunk circuits only; flood packets from a trunk
circuit are sent to all tributary and trunk circuits.
•
Bridges support restricted (very secure) circuits:
— Stations cannot move to a restricted circuit; there is no learning allowed.
— Allowed stations must be explicitly designated as static allowed MAC addresses
— Either trunk or tributary circuits can be designated restricted.
•
Attributes for bridged circuits, such as the type of circuit (tributary or trunk), restricted or unrestricted,
maximum number of dynamic MAC addresses allowed, are grouped into bridged circuit profiles, which
can be assigned to one or more circuits.
Figure 10-1 shows some of the hardware connections that support transparent bridging between subscribers
connected to ATM and 802.1Q PVCs to ISPs connected to Ethernet ports in a mixed environment on a
SmartEdge router. For some of the commands used to implement this configuration, see the “Configuration
Examples” section.
Figure 10-1 Bridging in a Mixed Environment
10-2
Ports, Circuits, and Tunnels Configuration Guide
Overview
Figure 10-2 shows some of the logical connections between subscribers and ISPs through the SmartEdge
router for the configuration shown in Figure 10-1.
Figure 10-2 Bridged Subscribers to ISP Connections
Rate Limiting Using a Bridge Profile
By default, all inbound bridge traffic is limited by the rate and burst size imposed by the configuration of
the port or circuit to which you assign the bridge profile. However, you can apply rate limiting for certain
classes of traffic on the bridge, using the bridge profile:
•
Broadcast traffic
•
Multicast traffic
•
Traffic with unknown frames
For each traffic class you can specify a maximum rate and burst size. The system accepts packets of a bridge
traffic class that conform to that traffic class rate and burst size without further action; it drops packets that
do not conform; see Figure 10-3.
Bridging Configuration
10-3
Configuration Tasks
Figure 10-3 Bridge Profile Rate Limiting (630-based)
Note If a quality of service (QoS) policy (or policies) is attached to the port or circuit to which the bridge
profile is assigned, and that QoS policy includes rate limiting, that QoS rate limiting is applied to
the traffic on the port or circuit after the broadcast, multicast, or unknown frame rate limiting.
Packets dropped by the broadcast, multicast, or unknown frame rate limiting are not applied against
the QoS rate limiting policy.
Configuration Tasks
Note
To configure bridging, perform the tasks described in the following sections:
•
Configuration Guidelines
•
Configuring Bridging
Configuration Guidelines
The following guidelines apply when configuring bridging:
•
Bridges are context specific. You can configure multiple bridges in each context, but you cannot
forward traffic from a circuit associated with one bridge to another bridge, either within the same
context or in a different context.
Note Forwarding can be accomplished through the use of physical cabling.
10-4
Ports, Circuits, and Tunnels Configuration Guide
Configuration Tasks
•
When creating a bridge for 802.1Q PVCs, you must explicitly propagate the 802.1Q priority from
ingress to egress by using the propagate-qos-from-ethernet and propagate-qos-to-ethernet
commands (in dot1q profile configuration mode). For more information about these commands, see the
“QoS Circuit Configuration” chapter in the IP Services and Security Configuration Guide for the
SmartEdge OS.
•
To associate one or more bridged circuits with a bridge, you must configure a bridged interface and
associate with it the name of an existing bridge; bridged circuits are associated with the named bridge
by being bound to the same bridged interface.
Caution Risk of data loss. Inbound packets can be dropped without warning if the maximum
transmission unit (MTU) of the port with the outbound circuit is not as large as the MTU of the
port with the inbound circuit. To reduce the risk, always configure every port with circuits bound
to a bridged interface with the same MTU value.
•
A subscriber record can contain either a bridge or an IP address, but not both.
Configuring Bridging
To configure bridging, perform the tasks described in the following sections:
•
Configure a Bridge
•
Configure a Bridged Interface
•
Configure a Bridge Profile
•
Configure a Bridged Ethernet Port
•
Configure a Bridged 802.1Q PVC
•
Configure a Bridged ATM PVC
•
Configure a Bridged Subscriber
Bridging Configuration
10-5
Configuration Tasks
Configure a Bridge
To configure a bridge, perform the tasks described in Table 10-1.
Table 10-1 Configure a Bridge
#
Task
Root Command
Notes
1.
Create a bridge and access bridge configuration
mode.
bridge
Enter this command in context configuration
mode.
2.
Specify bridge attributes:
Associate a description with the bridge.
description
Specify the type of bridge.
bridge-only
This is the only option for this release and is the
default.
Enable or disable the learning of MAC
addresses.
learning
The default value is learning.
Specify one or more MAC addresses for which
packets are dropped.
mac-entry
Enter this command for each MAC address that
is not allowed on this bridge.
Specify the aging time for inactive learned MAC
addresses, after which they will be dropped.
aging-time
Configure a Bridged Interface
To configure a bridged interface, perform the tasks described in Table 10-2.
Table 10-2 Configure a Bridged Interface
#
Task
Root Command
Notes
1.
Create a bridged interface and access interface
configuration mode.
interface
Enter this command in context configuration
mode. Specify the bridge keyword. For more
information about this command, see the
“Interface Configuration” chapter in the Basic
System Configuration Guide for the
SmartEdge OS.
2.
Associate it with a bridge.
bridge
Note Configuration commands for other interface attributes are not included in Table 10-2. For
information about configuring interfaces, see the “Interface Configuration” chapter in the Basic
System Configuration Guide for the SmartEdge OS f.
Configure a Bridge Profile
A bridge profile defines bridge attributes for any circuit to which the profile is assigned. To configure a
named or default bridge profile, perform the tasks described in Table 10-3. Enter all commands in bridge
profile configuration mode, unless otherwise noted.
Note For more information about pseudo-wire circuits, see the “VPLS Configuration” chapter of the
Routing Protocols Configuration Guide for the SmartEdge OS.
10-6
Ports, Circuits, and Tunnels Configuration Guide
Configuration Tasks
Table 10-3 Configure a Bridge Profile
#
Task
Root Command
Notes
1.
Create a named or default bridge profile and
access bridge profile configuration mode.
bridge profile
Enter this command in global configuration
mode.
2.
Specify bridge profile attributes:
Specify the type of bridged circuit.
trunk
The default type is tributary.
Specify whether MAC addresses are restricted
for the port, circuit, or VPLS pseudo-wire circuit
to which you assign this bridge profile.
restricted
The default value is unrestricted.
Specify the maximum number of dynamic MAC
addresses for the port, circuit, or VPLS
pseudo-wire circuit to which you assign this
bridge profile.
mac-limit
The default value is unlimited if the circuit type
is trunk; the default value is 4 if the circuit type
is tributary.
Set the rate and burst tolerance for broadcast
traffic on any port, circuit, or VPLS pseudo-wire
circuit to which you assign this bridge profile.
broadcast rate-limit
Set the rate and burst tolerance for multicast
traffic on any port, circuit, or VPLS pseudo-wire
circuit to which you assign this bridge profile.
multicast rate-limit
Set the rate and burst tolerance for traffic to
unknown destinations on any port, circuit, or
VPLS pseudo-wire circuit to which you assign
this bridge profile.
unknown-dest rate-limit
Configure a Bridged Ethernet Port
To configure a bridged Ethernet port, perform the tasks described in Table 10-4.
Table 10-4 Configure a Bridged Ethernet Port
#
Task
Root Command
Notes
1.
Select the Ethernet port and enter port
configuration mode.
port ethernet
Enter this command in global configuration
mode.
2.
Assign a bridge profile.
bridge profile
The default bridge profile is assigned
automatically if you do not enter this command.
3.
Specify bridge attributes for the port:
4.
Specify the MTU.
mtu
All ports bound to the same bridged interface
must have the same MTU.
5.
Specify the valid MAC addresses.
bridge mac-entry
Enter this command for the MAC address of
each station known to be on this port.
6.
Bind the port to an existing bridged interface in
an existing context.
bind interface
Note Configuration commands for other port attributes are not included in Table 10-4. For information
about configuring Ethernet ports, see Chapter 3, “ATM, Ethernet, and POS Port Configuration.”
Configure a Bridged 802.1Q PVC
To configure a bridged 802.1Q PVC, perform the tasks described in Table 10-5.
Bridging Configuration
10-7
Configuration Tasks
Table 10-5 Configure a Bridged 802.1Q PVC
#
Task
Root Command
Notes
1.
Select the Ethernet port and access port
configuration mode.
port ethernet
Enter this command in global
configuration mode.
2.
Specify 802.1Q encapsulation for the Ethernet
port.
encapsulation
3.
Specify the MTU.
mtu
All circuits bound to the same bridged
interface must have the same MTU
configured for their parent ports.
4.
Create an 802.1Q PVC and access dot1q PVC
configuration mode.
dot1q pvc
Enter this command in port configuration
mode.
5.
Propagate Ethernet 802.1p user priority bits to IP
Differentiated Services Code Point (DSCP) bits.
propagate qos from ethernet
Enter these commands in dot1q profile
configuration mode. For more
information about these commands, see
the “QoS Circuit Configuration” chapter
in the IP Services and Security
Configuration Guide for the
SmartEdge OS.
Propagate IP Differentiated Services Code Point
(DSCP) bits to Ethernet 802.1p user priority bits.
propagate qos to ethernet
6.
Assign a bridge profile.
bridge profile
Enter this command in dot1q PCV
configuration mode.
7.
Specify the valid MAC addresses.
bridge mac-entry
Enter this command for the MAC
address of each station known to be on
this PVC.
8.
Bind the circuit to an existing bridged interface with one of the following tasks:
• Create a static binding to an interface.
bind interface
Enter this command in dot1q PCV
configuration mode.
• Create a static binding through a subscriber
record to an interface.
bind subscriber
Enter this command in dot1q PCV
configuration mode.
Note Configuration commands for other 802.1Q circuit attributes are not included in Table 10-5. For
information about configuring 802.1Q PVCs, see Chapter 6, “Circuit Configuration.”
Configure a Bridged ATM PVC
To configure a bridged ATM PVC, perform the tasks described in Table 10-6.
Table 10-6 Configure a Bridged ATM PVC
#
Task
Root Command
Notes
1.
Select the ATM port and access ATM OC or ATM
DS-3 configuration mode.
port atm
Enter this command in global configuration
mode.
2.
Specify the MTU.
mtu
All circuits bound to the same bridged interface
must have the same MTU configured for their
parent ports.
3.
Create the ATM PVC and access ATM PVC
configuration mode.
atm pvc
Specify the bridge1482 keyword for the
encapsulation.
4.
Assign a bridge profile.
bridge profile
10-8
Ports, Circuits, and Tunnels Configuration Guide
Configuration Examples
Table 10-6 Configure a Bridged ATM PVC (continued)
#
Task
Root Command
Notes
5.
Specify the valid MAC addresses.
bridge mac-entry
Enter this command for the MAC address of
each station know to be on this PVC.
6.
Bind the ATM PVC to an existing bridged interface with one of the following tasks:
• Create a static binding to an existing bridged
interface.
bind interface
• Create a static binding through a subscriber
record to an existing bridged interface.
bind subscriber
Note Configuration commands for other ATM PVC attributes are not included in Table 10-6. For
information about configuring ATM PVCs, see Chapter 6, “Circuit Configuration.”
Configure a Bridged Subscriber
To configure a subscriber record, named profile, or default profile for bridging, perform the tasks described
in Table 10-7.
Table 10-7 Configure a Bridged Subscriber
#
Task
Root Command
Notes
1.
Create the subscriber record, named profile, or
default profile and access subscriber
configuration mode.
subscriber
Enter this command in context configuration
mode.For more information about this
command, see the “Subscriber Configuration”
chapter in the Basic System Configuration
Guide for the SmartEdge OS.
2.
Assign a bridge profile to be used by the circuit
on which the subscriber session occurs.
bridge profile
3.
Associate it with an existing bridge.
bridge
Note Configuration commands for other subscriber attributes are not included in Table 10-7. For
information about configuring subscribers, see the “Subscriber Configuration” chapter in the Basic
System Configuration Guide for the SmartEdge OS.
Configuration Examples
The examples in this section provide partial command samples to illustrate the configuration of ATM and
Ethernet tributary and trunk circuits for ISP1 in Figure 10-1 and Figure 10-2; only the commands
specifically needed for bridging are included:
•
Bridge
•
Bridged Interface
•
Bridge Profile
•
Bridged Trunk Circuits
Bridging Configuration
10-9
Configuration Examples
•
Bridged Tributary Circuits
•
Bridged Subscriber
Bridge
The following example creates a context and two bridges with default attributes, except for those
configured:
[local]Redback(config)#context bridge
[local]Redback(config-ctx)#bridge isp1
[local]Redback(config-bridge)#description Bridge for all traffic to ISP1
[local]Redback(config-bridge)#aging-time 18000
[local]Redback(config-ctx)#bridge isp3
[local]Redback(config-bridge)#description Bridge for all traffic to ISP3
[local]Redback(config-bridge)#aging-time 18000
Bridged Interface
The following example creates a bridged interface for each ISP and associates it with the bridge for that
ISP:
[local]Redback(config)#context bridge
[local]Redback(config-ctx)#interface if-isp1 bridge
[local]Redback(config-if)#bridge name isp1
[local]Redback(config-if)#exit
[local]Redback(config-ctx)#interface if-isp3 bridge
[local]Redback(config-if)#bridge name isp3
Bridge Profile
The following example creates a bridge profile for a restricted trunk circuit:
[local]Redback(config-ctx)#bridge profile prof-isp-trunk
[local]Redback(config-bridge-profile)#mac-limit 10
[local]Redback(config-bridge-profile)#restricted
[local]Redback(config-bridge-profile)#trunk
The following example creates a bridge profile for an unrestricted tributary circuit:
[local]Redback(config-ctx)#bridge profile prof-sub-isp-trib
[local]Redback(config-bridge-profile)#mac-limit 10
[local]Redback(config-bridge-profile)#no trunk
10-10
Ports, Circuits, and Tunnels Configuration Guide
Configuration Examples
Bridged Trunk Circuits
The following example selects a Gigabit Ethernet port and configures it as a trunk circuit to ISP1:
[local]Redback(config)#port ethernet 5/1
[local]Redback(config-port)#bridge profile prof-isp-trunk
[local]Redback(config-port)#mtu 1500
[local]Redback(config-port)#bridge mac-entry 00:d0:ba:04:d8:05
[local]Redback(config-port)#bridge mac-entry 00:0a:0a:04:d8:06
[local]Redback(config-port)#bind interface if-isp1
The following example selects a Gigabit Ethernet port and configures it as a trunk circuit to ISP3:
[local]Redback(config)#port ethernet 5/3
[local]Redback(config-port)#bridge profile prof-isp-trunk
[local]Redback(config-port)#mtu 1500
[local]Redback(config-port)#bridge mac-entry 00:d0:ba:04:d8:07
[local]Redback(config-port)#bridge mac-entry 00:0a:0a:04:d8:08
[local]Redback(config-port)#bind interface if-isp3
Bridged Tributary Circuits
The following example selects an ATM OC port, configures it with an ATM PVC, and configures the PVC
as a tributary circuit for ISP1 subscribers:
[local]Redback(config)#port atm 3/1
[local]Redback(config-port)#mtu 1500
[local]Redback(config-atm-oc)#atm pvc 1 32 profile ubr encapsulation bridge1483
[local]Redback(config-atm-pvc)#bridge profile prof-sub-isp1-trib
[local]Redback(config-atm-pvc)#bridge mac-entry 00:00:00:00:01:33
[local]Redback(config-atm-pvc)#bridge mac-entry 00:0a:0a:04:01:34
[local]Redback(config-atm-pvc)#bind interface if-isp1
The following example selects an Ethernet port, configures it with an 802.1Q PVC, and configures the PVC
as a tributary circuit for IPS3 subscribers:
[local]Redback(config)#port ethernet 2/1
[local]Redback(config-port)#encapsulation dot1q
[local]Redback(config-port)#mtu 1500
[local]Redback(config-port)#dot1q pvc 100
[local]Redback(config-dot1q-pvc)#bridge profile prof-sub-isp3-trib
[local]Redback(config-dot1q-pvc)#bridge mac-entry 00:00:00:00:01:31
[local]Redback(config-dot1q-pvc)#bridge mac-entry 00:0a:0a:04:01:32
[local]Redback(config-dot1q-pvc)#bind interface if-isp3
Bridging Configuration
10-11
Command Descriptions
Bridged Subscriber
The following example creates a named subscriber profile and associates it with a bridge profile and a
bridge:
[local]Redback(config)#context bridge
[local]Redback(config-ctx)#subscriber profile isp1
[local]Redback(config-sub)#bridge profile prof-sub-isp1-trib
[local]Redback(config-sub)#bridge name isp1
[local]Redback(config-sub)#
The following example creates a subscriber record that has the named subscriber profile, isp1, associated
with it; the named subscriber profile associates the subscriber with the bridge profile and the bridge:
[local]Redback(config)#context bridge
[local]Redback(config-ctx)#subscriber name 9991112222
[local]Redback(config-sub)#profile isp1
Command Descriptions
This section describes the syntax and usage guidelines for the commands used to configure bridging
features. The commands are presented in alphabetical order.
aging-time
bridge
bridge mac-entry
bridge-only
bridge profile
broadcast rate-limit
multicast rate-limit
10-12
description
learning
mac-entry
mac-limit
restricted
trunk
unknown-dest rate-limit
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
aging-time
aging-time aging-time
{no | default} aging-time
Purpose
Specifies the time after which inactive learned medium access control (MAC) addresses are deleted for all
circuits that are bound to an interface that is associated with this bridge.
Command Mode
bridge configuration
Syntax Description
aging-time
Address age time (in seconds). The range is 10 to 1,000,000; the default value is 300
seconds.
Default
The aging time is 300 seconds (5 minutes).
Usage Guidelines
Use the aging-time command to specify the time after which inactive learned MAC addresses are deleted
for all circuits that will be bound an interface to an interface that is associated with this bridge.
Use the no or default form of this command to specify the default aging time for all circuits.
Examples
The following example specifies an aging time of 18,000 seconds (5 hours):
[local]Redback(config)#context bridge
[local]Redback(config-ctx)#bridge isp1
[local]Redback(config-bridge)#aging-time 18000
Related Commands
None
Bridging Configuration
10-13
Command Descriptions
bridge
In context configuration mode, the syntax is:
bridge bridge-name
no bridge bridge-name
In interface or subscriber configuration mode, the syntax is:
bridge name bridge-name
Purpose
In context configuration mode, creates a traditional bridge or selects one for modification and enters bridge
configuration mode; in interface or subscriber configuration mode, associates the bridge with the interface
or subscriber.
Command Mode
context configuration
interface configuration
subscriber configuration
Syntax Description
bridge-name
Name of the bridge to be created or selected.
name bridge-name Name of the bridge with which the interface or subscriber is associated.
Default
No bridges are created; no interface or subscriber is associated with any bridge.
Usage Guidelines
In context configuration mode, use the bridge command to create a traditional bridge or select one for
modification and enter bridge configuration mode; in interface or subscriber configuration mode, use this
command to associate the interface or subscriber with a bridge. You can create a bridge either before or
after you associate an interface or subscriber with it.
Only bridged interfaces can be associated with a bridge; you must create the interface using the interface
command with the bridge keyword (in context configuration mode).
Use the no form of this command (in context configuration mode) to delete the bridge.
To configure a Virtual Private LAN Service (VPLS) bridge, see the “VPLS Configuration” chapter of the
Routing Protocols Configuration Guide for the SmartEdge OS.
10-14
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
Examples
The following example creates a bridge, isp1:
[local]Redback(config)#context bridge
[local]Redback(config-ctx)#bridge isp1
[local]Redback(config-bridge)#
The following example creates a bridged interface and associates it with a bridge:
[local]Redback(config)#context bridge
[local]Redback(config-ctx)#interface if-isp1 bridge
[local]Redback(config-if)#bridge name isp1
[local]Redback(config-if)#
The following example creates a subscriber record and associates it with a bridge:
[local]Redback(config)#context bridge
[local]Redback(config-ctx)#subscriber name 9991112222@isp1
[local]Redback(config-if)#bridge name isp1
[local]Redback(config-if)#
Related Commands
None
Bridging Configuration
10-15
Command Descriptions
bridge mac-entry
bridge mac-entry mac-addr
no bridge mac-entry mac-addr
Purpose
Specifies a valid static medium access control (MAC) address of a station known to be on this circuit.
Command Mode
ATM PVC configuration
dot1q PVC configuration
port configuration
Syntax Description
mac-addr
Static MAC address of a station that is known to be on this circuit, from which source
packets are accepted, in the form hh:hh:hh:hh:hh:hh.
Default
None
Usage Guidelines
Use the bridge mac-entry command to specify a valid static MAC address of a station known to be on this
circuit. This MAC address is accepted by the bridge and the interface to which the circuit is bound.
Use the no form of this command to delete the specified MAC address for this circuit.
Examples
The following example specifies valid static MAC addresses for an Ethernet port:
[local]Redback(config)#port ethernet 3/1
[local]Redback(config-port)#bridge mac-entry 00:d0:ba:04:d8:05
[local]Redback(config-port)#bridge mac-entry 00:0a:0a:04:d8:06
Related Commands
mac-entry
10-16
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
bridge-only
bridge-only
no bridge-only
Purpose
Specifies the type of bridge.
Command Mode
bridge configuration
Syntax Description
This command has no keywords or arguments.
Default
The bridge type is bridge-only.
Usage Guidelines
Use the bridge-only command to specify the type of bridge. IP packets are bridged, not routed, in this
bridge.
Note This is the only type of bridge supported in this release.
Use the no form of this command to specify the default type of bridge.
Examples
The following example specifies the default bridge type (bridge-only):
[local]Redback(config)#context bridge
[local]Redback(config-ctx)#bridge isp1
[local]Redback(config-bridge)#bridge-only
Related Commands
None
Bridging Configuration
10-17
Command Descriptions
bridge profile
bridge profile {prof-name | default}
no bridge profile prof-name
Purpose
In global configuration mode, creates, or selects for modification, a bridge profile or the default bridge
profile, and enters bridge profile configuration mode; in all other modes, assigns an existing bridge profile
to this circuit or subscriber.
Command Mode
ATM PVC configuration
dot1q PVC configuration
global configuration
port configuration
subscriber configuration
Syntax Description
prof-name
Name of the profile to be created, selected, or assigned.
default
Creates or selects the default bridge profile.
Default
No bridge profiles exist or are assigned.
Usage Guidelines
In global configuration mode, use the bridge profile command to create, or select for modification, a
named bridge profile or the default bridge profile, and enter bridge profile configuration mode; in all other
modes, use this command to assign an existing named bridge profile to the circuit or the subscriber profile
or record.
Use the default keyword to create or select the default bridge profile. Each configured attribute in the
default profile is included in the configuration for any circuit that is bound to a bridged interface in any
context and that does not have a named bridge profile assigned to it.
Use the prof-name argument to create a named bridge profile. The configured attributes in the named
profile are appended to the configuration for any circuit to which that profile is assigned, and override the
attribute values in the default bridge profile.
For subscriber circuits, you can assign a named bridge profile to a default or named subscriber profile or to
a subscriber record. When the subscriber circuit is bound to a bridged interface, the attribute values in the
named bridge profile assigned to the subscriber record override those in the default bridge profile for the
circuit, unless the circuit is also assigned a named bridge profile.
10-18
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
If a named bridge profile is assigned to the circuit, then the attribute values in that named bridge profile
override the attribute values in the named bridge profile assigned to the subscriber record.
Use the no form of this command to delete the specified bridge profile; you cannot delete the default bridge
profile.
Examples
The following example creates a named bridge profile, prof-isp1:
[local]Redback(config)#bridge profile prof-isp1
[local]Redback(config-bridge-profile)#
The following example creates the default bridge profile:
[local]Redback(config)#bridge profile default
[local]Redback(config-bridge-profile)#trunk
[local]Redback(config-bridge-profile)#no restricted
[local]Redback(config-bridge-profile)#end
Related Commands
mac-limit
restricted
trunk
Bridging Configuration
10-19
Command Descriptions
broadcast rate-limit
broadcast rate-limit {kbps [burst-size bytes]}
no broadcast rate-limit
Purpose
Set the rate and burst tolerance for broadcast traffic on any port, circuit, or Virtual Private LAN Services
(VPLS) pseudo-wire circuit to which you assign this bridge profile.
Command Mode
bridge profile configuration
Syntax Description
kbps
Rate, in kilobits per second. The range of values is from 5 to 1,000,000.
burst-size bytes
Optional. Burst tolerance in bytes. The range of values is 1 to 12,000,000.
Default
No rate limiting is imposed on broadcast traffic on any port, circuit or VPLS pseudo-wire circuit to which
you assign this bridge profile.
Usage Guidelines
Use the broadcast rate-limit command to set the rate and burst tolerance for broadcast traffic on any port,
circuit, or VPLS pseudo-wire circuit to which this profile is assigned. For more information on VPLS
pseudo-wire circuits, see the “VPLS Configuration” chapter in the Routing Protocols Configuration Guide
for the SmartEdge OS.
Use the no form of this command to remove any rate limiting for broadcast traffic.
Examples
The following example creates the prof-isp1 bridge profile and rate limits the broadcast traffic to
6000000 kbps and the burst size to 10000 bytes:
[local]Redback(config)#bridge profile prof-isp1
[local]Redback(config-bridge-profile)#broadcast rate-limit 600000 burst-size 10000
Related Commands
bridge profile
multicast rate-limit
unknown-dest rate-limit
10-20
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
description
description text
{no | default} description
Purpose
Associates a textual description with a bridge.
Command Mode
bridge configuration
Syntax Description
text
Text string that identifies the bridge. Can be any alphanumeric string, including spaces, that
is not longer than 63 ASCII characters.
Default
No description is associated with any bridge.
Usage Guidelines
Use the description command to associate textual information with a bridge. This text displays by the
appropriate show command.
Use the no or default form of this command to delete the existing description. Because there can be only
one description for a bridge, when you use the no or default form of this command, it is not necessary to
include the text argument. To change a description, create a new one; it overwrites the existing one.
Examples
The following example associates a description with the bridge, isp1, configured in the bridge context:
[local]Redback(config)#context bridge
[local]Redback(config-ctx)#bridge isp1
[local]Redback(config-bridge)#description Bridge for all traffic to ISP1
Related Commands
None
Bridging Configuration
10-21
Command Descriptions
learning
learning
no learning
Purpose
Enables the bridge to learn medium access control (MAC) addresses.
Command Mode
bridge configuration
Syntax Description
This command has no keywords or arguments.
Default
Learning is enabled.
Usage Guidelines
Use the learning command to enable the bridge to learn MAC addresses.
Use the no form of this command to disable learning.
Examples
The following example disables learning for the bridge:
[local]Redback(config)#context bridge
[local]Redback(config-ctx)#bridge isp1
[local]Redback(config-bridge)#no learning
Related Commands
None
10-22
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
mac-entry
mac-entry drop mac-addr
no mac-entry drop mac-addr
Purpose
Specifies a medium access control (MAC) address that is not allowed on this bridge.
Command Mode
bridge configuration
Syntax Description
drop
Discards all packets on the specified MAC address.
mac-addr
MAC address that is not allowed on this bridge, in the form hh:hh:hh:hh:hh:hh.
Default
Packets with any MAC address are accepted.
Usage Guidelines
Use the mac-entry command to specify a MAC address that is not allowed on this bridge. Packets with this
MAC address, either as source or destination, are dropped unconditionally.
Use the no form of this command to remove the MAC address from the list of MAC addresses that are not
allowed on this bridge.
Examples
The following example specifies the MAC addresses that are not allowed on this bridge:
[local]Redback(config)#context bridge
[local]Redback(config-ctx)#bridge isp1
[local]Redback(config-bridge)#mac-entry drop 00:0d:ab:40:8d:50
[local]Redback(config-bridge)#mac-entry drop 00:a0:a0:40:d8:60
Related Commands
bridge mac-entry
Bridging Configuration
10-23
Command Descriptions
mac-limit
mac-limit {max-num | unlimited}
{no | default} mac-limit
Purpose
Specifies the maximum number of medium access control (MAC) addresses that can be learned by the
bridge or specified manually for any port, circuit or Virtual Private LAN Service (VPLS) pseudo-wire
circuit to which this profile is assigned.
Command Mode
bridge profile configuration
Syntax Description
max-num
Maximum number of learned MAC addresses. The range of values is 1 to 16,000.
unlimited
Does not impose a limit to the number of learned MAC addresses.
Default
The maximum number of learned MAC addresses is four for a tributary circuit to which a profile is
assigned. Trunk and VPLS circuits have no MAC limit.
Usage Guidelines
Use the mac-limit command to specify the maximum number of MAC addresses that can be learned by the
bridge or specified manually for any port, circuit, or VPLS pseudo-wire circuit to which this profile is
assigned. For more information about VPLS pseudo-wire circuits, see the “VPLS Configuration” chapter
of the Routing Protocols Configuration Guide for the SmartEdge OS.
MAC addresses are specified manually using the bridge mac-entry command (in ATM PVC, dot1q PVC,
or port configuration mode).
Use the no or default form of this command to specify the default limitation.
Examples
The following example specifies 10 as the maximum number of MAC addresses for this profile:
[local]Redback(config)#bridge profile prof-isp1
[local]Redback(config-bridge-profile)#mac-limit 10
Related Commands
bridge mac-entry
restricted
trunk
10-24
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
multicast rate-limit
multicast rate-limit {kbps [burst-size bytes]}
no multicast rate-limit
Purpose
Set the rate and burst tolerance for multicast traffic on any port, circuit, or Virtual Private LAN Services
(VPLS) pseudo-wire circuit to which you assign this bridge profile.
Command Mode
bridge profile configuration
Syntax Description
kbps
Rate in kilobits per second. The range of values is 5 to 1,000,000.
burst-size bytes
Optional. Burst tolerance in bytes. The range of values is 1 to 12,000,000.
Default
No rate limiting is imposed on multicast traffic on any port, circuit, or VPLS pseudo-wire circuit to which
you assign this bridge profile.
Usage Guidelines
Use the multicast rate-limit command to set the rate and burst tolerance for multicast traffic on any port,
circuit, or VPLS pseudo-wire circuit to which this profile is assigned. For more information about VPLS
pseudo-wire circuits, see the “VPLS Configuration” chapter in the Routing Protocols Configuration Guide
for the SmartEdge OS.
Use the no form of this command to remove any rate limiting for multicast traffic.
Examples
The following example creates the prof-isp1 bridge profile and rate limits the multicast traffic to
6000000 kbps and the burst size to 10000 bytes:
[local]Redback(config)#bridge profile prof-isp1
[local]Redback(confg-bridge-profile)#multicast rate-limit 600000 burst-size 10000
Related Commands
bridge profile
broadcast rate-limit
unknown-dest rate-limit
Bridging Configuration
10-25
Command Descriptions
restricted
restricted
{no | default} restricted
Purpose
Specifies that circuits (including Virtual Private LAN Services (VPLS) circuits) to which this profile is
assigned are restricted to accepting only source packets from statically allowed medium access control
(MAC) addresses.
Command Mode
bridge profile configuration
Syntax Description
This command has no keywords or arguments.
Default
Circuits are not restricted.
Usage Guidelines
Use the restricted command to specify that circuits (including VPLS circuits) to which this profile is
assigned are restricted to accepting only packets from statically allowed MAC addresses. Learning is not
possible on restricted circuits.
This command causes all MAC addresses previously learned for a circuit to which this profile is assigned
to be erased. It also prevents learning of MAC addresses on the circuit, because packets from unknown
MAC addresses are dropped before they are learned.
Use the no or default form of this command to remove the restriction from the profile.
Examples
The following example specifies that the MAC addresses be restricted for any circuit to which this profile
is assigned:
[local]Redback(config)#bridge profile prof-isp1
[local]Redback(config-bridge-profile)#restricted
Related Commands
mac-limit
trunk
10-26
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
trunk
trunk
{no | default} trunk
Purpose
Specifies that any circuit to which this profile is assigned is a trunk circuit.
Command Mode
bridge profile configuration
Syntax Description
This command has no keywords or arguments.
Default
Any circuit to which this profile is assigned is a tributary circuit.
Usage Guidelines
Use the trunk command to specify that any circuit to which this profile is assigned is a trunk circuit.
Use the no or default form of this command to specify the default condition.
Examples
The following example specifies that the profile be a trunk profile:
[local]Redback(config)#bridge profile prof-isp1
[local]Redback(config-bridge-profile)#trunk
Related Commands
mac-limit
restricted
Bridging Configuration
10-27
Command Descriptions
unknown-dest rate-limit
unknown-dest rate-limit {kbps [burst-size bytes]}
no unknown-dest rate-limit
Purpose
Sets the rate and burst tolerance for traffic to unknown destinations on any port, circuit, or Virtual Private
LAN Services (VPLS) pseudo-wire circuit to which you assign this bridge profile.
Command Mode
bridge profile configuration
Syntax Description
kbps
Rate in kilobits per second. The range of values is 5 to 1,000000.
burst-size bytes
Optional. Burst tolerance in bytes. The range of values is 1 to 12,000,000.
Default
No rate limiting is imposed on traffic to unknown destinations on any port, circuit, or VPLS pseudo-wire
circuit to which this profile is assigned.
Usage Guidelines
Use the unknown-dest rate-limit command to set the rate and burst tolerance for traffic to unknown
destinations on any port, circuit, or VPLS pseudo-wire circuit to which you assign this bridge profile. For
more information about VPLS pseudo-wire circuits, see the “VPLS Configuration” chapter in the Routing
Protocols Configuration Guide for the SmartEdge OS.
Note To protect against DOS attacks, you should always configure the rate limit.
Examples
The following example creates the prof-isp1 bridge profile and rate limits the destination traffic to
6000000 kbps and the burst size to 10000:
[local]Redback(config)#bridge profile prof-isp1
[local]Redback(config-bridge-profile)#unknown-dest rate-limit 600000 burst-size 10000
Related Commands
bridge profile
broadcast rate-limit
multicast rate-limit
10-28
Ports, Circuits, and Tunnels Configuration Guide
Chap ter 11
Cross-Connection Configuration
This chapter provides an overview of cross-connecting circuits, describes the tasks used to configure
cross-connections between circuits, provides configuration examples, and detailed descriptions of the
commands used to configure cross-connections through the SmartEdge® OS.
Only Asynchronous Transfer Mode (ATM) and 802.1Q permanent virtual circuits (PVCs), including those
that you have configured with multiprotocol encapsulation, can be cross-connected.
Note An 802.1Q PVC is also referred to as an 802.1Q virtual LAN (VLAN); however, within this
chapter, it is the PVC, not the VLAN, that is being configured.
A multiprotocol-encapsulated circuit can carry child circuits with any combination of Point-to-Point
Protocol over Ethernet (PPPoE) traffic, Internet Protocol over Ethernet (IPoE) or IP Version 6 (IPv6) over
Ethernet (IPv6oE) traffic; you can cross-connect the parent circuit as well as the child circuits.
Note When IP Version 6 (IPv6) addresses are not referenced or explicitly specified, the term, IP address,
can refer generally to IP Version 4 (IPv4) addresses, IPv6 addresses, or IP addressing. In instances
where IPv6 addresses are referenced or explicitly specified, the term, IP address, refers only to IPv4
addresses. For a description of IPv6 addressing and the types of IPv6 addresses, see RFC 3513,
Internet Protocol Version 6 (IPv6) Addressing Architecture.
Configuration commands for ATM and 802.1Q PVCs are described in Chapter 6, “Circuit Configuration.”
For information about the tasks and commands used to monitor, troubleshoot, and administer
cross-connections, see the “Bridge and Cross-Connection Operations” chapter in the Ports, Circuits, and
Tunnels Operations Guide for the SmartEdge OS.
For protocol- or feature-specific commands that appear in any of the circuit configuration modes, see the
appropriate chapter in this guide, in the Routing Protocols Configuration Guide for the SmartEdge OS, or
the IP Services and Security Configuration Guide for the SmartEdge OS.
This chapter includes the following sections:
•
Overview
•
Configuration Tasks
•
Configuration Examples
•
Command Descriptions
Cross-Connection Configuration
11-1
Overview
Overview
Cross-connected circuits allow you to connect two circuits of the same or different type to pass traffic
transparently through the SmartEdge router. One circuit is designated as the inbound circuit; the other is
designated as the outbound circuit. However, both circuits are bidirectional, and traffic flows in both
directions but only as allowed by the encapsulation of each circuit.
This section describes cross-connections in the following topics:
•
Types of Non-Interworking Cross-Connections
•
Filtering Traffic Using Non-Interworking Cross-Connections
•
Interworking Cross-Connections
Types of Non-Interworking Cross-Connections
The following sections describe the various types of non-interworking cross-connections:
•
ATM PVC to ATM PVC
•
ATM PVC to 802.1Q PVC
•
802.1Q PVC to 802.1Q PVC
ATM PVC to ATM PVC
When cross-connecting an ATM PVC to another ATM PVC, both PVCs must have the same type of
encapsulation. Encapsulation types include RFC 1483 bridged, RFC 1483 routed, multiprotocol (for ATM
parent circuits), PPPoE, or raw mode. Traffic is passed through the SmartEdge router without filtering,
because the encapsulations always match.
Table 11-1 lists the combinations of parent and child circuit encapsulations (the keywords used in the
command syntax) for inbound and outbound circuits, the type of traffic that is cross-connected, and the
section that describes the configuration tasks for cross-connecting ATM PVCs to ATM PVCs.
Note In Table 11-1, Bridge 1483 refers to traffic on circuits with RFC 1483 bridged encapsulation and
Route 1483 refers to traffic on circuits with RFC 1483 routed encapsulation.
Table 11-1
Supported Encapsulations for ATM PVCs to ATM PVCs
Inbound Circuit
Encapsulation Keyword
Outbound Circuit
Encapsulation Keyword
Cross-Connected
Circuit Traffic
Configuration Tasks Described in This Section
bridge1483
bridge1483
Bridge 1483
“Cross-Connecting Circuits Without Child Circuits”
pppoe
pppoe
PPPoE
raw
raw
Raw
route1483
route1483
Route 1483
multi
multi
IPoE-to-IPoE
“Cross-Connecting Parent and Child Circuits”
IPV6oE-to-IPV6oE
PPPoE-to-PPPoE
multi
11-2
pppoe
PPPoE-to-PPPoE
“Cross-Connecting a Circuit with a Child Circuit”
Ports, Circuits, and Tunnels Configuration Guide
Overview
ATM PVC to 802.1Q PVC
The following combinations of ATM PVCs and 802.1Q PVCs, with and without child circuits, can be
cross-connected, and filtering can occur:
•
An ATM PVC with bridge1483 encapsulation can be cross-connected to an 802.1Q PVC with dot1q
encapsulation.
•
An ATM PVC with multi encapsulation can be cross-connected to an 802.1Q PVC with dot1q or multi
encapsulation.
•
An ATM PVC with pppoe encapsulation can be cross-connected to an 802.1Q PVC with dot1q or
pppoe encapsulation, or to the pppoe-encapsulated child circuit of an 802.1Q PVC with multi
encapsulation.
Table 11-2 lists the combinations of parent and child circuit encapsulations (the keywords used in the
command syntax) for inbound and outbound circuits, the type of traffic that is cross-connected, and the
section that describes the configuration tasks for cross-connecting ATM PVCs to 802.1Q PVCs.
Note In Table 11-2, Bridge 1483 refers to traffic on circuits with RFC 1483 bridged encapsulation.
Table 11-2
Supported Encapsulations for ATM PVCs to 802.1Q PVCs
Inbound Circuit
Encapsulation Keyword
Outbound Circuit
Encapsulation Keyword
Cross-Connected
Circuit Traffic
Configuration Tasks Described in This Section
bridge1483
dot1q
Bridge 1483-to-802.1Q
“Cross-Connecting Circuits Without Child Circuits”
multi
dot1q
IPoE-to-802.1Q
“Cross-Connecting a Circuit with a Child Circuit”
IPV6oE-to-802.1Q
PPPoE-to-802.1Q
multi
multi
IPoE-to-IPoE
“Cross-Connecting Parent and Child Circuits”
IPV6oE-to-IPV6oE
PPPoE-to-PPPoE
multi
pppoe
PPPoE-to-PPPoE
“Cross-Connecting a Circuit with a Child Circuit”
pppoe
dot1q
PPPoE-to-802.1Q
“Cross-Connecting Circuits Without Child Circuits”
pppoe
PPPoE-to-PPPoE
multi
PPPoE-to-PPPoE
pppoe
Cross-Connection Configuration
“Cross-Connecting a Circuit with a Child Circuit”
11-3
Overview
802.1Q PVC to 802.1Q PVC
802.1Q PVCs, with and without child circuits, with different encapsulations can be cross-connected, and
filtering can occur.
Table 11-3 lists the combinations of parent and child circuit encapsulations (the keywords used in the
command syntax) for inbound and outbound circuits, the type of traffic that is cross-connected, and the
section that describes the configuration tasks for cross-connecting 802.1Q PVCs to 802.1Q PVCs.
Table 11-3
Supported Encapsulations for 802.1Q PVCs to 802.1Q PVCs
Inbound Circuit
Encapsulation Keyword
Outbound Circuit
Encapsulation Keyword
Cross-Connected
Circuit Traffic
Configuration Tasks Described in This Section
dot1q
dot1q
802.1Q-to-802.1Q
“Cross-Connecting Circuits Without Child Circuits”
multi
dot1q
IPoE-to-802.1Q
“Cross-Connecting a Circuit with a Child Circuit”
IPV6oE-to-802.1Q
PPPoE-to-802.1Q
multi
multi
IPoE-to-IPoE
“Cross-Connecting Parent and Child Circuits”
IPV6oE-to-IPV6oE
PPPoE-to-PPPoE
pppoe
dot1q
PPPoE-to-802.1Q
“Cross-Connecting Circuits Without Child Circuits”
pppoe
multi
PPPoE-to-PPPoE
“Cross-Connecting a Circuit with a Child Circuit”
pppoe
pppoe
PPPoE-to-PPPoE
“Cross-Connecting Circuits Without Child Circuits”
Filtering Traffic Using Non-Interworking Cross-Connections
Filtering traffic using non-interworking cross-connections is described in the following sections:
•
Filtering Using Child Circuits
•
Filtering Using Circuits with Unlike Encapsulations
Filtering Using Child Circuits
A multiprotocol-encapsulated circuit (also referred to as the parent circuit) can carry any combination of
Point-to-Point Protocol over Ethernet (PPPoE) traffic, Internet Protocol over Ethernet (IPoE), or
IP version 6 (IPv6) over Ethernet (IPv6oE) traffic.
Note The traffic for a parent circuit is IPoE, but the encapsulation keyword is multi.
Filtering of the traffic of a particular type on a parent circuit is provided for by creating a child circuit with
that type of encapsulation. Thus, a multiprotocol ATM or 802.1Q PVC can be parent to two child circuits
in addition to the parent circuit: one for PPPoE traffic (pppoe encapsulation) and one for IPv6oE traffic
(ipv6oe encapsulation). In addition, the parent circuit carries IPoE traffic (ipoe encapsulation).
You can cross-connect a child circuit to another child circuit or to a circuit that has no child circuits.
When an inbound circuit is cross-connected to an outbound circuit with the same type of encapsulation, the
inbound traffic is filtered, with only the packets with the designated encapsulation being passed to the
outbound circuit.
11-4
Ports, Circuits, and Tunnels Configuration Guide
Overview
To support child circuits, an ATM or 802.1Q PVC must be configured with multiprotocol encapsulation, as
described in Chapter 6, “Circuit Configuration.”
Figure 11-1 shows the packet flow across a multiprotocol ATM PVC and how the traffic is split between
an IPoE, IPv6oE, and PPPoE destinations. In this example, the inbound IPoE parent circuit is terminated
and routed to a Gigabit Ethernet port.
Figure 11-1 Traffic Paths for a Multiprotocol ATM PVC
Filtering Using Circuits with Unlike Encapsulations
Usually, you configure a cross-connection to pass through traffic of a particular type. In this case, the
encapsulation of both the inbound and outbound circuits is the same and no other filtering takes place.
For example, an inbound child circuit with PPPoE traffic on an ATM PVC passes only PPPoE traffic to an
outbound circuit. If the outbound circuit is a child circuit with PPPoE encapsulation, all the inbound PPPoE
packets flow across the connection in both directions.
However, when the encapsulations of the circuits that form the cross-connection are different, the
cross-connection acts as a filter on the traffic passing from the inbound circuit to the outbound circuit, and
conversely.
For example, for a cross-connection between an inbound child circuit with PPPoE encapsulation and an
outbound 802.1Q PVC with dot1q encapsulation, the following filtering actions occur:
•
In the inbound to outbound direction:
— Because the inbound child circuit has only PPPoE traffic, all other traffic on the parent circuit is
ignored.
— Because the dot1q encapsulation accepts PPPoE traffic, no packets are discarded; all PPPoE packets
are transmitted over the 802.1Q PVC.
Cross-Connection Configuration
11-5
Configuration Tasks
•
In the outbound to inbound direction:
— Because the dot1q encapsulation accepts all IP traffic, no packets are discarded.
— Because the child circuit accepts only PPPoE traffic, any nonPPPoE packets are discarded.
Interworking Cross-Connections
Interworking cross-connections allow you to receive IPv4 frames from an ATM PVC with RFC 1483
routed encapsulation and transmit them on an 802.1Q PVC.
Figure 11-2 shows an interworking network. The IPv4 device at each end is configured with ATM PVCs
or 802.1Q PVCs. The SmartEdge router provides the interworking cross-connection between the two types
of PVCs.
Figure 11-2 Interworking Network
Because the IPv4 device on the ATM PVC side is not capable of Address Resolution Protocol (ARP)
functions, the SmartEdge OS provides the following functions for the IPv4 device on the 802.1Q PVC side:
•
Responds to its ARP queries
•
Generates periodic ARP requests to learn about its medium access control (MAC) address
•
Generates gratuitous ARP packets if any MAC changes occur
All non-ARP packets are simply cross-connected.
Configuration tasks for this type of cross-connection are described in the “Cross-Connecting an ATM PVC
to an 802.1Q PVC for Interworking” section.
Configuration Tasks
Note In this section, the command syntax in the task tables displays only the root command; for the
complete command syntax, see the full description for the command in the “Command
Descriptions” section.
Cross-connected circuit configuration tasks are described in the following sections:
11-6
•
Cross-Connecting Circuits Without Child Circuits
•
Cross-Connecting Parent and Child Circuits
•
Cross-Connecting a Circuit with a Child Circuit
•
Cross-Connecting an ATM PVC to an 802.1Q PVC for Interworking
Ports, Circuits, and Tunnels Configuration Guide
Configuration Tasks
Cross-Connecting Circuits Without Child Circuits
You can cross-connect any of the following combinations of inbound and outbound circuits:
•
Inbound ATM PVC to outbound ATM PVC with matching encapsulation types (bridge1483,
route1483, pppoe, or raw)
•
Inbound ATM PVC with bridge1483 or pppoe encapsulation to outbound 802.1Q PVC with dot1q or
pppoe encapsulation
•
Inbound 802.1Q PVC with dot1q or pppoe encapsulation to outbound 802.1Q PVC with dot1q
encapsulation
This section includes the following topics:
•
Cross-Connect ATM PVCs
•
Cross-Connect 802.1Q PVCs
•
Cross-Connect an ATM PVC to an 802.1Q PVC
•
Complete the Configuration of the ATM or 802.1Q PVCs
Cross-Connect ATM PVCs
To configure and cross-connect inbound and outbound ATM PVCs, perform the tasks described in
Table 11-4.
Table 11-4
Configure Cross-Connected ATM PVCs
#
Task
Root Command
Notes
1.
Create one or more inbound ATM PVCs
and access ATM PVC configuration mode.
atm pvc
Enter this command in ATM OC or ATM DS-3 configuration
mode.
2.
Create one or more outbound ATM PVCs
and access ATM PVC configuration mode.
atm pvc
3.
Create the cross-connection between the
inbound and outbound circuits.
xc
Use the explicit keyword to create a range of PVCs.
Specify bridge1483, route1483, pppoe, or raw encapsulation;
encapsulation types must match on inbound and outbound
circuits.
Enter this command in global configuration mode.
Do not specify the encapsulation of either circuit.
This command effectively binds the inbound circuit to the
outbound circuit.
Cross-Connection Configuration
11-7
Configuration Tasks
Cross-Connect 802.1Q PVCs
To configure and cross-connect inbound and outbound 802.1Q PVCs, perform the tasks described in
Table 11-5.
Table 11-5
Cross-Connect 802.1Q PVCs
#
Task
Root Command
1.
Create an inbound 802.1Q PVC and access
dot1q PVC configuration mode.
dot1q pvc
Create an outbound 802.1Q PVC and access
dot1q PVC configuration mode.
dot1q pvc
Create the cross-connection between the
inbound and outbound 802.1Q PVCs.
xc
2.
3.
Notes
Enter this command in port configuration mode.
Specify dot1q or pppoe encapsulation.
Enter this command in port configuration mode.
Specify dot1q encapsulation.
Enter this command in global configuration mode.
Do not specify the encapsulation of either circuit.
This command effectively binds the inbound circuit to the
outbound circuit.
Cross-Connect an ATM PVC to an 802.1Q PVC
To configure and cross-connect inbound ATM PVCs and outbound 802.1Q PVCs, perform the tasks
described in Table 11-6.
Table 11-6
Cross-Connect an ATM PVC to an 802.1Q PVC
#
Task
Root Command
Notes
1.
Create one or more inbound ATM PVCs
and access ATM PVC configuration mode.
atm pvc
Enter this command in ATM OC or ATM DS-3 configuration
mode.
Use the explicit keyword to create a range of PVCs.
Specify bridge1483 or pppoe encapsulation.
2.
3.
Create an outbound 802.1Q PVC and
access dot1q PVC configuration mode.
dot1q pvc
Create the cross-connection between the
inbound and outbound circuits.
xc
Enter this command in port configuration mode.
Specify dot1q, multi, or pppoe encapsulation. Only dot1
encapsulation is supported when cross-connecting to ATM
PVCs with bridge1483 encapsulation.
Enter this command in global configuration mode.
Do not specify the encapsulation of either circuit.
This command effectively binds the inbound circuit to the
outbound circuit.
Complete the Configuration of the ATM or 802.1Q PVCs
To complete the configuration of the circuits, either ATM or 802.1Q PVC, perform the tasks described in
the appropriate section in Chapter 6, “Circuit Configuration,” but do not bind the PVC.
11-8
Ports, Circuits, and Tunnels Configuration Guide
Configuration Tasks
Cross-Connecting Parent and Child Circuits
You can cross-connect any of the following combinations of inbound and outbound parent and child
circuits:
•
Inbound ATM PVC to outbound ATM PVC
•
Inbound ATM PVC to outbound 802.1Q PVC
•
Inbound 802.1Q PVC to outbound 802.1Q PVC
This section includes the following topics:
•
Configure Ports and Circuits for Non-Cross-Connected Traffic
•
Cross-Connect ATM or 802.1Q PVC Parent and Child Circuits
Configure Ports and Circuits for Non-Cross-Connected Traffic
To route traffic on inbound circuits that are not cross-connected, you must configure ports and circuits
capable of supporting that type of traffic and bind each port and circuit to an interface. For child circuits,
ports and circuits can be of any type that support IP packets; for example, in Figure 11-1, one such port is
a Gigabit Ethernet port.
To configure an ATM or Ethernet port, see Chapter 3, “ATM, Ethernet, and POS Port Configuration”; to
configure an ATM or 802.1Q PVC, see Chapter 6, “Circuit Configuration.”
Cross-Connect ATM or 802.1Q PVC Parent and Child Circuits
To configure inbound and outbound child circuits on either multiprotocol (parent) ATM PVCs or 802.1Q
PVCs, and cross-connect them, perform the tasks described in Table 11-7.
Table 11-7
Cross-Connect ATM or 802.1Q PVC Parent and Child Circuits
#
Task
1.
Create the inbound circuit with one of the following tasks:
• Create one or more ATM PVCs and access
ATM PVC configuration mode.
Root Command
atm pvc
Notes
Enter this command in ATM OC or ATM DS-3
configuration mode.
Use the explicit keyword to create a range of PVCs.
Specify multi encapsulation.
• Create an 802.1Q PVC and access dot1q PVC
configuration mode.
dot1q pvc
2.
Associate the IP address and MAC address of
the remote host on the ATM or 802.1Q PVC.
ip host
Enter this command in ATM or dot1q PVC
configuration mode only if the PVC is to be bound to
an interface.
3.
Create a child circuit for inbound traffic on a
multiprotocol circuit and access ATM or dot1q
child protocol configuration mode.
circuit protocol
Enter this command in ATM or dot1q PVC
configuration mode.
Cross-Connection Configuration
Enter this command in port configuration mode.
Specify multi encapsulation.
11-9
Configuration Tasks
Table 11-7
Cross-Connect ATM or 802.1Q PVC Parent and Child Circuits (continued)
#
Task
Root Command
4.
Create the outbound circuit with one of the following tasks:
• Create one or more ATM PVCs and access
ATM PVC configuration mode.
atm pvc
Notes
Enter this command in ATM OC or ATM DS-3
configuration mode.
Use the explicit keyword to create a range of PVCs.
Specify multi encapsulation.
• Create an 802.1Q PVC and access dot1q PVC
configuration mode.
dot1q pvc
5.
Create the child circuit for outbound traffic and
access ATM or dot1q child protocol configuration
mode.
circuit protocol
6.
Cross-connect or bind the child circuits with one of the following tasks: (The cross-connection command effectively binds the
inbound circuit to the outbound circuit.)
• Cross-connect the inbound and outbound child
circuits.
Enter this command in port configuration mode.
Specify multi encapsulation.
xc
Enter this command in ATM or dot1q PVC
configuration mode.
Enter this command for each child circuit in global
configuration mode.
Specify the encapsulation of both circuits.
• Bind the inbound PPPoE-encapsulated child
circuit to terminate its traffic.
7.
bind authentication
Enter this command in ATM or dot1q child protocol
configuration mode. This option is available only for
child circuits with PPPoE encapsulation.
Cross-connect or bind the parent circuits with one of the following tasks:
• Cross-connect the inbound and outbound
parent circuits.
xc
Enter this command in global configuration mode. Do
not specify the encapsulation of either circuit.
• Bind the inbound parent circuit to an interface
for inbound traffic to terminate its IPoE traffic.
bind interface
Enter this command in ATM or dot1q PVC
configuration mode.
Note If you neither cross-connect, nor bind an inbound parent or child circuit, its traffic is dropped.
Cross-Connecting a Circuit with a Child Circuit
You can cross-connect any of the following combinations of circuits without child circuits and
multi-protocol (parent) circuits with child circuits:
•
Inbound ATM PVC with multi encapsulation to outbound ATM PVC with pppoe encapsulation
•
Inbound ATM PVC with multi encapsulation to outbound 802.1Q PVC with dot1q or pppoe
encapsulation
•
Inbound 802.1Q PVC with multi encapsulation to outbound 802.1Q PVC with dot1q encapsulation
•
Inbound ATM PVC with pppoe encapsulation to outbound 802.1Q PVC with multi encapsulation
•
Inbound 802.1Q PVC with pppoe encapsulation to outbound 802.1Q PVC with multi encapsulation
This section includes the following topics:
11-10
•
Configure Ports and Circuits for Non-Cross-Connected Traffic
•
Cross-Connect an Inbound Child Circuit with an Outbound Circuit
•
Cross-Connect an Inbound Circuit with an Outbound Child Circuit
Ports, Circuits, and Tunnels Configuration Guide
Configuration Tasks
Configure Ports and Circuits for Non-Cross-Connected Traffic
To route traffic on child circuits that are not cross-connected, you must configure ports and circuits capable
of supporting that type of traffic and bind each port and circuit to an interface. For child circuits, ports and
circuits can be of any type that support IP packets; for example, in Figure 11-1, one such port is a Gigabit
Ethernet port.
To configure an ATM or Ethernet port, see Chapter 3, “ATM, Ethernet, and POS Port Configuration”; to
configure an ATM or 802.1Q PVC, see Chapter 6, “Circuit Configuration.”
Cross-Connect an Inbound Child Circuit with an Outbound Circuit
To configure an inbound child circuit on either multiprotocol ATM PVCs or 802.1Q PVCs, and
cross-connect it to an ATM or 802.1Q PVC, perform the tasks described in Table 11-8.
Table 11-8
Cross-Connect an Inbound Child Circuit with an Outbound Circuit
#
Task
Root Command
1.
Create the inbound circuit with one of the following tasks:
• Create one or more ATM PVCs and access
ATM PVC configuration mode.
atm pvc
Notes
Enter this command in ATM OC or ATM DS-3
configuration mode.
Use the explicit keyword to create a range of PVCs.
Specify multi encapsulation.
• Create an 802.1Q PVC and access dot1q PVC
configuration mode.
dot1q pvc
2.
Associate the IP address and MAC address of
the remote host on the ATM PVC.
ip host
Enter this command in ATM PVC configuration mode
only if the ATM PVC is to be bound to an interface.
3.
Create a child circuit for inbound traffic on a
multiprotocol circuit and access ATM or dot1q
child protocol configuration mode.
circuit protocol
Enter this command in ATM or dot1q PVC configuration
mode.
4.
Create the outbound circuit with one of the following tasks:
• Create one or more ATM PVCs and access
ATM PVC configuration mode.
Enter this command in port configuration mode.
Specify multi encapsulation.
atm pvc
Enter this command in ATM OC or ATM DS-3
configuration mode.
Use the explicit keyword to create a range of PVCs.
Specify pppoe encapsulation.
5.
• Create an 802.1Q PVC and access dot1q PVC
configuration mode.
dot1q pvc
Cross-connect the inbound child circuit to the
outbound circuit
xc
Enter this command in port configuration mode.
Specify dot1q or pppoe encapsulation.
Enter this command in global configuration mode.
Specify the encapsulation of the inbound child circuit.
Note You can either cross-connect the inbound parent circuit or bind it to an interface; if you do neither,
its traffic is dropped.
Cross-Connection Configuration
11-11
Configuration Tasks
Cross-Connect an Inbound Circuit with an Outbound Child Circuit
To configure an ATM or 802.1Q PVC, and cross-connect it to an outbound child circuit on either a
multiprotocol ATM or 802.1Q PVC, perform the tasks described in Table 11-9.
Table 11-9
Cross-Connect an Inbound Circuit with an Outbound Child Circuit
#
Task
Root Command
1.
Create the inbound circuit with one of the following tasks:
• Create one or more ATM PVCs and access
ATM PVC configuration mode.
atm pvc
Notes
Enter this command in ATM OC or ATM DS-3
configuration mode.
Use the explicit keyword to create a range of PVCs.
Specify pppoe encapsulation.
• Create an 802.1Q PVC and access dot1q PVC
configuration mode.
dot1q pvc
2.
Associate the IP address and MAC address of
the remote host on the ATM PVC.
ip host
3.
Create the outbound circuit with one of the following tasks:
• Create one or more ATM PVCs and access
ATM PVC configuration mode.
Enter this command in port configuration mode.
Specify pppoe encapsulation.
Enter this command in ATM PVC configuration mode
only if the ATM PVC is to be bound to an interface.
atm pvc
Enter these commands in ATM OC or ATM DS-3
configuration mode.
Use the explicit keyword to create a range of PVCs.
Specify multi encapsulation.
• Create an 802.1Q PVC and access dot1q PVC
configuration mode.
dot1q pvc
Enter this command in port configuration mode.
4.
Create a child circuit for outbound traffic on a
multiprotocol circuit and access ATM or dot1q
child protocol configuration mode.
circuit protocol
5.
Cross-connect the inbound circuit to the
outbound child circuit.
xc
Specify multi encapsulation.
Enter this command in ATM or dot1q PVC configuration
mode.
Enter this command in global configuration mode.
Specify the encapsulation of the outbound child circuit.
Cross-Connecting an ATM PVC to an 802.1Q PVC for Interworking
This section includes the following topics:
11-12
•
Configuration Guidelines for an Interworking Cross-Connection
•
Cross-Connect an ATM PVC to an 802.1Q PVC for Interworking
•
Complete the Configuration of the ATM and 802.1Q PVCs
Ports, Circuits, and Tunnels Configuration Guide
Configuration Examples
Configuration Guidelines for an Interworking Cross-Connection
The following guidelines apply to interworking cross-connections:
Caution Risk of data loss. To reduce the risk of data loss when configuring an interworking
cross-connection between an ATM PVC with RFC 1483 routed encapsulation and an 802.1Q
PVC, observe the following guidelines:
• To prevent long service interruption, the IPv4 device attached to the 802.1Q PVC must be
configured with a low ARP timeout value (we recommend three minutes).
• If the IP address changes for the IPv4 device attached to the ATM PVC, the administrator
must ensure that the ARP cache on the SmartEdge router is cleared, using the clear arp-cache
command (in exec mode) with the interworking keyword, for the IP address change to take
effect. For information about the using the clear arp-cache command, see the “ARP
Operations” chapter in the IP Services and Security Operations Guide for the SmartEdge OS.
Cross-Connect an ATM PVC to an 802.1Q PVC for Interworking
To configure and cross-connect inbound ATM PVCs and outbound 802.1Q PVCs for interworking, perform
the tasks described in Table 11-10.
Table 11-10 Cross-Connect an ATM PVC to an 802.1Q PVC for Interworking
#
Task
Root Command
Notes
1.
Create one or more inbound ATM PVCs
and access ATM PVC configuration mode.
atm pvc
Enter this command in ATM OC or ATM DS-3 configuration
mode.
Use the explicit keyword to create a range of PVCs.
Specify route1483 encapsulation.
2.
3.
Create an outbound 802.1Q PVC and
access dot1q PVC configuration mode.
dot1q pvc
Create the interworking connection
between the inbound and outbound
circuits.
xc
Enter this command in port configuration mode.
Specify dot1q or multi encapsulation.
Enter this command in global configuration mode.
Do not specify the encapsulation of either circuit; specify the
interworking keyword.
This command effectively binds the inbound circuit to the
outbound circuit.
Complete the Configuration of the ATM and 802.1Q PVCs
To complete the configuration of the ATM and 802.1Q PVCs, perform the tasks described in the appropriate
section in Chapter 6, “Circuit Configuration,” but do not bind the PVCs.
Configuration Examples
This section includes the following partial examples; only the commands to configure the
cross-connections are included:
•
Cross-Connected ATM PVCs
•
Cross-Connected Child Circuits
•
Cross-Connected Circuit with Child Circuit
•
Cross-Connected Circuits for Interworking
Cross-Connection Configuration
11-13
Configuration Examples
Cross-Connected ATM PVCs
The following example creates two ATM PVCs on an ATM OC port with an existing profile, ubr, and
encapsulated with raw mode, and cross-connects them:
[local]Redback(config)#port atm 3/1
[local]Redback(config-atm-oc)#atm pvc 0 32 profile ubr encapsulation raw
[local]Redback(config-atm-pvc)#exit
[local]Redback(config-atm-oc)#exit
[local]Redback(config)#port atm 4/2
[local]Redback(config-atm-oc)#atm pvc 1 55 profile ubr encapsulation raw
[local]Redback(config-atm-pvc)#exit
[local]Redback(config-atm-oc)#exit
[local]Redback(config)#xc 3/1 vpi-vci 0 32 to 4/2 vpi-vci 1 55
Note Fragmentation is not supported; the inbound and outbound IP packets are accepted or transmitted
based on the size of the maximum transmission unit (MTU) of the inbound and outbound ports.
Cross-Connected Child Circuits
The following example creates a cross-connection between two PPPoE child circuits on ATM PVCs on
ATM OC ports with VPI 33 and VCIs 110 and 111 on the ATM ports 1 and 2 in slot 3. Both PVCs use
an ATM profile, pf3. The incoming ATM PVC is assigned an IP address and bound to an already existing
interface, ip-out, which is in the local context. Only the commands related to creating the
cross-connection are shown.
[local]Redback#configure
!Create the ATM PVC for the inbound PPPoE child circuit.
[local]Redback(config)#port atm 3/1
[local]Redback(config-atm-oc)#atm pvc 33 110 profile pf3 encapsulation multi
!Assign an IP address and MAC address to the ATM PVC (IPoE encapsulation) and bind it to
an interface.
[local]Redback(config-atm-pvc)#ip host 172.16.11.4 00:30:88:01:01:01
[local]Redback(config-atm-pvc)#bind interface ip-out local
!Create the inbound PPPoE child circuit on the ATM PVC.
[local]Redback(config-atm-pvc)#circuit protocol pppoe
[local]Redback(config-atm-child-proto)#exit
[local]Redback(config-atm-pvc)#exit
[local]Redback(config-atm-oc)#exit
[local]Redback(config)#
!Create the ATM PVC for the outbound PPPoE child circuit.
[local]Redback(config)#port atm 3/2
[local]Redback(config-atm-oc)#atm pvc 33 111 profile pf3 encapsulation multi
!Create the outbound PPPoE child circuit on the ATM PVC.
[local]Redback(config-atm-pvc)#circuit protocol pppoe
[local]Redback(config-atm-child-proto)#exit
[local]Redback(config-atm-pvc)#exit
11-14
Ports, Circuits, and Tunnels Configuration Guide
Configuration Examples
[local]Redback(config-atm-oc)#exit
[local]Redback(config-config)#
!Cross-connect the inbound and outbound PPPoE child circuits on the ATM PVCs.
[local]Redback(config)#xc 3/1 vpi-vci 33 110 pppoe to 3/2 vpi-vci 33 111 pppoe
Cross-Connected Circuit with Child Circuit
The following example creates an ATM PVC for inbound traffic with PPPoE encapsulation on an ATM OC
port, an 802.1Q PVC for outbound traffic, and cross-connects the ATM PVC with the PPPoE child circuit
on the 802.1Q PVC:
!Create the ATM PVC
[local]Redback(config)#port atm 3/1
[local]Redback(config-atm-oc)#atm pvc 2 50 profile test encapsulation pppoe
[local]Redback(config-atm-pvc)#exit
[local]Redback(config-atm-oc)#exit
!Create the 802.1Q PVC
[local]Redback(config)#port ethernet 2/1
[local]Redback(config-port)#encapsulation dot1q
[local]Redback(config-port)#dot1q pvc 1 encapsulation multi
[local]Redback(config-dot1q-pvc)#
!Create the outbound PPPoE child circuit on the 802.1Q PVC.
[local]Redback(config-dot1q-pvc)#circuit protocol pppoe
[local]Redback(config-dot1q-child-proto)#exit
[local]Redback(config-dot1q-pvc)#exit
[local]Redback(config-port)#exit
[local]Redback(config)#
!Cross-connect the ATM PVC to the PPPoE child circuit on the 802.1Q PVC
[local]Redback(config)#xc 3/1 vpi-vci 2 50 to 2/1 vlan-id 1 pppoe
Cross-Connected Circuits for Interworking
The following example creates an ATM PVC with RFC 1483 routed encapsulation on an ATM OC port, an
802.1Q PVC, and an interworking cross-connection between the two circuits. Only inbound IPoE (IPv4)
packets are forwarded from the inbound circuit to the outbound circuit:
!Create the ATM PVC and its IPoE circuit
[local]Redback(config)#port atm 3/1
[local]Redback(config-atm-oc)#atm pvc 3 110 profile test encapsulation route1483
[local]Redback(config-atm-pvc)#exit
[local]Redback(config-atm-oc)#exit
!Create the 802.1Q PVC
[local]Redback(config)#port ethernet 2/1
[local]Redback(config-port)#encapsulation dot1q
[local]Redback(config-port)#dot1q pvc 5
[local]Redback(config-port)#exit
Cross-Connection Configuration
11-15
Command Descriptions
!Cross-connect the ATM PVC to the 802.1Q PVC
[local]Redback(config)#xc 3/1 vpi-vci 3 110 to 2/1 vlan-id 5 interworking
Command Descriptions
This section describes the syntax and usage guidelines for the commands used to configure cross-connected
circuits. The commands are presented in alphabetical order.
circuit protocol
ip host
xc
11-16
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
circuit protocol
circuit protocol encaps-type
no circuit protocol encaps-type
Purpose
Creates a child circuit on a multiprotocol Asynchronous Transfer Mode (ATM) or 802.1Q permanent
virtual circuit (PVC), specifies an encapsulation for it, and enters ATM or dot1q child protocol
configuration mode.
Command Mode
ATM PVC configuration
dot1Q PVC configuration
Syntax Description
encaps-type
Type of encapsulation for the circuit, according to one of the following keywords:
• ipv6oe—Specifies IP Version 6 (IPv6) over Ethernet (IPv6oE) protocol.
• pppoe—Specifies Point-to-Point Protocol over Ethernet (PPPoE) protocol.
Default
No child circuit is created for a multiprotocol ATM or 802.1Q PVC.
Usage Guidelines
Use the circuit protocol command to create a child circuit on a multiprotocol ATM or 802.1Q PVC, specify
a protocol for it, and then enter ATM or do1tq child protocol configuration mode.
You must have specified the multi keyword when you created the ATM PVC using the atm pvc command
(in ATM OC or ATM DS-3 configuration mode), or when you created the 802.1Q PVC using the dot1q
pvc command (in port configuration mode); otherwise, you cannot create child circuits on the ATM or
802.1Q PVC.
This command, together with the xc command (in global configuration mode), acts as a filter on a
multiprotocol ATM or 802.1Q PVC to pass only the type of packets specified by the encaps-type argument:
•
If the child circuit functions as an inbound circuit in the cross-connection, only the specified packet
types are passed to the outbound child circuit.
•
If the child circuit functions as an outbound circuit in the cross-connection, only the specified packet
types are accepted by it.
Use the no form of this command to delete the circuit.
Cross-Connection Configuration
11-17
Command Descriptions
Examples
The following example creates an ATM PVC encapsulated to support multiple protocols and creates an
IPv6oE-encapsulated child circuit on that PVC. If this child circuit functions as an inbound circuit, only
IPv6oE-encapsulated packets will be passed to an outbound circuit; if it functions as an outbound circuit,
only Iv6PoE-encapsulated packets will be accepted by it.
[local]Redback(config)#port atm 3/1
[local]Redback(config-atm-oc)#atm pvc 10 10 profile pf3 encapsulation multi
[local]Redback(config-atm-pvc)#circuit protocol ipv6oe
[local]Redback(config-atm-child-proto)#
The following example creates an 802.1Q PVC encapsulated to support multiple protocols and creates a
PPPoE-encapsulated child circuit on that PVC. If this child circuit functions as an inbound circuit, only
PPPoE-encapsulated packets will be passed to an outbound circuit; if it functions as an outbound circuit,
only PPPoE-encapsulated packets will be accepted by it.
[local]Redback(config)#port ethernet 4/1
[local]Redback(config-port)#encapsulation dot1q
[local]Redback(config-port)#dot1q pvc 10 profile pf2 encapsulation multi
[local]Redback(config-dot1q-pvc)#circuit protocol pppoe
[local]Redback(config-dot1q-child-proto)#
Related Commands
atm pvc—ATM DS-3 configuration mode
atm pvc—ATM OC configuration mode
dot1q pvc
11-18
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
ip host
ip host ip-addr[/prefix-length | mac-addr]
no ip host ip-addr[/prefix-length | mac-addr]
Purpose
Associates a multiprotocol 802.1Q permanent virtual circuit (PVC) or Asynchronous Transfer Mode
(ATM) PVC with the IP address and medium access control (MAC) address of the remote host on the
circuit.
Command Mode
ATM PVC configuration
dot1q PVC configuration
Syntax Description
ip-addr
IP address of the host on this circuit in the form A.B.C.D.
prefix-length
Optional. Prefix length for the associated IP address. The range of values is 0 to 32.
mac-addr
Optional. MAC address of the remote host on this circuit in the form
hh:hh:hh:hh:hh:hh.
Default
No IP address or MAC address is associated with the IPoE circuit.
Usage Guidelines
Use the ip host command to associate a multiprotocol 802.1Q or ATM PVC with the IP address and MAC
address of the remote host on the circuit.
Use this command only if the PVC is to be bound to an interface.
Use the no form of this command to delete the association.
Note This command is also documented in Chapter 6, “Circuit Configuration,” for 802.1Q, ATM, and
Frame Relay PVCs and in Chapter 12, “GRE Tunnel Configuration,” for Generic Routing
Encapsulation (GRE) tunnel circuits.
Examples
The following example creates a multiprotocol ATM PVC on an ATM OC port and, because it is not to be
cross-connected, associates an IP address and MAC address with it, and binds it to an interface:
[local]Redback(config)#port atm 2/1
[local]Redback(config-atm-oc)#atm pvc 4 210 profile cbr1 encapsulation multi
[local]Redback(config-atm-pvc)#ip host 1.1.1.4 00:30:88:01:01:01
[local]Redback(config-atm-pvc)#bind interface ip-out local
Cross-Connection Configuration
11-19
Command Descriptions
Related Commands
None
11-20
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
xc
For an interworking cross-connection between an Asynchronous Transfer Mode (ATM) permanent virtual
circuit (PVC) with route1483 encapsulation to an 802.1Q PVC, the command syntax is:
xc slot-in/port-in {vlan-id vlan-id-in [through end-vlan-in] | vpi-vci vpi-in vci-in
[through end-vci-in]} to slot-out/port-out {vlan-id vlan-id-out [through end-vlan-out] | vpi-vci
vpi-out vci-out [through end-vci-out]} interworking
no xc slot-in/port-in {vlan-id vlan-id-in [through end-vlan-in] | vpi-vci vpi-in vci-in
[through end-vci-in]} to slot-out/port-out {vlan-id vlan-id-out [through end-vlan-out] |
vpi-vci vpi-out vci-out [through end-vci-out]} interworking
For all other cross-connections, the command syntax is:
xc slot-in/port-in {vlan-id vlan-id-in [through end-vlan-in] | vpi-vci vpi-in vci-in
[through end-vci-in]} [encaps-type] to slot-out/port-out {vlan-id vlan-id-out
[through end-vlan-out] | vpi-vci vpi-out vci-out [through end-vci-out]} [encaps-type]
no xc slot-in/port-in {vlan-id vlan-id-in [through end-vlan-in] | vpi-vci vpi-in vci-in
[through end-vci-in]} [encaps-type] to slot-out/port-out {vlan-id vlan-id-out
[through end-vlan-out] | vpi-vci vpi-out vci-out [through end-vci-out]} [encaps-type]
Purpose
Creates a cross-connection between an inbound circuit on an ATM or 802.1Q PVC and an outbound circuit
on an ATM or 802.1Q PVC.
Command Mode
global configuration
Syntax Description
slot-in
Chassis slot number of the traffic card with the ATM or 802.1Q PVC with
inbound traffic for which a cross-connection is to be specified.
port-in
Port number with the ATM or 802.1Q PVC with inbound traffic for which a
cross-connection is to be specified.
vlan-id vlan-id-in
Virtual LAN (VLAN) tag value for the 802.1Q PVC with inbound traffic for
which a cross-connection is to be specified. The value for the vlan-id-in
argument can include one of the following constructs:
• tunl-in:vlan-in—VLAN tag value for the tunnel, followed by the VLAN tag
value, for the PVC within the tunnel.
• tunl-in—VLAN tag value for the tunnel.
• vlan-in—VLAN tag value for the PVC, which is not within a tunnel.
through end-vlan-in
Cross-Connection Configuration
Optional. Final VLAN tag value for a range of 802.1Q PVCs with inbound
traffic that are to be cross-connected. The number of 802.1Q PVCs in the input
range must match the number in the output range.
11-21
Command Descriptions
vpi-vci vpi-in vci-in
Virtual path identifier (VPI) and virtual circuit identifier (VCI) of the ATM PVC
with inbound traffic for which a cross-connection is to be specified.
through end-vci-in
Optional. Final VCI for a range of ATM PVCs with inbound traffic that are to be
cross-connected. The number of ATM PVCs in the input range must match the
number in the output range.
encaps-type
Optional. Encapsulation circuit type for which a cross-connection is to be
specified, according to one of the following keywords:
• ipv6oe—Specifies that the circuit is Internet Protocol version 6 over Ethernet
(IPv6oE)-encapsulated.
• pppoe—Specifies that the circuit is Point-to-Point Protocol over Ethernet
(PPPoE)-encapsulated.
Required only if the specified circuit is an IPv6oE or PPPoE circuit. Not
specified when the specified circuit is encapsulated as bridge1483, dot1q, raw, or
route1483.
to
Indicates the start of the outbound circuit specification.
slot-out
Chassis slot number of the traffic card with the ATM or 802.1Q PVC with the
circuit with outbound traffic for which a cross-connection is to be specified.
port-out
Port number of the port with the ATM or 802.1Q PVC with outbound traffic for
which a cross-connection is to be specified.
vlan-id vlan-id-out
VLAN tag value for the 802.1Q PVC with outbound traffic for which a
cross-connection is to be specified. The value for the vlan-id-out argument van
include one of the following constructs:
• tunl-out:vlan-out—VLAN tag value for the tunnel followed by the VLAN tag
value for the PVC within the tunnel.
• tunl-out—VLAN tag for the value of the tunnel.
• vlan-out—VLAN tag value for the PVC, which is not within a tunnel.
through end-vlan-out Optional. Final VLAN tag value for a range of 802.1Q PVCs with outbound
traffic that are to be cross-connected. The number of 802.1Q PVCs in the output
range must match the number in the input range.
vpi-vci vpi-out vci-out VPI and VCI of the ATM PVC with outbound traffic for which a
cross-connection is to be specified.
through end-vci-out
Optional. Final VCI for a range of ATM PVCs with outbound traffic that are to
be cross-connected. The number of ATM PVCs in the output range must match
the number in the input range.
interworking
Specifies an interworking cross-connection between an ATM PVC with
route1483 encapsulation and an 802.1Q PVC.
Default
No cross-connections are defined.
11-22
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
Usage Guidelines
Use the xc command to create a cross-connection between an inbound parent or child circuit on an ATM
or 802.1Q PVC, and an outbound parent or child circuit on an ATM or 802.1Q PVC. This command
effectively binds the inbound circuit to the outbound circuit.
If you specify the through end-vci-in and through end-vci-out constructs, the number of ATM PVCs in the
input range must match the number specified by the output range.
If you specify the through end-vlan-in and through end-vlan-out constructs, the number of 802.1Q PVCs
in the input range must match the number specified by the output range.
Table 11-11 lists the supported combinations of parent and child circuit encapsulations (keywords) and the
traffic that is cross-connected.
You can cross-connect tunnels even if they contain PVCs within them.
Table 11-11 Supported Cross-Connections and Their Encapsulations
Parent Circuit Type for
Bidirectional Cross-Connection
Inbound Parent
Circuit Encapsulation
Outbound Parent
Circuit Encapsulation
Cross-Connected Circuit Traffic
ATM PVC-to-ATM PVC
bridge1483
bridge1483
Parent-to-parent
pppoe
pppoe
Parent-to-parent
raw
raw
Parent-to-parent
route1483
route1483
Parent-to-parent
multi
multi
IPoE-to-IPoE parent-to-parent
IPv6oE-to-IPv6oE child-to-child
PPPoE-to-PPPoE child-to-child
ATM PVC-to-802.1Q PVC
multi
pppoe
PPPoE-to-PPPoE child-to-parent
bridge1483
dot1q
Parent-to-parent (No child circuits)
multi
dot1q
IPoE-to-802.1Q parent-to-parent
IPv6oE-to-802.1Q child-to-parent
PPPoE-to-802.1Q child-to-parent
multi
multi
IPoE-to-IPoE parent-to-parent
IPv6oE-to-IPv6oE child-to-child
PPPoE-to-PPPoE child-to-child
Cross-Connection Configuration
multi
pppoe
PPPoE-to-PPPoE child-to-parent
pppoe
dot1q
PPPoE-to-802.1Q parent-to-parent
pppoe
pppoe
PPPoE-to-PPPoE parent-to-parent
pppoe
multi
PPPoE-to-PPPoE parent-to-child
11-23
Command Descriptions
Table 11-11 Supported Cross-Connections and Their Encapsulations (continued)
Parent Circuit Type for
Bidirectional Cross-Connection
Inbound Parent
Circuit Encapsulation
Outbound Parent
Circuit Encapsulation
Cross-Connected Circuit Traffic
802.1Q PVC-to-802.1Q PVC
dot1q
dot1q
Parent-to-parent
multi
dot1q
IPoE-to-802.1Q parent-to-parent
IPv6oE-to-802.1Q child-to-parent
PPPoE-to-802.1Q child-to-parent
multi
multi
IPoE-to-IPoE parent-to-parent
IPv6oE-to-IPv6oE child-to-child
PPPoE-to-PPPoE child-to-child
Interworking ATM PVC-to-802.1Q PVC
pppoe
dot1q
PPPoE-to-802.1Q parent-to-parent
pppoe
multi
PPPoE-to-PPPoE parent-to-child
pppoe
pppoe
PPPoE-to-PPPoE parent-to-parent
raw
raw
Parent-to-parent
route1483
dot1q
IPv4-to-802.1Q parent-to-parent
multi
Note Any PPPoE or IPv6oE child circuit on a parent can be cross-connected to a child on another parent
with the same type of encapsulation. The inbound IPoE parent circuits are usually terminated and
routed to any IP-type port or circuit, such as a Gigabit Ethernet port, but can be cross-connected
instead, or the traffic can be dropped. IPv6oE child circuits must be cross-connected.
Note Any circuit with raw encapsulation must be cross-connected.
Note You cannot bind ATM or 802.1Q circuits with raw encapsulation to either an interface or subscriber.
The traffic that flows through the cross-connection between the inbound and outbound circuits depends on
the encapsulation specified for the inbound and outbound circuits.
•
For parent circuits, the encapsulation type specified for the circuit filters the type of packets passed
through the cross-connection, with only the inbound type of encapsulated packets being passed to the
outbound circuit and only the outbound type of encapsulated packets being accepted by the outbound
circuit.
•
For child circuits, the circuit protocol command (in protocol configuration mode), acts as the filter,
with only the specified type of encapsulated packets being passed from the inbound child circuit to the
outbound child circuit and only the outbound type of encapsulated packets being accepted by the
outbound child circuit.
Use the interworking keyword only if you are cross-connecting an ATM PVC with RFC 1483-routed
encapsulation to a multiprotocol 802.1Q PVC. In this instance, only the IPv4 packets are forwarded to the
802.1Q PVC.
Use the show bypass command (in any mode) to display information about one or more cross-connected
circuits.
Use the no form of this command to delete the cross-connection between two circuits on one or more ATM
PVCs or 802.1Q PVCs.
11-24
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
Examples
The following example specifies cross-connections between the inbound PPPoE circuits on a range of ATM
PVCs with VCIs 1 to 10 on port 1 of the ATM card in slot 3 and the outbound PPPoE circuits on a range
of ATM PVCs with VCIs 101 to 110 on port 1 of the ATM card in slot 9; both ranges of PVCs use VPI
32. In this example, only PPPoE-encapsulated packets are passed from the inbound circuits and only
PPPoE-encapsulated packets are accepted by the outbound circuits.
[local]Redback(config)#xc 3/1 vpi-vci 1 101 through 110 pppoe to 9/1 vpi-vci 2 101
through 110 pppoe
The following example creates two ATM PVCs on ATM OC ports with an existing profile, ubr, and
encapsulated with raw mode, and cross-connects them. In this example, any type of packet is passed from
the inbound circuit and accepted by the outbound circuit.
[local]Redback(config)#port atm 3/1
[local]Redback(config-atm-oc)#atm pvc 0 32 profile ubr encapsulation raw
[local]Redback(config-atm-pvc)#exit
[local]Redback(config-atm-oc)#exit
[local]Redback(config)#port atm 4/2
[local]Redback(config-atm-oc)#atm pvc 1 55 profile ubr encapsulation raw
[local]Redback(config-atm-pvc)#exit
[local]Redback(config-atm-oc)#exit
[local]Redback(config)#xc 3/1 vpi-vci 0 32 to 4/2 vpi-vci 1 55
The following example creates a multiprotocol ATM PVC on an ATM OC port, an 802.1Q PVC, and
cross-connects the two circuits. In this example, all dot1q-encapsulated packets are passed from the
inbound circuit but only IPoE-encapsulated packets are accepted by the outbound circuit.
!Create the ATM PVC and its IPoE circuit
[local]Redback(config)#port atm 3/1
[local]Redback(config-atm-oc)#atm pvc 2 115 profile test encapsulation multi
[local]Redback(config-atm-pvc)#exit
[local]Redback(config-atm-oc)#exit
!Create the 802.1Q PVC
[local]Redback(config)#port ethernet 2/1
[local]Redback(config-port)#encapsulation dot1q
[local]Redback(config-port)#dot1q pvc 1
[local]Redback(config-port)#exit
!Cross-connect the ATM PVC to the 802.1Q PVC
[local]Redback(config)#xc 3/1 vpi-vci 2 115 to 2/1 vlan-id 1
The following example creates an ATM PVC with RFC 1483 routed encapsulation on an ATM OC port, a
multiprotocol 802.1Q PVC, and an interworking cross-connection between the two circuits. Only inbound
IPoE (IPv4) packets are forwarded from the inbound circuit to the outbound circuit.
!Create the ATM PVC and its IPoE circuit
[local]Redback(config)#port atm 3/1
[local]Redback(config-atm-oc)#atm pvc 3 110 profile test encapsulation route1483
[local]Redback(config-atm-pvc)#exit
[local]Redback(config-atm-oc)#exit
Cross-Connection Configuration
11-25
Command Descriptions
!Create the 802.1Q PVC
[local]Redback(config)#port ethernet 2/1
[local]Redback(config-port)#encapsulation dot1q
[local]Redback(config-port)#dot1q pvc 3 encapsulation multi
[local]Redback(config-port)#exit
!Cross-connect the ATM PVC to the 802.1Q PVC
[local]Redback(config)#xc 3/1 vpi-vci 3 110 to 2/1 vlan-id 5 12-13-interworking
The following example creates two cross-connected 802.1Q PVC circuits with raw encapsulation:
! Create the first 802.1Q PVC circuits with raw encapsulation
[local]Redback(config)#port ethernet 1/1
[local]Redback(config-port)#encapsulation dot1q
[local]Redback(config-port)#dot1q pvc 100 encapsulation raw
[local]Redback(config-port)exit
!Create the second 802.1Q PVC circuits with raw encapsulation
[local]Redback(config)#port ethernet 2/2
[local]Redback(config-port)#encapsulation dot1q
[local]Redback(config)#dot1q pvc 200 encapsulation raw
[local]Redback(config-port)exit
!Cross-connect the two circuits
xc 1/1 vlan-id 100 to 2/2 vlan-id 200
Related Commands
circuit protocol
11-26
Ports, Circuits, and Tunnels Configuration Guide
Part 5
Tunnels
This part describes the tasks and commands used to configure basic features for Generic Routing
Encapsulation (GRE) tunnels and tunnel circuits, Layer 2 Tunneling Protocol (L2TP) peers and groups, and
overlay tunnel configurations.
This part consists of the following chapters:
•
Chapter 12, “GRE Tunnel Configuration”
•
Chapter 13, “L2TP Configuration”
•
Chapter 14, “Overlay Tunnel Configuration”
Chapter 12
GRE Tunnel Configuration
This chapter provides an overview of Generic Routing Encapsulation (GRE) tunnels and tunnel circuits
over IP Version 4 (IPv4) and IP Version 6 (IPv6) and GRE Virtual Private Networks (VPNs), describes the
tasks used to configure GRE features, provides configuration examples, and detailed descriptions of the
commands used to configure GRE features through the SmartEdge® OS.
For information about the tasks and commands used to monitor, troubleshoot, and administer GRE tunnels
and tunnel circuits, see the “Tunnel Operations” chapter in the Ports, Circuits, and Tunnels Operations
Guide for the SmartEdge OS.
For protocol- or feature-specific commands that appear in any of the GRE configuration modes, see the
appropriate chapter in this guide, in the Routing Protocols Configuration Guide for the SmartEdge OS, or
the IP Services and Security Configuration Guide for the SmartEdge OS.
This chapter includes the following sections:
•
Overview
•
Configuration Tasks
•
Configuration Examples
•
Command Descriptions
Overview
GRE is a simple, stateless protocol that allows for the tunneling of IP in IP. The SmartEdge OS
implementation of GRE over IPv4 is based on these IETF documents:
•
RFC 1702, Generic Routing Encapsulation over IPv4 Networks
•
RFC 2784, Generic Routing Encapsulation
•
RFC 2893, Transition Mechanisms for IPv6 Hosts and Routers
The following topics are included in this section:
•
Using GRE Tunnels and Tunnel Circuits with IPv6 Packets
•
Using GRE Tunnels and Tunnel Circuits with IPv4 Packets
•
Using GRE Tunnels and Tunnel Circuits for VPNs
GRE Tunnel Configuration
12-1
Overview
Note When IPv6 addresses are not referenced or explicitly specified, the term, IP address, can refer
generally to (IPv4 addresses, IPv6 addresses, or IP addressing. In instances where IPv6 addresses
are referenced or explicitly specified, the term, IP address, refers only to IPv4 addresses. For a
description of IPv6 addressing and the types of IPv6 addresses, see RFC 3513, Internet Protocol
Version 6 (IPv6) Addressing Architecture.
Using GRE Tunnels and Tunnel Circuits with IPv6 Packets
GRE allows you to connect remote sites using IPv6 addresses over a public network that uses publicly
routable IPv4 addresses. IPv6 packets traveling through the tunnel are encapsulated with a GRE header and
then with an IPv4 header using addresses from the public IPv4 address as shown in Figure 12-1.
Figure 12-1 GRE Tunnel Packet Encapsulation for IPv6 Packets
GRE tunnel circuits allow you to multiplex traffic from different users through the same tunnel. Each tunnel
uses an IPv4 routing infrastructure to transfer IP packets through the tunnel. Each tunnel circuit is assigned
a unique key and bound to an interface. Each tunnel circuit then acts as a point-to-point circuit connection
for traffic associated with that interface.
Using GRE Tunnels and Tunnel Circuits with IPv4 Packets
GRE allows you to connect remote sites using private IP addresses over a public network that uses publicly
routable IP addresses. IP packets traveling through the tunnel are encapsulated with an IP header from the
public address space as shown in Figure 12-2.
Figure 12-2 GRE Tunnel Packet Encapsulation for IPv4 Packets
GRE tunnel circuits allow you to multiplex traffic from different users through the same tunnel. Each tunnel
circuit is assigned a unique key and bound to an interface. Each tunnel circuit then acts as a point-to-point
circuit connection for traffic associated with that interface.
12-2
Ports, Circuits, and Tunnels Configuration Guide
Overview
Using GRE Tunnels and Tunnel Circuits for VPNs
One of the more common applications of GRE tunneling is the creation of VPNs to connect to remote sites.
Multiple SmartEdge OS contexts and GRE tunnel circuits, one for each VPN, demultiplex traffic for each
VPN into its own IP address space. Thus each context acts as a dedicated virtual router for a VPN, where
the IP address space (for example, private addresses as described in RFC 1918, Address Allocation for
Private Internets) and routing databases are maintained separately from other contexts.
In this model, a single tunnel is created between the local site and each remote site. Each GRE tunnel is
defined in a context, usually local, and connected to the public network. A single public IP address is
assigned to each end of each tunnel and is shared by all tunnel circuits using that tunnel. For each VPN, a
context and an interface are created; then a GRE tunnel circuit with a unique key identifier is created for
the VPN in the tunnel and bound to the VPN’s interface in the VPN’s context.
Figure 12-3 shows the GRE tunnel architecture with multiple contexts. In the figure, each key identifies a
tunnel circuit that is bound to an interface in a different context.
Figure 12-3 GRE Tunnel Architecture
Traffic from users in Context A travels over the tunnel circuit identified with Key 1 and is kept separated
from traffic from users in Context B, which travels over the tunnel circuit identified with Key 2,
although both circuits share the same GRE tunnel and physical link, the Gigabit Ethernet port (shown as
the heavy line labeled “GigE”).
Using GRE, an arbitrary network topology can be overlaid on the physical topology; that is, each VPN can
have a topology independent of the topology to which the physical SmartEdge router is connected. Multiple
topologies are supported: full mesh, partial mesh, and hub-and-spoke.
To facilitate IP connectivity between VPNs on different SmartEdge routers over GRE tunnels, several
options exist:
•
For simple topologies, static routes in each VPN context can be used.
•
For hub-and-spoke and dual hub-and-spoke topologies, a combination of static routing and Routing
Information Protocol (RIP) can be used. Each spoke VPN is configured with a static default route to the
GRE tunnel attached to the hub site, and is configured using RIP to disseminate downstream prefixes
to the hub. Each hub VPN is configured to run RIP in passive mode to listen for prefixes from spoke
routers.
GRE Tunnel Configuration
12-3
Configuration Tasks
•
For more complex topologies, each VPN can run its own instance of a routing protocol, such as RIP or
Open Shortest Path First (OSPF).
Configuration Tasks
Note In this section, the command syntax in the task tables displays only the root command; for the
complete command syntax, see the full description for the command in the “Command
Descriptions” section.
To configure GRE tunneling, perform the tasks described in the following sections:
•
Configuration Guidelines for GRE Tunnels and Tunnel Circuits
•
Configure a GRE Tunnel
•
Configure a GRE Tunnel Circuit
•
Configure a GRE Tunnel Circuit Used as a VPN
Configuration Guidelines for GRE Tunnels and Tunnel Circuits
This section includes the following topics:
•
Configuration Guidelines for GRE Tunnels
•
Configuration Guidelines for GRE Tunnel Circuits
Configuration Guidelines for GRE Tunnels
Consider the following guidelines when configuring a GRE tunnel:
12-4
•
Usually, a GRE tunnel is created in the local context to make it available to all tunnel circuits, including
those configured for VPNs.
•
You can configure multiple tunnels, but usually only one tunnel between sites.
•
A GRE tunnel requires at least one tunnel circuit.
•
If you create a GRE tunnel in the local context, you can create its tunnel circuits and bind them to
interfaces created in any context. If you create a GRE tunnel in any other context (not the local context),
you must bind all its tunnel circuits to interfaces that have been created in the same context as the GRE
tunnel.
•
If you are creating more than one tunnel, they can use the same local interface as long as the remote
interfaces are all different. To use an interface and its public IP address for more than one tunnel, use
the interface command with the loopback keyword in context configuration mode. The loopback
keyword allows you to reuse the public IP address for more than one tunnel.
•
The local IP address specified by the loc-ip-addr argument must match the IP address of an interface
that you have configured in the same context that you are entering this command.
Ports, Circuits, and Tunnels Configuration Guide
Configuration Tasks
•
If the local IP address that you assign to the local tunnel interface is not adjacent to the IP address of
the tunnel interface at the remote site and the remote site cannot be reached with a routing protocol, you
must also enter the ip route command in context configuration mode; for more information, see the “IP
Routing” chapter in the Routing Protocols Configuration Guide for the SmartEdge OS.
•
The remote IP address at one end of the GRE tunnel is the same as the local IP address at the other end
of the GRE tunnel and conversely. If the remote IP address is not adjacent to the local IP address, and
the remote site cannot be reached with a routing protocol, you must also enter the ip route command in
context configuration mode.
Configuration Guidelines for GRE Tunnel Circuits
Consider the following guidelines when configuring any GRE tunnel circuit:
•
To configure keepalive packets for a tunnel circuit, it must be configured in the same context as the
tunnel.
•
To allow multiple tunnel circuits through a tunnel, you must assign a unique key to each tunnel circuit
associated with the tunnel.
Consider the following guidelines when configuring a GRE tunnel circuit as a VPN:
•
To keep traffic separate from different users, you must create a context for each tunnel circuit (VPN)
that will use the tunnel. For this reason, keepalive packets are not supported for tunnel circuits used as
VPNs.
•
You must assign a private IP address to the interface you create for the tunnel circuit (or VPN); you can
reuse this IP address for each tunnel circuit (or VPN) that you create, because you have defined the
interface for each tunnel circuit in a different context.
Configure a GRE Tunnel
To configure a GRE tunnel, perform the tasks described in Table 12-1.
Table 12-1 Configure a GRE Tunnel
#
Task
Root Command
Notes
1.
Create or select the context for the tunnel and
access context configuration mode.
context
Enter this command in global configuration
mode. For more information about this
command, see the “Context Configuration”
chapter in the Basic System Configuration
Guide for the SmartEdge OS.
2.
Create or select the local interface for the tunnel
and access interface configuration mode.
interface
For more information about this command, see
the “Interface Configuration” chapter in the
Basic System Configuration Guide for the
SmartEdge OS.
3.
Assign a public IP address to the local interface.
ip address
This is an IPv4 address. For more information
about this command, see the “Subscriber
Configuration” chapter in the Basic System
Configuration Guide for the SmartEdge OS.
4.
Create the tunnel, associate the local and
remote public IP addresses with it, and access
GRE peer configuration mode.
gre-peer
Enter this command in context configuration
mode.
GRE Tunnel Configuration
12-5
Configuration Tasks
Table 12-1 Configure a GRE Tunnel
#
Task
5.
Specify optional tunnel attributes:
6.
Root Command
Associate a description with the GRE tunnel.
description
Enable the logging of state changes.
log-state-changes
Enable the tunnel (begin operations on it).
shutdown
Notes
Use the no form to enable the tunnel.
Configure a GRE Tunnel Circuit
For data to flow through a GRE tunnel, you must configure at least one tunnel circuit. You must decide
whether the tunnel circuit is being used as a VPN or not.
Configure a GRE Tunnel Circuit Not Being Used as a VPN
To configure a tunnel circuit that is not being used as a VPN, perform the tasks described in Table 12-2.
Table 12-2 Configure a GRE Tunnel Circuit
#
Task
Root Command
Notes
1.
Select the context for the tunnel circuit and access
context configuration mode.
context
Enter this command in global configuration mode.
The context must be the same context in which
the tunnel is configured. For more information
about this command, see the “Context
Configuration” chapter in the Basic System
Configuration Guide for the SmartEdge OS.
2.
Create or select the interface for the tunnel circuit and
access interface configuration mode.
interface
For more information about this command, see
the “Interface Configuration” chapter in the Basic
System Configuration Guide for the
SmartEdge OS.
3.
Assign a private IP address to the interface for the
tunnel circuit, using one of the following tasks:
• Assign a private IP address with the IPv4 format.
ip address
This is an IPv4 address. For more information
about this command, see the “Subscriber
Configuration” chapter in the Basic System
Configuration Guide for the SmartEdge OS.
• Assign a private IPaddress with the IPv6 format.
ipv6 address
This is an IPv6 address. For more information
about this command, see the “Interface
Configuration” chapter in the Basic System
Configuration Guide for the SmartEdge OS.
4.
Access tunnel map configuration mode.
tunnel map
Enter this command in global configuration mode.
5.
Create the tunnel circuit, associate it with its context,
assign a key (create a unique identifier for it), and
access GRE tunnel configuration mode.
gre-tunnel
6.
Specify tunnel circuit attributes (all attributes are optional):
12-6
Associate a description with the GRE tunnel circuit.
description
Specify that the DF flag be cleared in inbound packets.
clear-df
Associate the IP address of the remote host.
ip host
Enable the sending of keepalive packets.
keepalive
Ports, Circuits, and Tunnels Configuration Guide
Configuration Tasks
Table 12-2 Configure a GRE Tunnel Circuit (continued)
#
Task
Root Command
7.
Bind the tunnel circuit to its interface.
bind interface
8.
Disable the tunnel circuit (stop operations on it).
shutdown
Notes
You can disable the tunnel circuit until you are
ready to begin operations on it.
Configure a GRE Tunnel Circuit Used as a VPN
To configure a GRE tunnel circuit used as a VPN, perform the tasks described in Table 12-3; enter this
command in global configuration mode.
Table 12-3 Configure a GRE Tunnel Circuit Used as a VPN
#
Task
Root Command
Notes
1.
Select the context for the tunnel circuit and
access context configuration mode.
context
For more information about this command, see
the “Context Configuration” chapter in the Basic
System Configuration Guide for the
SmartEdge OS.
2.
Create or select the interface for the tunnel
circuit and access interface configuration mode.
interface
For more information about this command, see
the “Interface Configuration” chapter in the
Basic System Configuration Guide for the
SmartEdge OS.
3.
Assign a private IP address to the interface for
the tunnel circuit.
• Assign a private IPaddress with the IPv4
format.
ip address
This is an IPv4 address. For more information
about this command, see the “Subscriber
Configuration” chapter in the Basic System
Configuration Guide for the SmartEdge OS.
• Assign a private IPaddress with the IPv6
format.
ipv6 address
This is an IPv6 address. For more information
about this command, see the “Interface
Configuration” chapter in the Basic System
Configuration Guide for the SmartEdge OS.
4.
Access tunnel map configuration mode.
tunnel map
Enter this command in global configuration
mode.
5.
Create the tunnel circuit, associate it with its
context, assign a key (create a unique identifier
for it), and access GRE tunnel configuration
mode.
gre-tunnel
6.
Specify tunnel circuit attributes (all attributes are optional):
Associate a description with the GRE tunnel
circuit.
description
Specify that the DF flag be cleared in inbound
packets.
clear-df
Associate the IP address of the remote host.
ip host
7.
Bind the tunnel circuit to its interface.
bind interface
8.
Disable the tunnel circuit (stop operations on it).
shutdown
GRE Tunnel Configuration
You can disable the tunnel circuit until you are
ready to begin operations on it.
12-7
Configuration Examples
Configuration Examples
This section includes the following examples:
•
GRE Tunnel with a Single Circuit
•
GRE Tunnels with Multiple Circuits Used as VPNs
GRE Tunnel with a Single Circuit
The following example configures a GRE tunnel, tunnel01, with a single circuit (without a key
identifier), all in the local context:
!Create the local interface for the tunnel
[local]Redback(config)#context local
[local]Redback(config-ctx)#interface upstream
!Assign a public IP address to the local tunnel interface
[local]Redback(config-if)#ip address 172.16.1.1/30
[local]Redback(config-if)#exit
!Configure the tunnel with the local IP address of its interface
[local]Redback(config-ctx)#gre-peer name tunnel01 remote 172.16.1.2 local 172.16.1.1
[local]Redback(config-gre-peer)#description tunnel with a single circuit
[local]Redback(config-gre-peer)#exit
[local]Redback(config-ctx)#exit
!Create the interface for the tunnel circuit
[local]Redback(config)#context local
[local]Redback(config-ctx)#interface link
!Assign a private IP address to the tunnel circuit interface
[local]Redback(config-if)#ip address 10.1.1.1/24
[local]Redback(config-if)#exit
!Create the tunnel circuit with no key identifier (single circuit)
[local]Redback(config)#tunnel map
[local]Redback(tunnel-map)#gre-tunnel tunnel01 local
[local]Redback(config-gre-tunnel)#description single circuit to upstream
[local]Redback(config-gre-tunnel)#keepalive
!Bind the tunnel circuit to its interface, which is in the local context
[local]Redback(config-gre-tunnel)#bind interface link local
[local]Redback(config-gre-tunnel)#end
12-8
Ports, Circuits, and Tunnels Configuration Guide
Configuration Examples
GRE Tunnels with Multiple Circuits Used as VPNs
Figure 12-4 shows a basic mesh configuration with tunnels between three sites and two tunnel circuits
(VPNs) sharing each tunnel. The labels, A VPN and B VPN, represent contexts, vpnA and vpnB, in the
example commands; not shown in each context are the interfaces, toHartford, in each context in the
example commands. Private IP addresses are also reused in each VPN context.
Figure 12-4 GRE Tunneling Example
The following commands configure the tunnel to Hartford on the SmartEdge 800 router in New York:
!Create the local interface for the tunnel
[local]NewYork(config)#context local
[local]NewYork(config-ctx)#interface toHartford
!Assign a public IP address to the local tunnel interface
[local]NewYork(config-if)#ip address 172.16.1.1/30
[local]NewYork(config-if)#exit
!Configure the tunnel with the local IP address of its interface
[local]NewYork(config-ctx)#gre-peer name HartfordTnl remote 172.16.1.2 local 172.16.1.1
[local]NewYork(config-gre-peer)#description tunnel with two circuits
[local]NewYork(config-gre-peer)#no shutdown
[local]NewYork(config-gre-peer)#exit
[local]NewYork(config-ctx)#exit
GRE Tunnel Configuration
12-9
Configuration Examples
!Create the local interface for a tunnel circuit for VPN A, in its own context
[local]NewYork(config)#context vpnA
[local]NewYork(config-ctx)#interface toHartford
!Assign a private IP address to the tunnel circuit interface
[local]NewYork(config-if)#ip address 10.1.1.1/24
[local]NewYork(config-if)#exit
[local]NewYork(config-ctx)#exit
!Create the local interface for a tunnel circuit for VPN B, in its own context
[local]NewYork(config)#context vpnB
[local]NewYork(config-ctx)#interface toHartford
!Assign a private IP address to the tunnel circuit interface
[local]NewYork(config-if)#ip address 10.1.1.1/24
[local]NewYork(config-if)#exit
[local]NewYork(config-ctx)#exit
!Create the tunnel circuit for VPN A (key 1)
[local]NewYork(config)#tunnel map
[local]NewYork(tunnel-map)#gre-tunnel HartfordTnl local key 1
[local]NewYork(config-gre-tunnel)#description VPN A to Hartford
!Bind the tunnel circuit to its interface, which is in the vpnA context
[local]NewYork(config-gre-tunnel)#bind interface toHartford vpnA
[local]NewYork(config-gre-tunnel)#exit
!Create the tunnel circuit for VPN B (key 2)
[local]NewYork(tunnel-map)#gre-tunnel HartfordTnl local key 2
[local]NewYork(config-gre-tunnel)#description VPN B to Hartford
!Bind the tunnel circuit to its interface, which is in the vpnB context
[local]NewYork(config-gre-tunnel)#bind interface toHartford vpnB
[local]NewYork(config-gre-tunnel)#end
[local]NewYork#
The following commands create the interfaces, the tunnel to Trenton, and the tunnel circuits for VPNs A
and B; only the IP addresses and the names of the interfaces and the remote location are changed from the
previous example:
!Create the local interface for the tunnel
[local]NewYork(config)#context local
[local]NewYork(config-ctx)#interface toTrenton
!Assign a public IP address to the local tunnel interface
[local]NewYork(config-if)#ip address 173.16.1.1/30
[local]NewYork(config-if)#exit
12-10
Ports, Circuits, and Tunnels Configuration Guide
Configuration Examples
!Configure the tunnel with the local IP address of its interface
[local]NewYork(config-ctx)#gre-peer name TrentonTnl remote 173.16.1.2 local 173.16.1.1
[local]NewYork(config-gre-peer)#description tunnel with two circuits
[local]NewYork(config-gre-peer)#no shutdown
[local]NewYork(config-gre-peer)#exit
[local]NewYork(config-ctx)#exit
!Create the interface for a tunnel circuit for VPN A, using same context as before
[local]NewYork(config)#context vpnA
[local]NewYork(config-ctx)#interface toTrenton
!Assign a private IP address to the tunnel circuit interface
[local]NewYork(config-if)#ip address 10.1.1.2/24
[local]NewYork(config-if)#exit
[local]NewYork(config-ctx)#exit
!Create the interface for a tunnel circuit for VPN B, using same context as before
[local]NewYork(config)#context vpnB
[local]NewYork(config-ctx)#interface toTrenton
!Assign a private IP address to the tunnel circuit interface
[local]NewYork(config-if)#ip address 10.1.1.2/24
[local]NewYork(config-if)#exit
[local]NewYork(config-ctx)#exit
!Create the tunnel circuit for VPN A (key 1)
[local]NewYork(config)#tunnel map
[local]NewYork(tunnel-map)#gre-tunnel TrentonTnl local key 1
[local]NewYork(config-gre-tunnel)#description VPN A to Trenton
!Bind the tunnel circuit to its interface, which is in the vpnA context
[local]NewYork(config-gre-tunnel)#bind interface toTrenton vpnA
[local]NewYork(config-gre-tunnel)#exit
!Create the tunnel circuit for VPN B (key 2)
[local]NewYork(tunnel-map)#gre-tunnel TrentonTnl local key 2
[local]NewYork(config-gre-tunnel)#description VPN B to Trenton
!Bind the tunnel circuit to its interface, which is in the vpnB context
[local]NewYork(config-gre-tunnel)#bind interface toTrenton vpnB
[local]NewYork(config-gre-tunnel)#end
The following commands configure the tunnel to New York on the SmartEdge 800 router in Hartford:
Note The commands in the following example are identical to those in the configuration example for the
tunnel from New York to Hartford, except that the public IP addresses for the tunnel are reversed
(the local IP address is the remote IP address in New York and conversely), and the names have
been altered to reflect the location of the remote site.
GRE Tunnel Configuration
12-11
Configuration Examples
!Create the local interface for the tunnel
[local]Hartford(config)#context local
[local]Hartford(config-ctx)#interface toNewYork
!Assign a public IP address to the local tunnel interface
[local]Hartford(config-if)#ip address 172.16.1.1/30
[local]Hartford(config-if)#exit
!Configure the tunnel with the local IP address of its interface
[local]Hartford(config-ctx)#gre-peer name NewYorkTnl remote 172.16.1.1 local 172.16.1.2
[local]Hartford(config-gre-peer)#description tunnel with two circuits
[local]Hartford(config-gre-peer)#no shutdown
[local]Hartford(config-gre-peer)#exit
[local]Hartford(config-ctx)#exit
!Create the interface for a tunnel circuit for VPN A, in its own context
[local]Hartford(config)#context vpnA
[local]Hartford(config-ctx)#interface toNewYork
!Assign a private IP address to the tunnel circuit interface
[local]Hartford(config-if)#ip address 10.1.1.1/24
[local]Hartford(config-if)#exit
[local]Hartford(config-ctx)#exit
!Create the interface for a tunnel circuit for VPN B, in its own context
[local]Hartford(config)#context vpnB
[local]Hartford(config-ctx)#interface toNewYork
!Assign a private IP address to the tunnel circuit interface
[local]Hartford(config-if)#ip address 10.1.1.1/24
[local]Hartford(config-if)#exit
[local]Hartford(config-ctx)#exit
!Create the tunnel circuit for VPN A (key 1)
[local]Hartford(config)#tunnel map
[local]Hartford(tunnel-map)#gre-tunnel NewYorkTnl local key 1
[local]Hartford(config-gre-tunnel)#description VPN A to New York
!Bind the tunnel circuit to its interface, which is in the vpnA context
[local]Hartford(config-gre-tunnel)#bind interface toNewYork vpnA
[local]Hartford(config-gre-tunnel)#exit
!Create the tunnel circuit for VPN B (key 2)
[local]Hartford(tunnel-map)#gre-tunnel NewYorkTnl local key 2
[local]Hartford(config-gre-tunnel)#description VPN B to New York
!Bind the tunnel circuit to its interface, which is in the vpnB context
[local]Hartford(config-gre-tunnel)#bind interface toNewYork vpnB
[local]Hartford(config-gre-tunnel)#end
[local]Hartford#
12-12
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
Command Descriptions
This section describes the syntax and usage guidelines for the commands used to configure GRE features.
The commands are presented in alphabetical order.
clear-df
description
gre-peer
gre-tunnel
ip host
GRE Tunnel Configuration
keepalive
log-state-changes
shutdown
tunnel map
12-13
Command Descriptions
clear-df
clear-df
{no | default} clear-df
Purpose
Specifies that the IP header Don’t Fragment (DF) flag be cleared in all packets to be transmitted on this
tunnel circuit.
Command Mode
GRE tunnel configuration
Syntax Description
This command has no keywords or arguments.
Default
The IP header DF flag is honored.
Usage Guidelines
Use the clear-df command to specify that the IP header DF flag be cleared in all packets to be transmitted
on this tunnel circuit. If the IP packet length exceeds the tunnel interface MTU, the packet is fragmented.
If you enter the ip clear-df command in interface configuration mode for the tunnel interface, instead of
this command, the DF flag is cleared only in transmitted packets that must be fragmented. If you enter both
commands, the clear-df command takes precedence for this GRE tunnel circuit, and clears the DF flag in
all packets transmitted on this tunnel circuit.
Use the no or default form of this command to honor the DF flag in inbound packets.
Examples
The following example specifies that the DF flag in all transmitted packets be cleared:
[local]Redback(config)#tunnel map
[local]Redback(config-tunnel-map)#gre-tunnel HartfordTn1 local key 1
[local]Redback(config-gre-tunnel)#clear-df
Related Commands
ip clear-df—Basic System Configuration Guide for the SmartEdge OS
12-14
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
description
description text
no description
Purpose
Associates textual information with a Generic Routing Encapsulation (GRE) tunnel.
Command Mode
GRE peer configuration
Syntax Description
text
Textual description for a GRE tunnel. Can be any alphanumeric string, including spaces, that
is not longer than 64 ASCII characters.
Default
No description is associated with the tunnel.
Usage Guidelines
Use the description command to associate textual information with the GRE tunnel. The description
appears in the output of the show configuration command with the gre keyword in any mode.
Use the no form of this command to delete the existing description. Because there can be only one
description for a tunnel, when you use the no form of this command, it is not necessary to include the text
argument.
To change a description, create a new one; it overwrites the existing one.
Examples
The following example selects (or creates) a GRE tunnel, and then associates a text description with it:
[local]Redback(config)#context local
[local]Redback(config-ctx)#gre-peer name HartfordTn1 remote 172.16.1.2 local 172.16.1.1
[local]Redback(config-gre-peer)#description Corporate offices in Connecticut
The following example changes the description created in the previous example:
[local]Redback(config-gre-peer)#description Corporate offices in Hartford
The following example deletes an existing description:
[local]Redback(config-gre-peer)#no description
Related Commands
gre-peer
GRE Tunnel Configuration
12-15
Command Descriptions
gre-peer
gre-peer name tunl-name [remote rem-ip-addr local loc-ip-addr]
no gre-peer name tunl-name remote rem-ip-addr local loc-ip-addr
Purpose
Creates or selects a Generic Routing Encapsulation (GRE) tunnel, assigns a public IP address to each end,
and enters GRE peer configuration mode.
Command Mode
context configuration
Syntax Description
name tunl-name
Text string of up to 39 characters identifying the GRE tunnel. This name must be
unique from all other tunnels that exist in the same context.
remote rem-ip-addr
Optional. Public IP address of the remote end of the GRE tunnel. Required when
creating or deleting a tunnel; optional when selecting one for modification.
local loc-ip-addr
Optional. Public IP address of the local end of the GRE tunnel. Required when
creating or deleting a tunnel; optional when selecting one for modification.
Default
None
Usage Guidelines
Use the gre-peer command to create or select a GRE tunnel, assign a public IP address to each end, and
enter GRE peer configuration mode.
If you create a GRE tunnel in the local context, you can create its tunnel circuits and bind them to interfaces
created in any context. If you create a GRE tunnel in any other context (not the local context), you must
bind all its tunnel circuits to interfaces that have been created in the same context as the GRE tunnel.
You can configure multiple tunnels, but usually only one tunnel between sites.
The remote IP address at one end of the GRE tunnel is the same as the local IP address at the other end of
the GRE tunnel and conversely. If the remote IP address is not adjacent to the local IP address, and the
remote site cannot be reached with a routing protocol, you must also enter the ip route command in context
configuration mode.
Note The local IP address specified by the loc-ip-addr argument must match the IP address of an
interface that you have configured in the same context that you are entering this command.
12-16
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
If you are creating more than one tunnel, they can use the same local interface as long as the remote
interfaces are all different. To use an interface and its public IP address for more than one tunnel, you must
specify the loopback keyword with the interface command in context configuration mode when you create
the interface for the tunnel. The loopback keyword allows you to reuse the public IP address for more than
one tunnel.
Note You do not need to specify the remote and local IP addresses when using the gre-peer command to
enter GRE peer configuration mode for the purpose of modifying an already existing GRE tunnel.
Use the no form of this command to delete the specified GRE tunnel and any associated parameters that
have been specified in GRE peer configuration mode.
Examples
The following example creates an interface, toHartford, with a public IP address of 172.16.1.1; then
it creates a GRE tunnel, HartfordTnl, with a remote IP address of 172.16.1.2 and a local IP address
of 172.16.1.1:
[local]Redback(config)#context local
[local]Redback(config-ctx)#interface toHartford
[local]Redback(config-if)#ip address 172.16.1.1/30
[local]Redback(config-if)#exit
[local]Redback(config-ctx)#gre-peer name HartfordTnl remote 172.16.1.2 local 172.16.1.1
[local]Redback(config-gre-peer)#end
The following example creates two tunnels each using an interface, LocalEnd. Both tunnels use the same
local IP address; it is assumed that the remote IP address for Tunnel2 can be reached with a routing
protocol, so that the ip route command in context configuration mode is not needed:
[local]Redback(config)#context local
[local]Redback(config-ctx)#interface LocalEnd loopback
[local]Redback(config-if)#ip address 172.16.1.1/32
[local]Redback(config-if)#exit
[local]Redback(config-ctx)#gre-peer name Tunnell remote 172.16.1.2 local 172.16.1.1
[local]Redback(config-gre-peer)#no shutdown
[local]Redback(config-gre-peer)#exit
[local]Redback(config-ctx)#gre-peer name Tunnel2 remote 172.20.1.2 local 172.16.1.1
[local]Redback(config-gre-peer)#no shutdown
[local]Redback(config-gre-peer)#end
The following example specifies an existing GRE tunnel without specifying the remote and local IP
addresses, and enters GRE peer configuration mode for the existing GRE tunnel:
[local]Redback(config)#context local
[local]Redback(config-ctx)#gre-peer name HartfordTunl
[local]Redback(config-gre-peer)#
Related Commands
gre-tunnel
interface
ip address
GRE Tunnel Configuration
12-17
Command Descriptions
gre-tunnel
gre-tunnel tunl-name ctx-name [key key-id]
no gre-tunnel tunl-name ctx-name [key key-id]
Purpose
Creates a Generic Routing Encapsulation (GRE) tunnel circuit, associates it with a GRE tunnel created in
the specified context, assigns a tunnel circuit ID, and enters GRE tunnel configuration mode.
Command Mode
tunnel map configuration
Syntax Description
tunl-name
Name of an existing GRE tunnel that has been created with the gre-peer command in
context configuration mode.
ctx-name
Name of the context in which the GRE tunnel has been created.
key key-id
Optional. Value, in integer form, that specifies an ID (key) for the tunnel circuit. The
range of values is 1 to 4,294,967,295; the default value is 0.
Default
None
Usage Guidelines
Use the gre-tunnel command to create a GRE tunnel circuit, associate it with a GRE tunnel created in the
specified context, assign a tunnel circuit identifier, and enter GRE tunnel configuration mode. You can issue
this command multiple times, once for each tunnel circuit to be associated with the tunnel.
If you create a GRE tunnel in the local context, you can create its tunnel circuits and bind them to interfaces
created in any context. If you create a GRE tunnel in any other context (not the local context), you must
bind all its tunnel circuits to interfaces that have been created in the same context as the GRE tunnel.
Use the key key-id construct to specify a key ID for the tunnel circuit. If you do not specify a key ID, the
system uses the key value of 0 and the tunnel has a single tunnel circuit.
Use the no form of this command to delete the GRE tunnel circuit.
Examples
The following example creates a GRE tunnel circuit on the tunnel HartfordTn1 in the local context
with key ID of 1:
[local]Redback(config)#tunnel map
[local]Redback(tunnel-map)#gre-tunnel HartfordTn1 local key 1
[local]Redback(config-gre-tunnel)#
12-18
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
Related Commands
bind interface—GRE tunnel configuration mode
gre-peer
GRE Tunnel Configuration
12-19
Command Descriptions
ip host
ip host ip-addr[/prefix-length]
no ip host ip-addr[/prefix-length]
Purpose
Associates a Generic Routing Encapsulation (GRE) tunnel circuit with the IP address and medium access
control (MAC) address of the remote host on the circuit.
Command Mode
GRE tunnel configuration
Syntax Description
ip-addr
IP address of the host on this circuit in the form A.B.C.D.
prefix-length
Optional. Prefix length for the associated IP address; the range of values is 1 to 32.
Default
No IP host address is associated with a GRE tunnel circuit.
Usage Guidelines
Use the ip host command to associate a GRE tunnel circuit with the IP address of the host on the circuit.
Use the no form of this command to delete the association.
Note This command is also documented in Chapter 6, “Circuit Configuration,” for ATM and Frame
Relay permanent virtual circuits (PVCs) and in Chapter 11, “Cross-Connection Configuration,” for
IP over Ethernet (IPoE) circuits.
Examples
The following example associates a GRE tunnel circuit with the IP address of the host on the circuit:
[local]Redback(config)#tunnel map
[local]Redback(config-tunnel-map)#gre-tunnel HartfordTn1 local key 1
[local]Redback(config-gre-tunnel)#ip host 10.10.10.14/24
Related Commands
bind interface
12-20
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
keepalive
keepalive [seconds [retry-num]]
no keepalive
default keepalive
Purpose
Enables the sending of keepalive packets on Generic Routing Encapsulation (GRE) tunnel circuits and
specifies the interval and the number of retries.
Command Mode
GRE tunnel configuration
Syntax Description
seconds
Optional. Number of seconds between the sending of a keepalive packet. The range of
values is 1 to 32,766; the default value is 10.
retry-num
Optional. Number of times a keepalive packet is sent without response before the
tunnel circuit is brought down. The range of values is 2 to 254; the default value is 4.
Default
The sending of keepalive packets is disabled.
Usage Guidelines
Use the keepalive command to enable the sending of keepalive packets on GRE tunnel circuits and specify
the interval between keepalive packets and the number of retries.
Note This command is not supported if the tunnel circuit and its tunnel are created in different contexts.
Use the no form of this command to disable the sending of keepalive packets.
Use the default form of this command to specify the default values for the seconds argument and the
retry-num argument.
Examples
The following example enables the sending of keepalive packets with the default values for the seconds and
retry-num arguments:
[local]Redback(config)#tunnel map
[local]Redback(tunnel-map)#gre-tunnel tunnel01 local
[local]Redback(config-gre-tunnel)#keepalive
Related Commands
None
GRE Tunnel Configuration
12-21
Command Descriptions
log-state-changes
log-state-changes
no log-state-changes
Purpose
Enables the generation of a GRE-INFO message each time the Generic Routing Encapsulation (GRE)
tunnel changes state (from up to down or down to up).
Command Mode
GRE peer configuration
Syntax Description
This command has no keywords or arguments.
Default
The generation of GRE-INFO messages is disabled.
Usage Guidelines
Use the log-state-changes command to enable the generation of a GRE-INFO message each time the GRE
tunnel changes state (from up to down or down to up).
Use the no form of this command to disable the generation of GRE-INFO messages.
To display the GRE-INFO messages, enter the show log command in any mode.
Note You cannot disable the generation of GRE-INFO messages with the no terminal monitor
command in exec mode.
Examples
The following example enables the generation of a GRE-INFO message each time the tunnel,
HartfordTn1, in the local context changes state:
[local]Redback(config)#context local
[local]Redback(config-ctx)#gre-peer HartfordTn1 local
[local]Redback(config-gre-peer)#log-state-changes
Related Commands
None
12-22
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
shutdown
shutdown
no shutdown
Purpose
Disables a Generic Routing Encapsulation (GRE) tunnel or tunnel circuit.
Command Mode
GRE peer configuration
GRE tunnel configuration
Syntax Description
This command has no keywords or arguments.
Default
All tunnels are disabled; all tunnel circuits are enabled.
Usage Guidelines
Use the shutdown command to disable a GRE tunnel or tunnel circuit.
Note You must enable the tunnel on which the tunnel circuit is configured for the tunnel circuit to
function.
Use the no form of this command to enable a GRE tunnel or tunnel circuit.
This command is also described in the following chapters:
•
Chapter 3, “ATM, Ethernet, and POS Port Configuration,” for ATM OC, ATM DS-3, Ethernet, and
Packet over SONET/SDH (POS) ports.
•
Chapter 4, “Clear-Channel and Channelized Port and Channel Configuration,” for channelized OC-12
and STM-1 ports, DS-3 and E1 channels or ports, E3 ports, DS-1 channels, and DS-0 channel groups.
•
Chapter 6, “Circuit Configuration,” for cross-connected circuits.
•
Chapter 11, “Cross-Connection Configuration,” for cross-connected circuits.
For Multicast Source Discovery Protocol (MSDP), see the “IP Multicast Configuration” chapter in the
Routing Protocols Configuration Guide publication for the SmartEdge OS.
Examples
The following example disables a GRE tunnel circuit:
[local]Redback(config)#tunnel map
[local]Redback(config-tunnel-map)#gre-tunnel HartfordTn1 local key 1
[local]Redback(config-gre-tunnel)#shutdown
GRE Tunnel Configuration
12-23
Command Descriptions
The following example enables a GRE tunnel:
[local]Redback(config)#context local
[local]Redback(config-ctx)#gre-peer HartfordTn1 local
[local]Redback(config-gre-peer)#no shutdown
Related Commands
None
12-24
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
tunnel map
tunnel map
Purpose
Enters tunnel map configuration mode in which you create Generic Routing Encapsulation (GRE) tunnel
circuits.
Command Mode
global configuration
Syntax Description
This command has no keywords or arguments.
Default
None
Usage Guidelines
Use the tunnel map command to enter tunnel map configuration mode, in which you create GRE tunnel
circuits.
Examples
The following example enters tunnel map configuration mode:
[local]Redback(config)#tunnel map
[local]Redback(config-tunnel-map)#
Related Commands
gre-tunnel
GRE Tunnel Configuration
12-25
Command Descriptions
12-26
Ports, Circuits, and Tunnels Configuration Guide
Chapter 13
L2TP Configuration
This chapter provides an overview of Layer 2 Tunneling Protocol (L2TP) peers and groups, describes the
tasks used to configure them, provides configuration examples, and detailed descriptions of the commands
used to configure L2TP features through the SmartEdge® OS.
Note To configure L2TP functions and features, you must have enabled the software license for L2TP.
For more information about enabling software licenses, see the “Basic Configuration” chapter in
the Basic System Configuration Guide for the SmartEdge OS.
For information about the tasks and commands used to monitor, troubleshoot, and administer L2TP peers
and groups, see the “Tunnel Operations” chapter in the Ports, Circuits, and Tunnels Operations Guide for
the SmartEdge OS.
This chapter includes the following sections:
•
Overview
•
Configuration Tasks
•
Configuration Examples
•
Command Descriptions
Overview
The SmartEdge router functions as an L2TP access concentrator (LAC) or as an L2TP network server
(LNS). In each context configured on the system, the SmartEdge router can function as an LAC to one or
more LNSs, as an LNS to one or more LACs, or as both a LAC and an LNS.
Note LNSs and LACs are collectively referred to as L2TP peers.
The SmartEdge OS implementation of L2TP conforms to RFC 2661, Layer Two Tunneling Protocol
“L2TP”, RFC 2809, Implementation of L2TP Compulsory Tunneling via RADIUS, RFC 2867, RADIUS
Tunnel Accounting Support, RFC 2868, RADIUS Attributes for Tunnel Protocol Support, and RFC 3145,
L2TP Disconnect Cause Information, and supports the following features:
•
Context-specific L2TP peers and groups of peers
•
User Datagram Protocol/Internet Protocol (UDP/IP) encapsulation
L2TP Configuration
13-1
Overview
•
LAC support for connections over any circuit that supports subscriber-based Point-to-Point Protocol
(PPP)
•
LNS support for connections over any circuit that supports IP packets
•
Configurable distribution of incoming LAC sessions
•
Configuration of L2TP peers locally, in a SmartEdge OS configuration file, or remotely, on a Remote
Authentication Dial-In User Service (RADIUS) server
•
Dynamic or static peer selection for subscriber circuits
•
Configurable default settings for L2TP peers
•
Anonymous (unnamed) peers to allow connections from peers that are not defined locally
•
Support for combined LAC and LNS functions (tunnel switching) for a given subscriber
•
Slot redundancy to allow incoming subscriber sessions to be distributed across multiple cards
For information about all standard and vendor-specific attribute value pairs (AVPs) supported by the
SmartEdge OS, see Appendix A, “L2TP Attribute-Value Pairs.”
For information about configuring RADIUS and all standard and vendor-specific RADIUS attributes
supported by the SmartEdge OS, see the “RADIUS Configuration” chapter in the IP Services and Security
Configuration Guide for the SmartEdge OS.
These L2TP features are described in the following sections:
•
L2TP Tunnels and Peers
•
Tunnel Switching
•
L2TP Peer Groups
•
Mapping Subscribers to Peers
•
Slot Redundancy
•
QoS Considerations
•
Avoiding Unwanted Fragmentation and Reassembly
L2TP Tunnels and Peers
L2TP tunnels are UDP/IP-encapsulated circuits that carry subscriber-based PPP sessions to another router.
The router is designated as an LNS or an LAC, depending on its relationship with the SmartEdge router:
13-2
•
When functioning as an LNS, the SmartEdge router accepts sessions from LACs in the network and can
either terminate them or switch them to another LNS.
•
When functioning as an LAC, the SmartEdge router tunnels subscriber PPP sessions to a number of
LNSs.
Ports, Circuits, and Tunnels Configuration Guide
Overview
Figure 13-1 shows a SmartEdge router, acting as an LAC, with connections to a pair of LNS peers.
Figure 13-1 L2TP Tunnels over UDP/IP
Tunnel Switching
The SmartEdge OS can also act as an L2TP tunnel switch (LTS), accepting PPP sessions over one tunnel
and relaying them to other LNSs over another tunnel. A tunnel switch has aspects of both LAC and LNS
operation.
Figure 13-2 shows two LACs (lac1.com and lac2.com) feeding into a tunnel switch (switch.com),
which provides upstream connectivity to each indicated LNS (lns1.net and lns2.net). Here, we
assume that the two LACs are configured to tunnel appropriate PPP sessions (perhaps all of them) to
switch.com. Also, we assume that each LNS is configured to accept an L2TP tunnel from switch.com.
Figure 13-2 L2TP Tunnel Switching
L2TP Configuration
13-3
Overview
L2TP Peer Groups
An L2TP peer group is a group of LNS peers among which PPP sessions are distributed by the SmartEdge
router when functioning as an LAC. The group members, the group itself, and the LAC are all configured
in the same context. Peers must be defined prior to inclusion in a group. This section includes the following
topics:
•
Session Distribution
•
RADIUS and Accounting Considerations
Session Distribution
PPP sessions are distributed among the peers in a group according to the algorithm specified in the
algorithm command in L2TP group configuration mode. The algorithm options are:
•
Strict priority
Each peer is assigned a priority that corresponds to the order in which the peers are created; the highest
priority peer is the one that is created first. With strict priority distribution, sessions are directed to the
highest priority peer, unless connectivity to that peer is lost (the peer is labeled “dead”) or the maximum
number of tunnels and sessions to the peer has been reached. After that, sessions are directed to the peer
with the next highest priority. If two or more peers have the same priority, sessions are load-balanced
among them.
•
Load balancing
Each session is directed to the peer that has the fewest sessions at the moment so that sessions are
distributed across peers in the group equally. If peers have assigned priorities, they are ignored.
•
Weighted-round-robin
Each session is directed to a peer that is chosen using a weighted-round-robin algorithm to calculate the
priority (weight). The peer with the lowest weight receives the most sessions.
Each algorithm is subject to the maximum number of tunnels and the maximum number of sessions
configured for the peers that are members of the group. For example, if the strict priority algorithm is
specified and the maximum sessions limit is reached on the highest-priority peer, additional sessions are
sent to the next highest-priority peer.
When an LNS peer is not reachable (regardless of the algorithm being used), it is labeled “dead” for a period
of time. There is no further attempt to reach a “dead” peer until the deadtime has expired, unless one of the
following conditions is true:
•
If a peer is not a member of a group or is the only member of a group, the deadtimer is not enforced
unless it is configured to be enforced, using the l2tp strict-deadtime command in context configuration
mode.
•
If all peers in a group are “dead”, there is an immediate attempt to re-establish a connection with at least
one of them.
When a session is being brought up, the system attempts to establish a tunnel to any “dead” peer in the
group. A peer is not marked as “alive” until the system can successfully establish a tunnel to it.
13-4
Ports, Circuits, and Tunnels Configuration Guide
Overview
RADIUS and Accounting Considerations
The RADIUS Tunnel-Preference attribute determines which peer has the highest priority when using the
strict priority algorithm. Lower preference numbers have higher priority.
When some peers have a tunnel preference and some do not, the ones without a tunnel preference are
considered of lower priority than those with a tunnel preference.
A new L2TP tunnel is created by a RADIUS server when one of the three following conditions occurs:
•
All existing tunnels have the maximum number of sessions active.
•
A new peer is created and a session is assigned to it.
•
The l2tp admin test command in exec mode is issued by administrator to create a tunnel.
An L2TP peer is created when one of the following standard RADIUS attributes is received and its value
does not match that for any existing peer:
•
Tunnel-Server-Endpoint (RADIUS attribute 66)
•
Tunnel-Client-Endpoint (RADIUS attribute 67)
•
Tunnel-Assignment-Id (RADIUS attribute 82)
Only attribute 66 is required, but the others, if provided, are also used to search for an exact match. These
attributes are documented in the “RADIUS Attributes” appendix in the IP Services and Security
Configuration Guide for the SmartEdge OS.
L2TP peers that are configured by a RADIUS server can be automatically removed from memory should
they be marked as “inactive”, using the l2tp clear-radius-peer command in context configuration mode.
An inactive peer is one for which the session count has been zero (0) for a configurable period of time.
If L2TP tunnel or session accounting is enabled, accounting messages are sent to a RADIUS server. Types
of messages include Tunnel-Start, Tunnel-Stop, Link Start, Link Stop. For more information about
configuring L2TP accounting, see the “AAA Configuration” chapter in the IP Services and Security
Configuration Guide for the SmartEdge OS.
If an LAC sends AVPs 24 (Tx Connect Speed) and 38 (Rx Connect Speed) or just AVP 24 to the SmartEdge
router, the SmartEdge OS inserts the speeds in RADIUS attribute 77 (Connect-Info) and includes it in
RADIUS Access-Accept and Accounting-Request messages. The format of attribute 77 in this case is
Tx/Rx with the / character separating the two speeds. Speeds are provided in bits per second. If only AVP
24 is present, the format is Tx. The inclusion of only the Rx speed is not supported.
Mapping Subscribers to Peers
In addition to mapping a subscriber to a specific peer (static selection), the SmartEdge OS supports three
types of dynamic selection:
•
Dynamic context selection—sub-name@ctx-name
•
Dynamic peer selection—sub-name@l2tp-peer-name
•
Dynamic peer group selection—sub-name@l2tp-group-name
To specify dynamic selection for a subscriber, each peer or peer group must have a name (or domain alias)
identical to a SmartEdge OS context name or to an alias name for the context.
L2TP Configuration
13-5
Overview
The SmartEdge OS maps the subscriber’s PPP session to a peer or peer group with the same name or
domain alias as the @domain portion of the structured subscriber name used by that subscriber.
Note The separator character between the subscriber name and the context, L2TP peer, or L2TP group
name argument is configurable and can be any of %, -, @, _, \\, #, and /. For information about
configuring the separator character, see the “AAA Configuration” chapter in the IP Services and
Security Configuration Guide for the SmartEdge OS. The default value is @, which is used
throughout this guide.
Slot Redundancy
Slot redundancy allows you to configure alternate cards for L2TP sessions when the SmartEdge router is
acting as an LNS or LTS. With slot redundancy, subscriber sessions from an LAC are automatically
switched to another card if the card on which the sessions are running is shut down for any reason (such as
a card reload). Slot redundancy also allows sessions from a given LAC peer to be distributed among
multiple cards. Various types of redundancy are possible; some choices are:
•
Load balance all sessions between multiple cards
•
Give preference to the card with the route to the LAC and load balance across alternate cards after the
first card has exceeded the maximum number of sessions allowed on it
•
Establish 1+1 redundancy with one card having preference over a second card
•
Assign sessions to one or more cards based on preference
Figure 13-3 shows the slot redundancy configured in the SmartEdge router lns.com. The card in slot 3 is
the card with the route to the LAC; two slots, 4 and 5, are configured to accept the subscriber sessions from
the LAC when the card in slot 3 is running at full capacity. All three cards pass the traffic to the Internet
using the card in slot 12. The commands to implement this slot redundancy configuration are provided in
the example in the “L2TP Slot Redundancy for an LAC Peer” section.
Slot redundancy is fully configurable, and online changes do not affect current sessions. For example, if
card 5 is removed from the configuration for slot redundancy, the sessions on that card are not disrupted;
however, no new sessions are assigned to it.
Figure 13-3 L2TP Slot Redundancy
13-6
Ports, Circuits, and Tunnels Configuration Guide
Overview
QoS Considerations
The SmartEdge OS supports the attachment of quality of service (QoS) metering, policing, and queuing
policies to LNS subscriber sessions; queuing policies are restricted to priority weighted-fair queuing
(PWFQ) policies which are supported only on Gigabit Ethernet 3 (GE3) and Gigabit Ethernet 1020
(GE1020) traffic cards. However, slot redundancy is not supported for queuing policies; if an LNS
subscriber session moves to a port on a different slot, it will no longer be governed by the PWFQ policy
attached to the LNS subscriber session. For more information about QoS policies and attaching them to
LNS subscriber sessions, see the “QoS Circuit Configuration” chapter in the IP Services and Security
Configuration Guide for the SmartEdge OS.
Avoiding Unwanted Fragmentation and Reassembly
In IP networks, it is generally preferable to avoid fragmentation when possible, because it can exacerbate
packet loss and the reassembly of fragments consumes resources on host computers. By its nature, the
L2TP protocol makes packets larger because it must add headers to encapsulate the packet, thus making
fragmentation situations more likely to occur than with normal Internet traffic.
The L2TP software on the SmartEdge router offers administrator the choice of several solutions to manage
fragmentation. The options available depend on the role of the SmartEdge router:
•
Increase the minimum transmission unit (MTU) setting (the SmartEdge OS role is an LAC or LNS)
You can increase the MTU setting between the SmartEdge router and the L2TP peer so that neither
tunnel endpoint is required to fragment packets toward the other. Redback® recommends increasing the
MTU value to 1,700 bytes. Use the ip mtu command in the interface configuration mode to change the
MTU setting. For complete documentation of this command, see the “Interface Configuration” chapter
in the Basic System Configuration Guide for the SmartEdge OS.
Note For this solution to work, the entire path between the LAC and LNS must support an MTU of
1,700 bytes.
•
Require a smaller maximum receive unit (MRU) in the initial Link Control Protocol (LCP) negotiation
(the SmartEdge OS role is an LAC)
Use the ppp peer-options command in global configuration mode to attempt to negotiate a smaller
MRU between the PPP clients and the SmartEdge router. This can be done at either the LAC or LNS
end of the tunnel. See Chapter 8, “PPP and PPPoE Configuration,” for complete documentation of this
command.
•
Force LCP renegotiation on MRU mismatch (the SmartEdge OS role is an LNS)
This option causes the SmartEdge router to examine the proxy LCP information sent by the LAC, if
available. The SmartEdge router determines if the client and LAC negotiated MRU values would lead
to fragmentation, and if so, restarts LCP negotiation to configure lower MRU values. If the MRU values
negotiated between client and LAC are acceptable, no renegotiation is forced.
Use the l2tp renegotiate lcp command in context configuration mode to specify the conditions under
which the SmartEdge router renegotiates the LCP options.
L2TP Configuration
13-7
Configuration Tasks
If fragmentation cannot be avoided, the SmartEdge router, when acting as an LNS, gives the administrator
a choice between forcing fragmentation of the user packet (the inner packet) or the encapsulating L2TP
packet (the outer packet). If the L2TP packet is fragmented, the LAC performs the reassembly. If the user
packet is fragmented, the subscriber’s computer performs the reassembly. To enable fragmentation of the
user packet or L2TP packet, use the l2tp-fragment command in context configuration mode.
Configuration Tasks
Note In this section, the command syntax in the task tables displays only the root command; for the
complete command syntax, see the full description for the command in the “Command
Descriptions” section.
To configure L2TP peers and groups, and switches, perform the tasks described in the following sections:
•
L2TP Configuration Guidelines
•
Configure a Context for L2TP Peers and Groups
•
Configure an LNS Peer
•
Configure an LNS Peer Group
•
Configure an LAC Peer
•
Configure a Subscriber for L2TP Peer Selection
•
Configure an L2TP Tunnel Switch
L2TP Configuration Guidelines
Consider the following guidelines when configuring an L2TP peer or group:
•
The following guidelines apply to L2TP names:
— L2TP peer and group names must be unique within a context.
— An L2TP group name can be used in commands where an L2TP peer name can be used.
— To enable the use of a shorter service name for an L2TP peer, it is common to specify the fully
qualified domain name for the peer or peer group in the l2tp-peer or l2tp-group command, and
create the service name as a domain alias, using the domain command in L2TP peer or L2TP group
configuration mode.
•
The following guidelines apply to L2TP domain aliases:
— Because a hostname for a peer or a group can be unwieldy—often in the form of a fully qualified
domain name—the SmartEdge OS allows you to create a domain alias for the context for each peer
and peer group. For example, a peer can have a fully qualified domain name of
hssi_3_0.chi.core.isp.net, but you can refer to this peer as isp.net. You use these aliases for assigning
tunnels to subscribers only.
— You can create multiple domain aliases for a context to allow unique domain aliases for the peers
and groups configured in the context.
— You can assign multiple domain aliases to a peer or group.
13-8
Ports, Circuits, and Tunnels Configuration Guide
Configuration Tasks
— You can specify a domain alias for an L2TP peer or group wherever the fully qualified L2TP peer
or group name appears; for example, in the tunnel name command in subscriber configuration
mode.
•
The following guidelines apply to L2TP groups:
— You must create the group in the same context as the LNS peers that will be its members; a group
cannot include any LNS peer that is not created in the same context as the group.
— You must create an LNS peer before you can assign it to a group of peers.
•
The following guidelines apply to subscriber sessions that are tunneled:
— To allow subscriber sessions to be tunneled, you must have configured PPP for the subscriber
circuit.
— A subscriber session is directed towards one peer in a group of peers if that group has a domain alias
that matches the domain of the session. Similarly, a subscriber session is directed towards an
individual peer if that peer has a domain alias that matches the domain of the session.
•
The following guidelines apply to slot redundancy:
— Sessions are load-balanced across traffic cards that are assigned equal preference.
— Each traffic card can support up to 16,000 active subscriber sessions; to support more sessions from
a single LAC, you can specify additional cards using the either priority or route keyword.
— You must explicitly configure the traffic cards using the card command (in global configuration
mode) prior to configuring slot redundancy for them. Sessions are not assigned to unconfigured
traffic cards.
Configure a Context for L2TP Peers and Groups
Configuring L2TP peers and groups is context specific. You configure certain attributes that apply to all
L2TP peers and groups configured in a context, unless otherwise noted; to configure these attributes,
perform the tasks described in Table 13-1.
Note The commands listed in task 3 are all optional and are meant only to help solve an operational
problem; do not use these commands unless the L2TP is not functioning correctly and the Redback
Technical Assistance Center (TAC) directs you to include them in the L2TP configuration.
Table 13-1 Configure a Context for L2TP Peers and Groups
#
Task
Root Command
Notes
1.
Create or select the context for the named, default, or
unnamed peer or peer group, and access context
configuration mode.
context
Enter this command in global
configuration mode. For more
information about this command, see the
“Context Configuration” chapter in the
Basic System Configuration Guide for
the SmartEdge OS.
2.
Create a domain alias for the context.
domain
Optional. You can enter this command
multiple times.
L2TP Configuration
13-9
Configuration Tasks
Table 13-1 Configure a Context for L2TP Peers and Groups (continued)
#
Task
3.
Specify optional attributes for L2TP:
4.
Root Command
Notes
Enable any inactive L2TP peer configured by a RADIUS
server in this context to be automatically removed from
memory.
l2tp clear-radius-peer
Specify the conditions under which the SmartEdge router,
when acting as an LNS, renegotiates with an LAC.
l2tp renegotiate lcp
Select the type of fragmentation.
l2tp fragment
Enable proxy authentication for LAC peers.
l2tp proxy-auth
Enabled by default.
Specify optional timers:
Set the minimum amount of time for which a peer not
within an L2TP group is marked as “dead”.
l2tp deadtime
Enable strict enforcement of the deadtime, even when all
peers are marked as “dead”.
l2tp strict-deadtime
Configure an LNS Peer
The SmartEdge router can provide LAC functions for a number of subscriber circuits, with each subscriber
circuit configured to use either dynamic peer selection or a static connection to a specific LNS peer.
You can configure either a named or default LNS peer when the SmartEdge router acts as an LAC; a default
peer allows you to create a set of defaults for the peer configuration attributes. Then when creating a named
peer, all the settings of the default peer apply to the configuration of the named peer except for those that
you choose to redefine.
To configure a named LNS peer, you must know the hostname that it uses during the establishment of the
tunnel to it. To configure either a named or default LNS peer, perform the tasks described in Table 13-2.
Table 13-2 Configure an LNS Peer
#
Task
Root
Command
1.
Configure the context attributes for this peer.
See Table 13-1 for a complete list of commands.
2.
Create the named or default peer and access L2TP peer
configuration mode.
l2tp-peer
3.
Associate a description with this LNS peer.
description
4.
Specify the role of the SmartEdge router as an LAC for
this LNS peer.
function
Specify the lac-only keyword; this is the default
value.
5.
Assign a domain alias for this LNS peer.
domain
Assign at least one of the domain aliases
created for the context in step 2 in Table 13-1.
6.
Create a local name for the SmartEdge router to use in
packets sent to the LNS peer.
local-name
The default value is system hostname.
13-10
Notes
Enter this command in context configuration
mode.
Ports, Circuits, and Tunnels Configuration Guide
Configuration Tasks
Table 13-2 Configure an LNS Peer (continued)
Root
Command
#
Task
7.
Specify one or more operational attributes (all attributes are optional):
8.
Limit the number of tunnels allowed for this LNS peer.
max-tunnels
Limit the number of sessions allowed for this LNS peer.
max-sessions
Specify an authorization key used by the LNS peer to
encrypt and decrypt information sent on the control
channel.
tunnel-auth key
Specify the number of unacknowledged control messages
that can be sent by this LNS peer 9the value to send in the
Receive-Window-Size AVP).
tunnel-window
Notes
Specify one or more timing attributes (all attributes are optional):
Specify the interval before sending an L2TP Hello packet
to this LNS peer if there has been no control message
activity between this peer and the SmartEdge router.
hello-timer
Specify the timeout value for an acknowledgment
message before a control message is retransmitted to this
LNS peer.
timeout
Specify the number of retries that an unacknowledged
control message is retransmitted to this LNS peer before
the tunnel is brought down.
retry
Configure an LNS Peer Group
When the SmartEdge router is acting as an LAC, you can configure a group of LNS peers. To configure an
LNS peer group, perform the tasks described in Table 13-3.
Table 13-3 Configure an LNS Peer Group
#
Task
Root Command
1.
Configure the context attributes for this peer group.
See Table 13-1 for a complete list of commands.
2.
Configure the LNS peers to be included in this group.
See Table 13-2 for a complete list of commands.
3.
Create the L2TP peer group and access L2TP group
configuration mode.
l2tp-group
Enter this command in context configuration mode.
4.
Specify attributes for the peer group:
Assign a domain alias for this L2TP peer group.
domain
Assign at least one of the domain aliases created
for the context in step 2 in Table 13-1.
Specify the algorithm by which sessions are assigned
to the LNS peers in the group.
algorithm
Set the minimum amount of time for which a peer
within an L2TP group is marked as “dead”.
deadtime
Add an existing LNS peer to the L2TP group.
peer
5.
L2TP Configuration
Notes
13-11
Configuration Tasks
Configure an LAC Peer
The SmartEdge router can provide LNS functions for a number of LACs. You can configure either a named,
default, or unnamed (anonymous) peer when the SmartEdge router acts as an LNS; a default peer allows
you to create a set of defaults for the peer attributes. Then when creating a named peer, all the settings of
the default peer apply to the configuration of the named peer, except for those that you choose to redefine.
Slot redundancy allows you to configure multiple cards to carry L2TP subscriber sessions to an LAC. With
slot redundancy, sessions are automatically switched to another card if the card on which the subscriber
sessions are running, is shut down for any reason.
To configure a named peer, you must know the hostname that the LAC peer uses during the establishment
of the tunnel to the SmartEdge router.
To configure a named, default, or unnamed (anonymous) LAC peer, perform the tasks described in
Table 13-4.
Table 13-4 Configure an LAC Peer
#
Task
Root Command
1.
Configure the context attributes for this peer.
See Table 13-1 for a complete list of commands.
2.
Create the named, default, or unnamed peer, and access
L2TP peer configuration mode.
l2tp-peer
3.
Associate a description with this peer.
description
4.
Specify the role of the SmartEdge router as an LNS for
this LAC peer.
function
Specify the lns-only keyword.
5.
Specify a domain alias for this LAC peer.
domain
Specify one of the domain aliases created for
the context in step 2 in Table 13-1.
6.
Create a local name for the SmartEdge router to use in
packets sent to the LAC peer.
local-name
The system hostname is the default.
7.
Configure slot redundancy for this LAC peer with both of the following tasks:
8.
13-12
Notes
Enter this command in context configuration
mode.
Select the algorithm for slot redundancy.
lns card
Specify the selection keyword.
Specify a card and its preference.
lns card
Specify the preference keyword. Enter this
command for each card that will carry L2TP
subscriber sessions to the LAC.
Limit the number of tunnels allowed for this peer.
max-tunnels
Specify at least two tunnels for quick recovery if
problems occur.
Limit the number of sessions allowed for this peer.
max-sessions
Specify an authorization key used by the L2TP peer to
encrypt and decrypt information sent on the control
channel.
tunnel-auth key
Specify the number of unacknowledged control messages
that can be sent by this L2TP peer.
tunnel-window
Specify the method used by the SmartEdge router when
acting as an L2TP LNS to authenticate subscriber
sessions that arrive from this peer.
session-auth
Specify operational attributes (all attributes are optional):
Ports, Circuits, and Tunnels Configuration Guide
Configuration Tasks
Table 13-4 Configure an LAC Peer (continued)
#
Task
Root Command
9.
Specify timing attributes (all attributes are optional):
Specify the interval before sending an L2TP Hello packet
to an L2TP peer if there has been no control message
activity between the peer and the SmartEdge router.
hello-timer
Specify the timeout value for an acknowledgment
message before a control message is retransmitted to an
L2TP peer.
timeout
Specify the number of retries that an unacknowledged
control message is retransmitted to an L2TP peer before
the tunnel is brought down.
retry
Notes
Configure a Subscriber for L2TP Peer Selection
When the SmartEdge router is acting as an LAC, you must specify either dynamic or static peer selection
for the subscriber sessions. To specify peer selection, perform the task described in Table 13-5; enter all
commands in subscriber configuration mode.
Table 13-5 Configure a Subscriber for L2TP Peer Selection
Task
Root Command
Notes
Select the peer or peer group for a subscriber with one of the following tasks:
• Enable dynamic peer selection.
tunnel domain
• Enable static peer selection.
tunnel name
Uses the domain portion of the subscriber name to
match a configured peer or group.
Configure an L2TP Tunnel Switch
When the SmartEdge router acts as a tunnel switch, it acts as an LNS to incoming subscriber circuits and
as an LAC to the LNS peers to which it switches those subscriber circuits. To configure the SmartEdge
router as an L2TP tunnel switch, perform the tasks described in Table 13-6. To allow the subscriber sessions
to be switched, each subscriber must have a domain name that matches the domain alias for the LNS to
which the subscriber’s sessions will be switched.
Table 13-6 Configure an L2TP Tunnel Switch
#
Task
Root Command
1.
Configure the context for the L2TP tunnel switch.
See Table 13-1 for a complete list of commands.
2.
Create an LNS peer for each upstream peer.
See Table 13-2 for a complete list of commands. Perform this step for each
LNS peer to which the subscriber sessions will be switched.
3.
Create an LAC peer for each downstream peer.
See Table 13-4 for a complete list of commands. Perform this step for each
LAC peer from which subscriber sessions will be switched.
4.
Configure a subscriber record for each
subscriber to be switched.
See Table 13-5 for a complete list of commands. The domain name for each
subscriber must match the domain alias for the LNS to which the subscriber
session will be switched.
L2TP Configuration
Notes
13-13
Configuration Examples
Configuration Examples
This section includes functional examples that configure the SmartEdge router to act as a connected LAC
and as a connected LNS.
•
SmartEdge Router as a LAC
•
SmartEdge Router as an LNS
•
SmartEdge Router as a Tunnel Switch
•
L2TP Slot Redundancy for an LAC Peer
SmartEdge Router as a LAC
In the examples in this section, the SmartEdge router, with system hostname, telco.com, acts as a LAC
to two LNSs of an ISP. With these examples, if a subscriber specifies sub-name@isp1.net, the
SmartEdge OS connects the subscriber’s PPP session to the LNS peer lns1.isp.net; if a subscriber
specifies sub-name@isp2.net, the SmartEdge OS connects the subscriber’s PPP session to either of the
LNS peers in the group.
The following L2TP tasks show the basic configuration:
•
Context Aliases
•
LNS Peers
•
Group of LNS Peers
•
Subscribers
Context Aliases
The following example enters the local context and configures domain aliases for the context for use with
two LNS peers:
[local]telco.com(config)#context local
[local]telco.com(config-ctx)#domain isp1.net
[local]telco.com(config-ctx)#domain isp2.net
[local]telco.com(config-ctx)#end
LNS Peers
This example creates a tunnel to each LNS peer, specifies a domain alias for the peer, the local name for
the SmartEdge router, and the key to be used by the peer to authenticate the establishment of the tunnel:
[local]telco.com(config)#context local
[local]telco.com(config-ctx)#l2tp-peer name lns1.isp.net media udp-ip remote ip 2.2.2.1
local 1.1.1.1
[local]telco.com(config-l2tp)#function lac-only
[local]telco.com(config-l2tp)#domain isp1.net
[local]telco.com(config-l2tp)#local-name lac1.isp.net
[local]telco.com(config-l2tp)#tunnel-auth key SeCrEt1
[local]telco.com(config-l2tp)#end
13-14
Ports, Circuits, and Tunnels Configuration Guide
Configuration Examples
A second LNS peer is configured in a similar fashion as follows:
[local]telco.com(config)#context local
[local]telco.com(config-ctx)#l2tp-peer name lns2.isp.net media udp-ip remote ip 2.2.3.1
local 1.1.1.1
[local]telco.com(config-l2tp)#function lac-only
[local]telco.com(config-l2tp)#local-name lac2.isp.net
[local]telco.com(config-l2tp)#tunnel-auth key SeCrEt2
[local]telco.com(config-l2tp)#end
Group of LNS Peers
The following example creates an L2TP group, group1, assigns a domain alias, ips2.net, sets the
session algorithm to load balance, sets the deadtime to 15 minutes, and adds two existing LNS peers
to the group:
[local]telco.com(config-ctx)#12tp-group name group1
[local]telco.com(config-l2tp-group)#domain isp2.net
[local]telco.com(config-l2tp-group)#algorithm load-balance
[local]telco.com(config-l2tp-group)#deadtime 15
[local]telco.com(config-l2tp-group)#peer name lns1.isp.net
[local]telco.com(config-l2tp-group)#peer name lns2.isp.net
[local]telco.com(config-l2tp-group)#end
Subscribers
The following examples configure subscribers for the LAC:
•
Dynamic Peer Selection
•
Static Peer Selection
Dynamic Peer Selection
The following example enables dynamic peer selection for all subscribers in the local context:
[local]telco.com(config)#context local
[local]telco.com(config-ctx)#subscriber default
[local]telco.com(config-sub)#tunnel domain
[local]telco.com(config-sub)#end
Static Peer Selection
The following example specifies that a PPP session for subscriber fred is always tunneled to the LNS peer,
lns1.isp.net:
[local]telco.com(config)#context local
[local]telco.com(config-ctx)#subscriber name fred
[local]telco.com(config-sub)#tunnel name lns1.isp.net
[local]telco.com(config-sub)#end
L2TP Configuration
13-15
Configuration Examples
SmartEdge Router as an LNS
In the examples in this section, the SmartEdge router, with system hostname, isp.net, acts as an LNS for
an ISP. The following L2TP tasks show the basic configuration:
•
Context Alias
•
LAC Peer
Context Alias
The following example enters the local context and configures a domain alias for the context for use with
a LAC peer:
[local]isp.net(config)#context local
[local]isp.net(config-ctx)#domain isp1.net
[local]isp.net(config-ctx)#end
LAC Peer
The following example configures a SmartEdge router to act as an LNS for a LAC peer. It is assumed that
subscriber records exist either locally or on a RADIUS server for configuring and authenticating subscriber
sessions.
[local]isp.net(config)#context local
[local]isp.net(config-ctx)#l2tp-peer name lac1.isp.net media udp-ip remote ip 10.1.1.1
[local]isp.net(config-l2tp)#function lns-only
[local]isp.net(config-l2tp)#domain isp1.net
[local]isp.net(config-l2tp)#local-name lns1.isp.net
[local]isp.net(config-l2tp)#tunnel-auth key SeCrEt1
[local]isp.net(config-l2tp)#session-auth chap pap
[local]isp.net(config-l2tp)end
SmartEdge Router as a Tunnel Switch
The following example sets up tunnel switching in which all PPP sessions that arrive at the tunnel switch
(the SmartEdge router, switch.com), over the downstream tunnels lac1.com and lac2.com are
mapped into an upstream tunnel selected according to the structured subscriber name. For example, if a
subscriber specifies joe@lns2.net, the SmartEdge OS places the session into the tunnel to lns2.net;
a subscriber, fred, is tunneled to the lns1.net LNS.
The following example sets up the tunnel switch, switch.com,. in the local context, with the domain
alias names, lnscom1 and lnscom2; the LAC peer, lac.com; and the LNS peers, lns1.net and
lns2.net. It also creates two subscribers, joe and fred, and specifies the LNS for each, using the
domain alias for each LNS.
!Configure the context for the switch
[local]switch.com(config)#context local
[local]switch.com(config-ctx)#aaa authentication subscriber none
[local]switch.com(config-ctx)#domain lnscom1
[local]switch.com(config-ctx)#domain lnscom2
[local]switch.com(config-if)#exit
13-16
Ports, Circuits, and Tunnels Configuration Guide
Configuration Examples
!Configure the LAC peer (LNS side of the switch)
[local]switch.com(config-ctx)#l2tp-peer name lac.com media udp-ip remote-ip 10.1.1.1
[local]switch.com(config-l2tp)#function lns-only
[local]switch.com(config-l2tp)#exit
!Configure the LNS peers (LAC side of the switch)
[local]switch.com(config-ctx)#l2tp-peer name lns1.net media udp-ip remote-ip 10.3.1.1
[local]switch.com(config-l2tp)#function lac-only
[local]switch.com(config-ctx)#domain lnscom1
[local]switch.com(config-l2tp)#exit
[local]switch.com(config-ctx)#l2tp-peer name lns2.net media udp-ip remote-ip 10.4.1.1
[local]switch.com(config-l2tp)#function lac-only
[local]switch.com(config-ctx)#domain lnscom2
[local]switch.com(config-l2tp)#exit
!Configure a named subscriber for lns1.net
[local]switch.com(config-ctx)#subscriber name joe
[local]switch.com(config-sub)#tunnel name lnscom1
[local]switch.com(config-sub)#exit
!Configure a named subscriber for lns2.net
[local]switch.com(config-ctx)#subscriber name fred
[local]switch.com(config-sub)#tunnel name lnscom2
[local]switch.com(config-sub)#exit
L2TP Slot Redundancy for an LAC Peer
The following example configures slot redundancy for an LAC peer, as shown in Figure 13-3. Because slot
3 has the route to the LAC, it is preferred for subscriber sessions up to the maximum allowed for the card;
the configuration establishes that additional sessions are to be load-balanced between cards 4 and 5.
!Configure the LAC peer
[local]switch.com(config-ctx)#l2tp-peer name lac.com media udp-ip remote-ip 10.1.1.1
[local]switch.com(config-l2tp)#function lns-only
!Configure the alternate traffic cards for slot redundancy
[local]Redback(config)#card gigaether-4-port 3
[local]Redback(config)#card gigaether-4-port 4
[local]Redback(config)#card gigaether-4-port 5
!Select the algorithm and specify the card preferences
[local]Redback(config-l2tp)#lns card selection route
[local]Redback(config-l2tp)#lns card 4 preference 20
[local]Redback(config-l2tp)#lns card 5 preference 20
L2TP Configuration
13-17
Command Descriptions
Command Descriptions
This section describes the syntax and usage guidelines for the commands used to configure L2TP features.
The commands are presented in alphabetical order.
algorithm
deadtime
description
domain
function
hello-timer
l2tp calling-number format
l2tp clear-radius-peer
l2tp deadtime
l2tp fragment
l2tp-group
l2tp-peer
l2tp proxy-auth
l2tp renegotiate lcp
13-18
l2tp strict-deadtime
lns card
local-name
max-sessions
max-tunnels
peer
retry
session-auth
timeout
tunnel-auth key
tunnel domain
tunnel name
tunnel-window
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
algorithm
algorithm {priority | load-balance | weighted-round-robin}
default algorithm
Purpose
Assigns the algorithm used to distribute Point-to-Point Protocol (PPP) sessions among the peers in a
Layer 2 Tunneling Protocol (L2TP) group.
Command Mode
L2TP group configuration
Syntax Description
priority
Assigns the next session to the highest priority peer that has not been labeled
“dead”.
load-balance
Assigns the next session to the peer that has the fewest sessions.
weighted-round-robin Assigns the next session based on calculated priority (weight).
Default
The algorithm is set to strict priority.
Usage Guidelines
Use the algorithm command to assign the algorithm used to distribute PPP sessions among the peers in an
L2TP group. The three algorithm keywords represent distinctly different strategies for session distribution.
Use the priority keyword to assign a strict priority algorithm. Using this algorithm, sessions are directed
to the peer with the highest priority until connection with that peer is no longer possible; then sessions are
directed to the peer with the next highest priority. With this algorithm, you can assign a preference value to
each peer using the peer command in L2TP group configuration mode; a peer with a preference value of 1
has the highest priority. Peers with equal preference values are assigned sessions using load balancing.
Use the load-balance keyword to assign a load-balancing algorithm. Using this algorithm, the next session
is directed to the peer with the fewest sessions. The result is that the sessions are distributed across the peers
equally. The peers may still have priorities assigned, but they are ignored.
Use the weighted-round-robin keyword assign a weighted-round-robin algorithm to calculate the priority.
Using this algorithm, sessions are directed to the peer with the highest calculated priority until connection
with that peer is no longer possible; then sessions are directed to the peer with the highest calculated
priority. With this algorithm, you can assign a weight value to each peer using the peer command in L2TP
group configuration mode; the weight value is used to calculate the priority. The peer with the lowest
priority receives the most sessions.
L2TP Configuration
13-19
Command Descriptions
Each algorithm is subject to the maximum number of tunnels and the maximum number of sessions
(specified with the max-tunnels and max-sessions commands in L2TP peer configuration mode,
respectively) configured for the peers that are members of the group. For example, if the strict priority
algorithm is specified and the maximum sessions limit is reached on the highest priority peer, additional
sessions are sent to the next highest priority peer.
Note The SmartEdge OS supports only Remote Authentication Dial-In User Service (RADIUS) servers
that support tunnel extensions. If the RADIUS server does not supply the Tunnel-Preference
attribute, the SmartEdge OS chooses the preference for the peers arbitrarily. We recommend that
you specify either the strict-priority distribution (which sets the priority of peers explicitly), or the
weighted-round-robin algorithm.
For more information about configuring RADIUS, see the “RADIUS Configuration” chapter in the
IP Services and Security Configuration Guide for the SmartEdge OS.
Use the default form of this command to set the algorithm to strict priority.
Examples
The following example creates an L2TP group, group1, with L2TP peer members, 1peer and 2peer.
First, the L2TP group, group1, is created. Two peer members, 1peer and 2peer, are then established
as members of the group, and the group is configured to use strict-priority session distribution:
[local]Redback(config-ctx)#12tp-group name group1
[local]Redback(config-l2tp-group)#algorithm priority
[local]Redback(config-l2tp-group)#peer name 1peer preference 10
[local]Redback(config-l2tp-group)#peer name 2peer preference 20
With strict-priority distribution, sessions with usernames of the form user@group1 are tunneled to 1peer
(because it has a lower preference value), as long as 1peer is reachable and its maximum sessions
threshold has not been exceeded. If 1peer becomes unreachable or its maximum sessions threshold is
reached, sessions are tunneled to 2peer.
If the load-balance keyword was used instead of the priority keyword, the first session of the form
user@group1 would be tunneled to 1peer, and the next session for the same group would be tunneled to
2peer, balancing the session count between them, unless one peer becomes unreachable or the maximum
sessions threshold is reached.
Related Commands
deadtime
domain—context configuration mode
domain—L2TP group configuration mode
domain—L2TP peer configuration mode
max-sessions
max-tunnels
peer
13-20
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
deadtime
deadtime minutes
default deadtime
Purpose
Sets the minimum amount of time during which any “dead” peer in the group is ignored when computing
the Layer 2 Tunneling Protocol (L2TP) group algorithm.
Command Mode
L2TP group configuration
Syntax Description
minutes
Minimum number of minutes that a peer is marked as “dead”. The range of values is 1
to 300; the default value is 2.
Default
The deadtime is set to five minutes.
Usage Guidelines
Use the deadtime command to set the minimum amount of time during which any “dead” peer in the group
is ignored when computing the L2TP group algorithm.
A peer is labeled “dead” after it is determined that a new tunnel cannot be established to the peer. This
feature prevents a troubled L2TP peer from being inundated with connection attempts without
disconnecting the peer altogether. It also allows you to identify troubled peers.
A peer remains labeled as “dead” until a new session is established to it as follows:
•
After the deadtime is expired and a connection request arrives, the peer is again considered as a
destination, according to the group algorithm.
•
If a connection attempt is not made to the peer (the peer is not selected as the destination), the “dead”
label is not removed.
•
If a connection attempt is made and is successful, the “dead” label is removed from the peer; if the
attempt is not successful, the deadtime is again applied to the peer.
Note Current sessions to the peer are not brought down if the peer should be labeled “dead”. Only
attempts to add new tunnels are affected.
A “dead” peer is labeled as “dead” in the output of the show l2tp peer command in any mode for at least
the length of time indicated in the minutes argument.
Use the default form of this command to set the deadtime to two minutes.
L2TP Configuration
13-21
Command Descriptions
Examples
The following example selects (or creates) an L2TP group and sets the number of deadtime minutes to two:
[local]Redback(config-ctx)#l2tp-group name group1
[local]Redback(config-l2tp-group)#default deadtime
The following example selects (or creates) an L2TP group and sets the number of deadtime minutes to 10:
[local]Redback(config-ctx)#l2tp-group name group1
[local]Redback(config-l2tp-group)#deadtime 10
Related Commands
algorithm
domain—context configuration mode
domain—L2TP group configuration mode
domain—L2TP peer configuration mode
l2tp deadtime
l2tp strict-deadtime
13-22
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
description
description text
no description
Purpose
Associates textual information with a Layer 2 Tunneling Protocol (L2TP) peer.
Command Mode
L2TP peer configuration
Syntax Description
text
Textual description for an L2TP peer. Can be any alphanumeric string, including spaces, up
to 255 ASCII characters.
Default
No description is associated with the L2TP peer.
Usage Guidelines
Use the description command to associate textual information with the L2TP peer. The description appears
in the output of the show configuration command with the l2tp keyword in any mode.
Use the no form of this command to delete the existing description. Because there can be only one
description for a peer, when you use the no form of this command, it is not necessary to include the text
argument.
To change a description, create a new one; it overwrites the existing one.
Examples
The following example selects (or creates) an L2TP peer, and then associates a text description with it:
[local]Redback(config)#context local
[local]Redback(config-ctx)#l2tp-peer name isp1.net remote 172.16.1.2 local 172.16.1.1
[local]Redback(config-l2tp)#description Corporate offices in Connecticut
The following example changes the description created in the previous example:
[local]Redback(config-l2tp)#description Corporate offices in Hartford
The following example deletes an existing description:
[local]Redback(config-l2tp)#no description
Related Commands
None
L2TP Configuration
13-23
Command Descriptions
domain
domain alias
no domain alias
Purpose
Assigns a domain alias to a Layer 2 Tunneling Protocol (L2TP) peer or group.
Command Mode
L2TP peer configuration
L2TP group configuration
Syntax Description
alias
Unique name to be used as an alias. Must be one of the domain aliases created for the context
in which the peer is being configured by the domain command in context configuration mode.
Default
No aliases are specified.
Usage Guidelines
Use the domain command to assign a domain alias for a peer; the domain alias is one previously created
for the context in which the L2TP peer or group is configured.
Note To create an alias for a context, use the domain command in context configuration mode. For more
information, see the “Context Configuration” chapter in the Basic System Configuration Guide for
the SmartEdge OS.
A domain alias can be a simpler name (for example, isp.net) than its name (the l2tp-peer-name argument
specified by the l2tp-peer command in L2TP peer configuration mode), which is a fully qualified domain
name, such as time_0_5.chi_core.isp.net. You can specify multiple aliases for each L2TP peer or group.
You can use a domain alias for a peer anywhere that you can use its name (the l2tp-peer-name argument)
or for a group anywhere that you can use its name (the l2tp-group-name argument specified by the
l2tp-group command in L2TP group configuration mode).You cannot use this command if you entered
L2TP peer configuration mode using the l2tp-peer command in context configuration mode with the
default keyword.
Use the no form of this command to remove the specified domain alias.
13-24
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
Examples
The following example selects (or creates) an L2TP peer and assigns a domain alias for it:
[local]Redback(config)#context local
[local]Redback(config-ctx)#domain corporate
[local]Redback(config-ctx)#l2tp-peer name peer1
[local]Redback(config-l2tp)#domain corporate
The following example selects (or creates) an L2TP group and assigns a domain alias for it:
[local]Redback(config)#context local
[local]Redback(config-ctx)#domain field-sales
[local]Redback(config-ctx)#l2tp-group name group1
[local]Redback(config-l2tp-group)#domain field-sales
Related Commands
domain—context configuration mode
l2tp-group
l2tp-peer
timeout
L2TP Configuration
13-25
Command Descriptions
function
function {lac-only | lns-only}
no function
Purpose
Specifies the role that the SmartEdge router assumes with this Layer 2 Tunneling Protocol (L2TP) peer,
either as an L2TP access concentrator (LAC) or as an L2TP network server (LNS).
Command Mode
L2TP peer configuration
Syntax Description
lac-only
Specifies that the SmartEdge router can send incoming call requests to, but cannot
receive them from, this peer.
lns-only
Specifies that the SmartEdge router can receive incoming call requests from, but cannot
send them to, this peer.
Default
The SmartEdge router functions as a LAC only for this peer.
Usage Guidelines
Use the function command to specify the role that the SmartEdge router assumes with this L2TP peer,
either as an LAC or as an LNS. The LAC-only role prevents the acceptance of Incoming-Call-Request
(ICRQ) control messages from a LAC peer. The LNS-only role prevents the generation of ICRQ control
messages based on incoming Point-to-Point Protocol (PPP) sessions to an LNS peer.
Use the default or all form of this command to disable any specification.
Examples
The following example specifies that the SmartEdge router will function as an LAC with the named L2TP
peer:
[local]Redback(config-ctx)#l2tp-peer name peer1
[local]Redback(config-l2tp)#function lac-only
Related Commands
l2tp-peer
local-name
13-26
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
hello-timer
hello-timer interval
default hello-timer
Purpose
Specifies the amount of time that the SmartEdge OS waits before sending a Hello control message to an
Layer 2 Tunneling Protocol (L2TP) peer if there has been no control message activity between the two
peers.
Command Mode
L2TP peer configuration
Syntax Description
interval
Amount of time in seconds that the SmartEdge OS waits before sending an L2TP Hello
packet if there has been no exchange of control messages to the remote L2TP peer. The
range of values is 0 to 3,600; the default value is 60.
Default
The SmartEdge OS waits 60 seconds before sending an L2TP Hello packet.
Usage Guidelines
Use the hello-timer command to specify the amount of time that the SmartEdge OS waits before sending
a Hello control message to an L2TP peer if there has been no control message activity between the two
peers. The Hello control message is used as a keepalive mechanism to determine if there has been a link
failure between the L2TP access concentrator (LAC) and L2TP network server (LNS).
Note We do not recommend that you change the value of the interval argument from the default unless
you are specifically requested to do so by a Redback Technical Support representative.
Use the default form of this command to set the value of the interval argument to the default of 60 seconds.
Examples
The following example sets the amount of time that the SmartEdge OS waits before sending a Hello control
message to an L2TP peer if there has been no control message activity between the two peers to 120
seconds (two minutes):
[local]Redback(config-l2tp)#hello-timer 120
Related Commands
None
L2TP Configuration
13-27
Command Descriptions
l2tp calling-number format
l2tp calling-number format {all [hostname] [pppoe-id] [slot-port] [virtual-id]}
{no | default} l2tp calling-number format
Purpose
Allows you to pass subscriber calling information to a Layer 2 Tunneling Protocol (L2TP) network server
(LNS) in a Dialed Number Identification Service (DNIS) attribute-value pair (AVP).
Command Mode
context configuration
Syntax Description
all
Includes all available options for this command; this is the default option.
hostname
Optional. Includes currently configured hostname of the router.
pppoe-id
Optional. Includes the session ID of the incoming Point-to-Point Protocol over Ethernet
(PPPoE) session.
slot-port
Optional. Includes the slot and port number of the incoming circuit.
virtual-id
Optional. Includes the Virtual Path Identifier (VPI), Virtual Channel Identifier (VCI), or
Virtual LAN ID (VLAN ID) of the incoming circuit.
Default
All available options are sent to the peer.
Usage Guidelines
Note An L2TP access concentrator (LAC) sends an AVP only if the dnis generate command (in L2TP
peer configuration mode) is configured and enabled under the peer.
Use the l2tp calling-number format to pass subscriber calling information to an LNS using L2TP in a
DNIS AVP.
Use the no or default form of this command to send all options to the peer.
Examples
The following example displays all information (hostname, slot and port, PPPoE ID, and virtual ID):
[local]Redback(config)#context local
[local]Redback(config-ctx)#l2tp calling-number format all
[local]Redback(config-ctx)#
13-28
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
The following example displays only the hostname:
[local]Redback(config)#context local
[local]Redback(config-ctx)#l2tp calling-number format hostname
Related Commands
dnis generate
L2TP Configuration
13-29
Command Descriptions
l2tp clear-radius-peer
l2tp clear-radius-peer time-inactive
{no | default} l2tp clear-radius-peer
Purpose
Enables any Layer 2 Tunneling Protocol (L2TP) peer configured by a Remote Authentication Dial-In User
Service (RADIUS) server in this context to be automatically removed from memory after it is marked
inactive.
Command Mode
context configuration
Syntax Description
time-inactive
Time, in minutes, that a peer can be inactive before being removed from memory. The
range of values is 5 to 300.
Default
No time limit is in effect; no inactive RADIUS-configured peers are cleared from memory.
Usage Guidelines
Use the l2tp clear-radius-peer command to enable any L2TP peer configured by a RADIUS server in this
context to be automatically removed from memory after it is marked inactive. A RADIUS-configured peer
is marked as inactive if:
•
The session count is 0.
•
The peer is not labeled “dead”; it is alive or its deadtime has expired.
•
The time interval since the last session was terminated or since the peer was initially created, if no
sessions have been active, is equal to or greater than the time specified by the time-inactive argument.
If a RADIUS-configured peer is inactive, it is cleared from memory.
Use the no or default form of this command to remove the time limit.
Examples
The following example sets the inactive time limit to 10 minutes:
[local]Redback(config)#context local
[local]Redback(config-ctx)#l2tp clear-radius-peer 10
Related Commands
None
13-30
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
l2tp deadtime
l2tp deadtime minutes
{no | default} l2tp deadtime
Purpose
Sets the minimum amount of time for which any “dead” Layer 2 Tunneling Protocol (L2TP) peer that is
configured in the context and that is not a member of a peer group is ignored.
Command Mode
context configuration
Syntax Description
minutes
Minimum number of minutes that a peer is marked as “dead”. The range of values is 1
to 100; the default value is 2.
Default
The deadtime is set to five minutes.
Usage Guidelines
Use the l2tp deadtime command to set the minimum amount of time that any “dead” L2TP peer that is
configured in the context and that is not a member of a peer group is ignored. You can use this command
to control the deadtime for peers created by the Remote Authentication Dial-In User Service (RADIUS).
A peer is labeled “dead” after it is determined that a new tunnel cannot be established to the peer. This
feature prevents a troubled L2TP peer from being inundated with connection attempts without
disconnecting the peer altogether. It also allows you to identify troubled peers.
A peer remains labeled as “dead” until a new session is established to it as follows:
•
After the deadtime is expired and a connection request arrives, the peer is again considered as a
destination.
•
If a connection attempt is not made to the peer (the peer is not selected as the destination), the “dead”
label is not removed.
•
If a connection attempt is made and is successful, the “dead” label is removed from the peer; if the
attempt is not successful, the deadtime is again applied to the peer.
Note Current sessions to the peer are not brought down if the peer should be labeled “dead”. Only
attempts to add new tunnels are affected.
A “dead” peer is labeled as “dead” in the output of the show l2tp peer command (in any mode) for at least
the length of time indicated in the minutes argument.
Use the no or default form of this command to set the deadtime to two minutes.
L2TP Configuration
13-31
Command Descriptions
Examples
The following example sets the number of deadtime minutes to 10 for any L2TP peer that is not a member
of a peer group in the context:
[local]Redback(config-ctx)#l2tp deadtime 10
Related Commands
deadtime
l2tp strict-deadtime
13-32
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
l2tp fragment
l2tp fragment {l2tp-packet | user-packet}
{no | default} l2tp fragment
Purpose
Specify the type of fragmentation of Layer 2 Tunneling Protocol (L2TP) packets that are sent downstream
and that need fragmentation.
Command Mode
context configuration
Syntax Description
l2tp-packet
Fragments the encapsulating packet after the L2TP header is added; this is the default.
user-packet
Fragments the user data packet before the L2TP header is added.
Default
Fragmentation occurs after the L2TP header is added.
Usage Guidelines
Use the l2tp fragment command to specify the type of fragmentation for L2TP packets that are sent
downstream.
It is more efficient to fragment the user data packet, because it is reassembled on the user’s computer;
fragmenting the L2TP packet requires that the L2TP access concentrator (LAC) must reassemble the
packet, which takes more processing time.
Use the no or default form of this command to specify fragmentation after the L2TP header is added.
Examples
The following example enables fragmentation for user data packets before the L2TP header is added:
[local]Redback(config)#context local
[local]Redback(config-ctx)#l2tp fragment user-packet
Related Commands
None
L2TP Configuration
13-33
Command Descriptions
l2tp-group
l2tp-group name l2tp-group-name
no l2tp-group name l2tp-group-name
Purpose
Creates a group of Layer 2 Tunneling Protocol (L2TP) tunnels to L2TP network servers (LNSs) among
which Point-to-Point Protocol (PPP) sessions are parceled out, and enters L2TP group configuration mode.
Command Mode
context configuration
Syntax Description
name l2tp-group-name Name of the L2TP group being created. L2TP group names must be unique
from other L2TP group names, peer names, and domain aliases in the context.
Default
No L2TP group is created.
Usage Guidelines
Use the l2tp-group command to create a group of L2TP tunnels to LNSs (peers) among which PPP
sessions are parceled out, and enter L2TP group configuration mode. All peers in a group must be defined
(with the l2tp-peer command in context configuration mode) within the same context as the group itself.
It is part of the LAC configuration.
PPP sessions are distributed among tunnels in a group according to the algorithm specified for the group
with the algorithm command in L2TP group configuration mode.
A group name that is created with the l2tp-group command can be entered as the l2tp-peer-name or
tunl-name argument value for the tunnel name command in subscriber configuration mode.
Peer names, group names, and domain aliases for those names must be unique within the context in which
they are created.
Use the no form of this command to disband the L2TP group and delete all references to it by the L2TP
peers that formed the group.
Examples
The following example creates an L2TP group, group1:
[local]Redback(config-ctx)#l2tp-group name group1
[local]Redback(config-l2tp-group)#
13-34
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
Related Commands
algorithm
domain—context configuration mode
domain—L2TP group configuration mode
domain—L2TP peer configuration mode
l2tp-group
l2tp-peer
L2TP Configuration
13-35
Command Descriptions
l2tp-peer
l2tp-peer {default | name l2tp-peer-name media udp-ip remote {ip ip-addr | dns dns-name} |
unnamed} [local ip-addr]
no l2tp-peer {default | name l2tp-peer-name | unnamed}
Purpose
Creates a Layer 2 Tunneling Protocol (L2TP) peer, either an L2TP access concentrator (LAC) or an L2TP
network server (LNS), a default peer, or an anonymous (unnamed) peer, or selects one for modification, in
the current context, and enters L2TP peer configuration mode.
Command Mode
context configuration
Syntax Description
default
Creates a default L2TP tunnel.
name l2tp-peer-name
Name of the L2TP peer that is provided by the peer as a hostname in
Start-Control-Connection-Request (SCCRQ) packets sent to the SmartEdge
router.
media udp-ip
Specifies that the tunnel is User Datagram Protocol (UDP) IP-encapsulated.
remote ip ip-addr
IP address of the L2TP peer.
remote dns dns-name
Domain Name System (DNS) name of the L2TP peer.
unnamed
Creates an anonymous L2TP peer.
local ip-addr
Optional. Local IP address. When configuring an LAC, the ip-addr argument
is the IP address of the LAC. When configuring an LNS, the ip-addr argument
is the IP address of the LNS.
Default
No L2TP named, default, or anonymous peer is created.
Usage Guidelines
Use the l2tp-peer command to create an L2TP peer, a default peer, or an anonymous peer, or select one for
modification, in the current context, and enter L2TP peer configuration mode.
Use the default keyword to create a set of defaults that apply to any L2TP peer in the current context. Each
configured attribute for the default peer is included in all L2TP peer configurations in the context. However,
if you configure a named or anonymous peer, attribute values that you specify for that peer override the
values set for the default peer.
If you specify the name l2tp-peer-name construct, the L2TP peer name must be unique from other L2TP
peer names, group names, and domain aliases within the context.
13-36
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
When configuring the SmartEdge router as a LAC, the l2tp-peer-name argument is the name or the domain
alias for the LNS at the other end of the tunnel; it represents the peer in the hostname attribute of packets
exchanged in L2TP. When configuring it as an LNS, the l2tp-peer-name argument is the name of the LAC.
The name of the L2TP peer is provided by the peer as a hostname in SCCRQ packets.
Use the remote ip ip-addr construct to specify the IP address for the LNS; use the remote dns dns-name
construct to specify the DNS name for the LNS. Use the local ip-addr construct to specify the IP address
for the LAC.
You can assign an alias for the L2TP peer name with the domain command in L2TP peer configuration
mode. Peer names, group names, and domain aliases must be unique within the context. For example, if a
peer is named “isp,” no other peer, group, or alias can also be named “isp” within the context.
Note The peer name for the SmartEdge router is frequently the hostname for the SmartEdge router (by
default, Redback). If you are configuring a new system, you may want to rename the SmartEdge
router. To change the hostname of a SmartEdge router, enter the system hostname command in
global configuration mode. For more information about this command, see the “Basic System
Commands” chapter.
Be aware that if the SmartEdge router is currently in service and you change its hostname, any
authentication based on the previous definition will fail.
Instead of using the SmartEdge router hostname as the peer name, you can create another hostname
to use as a peer name; to create another hostname, enter the local-name command in L2TP peer
configuration mode.
Note This command supports multiple L2TP tunnels that are identically named. This is commonly the
case when Microsoft Windows clients are the L2TP peers.
Use the unnamed keyword to configure how the system responds to anonymous peers. Use the anonymous
peer configuration for any incoming SCCRQ packets that contain a hostname not found in the local L2TP
peer configurations, or for peers configured by a Remote Authentication Dial-In User Service (RADIUS)
server.
To configure the parameters for an anonymous L2TP peer, you can use all the L2TP configuration mode
commands, except for domain. We recommend that you use the tunnel-auth command in L2TP
configuration mode, to accept all incoming peer requests that contain a specific tunnel password. In
addition, we recommend that you restrict the use of this peer to the SmartEdge router using the function
command in L2TP configuration mode with the lns-only keyword. Otherwise, outgoing calls might be
placed on anonymous peers.
Use the no form of this command to delete the default peer or an existing L2TP peer in the current context.
Examples
The following example creates an L2TP peer, lac1.net, in the local context:
[local]Redback(config-config)#context local
[local]Redback(config-ctx)#l2tp-peer name lac1.net media udp-ip remote ip 10.5.5.5
[local]Redback(config-l2tp)#
L2TP Configuration
13-37
Command Descriptions
The following example creates a default L2TP tunnel for tunnels in the local context:
[local]Redback(config-config)#context local
[local]Redback(config-ctx)#l2tp-peer default
[local]Redback(config-l2tp)#
Related Commands
domain—context configuration mode
domain—L2TP group configuration mode
domain—L2TP peer configuration mode
local-name
system hostname
13-38
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
l2tp proxy-auth
l2tp proxy-auth
{no | default} l2tp proxy-auth
Purpose
Enables proxy authentication for Layer 2 Tunneling Protocol (L2TP) access concentrator (LAC) peers.
Command Mode
context configuration
Syntax Description
This command has no keywords or arguments.
Default
Proxy authentication is disabled.
Usage Guidelines
Use the l2tp proxy-auth command to enable proxy authentication for LAC peers.
Use the no or default form of this command to disable proxy authentication for LAC peers.
Examples
The following example enables proxy authentication for LAC peers.
[local]Redback(config)#context local
[local]Redback(config-ctx)#l2tp proxy-auth
Related Commands
None
L2TP Configuration
13-39
Command Descriptions
l2tp renegotiate lcp
l2tp renegotiate lcp {always | never | on-mismatch}
{no | default} l2tp renegotiate lcp
Purpose
Specifies the conditions under which the SmartEdge router, when acting as a Layer 2 Tunneling Protocol
(L2TP) network server (LNS) renegotiates the Link Control Protocol (LCP) options with an L2TP access
concentrator (LAC).
Command Mode
context configuration
Syntax Description
always
Renegotiates regardless of any LCP or Authentication packets received.
never
Does not ever renegotiate.
on-mismatch
Renegotiates if the received proxy LCP options do not match the configured options.
This is the default.
Default
Renegotiates if the received proxy LCP options do not match the configured options.
Usage Guidelines
Use the l2tp renegotiate lcp command to specify the conditions under which the SmartEdge router, when
acting as an LNS, renegotiates with an LAC.
As part of L2TP session establishment, a LAC might send proxy-lcp and proxy-auth options (LCP and
Authentication packets it received from its client) in one of its messages to the SmartEdge router. In this
case, the SmartEdge router, acting as an LNS, might receive all the necessary LCP information without
negotiating directly with the client. However, if a proxy LCP packet is not received, then the SmartEdge
router renegotiates the LCP, depending on the conditions specified by this command.
Use the always keyword to support those situations for which renegotiation is required, regardless of the
information received from the client.
Use the never keyword to support those Point-to-Point Protocol (PPP) clients that cannot successfully
establish a session if renegotiation occurs. In this case, the SmartEdge router attempts to use proxy-LCP
information as much as possible. That is, it accepts non-critical values, even on mismatch. But it does not
tolerate authentication problems or a lack of a proxy LCP.
Use the no or default form of this command to specify the default condition.
13-40
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
Examples
The following example specifies that no renegotiation will take place:
[local]Redback(config)#context local
[local]Redback(config)#l2tp renegotiate lcp never
Related Commands
None
L2TP Configuration
13-41
Command Descriptions
l2tp strict-deadtime
l2tp strict-deadtime
{no | default} l2tp deadtime
Purpose
Enables the strict enforcement of the deadtime, even if all Layer 2 Tunneling Protocol (L2TP) peers are
labeled “dead”.
Command Mode
context configuration
Syntax Description
This command has no keywords or arguments.
Default
Strict enforcement of the deadtime is disabled.
Usage Guidelines
Use the l2tp strict-deadtime command to enable the strict enforcement of the deadtime, even if all L2TP
peers are labeled “dead”. You can use this command to control connection attempts to “dead” peers that are
created by the Remote Authentication Dial-In User Service (RADIUS).
A peer is labeled “dead” after it is determined that a new tunnel cannot be established to the peer. This
feature controls connection requests as follows:
•
If strict deadtime is disabled:
When a connection request arrives and all candidate peers for that destination are labeled “dead”, the
SmartEdge router attempts to make a connection to one of the “dead” peers, even if the deadtime has
not expired for any of them.
•
If strict deadtime is enabled:
No connection attempt is made until the deadtime for at least one candidate peer has expired.
Use the no or default form of this command to disable strict enforcement of the deadtime.
Examples
The following example enables the strict enforcement of the deadtime for all L2TP peers in the context:
[local]Redback(config-ctx)#l2tp strict-deadtime
Related Commands
deadtime
l2tp deadtime
13-42
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
lns card
lns card {selection {route | priority} | slot preference preference}
{no | default} lns card {selection | slot}
Purpose
Configures slot redundancy for Layer 2 Tunneling Protocol (L2TP) sessions.
Command Mode
L2TP peer configuration
Syntax Description
selection
Selects the algorithm by which a card is selected for an L2TP session.
route
Specifies the route algorithm; this is the default.
priority
Specifies the priority algorithm.
slot
Chassis slot number of a card on which L2TP sessions are to be carried.
preference preference
Relative preference of one card over another as the choice for an L2TP
session; the default value is equal preference for all cards.
Default
The default algorithm is route, and if multiple cards are available, sessions are load-balanced between them
(equal preference for all cards).
Usage Guidelines
Use the lns card command to configure slot redundancy for L2TP sessions between the SmartEdge router
and an L2TP access concentrator (LAC). You enter this command to first select the algorithm by which a
card is selected to carry L2TP subscriber sessions; you enter it again one or more times to specify the cards
that can carry L2TP subscriber sessions. You must specify the lns-only keyword with the function
command in L2TP peer configuration mode for this peer before entering this command.
The route algorithm establishes the card with the route to the LAC as the preferred card without explicitly
specifying it. This algorithm allows you to establish the preference of one card over all others when its slot
is not known. The priority algorithm fixes the card preferences based on an explicit configuration
statement. If you specify the priority keyword, you must identify all the cards on which L2TP sessions are
to be carried.
The values that you specify for the preference argument are relative to each other and can be any integer:
a smaller number has a higher preference. Cards with equal preference numbers are load balanced.
You must configure the traffic cards using the card command (in global configuration mode) prior to
configuring slot redundancy for them. Sessions are not assigned to unconfigured traffic cards.
To display the status of slot redundancy, use the show l2tp global command in any mode with the ipc
keyword.
L2TP Configuration
13-43
Command Descriptions
Use the no or default form of this command to specify the default algorithm and card preferences.
Note The maximum number of sessions that a card can carry is not configurable and depends on the
amount of memory in each card.
Examples
The following example enables slot redundancy by load balancing the sessions between the cards in slots
10 and 11, using the priority algorithm and equal preferences:
[local]Redback(config-l2tp)#lns card selection priority
[local]Redback(config-l2tp)#lns card 10 preference 10
[local]Redback(config-l2tp)#lns card 11 preference 10
The following example enables slot redundancy using the route algorithm; the card with the route to an
LAC is the preferred card, and then, when that card reaches its maximum number of circuits, sessions are
apportioned between the cards in slots 1, 2, and 3, with card 1 having the highest preference and card 3
having the lowest preference. The card with the route, whatever its slot, always has the highest priority.
[local]Redback(config-l2tp)#lns
[local]Redback(config-l2tp)#lns
[local]Redback(config-l2tp)#lns
[local]Redback(config-l2tp)#lns
card
card
card
card
selection route
1 preference 10
2 preference 20
3 preference 30
Related Commands
function
13-44
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
local-name
local-name local-name
no local-name
Purpose
Creates a local name for the SmartEdge router, to be used in outbound Start-Control-Connection-Request
(SCCRQ) or Start-Control-Connection-Reply (SCCRP) control messages to an Layer 2 Tunneling Protocol
(L2TP) peer.
Command Mode
L2TP peer configuration
Syntax Description
local-name
Another name for the SmartEdge router to be used as the value for the Host name
attribute value pair (AVP), AVP 7, instead of the system hostname in SCCRQ or SCCRP
messages to and from this L2TP peer.
Default
The system hostname, as specified by the system hostname command in global configuration mode, is
used as the local name.
Usage Guidelines
Use the local-name command to create a local name for the SmartEdge router. Usually, the system
hostname is used as the local name for the SmartEdge router.
You can create a different local name for the SmartEdge router for each tunnel that you configure, but the
names must be unique.
The local-name argument is sent in the SCCRQ message when initializing the tunnel.
Use the no form of this command to specify the default local name. To change a local name, create a new
one and it overwrites the existing one.
Examples
The following example specifies the local name, cardinal:
[local]Redback(config-ctx)#l2tp-peer name peer1
[local]Redback(config-l2tp)#local-name cardinal
Related Commands
system hostname
L2TP Configuration
13-45
Command Descriptions
max-sessions
max-sessions max-ses-num
no max-sessions
Purpose
Specifies the maximum number of sessions allowed for a Layer 2 Tunneling Protocol (L2TP) tunnel to a
peer or context.
Command Mode
L2TP peer configuration
context configuration
Syntax Description
max-ses-num
Maximum number of sessions allowed for a tunnel or context. The range of values is 1
to 65,535; the default value is 65,535.
Default
The maximum number of sessions allowed for each tunnel to a peer, or tunnel to a context, is the maximum
number in the valid range (65,535).
Usage Guidelines
Use the max-sessions command to specify the maximum number of sessions allowed for an L2TP tunnel
to a peer. For User Datagram Protocol (UDP) tunnels, a new tunnel opens if the max-ses-num argument
value has been reached for the current tunnel and the maximum number of tunnels (max-tunl-num argument
value for the max-tunnels command in L2TP peer configuration mode) has not been exceeded.
You cannot use this command if you entered L2TP peer configuration mode using the l2tp-peer command
with the default keyword (in context configuration mode).
Use the max-sessions command to configure the maximum number of sessions allowed in a given context.
This value will be applied to all peers configured in this context. If you are using the max-sessions
command at context level, use this command to enforce the maximum number of L2TP sessions that all the
LNS Peers configured in a given context may establish.
Use the no form of this command (in any configuration mode) to set the maximum number of sessions to
the default.
Examples
The following example sets the maximum number of sessions allowed per tunnel to a peer to 1000:
[local]Redback(config-ctx)#l2tp-peer name peer1
[local]Redback(config-l2tp)#max-sessions 1000
13-46
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
The following example sets the maximum number of sessions allowed per tunnel to a context to 1000:
[local]Redback(config)#context local
[local]Redback(config-ctx)#l2tp max-sessions 1000
Related Commands
max-tunnels
L2TP Configuration
13-47
Command Descriptions
max-tunnels
max-tunnels max-tunl-num
no max-tunnels
Purpose
Specifies the maximum number of tunnels allowed to a Layer 2 Tunneling Protocol (L2TP) peer.
Command Mode
L2TP peer configuration
Syntax Description
max-tunl-num
Maximum number of tunnels allowed. The range of values is 1 to 32,767; the default
value is 32,767.
Default
The maximum number of tunnels allowed for each peer is the maximum number in the valid range
(32,767).
Usage Guidelines
Use the max-tunnels command to specify the maximum number of tunnels allowed to an L2TP peer.
Use the no form of this command to set the maximum number of tunnels allowed to the default.
Examples
The following example sets the maximum number of tunnels allowed to 2:
[local]Redback(config-ctx)#l2tp-peer name peer1
[local]Redback(config-l2tp)#max-tunnels 2
Related Commands
max-sessions
13-48
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
peer
peer name l2tp-peer-name {preference priority | weight weight}
no peer name l2tp-peer-name
Purpose
Adds an existing peer to the current Layer 2 Tunneling Protocol (L2TP) group.
Command Mode
L2TP group configuration
Syntax Description
name l2tp-peer-name
Name of the peer to be added to the current L2TP group.
preference priority
Priority for the priority algorithm when assigning sessions to this peer.
weight weight
Weight for the weighted-round-robin algorithm when assigning sessions to
this peer.
Default
No peer is added to the current L2TP group.
Usage Guidelines
Use the peer command to add an existing peer to an L2TP group. The l2tp-peer-name argument is the peer
name specified in the l2tp-peer command in context configuration mode or its domain alias, specified by
the domain command in L2TP peer configuration mode.
Use the preference priority construct to override the implicit priority for the peer, if you have specified the
priority keyword in the algorithm command (in L2TP group configuration mode). Otherwise, the implicit
priority is the order in which the peer commands are run, with the first peer entered having the highest
priority.
If you have specified the weighted-round-robin keyword in the algorithm command (in L2TP group
configuration mode), use the weight weight construct to assign a weight for the peer to be used in the
calculation of the priority.
This command takes effect immediately, but does not affect Point-to-Point Protocol (PPP) sessions that are
already established; only future PPP sessions.
Use the no form of this command to remove the named peer from the group.
L2TP Configuration
13-49
Command Descriptions
Example
The following command selects (or creates) an L2TP group, adds three L2TP peers to the group, sets the
algorithm to strict priority, and sets the deadtime to five minutes:
[local]Redback(config-ctx)#l2tp-group name group1
[local]Redback(config-l2tp-group)#algorithm priority
[local]Redback(config-l2tp-group)#peer name sweet1 preference 10
[local]Redback(config-l2tp-group)#peer name sweet2 preference 20
[local]Redback(config-l2tp-group)#peer name sweet3 preference 30
[local]Redback(config-l2tp-group)#default deadtime
Related Commands
algorithm
deadtime
domain—L2TP group configuration mode
domain—L2TP peer configuration mode
l2tp-peer
13-50
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
retry
retry count
default retry
Purpose
Specify the number of times an unacknowledged control message is retransmitted to a Layer 2 Tunneling
Protocol (L2TP) peer before the tunnel is brought down.
Command Mode
L2TP peer configuration
Syntax Description
count
Number of times an unacknowledged control message is retransmitted to a peer. The range
of values is 1 to 100; the default value is 6.
Default
An unacknowledged control message is retransmitted six times.
Usage Guidelines
Use the retry command to specify the number of times an unacknowledged control message is
retransmitted to an L2TP peer before the tunnel is brought down. You may want to increase the value from
the default of 6 if the L2TP media is not reliable.
Use the default form of this command to set the number of retransmissions to the default.
Examples
The following example configures the peer so that unacknowledged control messages are retransmitted five
times before the tunnel is brought down:
[local]Redback(config-ctx)#l2tp-peer name peer1
[local]Redback(config-l2tp)#retry 5
Related Commands
timeout
tunnel-window
L2TP Configuration
13-51
Command Descriptions
session-auth
session-auth {pap | chap | chap pap} [context ctx-name | service-policy svc-policy-name]
{no | default} session-auth
Purpose
Specifies the method used by the SmartEdge router when acting as a Layer 2 Tunneling Protocol (L2TP)
network server (LNS) to authenticate subscriber sessions that arrive from this peer.
Command Mode
L2TP peer configuration
Syntax Description
pap
Specifies that the Password Authentication Protocol (PAP) is to be
used to obtain the subscriber name and password from the subscriber.
chap
Specifies that the Challenge Handshake Authentication Protocol
(CHAP) is to be used to obtain the subscriber name and password from
the subscriber.
chap pap
Specifies that either PAP or CHAP can be used to obtain the subscriber
name and password from the subscriber, but that CHAP is preferred.
context ctx-name
Optional. Name of a specific context to which subscriber sessions are
restricted.
service-policy svc-policy-name Optional. Name of a service policy that limits the contexts or domains
available to the subscriber sessions.
Default
CHAP or PAP is the authentication method.
Usage Guidelines
Use the session-auth command to specify the method used by the SmartEdge router when acting as an
L2TP LNS to authenticate subscriber sessions that arrive from this peer.
Use this optional command for the following conditions:
•
To require specific authentication protocol.
•
To limit dynamic service selection to a particular context.
•
To specify a service policy.
Use the optional context ctx-name construct to prevent dynamic context selection, thereby limiting the
services available to any Point-to-Point Protocol (PPP) sessions that arrive from this peer. Specifically,
these sessions are limited to terminating and routing in the named context and to entering a tunnel defined
within that context.
13-52
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
If the context ctx-name construct is present, the SmartEdge OS attempts to authenticate the session
according to the authentication, authorization, and accounting (AAA) configuration for the named context,
rather than according to the context portion of the structured subscriber name, if present. If the subscriber
passes authentication, the session comes up.
If Remote Authentication Dial-In User Service (RADIUS) returns a Context-Name attribute whose value
conflicts with the context ctx-name construct (or any of its aliases) in the command line, the binding fails.
Authentication also fails if global authentication is configured and the Access-Response packet from the
RADIUS server does not contain a Context-Name attribute.
Use the optional service-policy svc-policy-name construct to attach a service policy to the subscriber
sessions from this peer. This construct allows you to limit the services to more than one context.
Changing the configuration of a peer (or peer group) with an established tunnel does not take effect until
you delete all tunnels to the peer (using the clear tunnel command in exec mode), or until all the tunnels
to the peer come down naturally. The configuration database is queried again to reestablish tunnels to the
peer, thereby implementing the new configuration.
Use the no or default form of this command to specify the default method to authenticate subscriber
sessions.
Examples
The following example establishes that only PAP can be used to authenticate subscriber sessions:
[local]Redback(config-ctx)#l2tp-peer name peer1
[local]Redback(config-l2tp)#session-auth pap
Related Commands
function
L2TP Configuration
13-53
Command Descriptions
timeout
timeout seconds
default timeout
Purpose
Specifies the amount of time to wait for an acknowledgment before a control message is retransmitted to a
Layer 2 Tunneling Protocol (L2TP) peer.
Command Mode
L2TP peer configuration
Syntax Description
seconds
Number of seconds to wait for an acknowledgment. The range of values is 1 to 30; the
default value is 3.
Default
The timeout period is set to three seconds.
Usage Guidelines
Use the timeout command to specify the amount of time to wait for an acknowledgment before a control
message is retransmitted to an L2TP peer. You need only increase the value if many sessions are established
or if the media is slow.
Use the default form of this command to reset the timeout to the default.
Examples
The following example configures the peer so that retransmission of a control message occurs after 5
seconds without an acknowledgment:
[local]Redback(config-ctx)#l2tp-peer name peer1
[local]Redback(config-l2tp)#timeout 5
Related Commands
retry
tunnel-window
13-54
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
tunnel-auth key
tunnel-auth key key
no tunnel-auth key [key]
Purpose
Specifies a Layer 2 Tunneling Protocol (L2TP) key to be used by a peer to encrypt and decrypt information
sent on the control channel.
Command Mode
L2TP peer configuration
Syntax Description
key
Key to be used by a peer to encrypt and decrypt information sent on the control channel. The
key can be any alphanumeric text string of any length. Optional with the no form of this
command.
Default
No password is created.
Usage Guidelines
Use the tunnel-auth key command to specify the key to be used by a peer to encrypt and decrypt
information sent on the control channel.
The key argument is an alphanumeric string used for the peer password.
Use the no form of this command to delete any previously established primary password.
Examples
The following example establishes 6dkq7pv as the password for peer peer1:
[local]Redback(config-ctx)#l2tp-peer name peer1
[local]Redback(config-l2tp)#tunnel-auth key 6dkq7pv
Related Commands
l2tp-peer
L2TP Configuration
13-55
Command Descriptions
tunnel domain
tunnel domain
no tunnel domain
Purpose
Enables the dynamic assignment of a subscriber’s Point-to-Point Protocol (PPP) session to a Layer 2
Tunneling Protocol (L2TP) peer that has the same domain alias as the subscriber’s domain alias.
Command Mode
subscriber configuration
Syntax Description
This command has no keywords or arguments.
Default
Dynamic assignment is disabled; subscriber PPP sessions are terminated and routed rather than tunneled.
Usage Guidelines
Use the tunnel domain command to enable the dynamic assignment of a subscriber’s PPP session to an
L2TP peer that has the same domain alias as the subscriber’s domain alias (the @ctx-name portion of the
structured subscriber name). This domain alias is also a domain alias for the context in which both are
configured. You create domain aliases for a context using the domain command in context configuration
mode.
To allow the subscriber PPP sessions to be tunneled, you must have configured the PPP for the subscriber
circuit.
Note You can configure multiple subscribers with dynamic peer assignment if you enter this command
for the default or named subscriber profile instead of individual subscriber records.
Note This command and the tunnel name command in subscriber configuration mode are mutually
exclusive.
Note It is in the upstream direction where these PPP sessions are tunneled to the remote peer.
Use the no form of this command to disable dynamic assignment for a subscriber.
Examples
The following example configures the default subscriber profile to cause PPP sessions to be mapped to the
tunnel that has the same name as the user’s domain name:
[local]Redback(config)#context local
[local]Redback(config-ctx)#subscriber default
[local]Redback(config-sub)#tunnel domain
13-56
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
Related Commands
context
domain—L2TP peer configuration mode
subscriber
tunnel name
L2TP Configuration
13-57
Command Descriptions
tunnel name
tunnel name tunl-name
no tunnel name tunl-name
Purpose
Statically assigns the subscriber’s Point-to-Point Protocol (PPP) session to a specified Layer 2 Tunneling
Protocol (L2TP) peer or group of L2TP peers.
Command Mode
subscriber configuration
Syntax Description
tunl-name
Name of the peer or L2TP group of peers to which the subscriber is mapped.
Default
A PPP session is terminated rather than tunneled.
Usage Guidelines
Use the tunnel name command to statically assign the subscriber’s PPP session to a specific L2TP peer or
group of peers. You can use a peer name or the domain alias for the peer name, a group name, or a domain
alias for the group name as the tunl-name argument, which is included in the subscriber record.
Note This command and the tunnel domain command in subscriber configuration mode are mutually
exclusive.
Use the no form of this command to remove the peer or peer group name or alias from the subscriber record.
Examples
The following example forces the subscriber to use the tunnel, freds-corp.com:
[local]Redback(config)#context local
[local]Redback(config-ctx)#subscriber name fred
[local]Redback(config-sub)#tunnel name freds-corp.com
Related Commands
tunnel domain
13-58
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
tunnel-window
tunnel-window messages
default tunnel-window
Purpose
Specifies the size of the control message window that is advertised to a Layer 2 Tunneling Protocol (L2TP)
peer in Start-Control-Connection-Request (SCCRQ) or Start-Control-Connection-Reply (SCCRP)
messages.
Command Mode
L2TP peer configuration
Syntax Description
messages
Number of messages the peer can send before acknowledgment from the SmartEdge
router. The range of values is 1 to 2,000; the default value is 8.
Default
Up to eight control messages can be sent by an L2TP peer before acknowledgment from the SmartEdge
router.
Usage Guidelines
Use the tunnel-window command to specify the size of control message window that is advertised to an
L2TP peer in SCCRQ or SCCRP messages. The size of the window controls how many messages can be
sent by a peer before it must wait for acknowledgement from the SmartEdge router.
You might need to change the number of messages, depending on the number of control messages a peer
can generate at one time. For example, if a peer brings up many sessions all at once, you might need to
increase the number of messages. However, changing the size of the control message window does not take
effect until a new tunnel to the peer is established.
We recommend that you configure the control message window size to match the size configured on the
L2TP peer, unless instructed to do otherwise by Redback Technical Support.
Use the default form of this command to set the size of the control message window to the default.
Examples
The following example configures the peer to be able to send up to 15 control messages before
acknowledgment from the SmartEdge router:
[local]Redback(config-ctx)#l2tp-peer name peer1
[local]Redback(config-l2tp)#tunnel-window 15
L2TP Configuration
13-59
Command Descriptions
Related Commands
retry
13-60
Ports, Circuits, and Tunnels Configuration Guide
Chapter 14
Overlay Tunnel Configuration
This chapter provides an overview of overlay tunnels, describes the tasks used to configure them, provides
configuration examples, and detailed descriptions of the commands used to configure overlay tunnels
through the SmartEdge® OS.
For information about the tasks and commands used to monitor, troubleshoot, and administer overlay
tunnels, see the “Tunnel Operations” chapter in the Ports, Circuits, and Tunnels Operations Guide for the
SmartEdge OS.
For protocol- or feature-specific commands that appear in any of the IP Version 6 (IPv6) configuration
modes, see the appropriate chapter in this guide, in the Routing Protocols Configuration Guide, or in the
IP Services and Security Configuration Guide for the SmartEdge OS.
Note When IPv6 addresses are not referenced or explicitly specified, the term, IP address, can refer
generally to IP Version 4 (IPv4) addresses, IPv6 addresses, or IP addressing. In instances where
IPv6 addresses are referenced or explicitly specified, the term, IP address, refers only to IPv4
addresses. For a description of IPv6 addressing and the types of IPv6 addresses, see RFC 3513,
Internet Protocol Version 6 (IPv6) Addressing Architecture.
This chapter includes the following sections:
•
Overview
•
Configuration Tasks
•
Configuration Examples
•
Command Descriptions
Overview
Overlay tunnels encapsulate IPv6 packets in IPv4 packets for delivery across an IPv4 infrastructure (a core
network or the Internet). By using overlay tunnels, you can communicate with isolated IPv6 networks
without upgrading the IPv4 infrastructure between them.
Overlay Tunnel Configuration
14-1
Configuration Tasks
Note Overlay tunnels reduce the maximum transmission unit (MTU) by 20 octets (assuming the basic
IPv4 packet header does not contain optional fields). A network using overlay tunnels is difficult to
troubleshoot. Therefore, overlay tunnels connecting isolated IPv6 networks should not be
considered as a final IPv6 network architecture. The use of overlay tunnels should be considered as
a transition technique toward a network that supports both the IPv4 and IPv6 protocol stacks or just
the IPv6 protocol stack.
An overlay tunnel is used within a site or between sites; it is equivalent to a permanent link between two
IPv6 domains over an IPv4 backbone. The primary use is for stable connections that require regular secure
communication between two edge routers or between an end system and an edge router, or for connection
to remote IPv6 networks. You can configure overlay tunnels between border routers or between a border
router and a host. The host or router at each end of a tunnel must support both the IPv4 and IPv6 protocol
stacks.
The SmartEdge OS implementation of overlay tunnels is based on the RFC 2893, Transition Mechanisms
for IPv6 Hosts and Routers.
Figure 14-1 displays encapsulated IPv6 packets traveling through the tunnel.
Figure 14-1 IPv6 Tunnel Packet Encapsulation
Configuration Tasks
Note In this section, the command syntax in the task tables displays only the root command; for the
complete command syntax, see the full description for the command in the “Command
Descriptions” section.
To configure overlay tunnels and their circuits, perform the tasks described in the following sections:
14-2
•
Configure an Overlay Tunnel
•
Configure an Overlay Tunnel Circuit
Ports, Circuits, and Tunnels Configuration Guide
Configuration Tasks
Configure an Overlay Tunnel
To configure an overlay tunnel, perform the tasks described in Table 14-1.
Table 14-1 Configure an Overlay Tunnel
#
Task
Root Command
Notes
1.
Create or select the context for the tunnel and
access context configuration mode.
context
Enter this command in global configuration
mode. For more information about this
command, see the “Context Configuration”
chapter in the Basic System Configuration
Guide for the SmartEdge OS.
2.
Create or select the local interface for the tunnel
and access interface configuration mode.
interface
Enter this command in context mode. For more
information about this command, see the
“Interface Configuration” chapter in the Basic
System Configuration Guide for the
SmartEdge OS.
3.
Assign a public IPv4 address to the local
interface.
ip address
Enter this command in interface mode. For
more information about this command, see the
“Subscriber Configuration” chapter in the Basic
System Configuration Guide for the
SmartEdge OS.
4.
Create the tunnel, assign the local and remote
public IP addresses to it, and access tunnel peer
configuration mode.
ipv6 v4tunnel-peer
Enter this command in context configuration
mode. You must assign both a local and a
remote IP address.
5.
Specify optional tunnel attributes:
6.
Enter the following commands in tunnel-peer
configuration mode.
Associate a description with the tunnel.
description
Enable the logging of state changes.
log-state-changes
Set the MTU for the tunnel.
mtu
Enable the tunnel (begin operations on it).
shutdown
Use the no form to enable the tunnel.
Configure an Overlay Tunnel Circuit
For data to flow through an overlay tunnel, you must configure an overlay tunnel circuit for the tunnel.
Perform the tasks described in Table 14-2.
Table 14-2 Configure an Overlay Tunnel Circuit
#
Task
Root Command
Notes
1.
Select the context for the tunnel circuit, and access
context configuration mode.
context
Enter this command in global configuration mode.
The context must be the same context in which
the tunnel is configured.
2.
Create or select the interface for the tunnel circuit and
access interface configuration mode.
interface
Enter this command in context mode.
3.
Assign a private IPv6 address to the interface for the
tunnel circuit.
ipv6 address
Enter this command in interface mode.
4.
Access tunnel map configuration mode.
tunnel map
Enter this command in global configuration mode.
5.
Create the tunnel circuit, associate it with its tunnel and
and access IPv6 tunnel configuration mode.
ipv6-tunnel
Enter this command in tunnel-map configuration
mode.
Overlay Tunnel Configuration
14-3
Configuration Examples
Table 14-2 Configure an Overlay Tunnel Circuit
#
Task
Root Command
Notes
6.
Bind the tunnel circuit to its interface.
bind interface
Enter this command in IPv6 tunnel mode.
7.
Disable the tunnel circuit (stop operations on it).
shutdown
You can disable the tunnel circuit until you are
ready to begin operations on it.
Configuration Examples
The following example configures an IPv4 overlay tunnel, DenverTnl, and its IPv6 tunnel circuit in the
local context:
!Create the local IPv4 interface for the tunnel
[local]Redback(config)#context local
[local]Redback(config-ctx)#interface toDenver
!Assign an IPv4 public IP address to the local tunnel interface
[local]Redback(config-if)#ip address 172.16.1.1/30
[local]Redback(config-if)#exit
!Configure the tunnel with IPv4 addresses for its local and remote ends
!The local end uses the IPv4 address of the tunnel’s interface.
[local]Redback(config-ctx)#ipv6 v4tunnel-peer DenverTnl local 172.16.1.1
remote 172.16.1.2
[local]Redback(config-tunnel-peer)#log-state-changes
[local]Redback(config-tunnel-peer)#description tunnel with a single circuit
[local]Redback(config-tunnel-peer)#mtu 1024
[local]Redback(config-tunnel-peer)#no shutdown
[local]Redback(config-tunnel-peer)#exit
!Create the interface for the tunnel circuit
[local]Redback(config-ctx)#interface ipv6-tunnel
[local]Redback(config-ctx)#exit
!Assign an ipv6 public address to the interface for the tunnel circuit
[local]Redback(config-if)#ivp6 7001::1/64
local]Redback(config-if)#exit
!Create the tunnel circuit and associate it with its tunnel
[[local]Redback(config)#tunnel map
[local]Redback(config-tunnel-map)#ipv6-tunnel DenverTnl manual local
!Bind the tunnel circuit to its interface, which is in the local context
[local]Redback(config-ipv6-tunnel)#bind interface ivp6-tunnel local
[local]Redback(config-ipv6-tunnel)#end
14-4
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
Command Descriptions
This section describes the syntax and usage guidelines for the commands used to configure GRE features.
The commands are presented in alphabetical order.
description
ipv6 v4tunnel-peer
ipv6-tunnel
log-state-changes
Overlay Tunnel Configuration
mtu
shutdown
tunnel map
14-5
Command Descriptions
description
description text
no description
Purpose
Associates textual information with an overlay tunnel.
Command Mode
tunnel peer configuration
Syntax Description
text
Textual description for an overlay tunnel. Can be any alphanumeric string, including spaces,
that is not longer than 64 ASCII characters.
Default
No description is associated with the tunnel.
Usage Guidelines
Use the description command to associate textual information with the overlay tunnel. The description
appears in the output of the show configuration command with the tunnel keyword (in any mode).
Use the no form of this command to delete the existing description. Because there can be only one
description for a tunnel, when you use the no form of this command, it is not necessary to include the text
argument.
To change a description, create a new one; it overwrites the existing one.
Examples
The following example selects (or creates) an overlay tunnel, and then associates a text description with it:
[local]Redback(config)#context local
[local]Redback(config-ctx)#ipv6 v4tunnel-peer name DenverTn1 local 172.16.1.1 remote
172.16.1.2
[local]Redback(config-tunnel-peer)#description Corporate offices in Colorado
The following example changes the description created in the previous example:
[local]Redback(config-tunnel-peer)#description Corporate offices in Denver
The following example deletes an existing description:
[local]Redback(config-tunnel-peer)#no description
14-6
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
Related Commands
ipv6 v4tunnel-peer
Overlay Tunnel Configuration
14-7
Command Descriptions
ipv6-tunnel
ipv6-tunnel tunl-name manual ctx-name
no ipv6-tunnel tunl-name manual ctx-name
Purpose
Creates an overlay tunnel circuit, associates it with an overlay tunnel created in the specified context, and
accesses IPv6 tunnel configuration mode.
Command Mode
tunnel map configuration
Syntax Description
tunl-name
Name of an existing overlay tunnel that has been created with the ipv6 v4tunnel-peer
command in context configuration mode.
manual
Specifies a manual tunnel circuit; the specified tunnel must have a remote IP address
assigned.
ctx-name
Name of the context in which the overlay tunnel has been created.
Default
None
Usage Guidelines
Use the ipv6-tunnel command to create an overlay tunnel circuit, associate it with an overlay tunnel created
in the specified context, and access IPv6 tunnel configuration mode.
Note You must have assigned a remote IP address to the tunnel before you can create the tunnel circuit.
If you create an overlay tunnel in the local context, you can create its tunnel circuit and bind it to an
interface created in any context. If you create an overlay tunnel in any other context (not the local context),
you must bind its tunnel circuit to an interface that has been created in the same context as the overlay
tunnel.
Use the no form of this command to delete the overlay tunnel circuit.
Examples
The following example creates an overlay tunnel circuit for the tunnel, DenverTn1, in the local context:
[local]Redback(config)#tunnel map
[local]Redback(config-tunnel-map)#ipv6-tunnel DenverTn1 manual local
[local]Redback(config-ipv6-tunnel)#
14-8
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
Related Commands
bind interface—IPv6 tunnel configuration mode
ipv6 v4tunnel-peer
Overlay Tunnel Configuration
14-9
Command Descriptions
ipv6 v4tunnel-peer
ipv6 v4tunnel-peer tunl-name [local loc-ip-addr remote rem-ip-addr]
no ipv6 v4tunnel-peer
Purpose
Creates or selects an overlay tunnel, assigns a public IPv4 address to each end, and accesses tunnel peer
configuration mode.
Command Mode
context configuration
tunnel peer configuration
Syntax Description
tunl-name
Text string of up to 39 characters identifying the overlay tunnel. This name must
be unique from all other tunnels that exist in the same context.
local loc-ip-addr
Optional. Public IP address of the local end of the overlay tunnel. Required when
creating or deleting a tunnel; optional when selecting one for modification. The
format is A.B.C.D.
remote rem-ip-addr
Optional. Public IP address of the remote end of the overlay tunnel. Required
when creating or deleting a tunnel; optional when selecting one for modification.
The format is A.B.C.D.
Default
None
Usage Guidelines
Use the ipv6 v4tunnel-peer command to create or select an overlay tunnel, assign a public IP address to
each end, and enter tunnel peer configuration mode.
If you create an overlay tunnel in the local context, you can create its tunnel circuit and bind it to an
interface created in any context. If you create an overlay tunnel in any other context (not the local context),
you must bind its tunnel circuit to an interface that has been created in the same context as the tunnel.
You can configure multiple tunnels, but usually only one tunnel between sites.
The remote IP address at one end of the tunnel is the same as the local IP address at the other end of the
tunnel and conversely. If the remote IP address is not adjacent to the local IP address, and the remote site
cannot be reached with a routing protocol, you must also enter the ip route command in context
configuration mode.
The local IP address must match the IP address of an interface in the same context in which the
ipv6 v4tunnel-peer command is run in context configuration mode.
14-10
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
If you are creating more than one tunnel, they can use the same local interface as long as the remote
interfaces are all different. To use an interface and its public IP address for more than one tunnel, you must
specify the loopback keyword with the interface command in context configuration mode when you create
the interface for the tunnel. The loopback keyword allows you to reuse the public IP address for more than
one tunnel.
Note You do not need to specify the remote and local IP addresses when using the ipv6 v4tunnel-peer
command to enter tunnel peer configuration mode for the purpose of modifying an already existing
tunnel.
Use the no form of this command to delete the specified tunnel and any associated parameters that have
been specified in tunnel peer configuration mode. The keywords are not available for the no form of this
command.
Examples
The following example creates an interface, toDenver, with a public IP address of 172.16.1.1; then it
creates an overlay tunnel, DenverTnl, with a remote IP address of 172.16.1.2 and a local IP address
of 172.16.1.1:
[local]Redback(config)#context local
[local]Redback(config-ctx)#interface toDenver
[local]Redback(config-if)#ip address 172.16.1.1/30
[local]Redback(config-if)#exit
[local]Redback(config-ctx)#ipv6 v4tunnel-peer DenverTnl local 172.16.1.1
remote 172.16.1.2
[local]Redback(config-tunnel-peer)#
The following example creates two tunnels each using an interface, LocalEnd. Both tunnels use the same
local IP address; it is assumed that the remote IP address for Tun2 can be reached with a routing protocol,
so that the ip route command in context configuration mode is not needed.
[local]Redback(config)#context local
[local]Redback(config-ctx)#interface LocalEnd loopback
[local]Redback(config-if)#ip address 172.16.1.1/32
[local]Redback(config-if)#exit
[local]Redback(config-ctx)#ipv6 v4tunnel-peer Tunl local 172.16.1.1 remote 172.16.1.2
[local]Redback(config-tunnel-peer)#no shutdown
[local]Redback(config-tunnel-peer)#exit
[local]Redback(config-ctx)#ipv6 v4tunnel-peer Tun2 local 172.16.1.1 remote 172.20.1.2
[local]Redback(config-tunnel-peer)#no shutdown
[local]Redback(config-tunnel-peer)#end
Related Commands
interface
ip address
ipv6-tunnel
Overlay Tunnel Configuration
14-11
Command Descriptions
log-state-changes
log-state-changes
no log-state-changes
Purpose
Enables the generation of a TUNNEL-INFO message each time the overlay tunnel changes state (from up
to down or down to up).
Command Mode
tunnel peer configuration
Syntax Description
This command has no keywords or arguments.
Default
The generation of TUNNEL-INFO messages is disabled.
Usage Guidelines
Use the log-state-changes command to enable the generation of a TUNNEL-INFO message each time the
tunnel changes state (from up to down or down to up).
To display the TUNNEL-INFO messages, enter the show log command (in any mode).
Note You cannot disable the generation of TUNNEL-INFO messages with the no terminal monitor
command in exec mode.
Use the no form of this command to disable the generation of TUNNEL-INFO messages.
Examples
The following example enables the generation of a TUNNEL-INFO message each time the tunnel,
DenverTn1, in the local context changes state:
[local]Redback(config)#context local
[local]Redback(config-ctx)#ipv6 v4tunnel-peer DenverTn1
[local]Redback(config-tunnel-peer)#log-state-changes
Related Commands
None
14-12
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
mtu
mtu bytes
no mtu
Purpose
Sets the maximum transmission unit (MTU) size for IPv6 packets sent in an overlay tunnel.
Command Mode
tunnel peer configuration
Syntax Description
bytes
MTU size in bytes. The range of values is 256 to 16,384.
Default
MTU for the interface to which the tunnel circuit is bound.
Usage Guidelines
Use the mtu command to set the MTU size for IPv6 packets sent in an overlay tunnel. If an IP packet
exceeds the MTU, the system fragments that packet.
An overlay tunnel does not have an MTU size until either one is explicitly configured using the mtu
command. If no MTU size is configured, the MTU size is the same as that of interface for the tunnel. If an
MTU is explicitly configured, the resulting MTU is calculated. It is the lesser of the configured MTU and
the interface MTU.
Use the no form of this command to remove the MTU and use the MTU of the interface.
Examples
The following example sets the maximum IP packet size for the DenverTnl to 1024 bytes:
[local]Redback(config-ctx)#ipv6 v4tunnel-peer DenverTnl
[local]Redback(config-tunnel-peer)#mtu 1024
Related Commands
None
Overlay Tunnel Configuration
14-13
Command Descriptions
shutdown
shutdown
no shutdown
Purpose
Disables an overlay tunnel or tunnel circuit.
Command Mode
IPv6 tunnel configuration
tunnel peer configuration
Syntax Description
This command has no keywords or arguments.
Default
All tunnels are disabled; all tunnel circuits are enabled.
Usage Guidelines
Use the shutdown command to disable an overlay tunnel or tunnel circuit.
Note You must enable the tunnel on which the tunnel circuit is configured for the tunnel circuit to
function.
Use the no form of this command to enable an overlay tunnel or tunnel circuit.
This command is also described in the following chapters:
•
Chapter 3, “ATM, Ethernet, and POS Port Configuration,” for ATM OC, ATM DS-3, Ethernet, and
Packet over SONET/SDH (POS) ports.
•
Chapter 4, “Clear-Channel and Channelized Port and Channel Configuration,” for channelized OC-12
and STM-1 ports, DS-3 and E1 channels or ports, E3 ports, DS-1 channels, and DS-0 channel groups.
•
Chapter 6, “Circuit Configuration,” for cross-connected circuits.
•
Chapter 11, “Cross-Connection Configuration,” for cross-connected circuits.
•
Chapter 12, “GRE Tunnel Configuration,” for Generic Routing Encapsulation (GRE) tunnels and
tunnel circuits.
For Multicast Source Discovery Protocol (MSDP) peers, see the “IP Multicast Configuration” chapter in
the Routing Protocols Configuration Guide for the SmartEdge OS.
14-14
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
Examples
The following example enables an overlay tunnel:
[local]Redback(config)#context local
[local]Redback(config-ctx)#ipv6 v4tunnel-tunnel DenverTn1
[local]Redback(config-tunnel-peer)#no shutdown
The following example disables an overlay tunnel circuit:
[local]Redback(config)#tunnel map
[local]Redback(config-tunnel-map)#ipv6 v4tunnel-peer DenverTn1 manual local
[local]Redback(config-ipv6-tunnel)#shutdown
Related Commands
None
Overlay Tunnel Configuration
14-15
Command Descriptions
tunnel map
tunnel map
Purpose
Accesses tunnel map configuration mode in which you create an overlay tunnel circuit.
Command Mode
global configuration
Syntax Description
This command has no keywords or arguments.
Default
None
Usage Guidelines
Use the tunnel map command to enter tunnel map configuration mode, in which you create an overlay
tunnel circuit.
Examples
The following example accesses tunnel map configuration mode:
[local]Redback(config)#tunnel map
[local]Redback(config-tunnel-map)#
Related Commands
ipv6 v4tunnel-peer
14-16
Ports, Circuits, and Tunnels Configuration Guide
Part 6
Bindings
This part describes the tasks and commands used to bind ports, channels, and circuits to interfaces, and
consists of Chapter 15, “Bindings Configuration.”
Chapter 15
Bindings Configuration
This chapter provides an overview of bindings, describes the tasks used to bind a port, channel, or circuit,
provides configuration examples, and provides detailed descriptions of the commands used to configure
bindings for ports, channels, and circuits through the SmartEdge® OS. Circuits include permanent virtual
circuits (PVCs), child circuits, link groups, clientless IP service selection (CLIPS) PVCs, and Generic
Routing Encapsulation (GRE) tunnel circuits.
Note You do not bind Layer 2 Tunneling Protocol (L2TP) peers or groups.
For information about the tasks and commands used to monitor, troubleshoot, and administer bindings, see
the “Bind Operations” chapter in the Ports, Circuits, and Tunnels Operations Guide for the SmartEdge OS.
Other chapters with related commands include:
•
Configuration tasks and commands for subscribers are described in the “Subscriber Configuration”
chapter in the Basic System Configuration Guide for the SmartEdge OS.
•
Configuration tasks and commands for ports and channels are described in Chapter 3, “ATM, Ethernet,
and POS Port Configuration,” and Chapter 4, “Clear-Channel and Channelized Port and Channel
Configuration.”
•
Configuration tasks and commands for circuits are described in Chapter 6, “Circuit Configuration.”
•
Configuration tasks and commands for cross-connected circuits, including ATM and 802.1Q PVCs and
child circuits, are described in Chapter 11, “Cross-Connection Configuration.”
•
Configuration tasks and commands for aggregated Ethernet ports, 802.1Q PVCs, DS-1 channels, and
E1 channels or ports (link groups) are described in Chapter 9, “Link Aggregation Configuration.”
This chapter includes the following sections:
•
Overview
•
Configuration Tasks
•
Configuration Examples
•
Command Descriptions
Bindings Configuration
15-1
Overview
Overview
A binding forms the association in the SmartEdge OS between a port, channel, or circuit and the
higher-layer interface over which routing protocols are configured for a given context. No subscriber data
can flow on a port, channel, or circuit until some higher-layer service is configured and associated with it.
After you bind a port, channel, or circuit to an interface, traffic flows through the port, channel, or circuit
as it would through any IP router.
Bindings are described in the following topics:
•
Types of Bindings
•
Binding Guidelines
•
Binding Summary Tables
Note Throughout this chapter, the term, circuit, refers to Asynchronous Transfer Mode (ATM), Frame
Relay, 802.1Q, and CLIPS PVCs, and Point-to-Point Protocol over Ethernet (PPPoE)-encapsulated
child circuits on ATM and 802.1Q PVCs.
Note When IP Version 6 (IPv6) addresses are not referenced or explicitly specified, the term, IP address,
can refer generally to IP Version 4 (IPv4) addresses, IPv6 addresses, or IP addressing. In instances
where IPv6 addresses are referenced or explicitly specified, the term, IP address, refers only to IPv4
addresses. For a description of IPv6 addressing and the types of IPv6 addresses, see RFC 3513,
Internet Protocol Version 6 (IPv6) Addressing Architecture.
Types of Bindings
Bindings are either static, to a fixed interface, or dynamic, based on subscriber characteristics as defined in
the local database or on a Remote Authentication Dial-In User Service (RADIUS) server.
Static binding occurs when you bind the port, channel, or circuit directly to an interface. In this case, the
port, channel, or circuit is hard-wired to the higher-layer protocols defined for the interface. This is the
simplest form of binding available in the SmartEdge OS, and provides functions similar to those provided
by traditional network devices, such as routers. You can create a static binding for any port, channel, or
circuit with any encapsulation type.
Dynamic binding occurs when you bind a port, channel, or circuit to the higher-layer protocols based on
session information. Dynamic binding enables SmartEdge OS advanced features, such as dynamic service
and provider selection. Dynamic bindings can be restricted or unrestricted:
15-2
•
Unrestricted dynamic binding allows binding to any context; it provides the subscriber with
simultaneous access to multiple services that are provided in different contexts on a single circuit.
•
Restricted dynamic binding restricts the subscriber to a specified context; the subscriber has access to
only the services provided in that context.
Ports, Circuits, and Tunnels Configuration Guide
Overview
Binding Guidelines
Follow these guidelines to determine whether the port, channel, PVC, child circuit, link group, or GRE
tunnel circuit is to be bound:
•
Ports
— You do not bind an ATM port; you bind the PVCs configured on it, as described later.
— You do not bind a channelized OC-12 or STM-1 port; you bind the channels configured on it, as
described later.
— If an Ethernet port has no 802.1Q PVCs or tunnels, child circuits, or CLIPS static circuits configured
on it, or is not a member of a link group, you bind the port; otherwise, you bind the port and each
802.1Q PVC and tunnel, child circuit, and CLIPs PVC, as described later.
— If an Ethernet port is a member of an Ethernet or 802.1Q PVC link group, you do not bind the port;
instead, you bind the link group.
— If a Packet over a channelized SONET/SDH (POS) port is the working port in an Automatic
Protection Switching (APS) group, you bind it only after it has been added to the group; you do not
bind the port if it is a protect port.
— If a POS port has no Frame Relay PVCs configured on it, you bind the port; otherwise you bind the
PVCs configured on it. (Only Frame Relay PVCs are supported.)
— If a clear-channel DS-3 or E3 port has no Frame Relay PVCs configured on it, you bind the DS-3
or E3 port; otherwise, you bind each PVC.
— You do not bind a channelized DS-3 port; you bind the DS-1 channels or Frame Relay PVCs
configured on it.
— If an E1 port is a member of a Multilink Frame Relay (MFR) bundle, you do not bind the port,
instead you bind the Frame Relay PVCs as members of the link group, as described later.
— If an E1 port has no DS-0 channel groups or Frame Relay PVCs configured on it or is not a member
of a link group, you bind the E1 port; otherwise, you bind each DS-0 channel group and PVC, as
described later.
•
Channels
— If a clear-channel DS-3 channel has no Frame Relay PVCs configured on it, you bind the DS-3
channel; otherwise, you bind each PVC.
— You do not bind a channelized DS-3 channel; you bind the DS-1 channels or Frame Relay PVCs
configured on it.
— If a DS-1 channel has no Frame Relay PVCs configured on it or is not a member of a link group,
you bind the DS-1 channel (regardless of whether you have configured DS-0 channels on it);
otherwise, you bind each PVC, as described later.
— If a DS-1 or E1 channel is a member of a Multilink Point-to-Point Protocol (MP) bundle, you do not
bind the channel; instead, you bind the link group.
— If a DS-1 or E1 channel is a member of an MFR bundle, you do not bind the channel, instead you
bind the Frame Relay PVCs as members of the link group, as described later.
Bindings Configuration
15-3
Overview
— If an E1 channel has no DS-0 channel groups or Frame Relay PVCs configured on it or is not a
member of a link group, you bind the E1 channel; otherwise, you bind each DS-0 channel group and
PVC, as described later.
— If a DS-0 channel group has no Frame Relay PVCs configured on it, you bind the DS-0 channel
group; otherwise, you bind each PVC, as described later.
•
GRE tunnels and tunnel circuits
— You do not bind a GRE tunnel; instead, you associate it with its local interface when you specify the
IP address of the interface in the gre-peer command in context configuration mode.
— You bind every GRE tunnel circuit.
•
Overlay tunnels and tunnel circuits
— You don not bind an overlay tunnel; instead, you associate it with its local interface when you
specify the IP address of the interface in the ipv6 v4tunnel-peer command in context configuration
mode.
— You bind every overlay tunnel circuit.
•
L2TP tunnels—You do not bind L2TP tunnels.
•
Link groups
— If the link group is an Ethernet or 802.1Q PVC link group, you bind the link group. This effectively
binds the constituent Ethernet ports that are members of the link group.
— If the link group is an MP bundle, you bind the link group. This effectively binds the constituent
DS-1 channels, or E1 channels or ports, that are members of the MP bundle.
— If the link group is an MFR bundle, you do not bind it; instead, you bind the aggregated Frame Relay
PVCs that are members of the link group. This effectively binds the constituent DS-1 channels or
E1 channels or ports that are members of the link group.
— You bind each aggregated Frame Relay PVC that is a member of an MFR bundle.
— You bind each aggregated 802.1Q PVC that is a member of an 802.1Q PVC link group.
•
802.1Q PVCs and tunnels, ATM PVCs, Frame Relay PVCs, child circuits, and CLIPS PVCs
— You can bind the untagged traffic on an Ethernet port; otherwise it is dropped.
— You bind each 802.1Q tunnel.
— If an 802.1Q PVC has no CLIPS PVCs or child circuits configured on it, is not cross-connected, or
is not a member of a link group, you bind the PVC; otherwise, you bind the CLIPS PVCs, bind or
cross-connect its child circuits, cross-connect it, or as a member of a link group, you bind the link
group, as described earlier.
— An 802.1Q PVC within an 802.1Q tunnel is bound according to the same criteria as an 802.1Q PVC
that is not within an 802.1Q tunnel.
— If an ATM PVC is not cross-connected, you bind the PVC.
— If a Frame Relay PVC is not a member of an MFR bundle, you bind the PVC.
15-4
Ports, Circuits, and Tunnels Configuration Guide
Overview
— You bind any child circuit that is not cross-connected; cross-connected circuits are effectively bound
by the cross-connection.
— You bind any static CLIPS PVC; dynamic CLIPS PVCs are effectively bound by the service
command in port configuration mode.
Binding Summary Tables
The following tables list binding options for each type of port, channel, and circuit:
•
Bindings for POS Ports with and Without Frame Relay PVCs
•
Bindings for PDH Channels and Ports with and Without Frame Relay PVCs
•
Bindings for Ethernet Ports and 802.1Q PVCs
•
Bindings for ATM PVCs
•
Bindings for CLIPS PVCs
•
Bindings for Child Circuits
Note The following types of ports and channels are not bound; the channels and circuits configured on
them are bound instead:
•
ATM OC and ATM DS-3 ports
•
Channelized OC-12 and channelized STM-1 ports
•
Channelized DS-3 channels and ports
•
Channelized E1 channels and ports
Bindings for POS Ports with and Without Frame Relay PVCs
Table 15-1 lists the binding options for POS ports on OC-3c/STM-1c, OC-12c/STM-4c, and
OC-48c/STM-16c cards.
Note POS ports configured with Frame Relay encapsulation are not bound; the Frame Relay PVCs are
bound instead. Entering the bind command in port configuration mode displays an error message.
Table 15-1 Binding Options for POS Ports with and Without Frame Relay PVCs
Port Encapsulation
PVC Encapsulation
Type of Binding
Bind Command
PPP
Cisco HDLC
Frame Relay
Frame Relay
Dynamic
authentication
No
No
No
No
Static
interface
Yes
Yes
No
Yes
subscriber
No
No
No
No
auto-subscriber
No
No
No
No
Note A POS port in an APS group is bound only if it is a working port; you do not bind the protect port.
Bindings Configuration
15-5
Overview
Bindings for PDH Channels and Ports with and Without Frame Relay PVCs
Table 15-2 lists the binding options for the following types of channels and ports:
•
Clear-channel DS-3 channels on channelized OC-12 ports
•
Clear-channel E1 channels on channelized STM-1 ports
•
Clear-channel DS-3 or E3 ports
•
DS-1 channels on channelized DS-3 channels or ports
•
DS-0 channel groups on DS-1 channels or channelized E1 channels or ports
Table 15-2 Binding Options for Channels and Ports with and Without Frame Relay PVCs
Channel or Port Encapsulation
PVC Encapsulation
Type of Binding
Bind Command
PPP
Cisco HDLC
Frame Relay
Frame Relay
Dynamic
authentication
No
No
No
No
Static
interface
Yes
Yes
No
Yes
subscriber
No
No
No
No
auto-subscriber
No
No
No
No
Note Channels and ports configured with Frame Relay encapsulation are not bound; the Frame Relay
PVCs are bound instead. Entering the bind command for the channel or port in the appropriate
configuration mode displays an error message.
Bindings for Ethernet Ports and 802.1Q PVCs
Table 15-3 lists the binding options for Ethernet ports.
Table 15-3 Binding Options for Ethernet Ports
Port Encapsulation
15-6
Type of Binding
Bind Command
IPoE
PPPoE
802.1Q (dot1q)
Dynamic
authentication
No
Yes
No
Static
interface
Yes
No
Yes
subscriber
No
No
No
auto-subscriber
No
No
No
Ports, Circuits, and Tunnels Configuration Guide
Overview
Table 15-4 lists the binding options for static and on-demand 802.1Q PVCs.
Table 15-4 Binding Options for Static and On-Demand 802.1Q PVCs
802.1Q PVC Encapsulation
Type of Binding
Bind Command
Type of PVC
IPoE
Multi
PPPoE
Dynamic
authentication
Static or on-demand
No
No
Yes
Static
interface
Static only
Yes
Yes
No
subscriber
Static or on-demand
Yes
Yes
No
auto-subscriber
On-demand only
No
No
No
Note When an 802.1Q PVC is configured with multi encapsulation, the parent circuit is encapsulated
with IP over Ethernet (IPoE) encapsulation. Table 15-9 on page 15-9 lists binding options for the
child circuits.
Bindings for ATM PVCs
Table 15-5 lists the binding options for static and on-demand ATM PVCs configured on ATM OC or
ATM DS-3 ports.
Table 15-5 Binding Options for Static and On-Demand ATM PVCs
Encapsulation
Type of Binding
Bind Command
Type of ATM PVC
Bridge1483
Multi
Route1483
Raw
PPP
PPPoE
Dynamic
authentication
Static or on-demand
No
No
No
No
Yes
Yes
Static
interface
Static only
Yes
Yes
Yes
No
No
No
subscriber
See Note
Yes
Yes
Yes
No
Yes
No
auto-subscriber
Static or on-demand
Yes
Yes
Yes
No
Yes
No
Note You can use the bind subscriber command in ATM PVC configuration mode for a single
on-demand ATM PVC if you have configured the PVC with the aaa keyword to use the Remote
Authentication Dial-In User Service (RADIUS) to supply the binding, or for a single static ATM
PVC.
The following guidelines apply to the encapsulations in Table 15-5:
•
The parent circuit with multi encapsulation carries IPoE traffic. Table 15-9 lists binding options for the
child circuits.
•
ATM PVCs configured with raw mode encapsulation are not bound, but are cross-connected instead.
The following guidelines apply to the subscriber and auto-subscriber commands in Table 15-5:
•
Subscriber binding is available only for ATM PVCs created with the atm pvc command in ATM OC or
ATM DS-3 configuration mode.
•
Auto-subscriber binding is available only for ATM PVCs created with the atm pvc explicit or
atm pvc on-demand command in ATM OC or ATM DS-3 configuration mode.
Bindings Configuration
15-7
Overview
Bindings for CLIPS PVCs
The following guidelines apply to binding CLIPS PVCs:
•
You do not bind dynamic CLIPS PVCs, only the Ethernet port, ATM PVC, or 802.1Q PVC on which
they are configured.
•
CLIPS PVCs, either dynamic or static, are not supported on on-demand ATM or 802.1Q PVCs.
Table 15-6 lists the binding options for Ethernet ports with static CLIPS PVCs configured on them.
Table 15-6 Binding Options for Static CLIPs PVCs on Ethernet Ports
Static CLIPS PVC
Encapsulation
Port Encapsulation
Type of Binding
Bind Command
IPoE
PPPoE
802.1Q (dot1q)
IPoE
Dynamic
authentication
No
Yes
No
No
Static
interface
Yes
No
Yes
No
subscriber
No
No
No
Yes
auto-subscriber
No
No
No
Yes
Table 15-7 lists the binding options for static 802.1Q PVCs with static CLIPS PVCs configured on them.
Table 15-7 Binding Options for Static CLIPS PVCs on Static 802.1Q PVCs
802.1Q PVC Encapsulation
Static CLIPS PVC
Encapsulation
Type of Binding
Bind Command
IPoE
Multi
PPPoE
IPoE
Dynamic
authentication
No
No
Yes
No
Static
interface
Yes
Yes
No
No
subscriber
Yes
Yes
No
Yes
auto-subscriber
No
No
No
Yes
Table 15-8 lists the binding options for static ATM PVCs with static CLIPS PVCs configured on them.
Table 15-8 Binding Options for Static ATM PVCs with Static CLIPS PVCs
ATM PVC
Encapsulation
Static CLIPS PVC
Encapsulation
Type of Binding
Bind Command
Bridge1483
IPoE
Dynamic
authentication
No
No
Static
interface
Yes
No
subscriber
Yes
Yes
auto-subscriber
Yes
Yes
The following guidelines apply to the subscriber and auto-subscriber commands in Table 15-8:
•
15-8
Subscriber binding is available only for static ATM PVCs created with the atm pvc command in
ATM OC or ATM DS-3 configuration mode.
Ports, Circuits, and Tunnels Configuration Guide
Configuration Tasks
•
Auto-subscriber binding is available only for static ATM PVCs created with the atm pvc explicit
command in ATM OC or ATM DS-3 configuration mode.
Bindings for Child Circuits
Table 15-9 lists the binding options for the child circuits on ATM PVCs and 802.1Q PVCs with multi
encapsulation.
Table 15-9 Binding Options for Child Circuits
Encapsulation
Type of Binding
Bind Command
IPv6oE
PPPoE
Dynamic
authentication
No
Yes
Static
interface
No
No
subscriber
No
No
auto-subscriber
No
No
Note Child circuits configured with IP Version 6 over Ethernet (IPv6oE) encapsulation are not bound,
but are cross-connected instead.
Configuration Tasks
Note In this section, the command syntax in the task tables displays only the root command; for the
complete command syntax, see the full description for the command in the “Command
Descriptions” section.
To configure a binding, perform the tasks described in one of the following sections:
•
Create a Static Binding
•
Create a Dynamic Binding
Create a Static Binding
To create a static binding, perform one of the task options described in Table 15-10.
Table 15-10 Create a Static Binding
Task
Root Command
Notes
Create a static binding with one of the following tasks:
• Statically bind a port, channel, or circuit to a
previously created interface in the specified
context.
bind interface
Enter this command in ATM PVC, dot1q PVC, DS-0, DS-1,
DS-3, E1, Frame Relay PVC, GRE tunnel, IPv6 tunnel,
link group, link PVC, or port configuration mode.
• Statically bind a circuit to an interface using the
IP address in a subscriber record.
bind subscriber
Enter this command in ATM PVC, CLIPS PVC, or dot1q
PVC configuration mode.
Bindings Configuration
15-9
Configuration Examples
Table 15-10 Create a Static Binding (continued)
Task
Root Command
Notes
• Statically bind multiple circuits to an interface
and automatically generate subscriber names
and optional passwords.
bind auto-subscriber
Enter this command in ATM or CLIPS PVC configuration
mode.
Create a Dynamic Binding
To create a dynamic binding, perform one of the task options described in Table 15-11; enter this command
in ATM PVC, dot1q PVC, port, ATM child protocol, or dot1q child protocol configuration mode.
Table 15-11 Create a Dynamic Binding
Task
Root Command
Notes
Create a dynamic binding with one of the following tasks:
• Dynamically bind a port or circuit through a
subscriber record or remotely through a
RADIUS record without restrictions.
bind authentication
• Dynamically bind a circuit to an interface using
the IP address in a subscriber record and
restrict the binding to a specific context.
bind authentication
.
You must specify the context to restrict the
binding.
Configuration Examples
This section includes examples for the following types of bindings:
•
Static Binding for a Single Circuit to an Interface
•
Static Binding for Multiple Circuits
•
Restricted Dynamic Binding for a Circuit
Static Binding for a Single Circuit to an Interface
The following example creates a static binding between the Ethernet management port and an interface
configured in the local context:
[local]Redback#configure
[local]Redback(config)#context local
[local]Redback(config-ctx)#interface mgmt
[local]Redback(config-if)#ip address 1.2.3.4/24
[local]Redback(config-if)#exit
[local]Redback(config-ctx)#exit
[local]Redback(config)#port ethernet 7/1
[local]Redback(config-port)#bind interface mgmt local
15-10
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
Static Binding for Multiple Circuits
The following example creates 10 ATM PVCs with a virtual path identifier (VPI) value of 100, and virtual
circuit identifier (VCI) values ranging from 100 to 109, then uses the bind auto-subscriber command to
statically bind each PVC to an automatically generated subscriber record beginning with the string DSL:
[local]Redback(config)#port atm 3/1
[local]Redback(config-port)#atm pvc explicit 100:100 through 100:109 profile
encapsulation route1483
[local]Redback(config-pvc)#bind auto-subscriber DSL local
Restricted Dynamic Binding for a Circuit
In the following example, the subscriber sessions on the PPP-encapsulated ATM PVC are limited to the
isp.net context:
[local]Redback(config)#port atm 3/1
[local]Redback(config-port)#atm pvc 100 101 profile ubr encapsulation ppp
[local]Redback(config-pvc)#bind authentication pap context isp.net
Command Descriptions
This section describes the syntax and usage guidelines for the commands used to configure bindings for
ports, channels, and circuits. The commands are presented in alphabetical order.
bind authentication
bind auto-subscriber
Bindings Configuration
bind interface
bind subscriber
15-11
Command Descriptions
bind authentication
bind authentication {pap | pap chap | chap | chap pap} [maximum max-ses]
[context ctx-name | service-policy svc-policy-name]
no bind
Purpose
Creates a dynamic binding between a Point-to-Point Protocol (PPP)-encapsulated Asynchronous Transfer
Mode (ATM) permanent virtual circuit (PVC), or a PPP over Ethernet (PPPoE)-encapsulated Ethernet port,
802.1Q PVC, ATM PVC, or child circuit on an ATM or 802.1Q PVC with PPPoE encapsulation, and an
interface, using the specified PPP authentication protocol.
Command Mode
ATM child protocol configuration
ATM PVC configuration
dot1q child protocol configuration
dot1q PVC configuration
port configuration
Syntax Description
pap
Specifies that the PPP authentication protocol to be used is Password
Authentication Protocol (PAP).
pap chap
Specifies that either PAP or Challenge Handshake Authentication
Protocol (CHAP) can be used, with PAP negotiated first.
chap
Specifies that the PPP authentication protocol to be used is CHAP.
chap pap
Specifies that either CHAP or PAP can be used, with CHAP negotiated
first.
maximum max-ses
Optional. Maximum number of concurrent sessions allowed on a
circuit or port. The range of values is 1 to 8,000. This construct applies
only to circuits and ports using PPPoE.
context ctx-name
Optional. Name of the context to which PPP or PPPoE sessions on the
circuit or port being bound are restricted.
service-policy svc-policy-name Optional. Name of the service access control list (ACL) that defines
the services available to the PPP-encapsulated circuit or port.
Default
None
15-12
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
Usage Guidelines
Use the bind authentication command to create a dynamic binding between a PPP-encapsulated ATM
PVC, or a PPPoE-encapsulated Ethernet port, 802.1Q PVC, ATM PVC, or child circuit on an ATM or
802.1Q PVC, and an interface, using the specified PPP authentication protocol. This command is available
only for a port, ATM PVC, 802.1Q PVC, or child circuit that has been previously configured with PPPoE
or one of the PPP encapsulation types.
The ATM or 802.1Q PVC can be a static or on-demand circuit.
Note You do not bind dynamic clientless IP service selection (CLIPS) PVCs; they are effectively bound
by the service clips command (in port configuration mode).
The string configured with the password command (in port configuration mode) must match the password
string sent by the remote PPP subscriber to the SmartEdge router.
Use the chap keyword to provide authentication without sending clear text passwords over the network. In
the case of CHAP, the passwords referred to are actually shared secret keys used by the various systems to
compute and verify cryptographic checksums in response to their peer’s challenge. To the command-line
interface (CLI), however, these values are run identically to the way PAP passwords are typed. The
password command is used in all cases.
The pap chap construct specifies that PAP is negotiated first, with CHAP as a secondary choice. This
configuration contradicts RFC 1334, PPP Authentication Protocols, but can potentially cause reduced
security because CHAP-only clients use an encrypted exchange for authorization, but passwords are sent
unencrypted with PAP. If a client is configured to accept both PAP and CHAP, only PAP is negotiated
because with this bind configuration, PAP is offered first.
You cannot bring up a PPP link until the subscriber name and password negotiations have been completed
and authorization has been granted.
If you are using the CHAP, PAP, or both authentication protocols, the response from the RADIUS server
(in attribute 18) is forwarded to the PPP client with the reason for the acceptance or rejection of the
subscriber.
The optional maximum max-ses construct is relevant only to circuits and ports with PPPoE encapsulation.
If you specify restricted dynamic binding (with the context ctx-name construct), the subscriber is
authenticated based on the authentication, authorization, and accounting (AAA) configuration defined
within that context. For information about configuring AAA features, see the “AAA Configuration”
chapter in the IP Services and Security Configuration Guide for the SmartEdge OS.
Note If authentication is being done remotely using Remote Authentication Dial-In User Service
(RADIUS), the local subscriber record is replaced by the corresponding subscriber record in the
RADIUS database. For further information about RADIUS, see the “RADIUS Configuration”
chapter in the IP Services and Security Configuration Guide for the SmartEdge OS.
Note When using global authentication, the Context-Name attribute returned by RADIUS must be
identical to the context specified on the bind authentication command line; otherwise, the binding
fails.
If you specify the optional service-policy svc-policy-name construct, all attempts to authenticate to
contexts or domains not permitted by the named service policy fail.
Bindings Configuration
15-13
Command Descriptions
If you modify a subscriber record for a subscriber that is already bound, you must use the clear subscriber
command in exec mode for the changes to take effect. The subscriber session is ended and restarted with
the new parameters. This is true regardless of whether subscriber records are configured locally or in
RADIUS.
Note The IP address configured for a subscriber, either in a local subscriber record or that obtained from
a RADIUS server, must fall within the range (address and network mask) of an interface that is
defined within the context and to which that subscriber is to be bound. Otherwise, the bind fails and
the PPP-encapsulated circuit does not come up.
Note The system hostname is used by the SmartEdge OS as the subscriber name string for all outbound
PPP authentication.
Use the no form of this command to remove the binding.
Note If you enter a new bind authentication command for a child circuit created on an ATM PVC, the
existing binding is not removed and no error message displays. To replace the existing binding, you
must enter the no form of this command, and then enter the bind authentication command with
the new keywords and arguments.
If you enter a new bind authentication command for a port, channel, ATM PVC, or 802.1Q PVC,
the existing binding is removed and any active sessions are dropped. If an existing binding is
exactly the same as that specified in the new bind authentication command, the existing binding
is not removed.
Examples
The following example sets the encapsulation to PPP on an ATM PVC on an ATM OC port, and then binds
the PVC using CHAP or PAP, with CHAP offered first:
[local]Redback(config)#port atm 4/1
[local]Redback(config-atm-oc)#atm pvc 100 4 profile oam encapsulation ppp
[local]Redback(config-atm-pvc)#bind authentication chap pap
Related Commands
None
15-14
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
bind auto-subscriber
In ATM PVC or dot1q PVC configuration mode, the command syntax is:
bind auto-subscriber prefix1 ctx-name [password prefix2]
no bind
In CLIPS PVC configuration mode, the command syntax is:
bind auto-subscriber prefix1 ctx-name [password password]
no bind
Purpose
Automatically generates a bind subscriber command with a unique subscriber name for each
Asynchronous Transfer Mode (ATM) permanent virtual circuit (PVC) in a range of static or on-demand
PVCs, for each 802.1Q PVC in a range of on-demand PVCs, or for each clientless IP service selection
(CLIPS) static circuit in a range of CLIPS static circuits.
Command Mode
ATM PVC configuration
CLIPS PVC configuration
dot1q PVC configuration
Syntax Description
prefix1
Leading text string for each subscriber name.
ctx-name
Name of the context to locate the subscriber information.
password prefix2
Optional. Leading text string for each subscriber password on an ATM PVC.
password password
Optional. Password for each subscriber on a CLIPS PVC.
Default
None
Usage Guidelines
Use the bind auto-subscriber command to automatically generate bind subscriber commands with
unique subscriber names and optional passwords for each static or on-demand ATM PVC, on-demand
802.1Q PVC, or CLIPS static circuit in the range.
For ATM PVCs, you use this command in conjunction with the atm pvc explicit or atm pvc on-demand
form of the atm pvc command in ATM OC or ATM DS-3 configuration mode to create a range of PVCs.
This command is not available if the ATM PVCs are encapsulated using the raw or pppoe keywords. The
generated subscriber names and passwords are of the following forms:
•
subscriber name: prefix1vpi.vci@ctx-name
•
password: prefix2vpi.vci
Bindings Configuration
15-15
Command Descriptions
Note The virtual path identifier (VPI) and virtual circuit identifier (VCI) are not assigned to an
on-demand ATM PVC until the PVC is made active.
For 802.1Q PVCs, you use this command in conjunction with the dot1q pvc on-demand form of the
dot1q pvc command in port configuration mode; it is not available for a range of static 802.1Q PVCs. The
generated subscriber names and passwords are of the following formats:
•
subscriber name: prefix1vlan-id@ctx-name
•
password: prefix2vlan-id
Note The virtual LAN (VLAN) tag value is not assigned to an on-demand 802.1Q PVC until the PVC is
made active.
Note The @ separator character in the ATM and 802.1Q formats is not configurable.
For CLIPS static circuits, you use this command in conjunction with the clips pvc command in port, dot1q
PVC, or ATM PVC configuration mode. The generated subscriber names are of the following forms for the
CLIPS static circuits:
•
subscriber name: prefix1sess-num@ctx-name
•
password: password
In this case, the same password is assigned to each subscriber.
Note The IP address configured for a subscriber, either in a local subscriber record or that obtained from
a Remote Authentication Dial-In User Service (RADIUS) server, must fall within the range
(address and network mask) of an interface that is defined within the context and to which that
subscriber is to be bound. Otherwise, the bind fails and the PPP-encapsulated circuit does not come
up.
Note If you enter a new bind command for an ATM or CLIPS static PVC, the previous binding is
removed and any active sessions are dropped. If an existing binding on the ATM or CLIPS static
PVC is exactly the same as that specified in the new bind command, the existing binding is not
removed.
Use the no form of this command to remove the automatically generated subscriber bindings.
Examples
The following example creates 10 ATM PVCs with a virtual path identifier (VPI) value of 100, and virtual
channel identifier (VCI) values ranging from 100 to 109, then uses the bind auto-subscriber command
to bind each PVC to an automatically generated subscriber name beginning with the string DSL:
[local]Redback(config)#port atm 3/1
[local]Redback(config-port)#atm pvc explicit 100:100 through 109 profile encapsulation
route1483
[local]Redback(config-pvc)#bind auto-subscriber DSL local
15-16
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
The following example creates 10 CLIPS static circuits with session numbers ranging from 1 to 10 on
Ethernet port 1, then uses the bind auto-subscriber command to bind each CLIPS static circuit to an
automatically generated subscriber name beginning with the string 10-1-1-:
[local]Redback(config)#port ether 4/1
[local]Redback(config)#service clips
[local]Redback(config-port)#clips pvc 1 through 10
[local]Redback(config-clips-pvc)#bind auto-subscriber “10-1-1-” local
Related Commands
atm pvc
bind subscriber
clips pvc
Bindings Configuration
15-17
Command Descriptions
bind interface
bind interface if-name ctx-name
no bind
Purpose
Statically binds a port, channel, permanent virtual circuit (PVC), 802.1Q tunnel, link group, Generic
Routing Encapsulation (GRE) tunnel circuit, or overlay tunnel circuit, to a previously created interface in
the specified context.
Command Mode
ATM PVC configuration
dot1q PVC configuration
DS-0 group configuration
DS-1 configuration
DS-3 configuration
E1 configuration
E3 configuration
Frame Relay PVC configuration
GRE tunnel configuration
IPv6 tunnel configuration
link group configuration
link PVC configuration
port configuration
Syntax Description
if-name
Name of a previously created interface.
ctx-name
Name of the context in which the specified interface exists.
Default
No ports, channels, PVCs, link groups, GRE tunnel circuits, or overlay tunnel circuits are bound.
Usage Guidelines
Use the bind interface command to statically bind a port, channel, PVC, 802.1Q tunnel, link group, GRE
tunnel circuit, or overlay tunnel circuit to a previously created interface in the specified context. No data
can flow through a port, channel, PVC, 802.1Q tunnel, child circuit, link group, or tunnel circuit until it is
bound to an interface.
Note This command is not available for on-demand ATM or 802.1Q PVCs.
Both the interface and the specified context must exist before you enter the bind interface command. If
either is missing, an error message displays.
15-18
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
To bind multiple circuits to a single interface, the specified interface must have been created using the
interface command with the multibind keyword specified.
To display the state of the bindings for the interfaces in a context, enter the show ip interface command in
any mode.
Use the no form of this command to remove the binding. You must remove any existing binding before you
can create a new binding for the port, channel, PVC, link group or GRE tunnel circuit.
Examples
The following example binds a POS port to the interface, SoHo1, in the local context:
[local]Redback(config)#port pos 3/1
[local]Redback(config-port)#bind interface SoHo1 local
The following example binds a GRE tunnel circuit to the existing interface, toHartford, in the existing
context, vpnA:
[local]Redback(config)#tunnel map
[local]Redback(config-tunnel-map)#gre-tunnel HartfordTn1 local key 1
[local]Redback(config-gre-tunnel)#bind interface toHartford vpnA
Related Commands
None
Bindings Configuration
15-19
Command Descriptions
bind subscriber
bind subscriber sub-name@ctx-name [password password]
no bind subscriber sub-name@ctx-name [password password]
Purpose
Statically binds a single static or on-demand Asynchronous Transfer Mode (ATM) permanent virtual circuit
(PVC), a single static or on-demand 802.1Q PVC, or a single clientless IP service selection (CLIPS) static
circuit indirectly to an interface by using the IP address within the local or Remote Authentication Dial-In
User Service (RADIUS) subscriber record for the specified subscriber.
Command Mode
ATM PVC configuration
dot1q PVC configuration
CLIPS PVC configuration
Syntax Description
sub-name@ctx-name
Subscriber name and context name that define the subscriber record to be
used. The combination of subscriber name and context name can be up to 253
characters, including the separator character.
password password
Optional. Password string to be associated with the subscriber name.
Required if the associated subscriber record or RADIUS record requires a
password.
Default
None
Usage Guidelines
Use the bind subscriber command to statically bind a single static or on-demand ATM PVC, a single static
or on-demand 802.1Q PVC, or a single CLIPS static circuit indirectly to an interface by using the IP address
within the local or RADIUS subscriber record for the specified subscriber.
This command is not available for a single on-demand ATM PVC unless you have configured the PVC with
the aaa keyword to use RADIUS to supply the binding.
It is not available for ATM PVCs encapsulated using the raw or pppoe keywords or for 802.1Q PVCs
encapsulated using the pppoe keyword.
The subscriber password string, if supplied, is not encrypted in the configuration file. A password with
embedded spaces can be entered by enclosing the entire password in double quotes; for example, “This
is a password.”
You can configure a custom structured format for the sub-name@ctx-name construct; see the “AAA
Configuration” chapter in IP Services and Security Configuration Guide for the SmartEdge OS.
15-20
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
Note If you enter a new bind command for a port, circuit, or channel, the previous binding is removed
and any active sessions are dropped. If an existing binding on the port, circuit, or channel is exactly
the same as specified in the new bind command, the existing binding is not removed.
Use the no form of this command to remove the binding.
Examples
The following example sets the encapsulation on an ATM PVC to PPP on an ATM OC port, and then binds
the PVC using the subscriber record, george, in the local context:
[local]Redback(config)#port atm 4/1
[local]Redback(config-atm-oc)#atm pvc 100 110 profile ubr1 encapsulation ppp
[local]Redback(config-atm-pvc)#bind subscriber george@local
The following example creates a single static circuit on an Ethernet port and then binds the circuit using the
subscriber record, greg, in the local context:
[local]Redback(config)#port ether 5/1
[local]Redback(config-port)#service clips
[local]Redback(config-port)#clips pvc 100
[local]Redback(config-clips-pvc)#bind subscriber greg@local
Related Commands
bind auto-subscriber
Bindings Configuration
15-21
Command Descriptions
15-22
Ports, Circuits, and Tunnels Configuration Guide
Part 7
Hardware Management
This part provides an overview of hardware management features, describes the tasks and commands used
to configure these features, provides configuration examples, and detailed descriptions of the commands
used to configure them through the SmartEdge® OS. This part consists of Chapter 16, “Hardware
Management Configuration.”
Chapter 16
Hardware Management Configuration
This chapter provides an overview of hardware management features, describes the tasks used to configure
these features, provides configuration examples, and detailed descriptions of the commands used to
configure them through the SmartEdge® OS.
For information about the tasks and commands used to monitor, troubleshoot, and administer general
system-wide management features, see the “System-Wide Management Configuration” chapter in the
Basic System Configuration Guide for the SmartEdge OS.
Note In the following descriptions, the term, controller card, applies to the Cross-Connect Route
Processor (XCRP) or the XCRP Version 3 (XCRP3) Controller card, unless otherwise noted.
The term, chassis, refers to any SmartEdge chassis; the term, SmartEdge 800, refers to any version
of the SmartEdge 800 chassis.
This chapter includes the following sections:
•
Overview
•
Configuration Tasks
•
Command Descriptions
Overview
Typically, the SmartEdge OS show and debug commands are used to provide information to verify correct
system operation and to troubleshoot feature-specific problems. Those commands are described in the
Ports, Circuits, and Tunnels Operations Guide for the SmartEdge OS.
The configuration tasks and commands described in this chapter allow you to perform other types of
general system-wide monitoring and testing tasks, such as enabling power-on diagnostics and alarms.
Hardware Management Configuration
16-1
Configuration Tasks
Configuration Tasks
Note In this section, the command syntax in the task tables displays only the root command; for the
complete command syntax, see the full description for the command in the “Command
Descriptions” section.
To configure system-wide management features, perform the tasks described in Table 16-1; enter all
commands in global configuration mode.
Table 16-1 Configure System-Wide Management Features
Task
Root Command
Notes
Enable power-on diagnostics.
diag pod
This is the default condition.
Enable the alarm for the air filter in a SmartEdge chassis.
system alarm
Command Descriptions
This section describes the syntax and usage guidelines for the commands used to configure system-wide
management features. The commands are presented in alphabetical order.
diag pod
16-2
system alarm
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
diag pod
diag pod
no diag pod
default diag pod
Purpose
Enables power-on diagnostics (POD).
Command Mode
global configuration
Syntax Description
This command has no keywords or arguments.
Default
POD tests are enabled.
Usage Guidelines
Use the diag pod command to enable power-on diagnostics. Enabling POD takes effect during the next
system reload.
Note To run on-demand diagnostics (ODD), enter the diag on-demand command in exec mode. For
information and commands for ODD, see the “Hardware Operations” chapter in the Ports, Circuits,
and Tunnels Operations Guide for the SmartEdge OS.
The POD tests verify the correct operation of the controller cards, the backplane, fan and alarm unit
(referred to as the fantray in command syntax) in the SmartEdge 800 chassis, the alarm card in the
SmartEdge 400 chassis, and each installed traffic card during a power-on or reload sequence of the
SmartEdge router. The tests also run when a controller or traffic card is installed in a running system. The
maximum test time is 130 seconds: 60 seconds for a controller card, 10 seconds for the backplane and fan
and alarm unit, or alarm card, and 5 seconds for each installed traffic card. If the system has two controller
cards, the controller tests run in parallel.
During the test duration, the POD tests display results and status; if an error occurs during the testing of a
card, the test lights the FAIL LED on the failing card, but does not stop the loading of the OS. A failure on
the backplane, alarm card, or fan and alarm unit causes the FAN (or FAIL) LED on the fan and alarm unit
or alarm card to light.
To display the results of POD tests, enter the show diag command in any mode. For more information about
this command, see the “Hardware Operations” chapter in the Ports, Circuits, and Tunnels Operations
Guide for the SmartEdge OS.
Use the no form of this command to disable POD tests. Disabling POD tests takes effect during the next
system reload.
Use the default form to enable power-on diagnostic tests.
Hardware Management Configuration
16-3
Command Descriptions
Examples
The following example enables POD tests:
[local]Redback(config)#diag pod
The following example disables the POD tests:
[local]Redback(config)#no diag pod
Related Commands
None
16-4
Ports, Circuits, and Tunnels Configuration Guide
Command Descriptions
system alarm
system alarm {air-filter months | redundancy suppress}
no system alarm {air-filter months | redundancy suppress}
Purpose
Enables the alarm for the air filter or suppresses redundancy alarms for the SmartEdge 400 or
SmartEdge 800 chassis.
Command Mode
global configuration
Syntax Description
air-filter months
Number of months in the service interval. The range of values is 1 to 12; the
default value is 6.
redundancy suppress
Disables the alarms related to redundant controller cards.
Default
The alarm for the air filter is disabled and all alarms are enabled.
Usage Guidelines
Use the system alarm command to enable the alarm for the air filter or suppress redundancy alarms for a
SmartEdge 400 or SmartEdge 800 chassis.
The air filter alarm is generated at the end of the service interval based on the service date stored in the
EEPROM of the fan tray unit. Use the air-filter months construct to update the EEPROM with the service
interval.
To display the current service date, enter the show hardware fantray detail command in any mode. To
update the current service date after the air filter or fan tray unit has been replaced, enter the service
air-filter command in exec mode.
Use the redundancy suppress construct to suppress alarms related to redundant controller cards for
SmartEdge routers that are configured with a single controller card. The following bulleted list displays the
suppressed alarms.
•
Backup fail: peer dead
•
Controller missing
•
Controller manual switch requested
•
Controller auto switch completed
•
Controller forced switch requested
•
Controller switch completed
•
Controller exerciser switch failed
Hardware Management Configuration
16-5
Command Descriptions
•
Controller switch failed
•
Peer inventory fail
•
Peer shared format mismatch
•
Peer controller card type incompatible
•
Peer SONET/SDH mode incompatible
Use the no form of this command to disable alarms for the air filter.
Additionally, you can use the no form of this command to enable alarms for redundant controller cards.
Examples
The following example enables the air filter alarm and specifies a three-month service interval:
[local]Redback(config)#system alarm air-filter 3
Related Commands
None
16-6
Ports, Circuits, and Tunnels Configuration Guide
Part 8
Appendixes
This part lists the standard Layer 2 Tunneling Protocol (L2TP) attribute-value pairs (AVPs) supported by
the SmartEdge® OS, in order by AVP number.
Draft—November 16 2005
Appendix A
L2TP Attribute-Value Pairs
Table A-1 lists the standard Layer 2 Tunneling Protocol (L2TP) attribute-value pairs (AVPs) supported by
the SmartEdge® OS, in order by AVP number.
Table A-1
Standard L2TP AVPs Supported by the SmartEdge OS
May be
Hidden
Message
Types Used In
Yes
(see Notes)
Yes
All
2-octet unsigned integer. Must be the first AVP in a
message. When Mandatory (M)-bit=1, tunnel must be
cleared if message type is unknown to the
implementation. If M-bit=0, unknown message type
can be ignored.
Result Code
Yes
No
CDN
StopCCN
2-octet unsigned integer plus an optional error code
and optional error message.
2
Protocol Version
Yes
No
SCCRP
SCCRQ
1-octet unsigned integer for the version and 1-octet
unsigned integer for the revision.
3
Framing Capabilities
Yes
Yes
SCCRP
SCCRQ
32-bit mask with 2 bits defined. The A-bit indicates
whether asynchronous framing is supported. The
S-bit indicates whether synchronous framing is
supported.
4
Bearer Capabilities
Yes
Yes
SCCRP
SCCRQ
32-bit mask with 2 bits defined. The A-bit indicates
whether analog access is supported. The D-bit
indicates whether digital access is supported.
5
Tie Breaker
No
No
SCCRQ
8-octet value used to select a single tunnel when
both LAC and LNS simultaneously request a tunnel.
Lower value equals higher priority.
6
Firmware Revision
No
Yes
SCCRP
SCCRQ
2-octet unsigned integer encoded in a
vendor-specific format.
7
Host Name
Yes
No
SCCRP
SCCRQ
String. Arbitrary number of octets, with a minimum
length of 1 octet.
8
Vendor Name
No
Yes
SCCRP
SCCRQ
Vendor-specific string.
9
Assigned Tunnel ID
Yes
Yes
SCCRP
SCCRQ
StopCCN
2-octet, nonzero unsigned integer.
10
Receive Window Size
Yes
No
SCCRP
SCCRQ
2-octet unsigned integer.
11
Challenge
Yes
Yes
SCCRP
SCCRQ
1 or more octets of random data.
Num
AVP Name
Mandatory
0
Message Type
1
L2TP Attribute-Value Pairs
Notes
A-1
Draft—November 16 2005
Table A-1
Standard L2TP AVPs Supported by the SmartEdge OS (continued)
Num
AVP Name
Mandatory
May be
Hidden
Message
Types Used In
12
Q.931 Cause Code
Yes
No
CDN
Returned Q.931 cause code and returned Q.931
message code in their native ITU encodings.
Optional ASCII text advisory message can also be
included.
13
Challenge Response
Yes
Yes
SCCCN
SCCRP
16-octet value.
14
Assigned Session ID
Yes
Yes
CDN
ICRP
ICRQ
OCRP
OCRQ
2-octet, non-zero unsigned integer.
15
Call Serial Number
Yes
Yes
ICRQ
OCRQ
32-bit value.
16
Minimum BPS
Yes
Yes
OCRQ
32-bit value indicating minimum speed in bits per
second.
17
Maximum BPS
Yes
Yes
OCRQ
32-bit value indicating maximum speed in bits per
second.
18
Bearer Type
Yes
Yes
ICRQ
OCRQ
32-bit mask with 2 bits defined. The A-bit indicates if
the call refers to an analog channel. The D-bit
indicates if the call refers to a digital channel. Both
bits can be set. For ICRQ messages, it is also valid to
set neither.
19
Framing Type
Yes
Yes
ICCN
OCCN
OCRQ
32-bit mask with 2 bits defined. The A-bit indicates
asynchronous framing. The S-bit indicates
synchronous framing.
21
Called Number
Yes
Yes
ICRQ
OCRQ
ASCII string.
22
Calling Number
Yes
Yes
ICRQ
ASCII string.
23
Sub-Address
Yes
Yes
ICRQ
OCRQ
ASCII string.
24
Tx Connect Speed
Yes
Yes
ICCN
OCCN
4-octet value indicating the speed in bits per second.
Used to inform the LNS of rate-limited speed, as
required by carriers supporting PPPoE, PPPoA, and
PPPoEoA.
25
Physical Channel ID
No
Yes
ICRQ
OCRP
4-octet value for logging purposes only. Sent to
RADIUS from the LNS side. Encodes the vendor
specific physical channel number used for a call.
26
Initial Received LCP
CONFREQ
No
Yes
ICCN
Arbitrary number of octets. A copy of the body of the
initial CONFREQ received, starting at the first option
within the body of the LCP message.
27
Last Sent LCP
CONFREQ
No
Yes
ICCN
Arbitrary number of octets. A copy of the body of the
final CONFREQ sent to the client to complete LCP
negotiation, starting at the first option within the body
of the LCP message.
28
Last Received LCP
CONFREQ
No
Yes
ICCN
Arbitrary number of octets. A copy of the body of the
final CONFREQ received from the client to complete
LCP negotiation, starting at the first option within the
body of the LCP message.
29
Proxy Authen Type
No
Yes
ICCN
2-octet unsigned integer.
A-2
Notes
Ports, Circuits, and Tunnels Configuration Guide
Draft—November 16 2005
Table A-1
Standard L2TP AVPs Supported by the SmartEdge OS (continued)
Num
AVP Name
Mandatory
May be
Hidden
Message
Types Used In
Notes
30
Proxy Authen Name
No
Yes
ICCN
String. Arbitrary number of octets.
31
Proxy Authen Challenge
No
Yes
ICCN
String. 1 or more octets.
32
Proxy Authen ID
No
Yes
ICCN
2-octet unsigned integer.
33
Proxy Authen Response
No
Yes
ICCN
String. Arbitrary number of octets.
34
Call Errors
Yes
Yes
WEN
Includes the following fields: Reserved, CRC Errors,
Framing Errors, Hardware Overruns, Buffer
Overruns, Time-out Errors, and Alignment Errors.
35
ACCM
Yes
Yes
SLI
Send and Receive ACCM are each 4-octet values
preceded by a 2-octet reserved quantity.
36
Random Vector
Yes
No
All
String of arbitrary length. Must precede the first AVP
with the Hidden (H) bit set. More than one can be
used per message. Hidden AVP uses the Random
Vector AVP most closely preceding it.
37
Private Group
No
Yes
ICCN
Arbitrary number of octets.
38
Rx Connect Speed
No
Yes
ICCN
OCCN
4-octet value indicating the speed in bits per second.
39
Sequencing Required
Yes
No
ICCN
OCCN
This AVP has no value field. Indicates that sequence
numbers must be present on the data channel. The
Redback® implementation of L2TP prefers not to
require sequencing. Therefore, if the SmartEdge
router is functioning as a LAC, it never requests this
attribute. However, if the LNS uses it, the LAC honors
it. If the SmartEdge router is functioning as an LNS, it
honors a LAC’s request for this attribute, but never
volunteers it.
46
PPP Disconnect Cause
No
Yes
CDN
2-octet value in network byte order and a string of
arbitrary length.
Redback vendor-specific AVPs are embedded according to the procedure recommended in RFC 2661,
“Layer 2 Tunneling Protocol L2TP.” Table A-2 lists the Redback vendor-specific L2TP AVPs supported
by the SmartEdge OS, in order by AVP number.
Table A-2
Redback Vendor-Specific L2TP AVPs Supported by the SmartEdge OS
Num
AVP Name
Mandatory
May be
Hidden
Message Types
Used In
1
Rbak HURL
No
No
L2TP-HURL
String containing the URL from the pppoe
url command in the subscriber record.
2
Rbak MOTM
No
No
L2TP-HURL
String containing the MOTM defined on the
LNS side of the tunnel.
L2TP Attribute-Value Pairs
Notes
A-3
Draft—November 16 2005
A-4
Ports, Circuits, and Tunnels Configuration Guide
Draft—November 16 2005
Index
Numerics
802.1Q link groups
binding, guidelines, 15-4
configuring, 9-10
configuring 802.1Q PVCs, 9-11
constituent ports
adding, 9-11
configuration restrictions, 9-11
default state, 9-10
described, 9-3
examples, 9-15
802.1Q profiles
configuring attributes
applying bulkstats schema profile, 6-6
described, 6-6
creating or selecting, 6-6
802.1Q PVCs
aggregated
binding, creating, 9-11
binding guidelines, 15-4
configuring, 9-11
creating, 9-11
selecting link group, 9-11
assigning MAC address, 6-7
binding
creating, 6-7
guidelines, 15-4
options, without static CLIPS PVCs, 15-7
options, with static CLIPS PVCs, 15-8
binding port, 6-7
child circuits
binding, guidelines, 15-5
binding, options, 15-9
configuring PPPoE, 8-11
cross-connecting to other child circuits, 11-9
configuring attributes
described, 6-7
IP address of remote host, 6-7
watchdog timer, 6-7
Index
configuring for
bridging, 10-8
PPPoE, 8-11
creating, 6-7
cross-connecting to ATM PVCs, 11-8
cross-connecting to inbound child circuits, 11-11
cross-connecting to inbound circuits, 11-12
cross-connecting to other 802.1Q PVCs, 11-8
cross-connecting to outbound child circuits, 11-12
disabling operations, 6-7
encapsulating port, 6-7
interworking to ATM PVCs, 11-13
parent circuits, cross-connecting to other parent
circuits, 11-9
802.1Q PVC tunnels
binding
inner PVCs, 6-8
tunnel, 6-8
configuring port for
binding, 6-8
encapsulating, 6-8
creating
inner PVCs, 6-8
tunnel, 6-8
described, 6-8
disabling operations, 6-8
inner PVCs, described, 6-8
specifying type, 6-8
A
ACCM AVP, A-3
administrator configuration mode, described, 1-14
APS (Automatic Protection Switching) groups
assigning ports, 5-4
configuring attributes
described, 5-3
switching algorithm, 5-3
creating or selecting, 5-3
deleting, 5-4
1
Draft—November 16 2005
features, 5-2
removing port from, 5-4
replacing port in, 5-4
APS (Automatic Protection Switching) ports
changing configuration, 5-5
configuration requirements, 5-3
delete procedures, 5-5
features, 5-2
removing posted request, 5-4
replacement procedures, 5-5
requesting
high-priority switch, 5-4
lockout of protect port, 5-4
low-priority switch, 5-4
APS configuration mode, described, 1-14
architecture, SmartEdge OS, 1-2
Assigned Session ID AVP, A-2
Assigned Tunnel ID AVP, A-1
ATM (Asynchronous Transfer Mode) cards, specifying
clock source, 2-3
configurable ports, 2-3
mode, 2-3
ATM (Asynchronous Transfer Mode) child circuits
binding
guidelines, 15-5
options, 15-9
configuring PPPoE, 8-11
cross-connecting to inbound circuits, 11-12
cross-connecting to other child circuits, 11-9
cross-connecting to outbound circuits, 11-11
ATM (Asynchronous Transfer Mode) HSVCs,
loading the SAR image, 6-18
ATM (Asynchronous Transfer Mode) parent circuits
binding, guidelines, 15-4
cross-connecting to inbound child circuits, 11-11
cross-connecting to other parent circuits, 11-9
ATM (Asynchronous Transfer Mode) ports
binding, guidelines, 15-3
changing to loopback state, 3-4
configuring attributes
bulkstats schema profile, 3-3
cable length, 3-4
clock source, 3-4
described, 3-3
error conditions, 3-4
for bridging, 10-8
framing, 3-3
ignore alarms, 3-4
link-dampening, 3-4
loopback request responses, 3-4
MAC address, 3-3
MTU, 3-3
over-subscription, 3-3
path trace message, 3-4
2
scrambling, 3-3
enabling operations, 3-4
port listening mode, 3-4
selecting, 3-3
ATM (Asynchronous Transfer Mode) profiles
configuring attributes
applying bulkstats schema profile, 6-19
CLP bit, 6-19
congestion avoidance, 6-19
described, 6-19
OAM fault monitoring for non-cross-connected
PVCs, 6-19
OAM management for cross-connected PVCs, 6-19
OAM management for non-cross-connected
PVCs, 6-19
PVC speed reporting, 6-19
statistics collection, 6-19
traffic class, 6-19
watchdog timer, 6-20
creating or selecting, 6-19
ATM (Asynchronous Transfer Mode) PVCs
binding
creating, 6-21
guidelines, 15-4
options, without static CLIPS PVCs, 15-7
options, with static CLIPS PVCs, 15-8
bridging, configuring, 10-8
changing profile, 6-20
configuring attributes
described, 6-20
IP address of remote host, 6-20
PPPoE encapsulation, 8-10
creating or modifying, 6-20
cross-connecting to
other ATM PVCs, 11-7
cross-connecting to 802.1Q PVCs, 11-8
cross-connecting to outbound child circuits, 11-12
disabling operations, 6-21
interworking to 802.1Q PVCs, 11-13
ATM (Asynchronous Transfer Mode) shaped VPs, creating
or modifying, 6-20
ATM child protocol configuration mode, described, 1-14
ATM DS-3 configuration mode, described, 1-14
ATM OC configuration mode, described, 1-14
ATM profile configuration mode, described, 1-14
ATM PVC configuration mode, described, 1-14
AU-3 configuration mode, described, 1-14
B
Bearer Capabilities AVP, A-1
Bearer Type AVP, A-2
bindings
dynamic
Ports, Circuits, and Tunnels Configuration Guide
Draft—November 16 2005
creating, 15-10
described, 15-2
static
creating, 15-9
described, 15-2
bridge configuration mode, described, 1-14
bridge profile configuration mode, described, 1-14
bridging
802.1Q PVCs
binding to bridged interface, 10-8
configuring attributes, 10-8
configuring port, 10-8
creating, 10-8
propagating priority, 10-8
selecting port, 10-8
ATM PVCs
binding to bridged interface, 10-9
configuring attributes, 10-8
configuring port, 10-8
creating, 10-8
selecting port, 10-8
bridge, configuring attributes
aging time, 10-6
described, 10-6
MAC address learning, 10-6
type, 10-6
undesired MAC addresses, 10-6
bridge profile, configuring attributes
MAC address restriction, 10-7
maximum static MAC addresses, 10-7
type, 10-7
creating
bridge profiles, 10-7
bridges, 10-6
interfaces for a bridge, 10-6
Ethernet ports
binding to bridged interface, 10-7
configuring attributes, 10-7
selecting, 10-7
interface, creating for bridges, 10-6
subscriber records
associating with a bridge, 10-9
configuring attributes, 10-9
selecting for bridging, 10-9
bulkstats configuration mode, described, 1-14
C
Called Number AVP, A-2
Call Errors AVP, A-3
Calling Number AVP, A-2
Call Serial Number AVP, A-2
card configuration mode, described, 1-14
CBR (constant bit rate), 6-91
Index
Challenge AVP, A-1
Challenge Response AVP, A-2
channelized OC-12 ports
binding, guidelines, 15-3
changing to loopback state, 4-4
configuring attributes
bulkstats schema profile, 4-3
described, 4-3
creating or selecting, 4-3
enabling operations, 4-3
channelized STM-1 ports
binding, guidelines, 15-3
changing to loopback state, 4-10
configuring attributes
AU-3 group, 4-10
AUG mapping, 4-10
bulkstats schema profile, 4-10
channel mapping, 4-10
described, 4-10
path trace message, 4-10
creating or selecting, 4-10
enabling operations, 4-10
channels, in the SmartEdge OS, 1-7
CHAP (Challenge Handshake Authentication Protocol),
for PPP-encapsulated circuits, 8-3
circuits, in the SmartEdge OS, 1-7
CLIPS (clientless IP service selection)
dynamic
assigning port or PVC to a group, 7-4
creating group, 7-4
DHCP proxy interfaces, configuring, 7-3
DHCP server address, configuring, 7-3
DHCP subscribers, configuring, 7-3
password, subscriber, 7-4
examples
dynamic CLIPS, local authentication, 7-7
dynamic CLIPS, RADIUS authentication, 7-8
dynamic CLIPS group, 7-9
static CLIPS for a range of PVCs, 7-6
static CLIPS for a single PVC, 7-6
CLIPS (clientless IP service selection) static PVCs
binding, 7-3
binding, guidelines, 15-5
creating, 7-3
disabling operations, 7-3
enabling CLIPS, 7-3
CLIPS PVC configuration mode, described, 1-14
command modes, access commands and prompts, 1-14
configuration modes, organization, 1-12
context configuration mode, described, 1-14
cross-connected circuits, configuring
802.1Q PVC child circuits, 11-9
802.1Q PVC parent circuits, 11-9
802.1Q PVCs, 11-8
3
Draft—November 16 2005
ATM PVC child circuits, 11-9
ATM PVC parent circuits, 11-9
ATM PVCs, 11-7
ATM PVCs to 802.1Q PVCs, 11-8
inbound child circuits, 11-11
inbound circuits, 11-12
interworking, 11-13
outbound child circuits, 11-12
outbound circuits, 11-11
D
default, form of a command, described, 1-16
domain alias
L2TP peer name, configuring tunnel switching, 13-16
dot1q child protocol configuration mode, described, 1-14
dot1q profile configuration mode, described, 1-14
dot1q PVC configuration mode, described, 1-14
DS-0 channel groups
binding
creating, 4-13
guidelines, 15-4
options, 15-6
changing to loopback state, 4-14
configuring attributes
bulkstats schema profile, 4-13
CHDLC parameters, 4-13
CRC length, 4-13
data stream inversion, 4-13
described, 4-13
encapsulation, 4-13
idle character, 4-13
MTU, 4-13
notifications of up and down conditions, 4-13
PPP, 8-8
time slots, 4-13
creating or selecting, 4-13
enabling operations, 4-13
DS-0 group configuration mode, described, 1-14
DS-1 channels
adding to MP or MFR bundle, 4-7
binding
creating, 4-7
guidelines, 15-3
options, 15-6
changing to loopback state, 4-8
configuring attributes
bulkstats schema profile, 4-7
CHDLC parameters, 4-7
clock source, 4-7
CRC length, 4-7
data stream inversion, 4-7
described, 4-7
encapsulation, 4-7
4
framing, 4-7
idle character, 4-7
MTU, 4-7
PPP, 8-8
remote loopback request responses, 4-7
speed, 4-7
timeslots for DS-0 channels, 4-7
yellow alarm detection or generation, 4-7
creating or selecting, 4-7
enabling operations, 4-7
DS-1 configuration mode, described, 1-14
DS-3 channels or ports, channelized
binding, guidelines, 15-3
changing to loopback state, 4-6
configuring attributes
bulkstats schema profile, 4-6
cable length, 4-6
clock source, 4-6
described, 4-6
framing, 4-6
PPP, 8-8
remote loopback request responses, 4-6
creating or selecting, 4-6
enabling operations, 4-6
DS-3 channels or ports, clear-channel
binding
creating, 4-5
guidelines, 15-3
options, 15-6
changing to loopback state, 4-6
configuring attributes
bulkstats schema profile, 4-5
cable length, 4-5
CHDLC parameters, 4-5
clock source, 4-5
CRC length, 4-5
described, 4-5
DSU bandwidth, 4-5
DSU vendor, 4-5
encapsulation, 4-5
framing, 4-5
idle character, 4-5
MTU, 4-5
payload scrambling, 4-5
PPP, 8-8
remote loopback request responses, 4-5
creating or selecting, 4-5
enabling operations, 4-5
DS-3 configuration mode, described, 1-14
dynamic bindings, described, 15-2
E
E1 channels or ports, channelized
Ports, Circuits, and Tunnels Configuration Guide
Draft—November 16 2005
binding, guidelines, 15-3
changing to loopback state, 4-12
configuring attributes
bulkstats schema profile, 4-12
clock source, 4-12
described, 4-12
framing, 4-12
PPP, 8-8
creating or selecting, 4-12
enabling operations, 4-12
E1 channels or ports, clear-channel
adding to MP or MFR bundle, 4-11
binding
creating, 4-12
guidelines, 15-3
options, 15-6
changing to loopback state, 4-12
configuring attributes
bulkstats schema profile, 4-11
CHDLC parameters, 4-11
clock source, 4-11
CRC length, 4-11
data stream inversion, 4-11
described, 4-11
encapsulation, 4-11
framing, 4-11
idle character, 4-11
MTU, 4-11
PPP, 8-8
creating or selecting, 4-11
enabling operations, 4-12
E1 configuration mode, described, 1-14
E3 configuration mode, described, 1-14
E3 ports, clear-channel
binding, 4-9
changing to loopback state, 4-9
configuring attributes
bulkstats schema profile, 4-9
CHDLC parameters, 4-9
clock source, 4-9
CRC length, 4-9
described, 4-9
encapsulation, 4-9
framing, 4-9
idle character, 4-9
MTU, 4-9
national bit, 4-9
enabling operations, 4-9
selecting, 4-9
Ethernet link groups
binding, guidelines, 15-4
configuring, 9-8
constituent ports
adding, 9-9
Index
configuration restrictions, 9-9
default state, 9-9
described, 9-3
Ethernet ports
adding to link group, 3-5
binding
creating, 3-5
guidelines, 15-3
options, without static CLIPS PVCs, 15-6, 15-7
options, with static CLIPS PVCs, 15-8
changing to loopback state, 3-6
configuring attributes
bulkstats schema profile, 3-5
described, 3-5
flow control, 3-5
for bridging, 10-7
MTU, 3-5
speed and mode, 3-5
configuring attributes for PPPOE, 8-10
configuring bridging, 10-7
enabling operations, 3-5
selecting, 3-5
transport packets with unmapped encapsulation, 3-5
examples
L2TP
tunnel switching, 13-16
tunnel switching, with diagram, 13-3
exec mode
described, 1-14
functions, 1-12
F
Firmware Revision AVP, A-1
Frame Relay LMI, configuring attributes
automatic detection of LMI type, 6-22
error threshold, 6-22
interface type, 6-22
keepalive function, 6-22
keepalive messages, 6-22
LMI type, 6-22
monitored event count, 6-22
polling verification timer, 6-22
Frame Relay profile configuration mode, described, 1-14
Frame Relay profiles
applying bulkstats schema profile, 6-22
creating or selecting, 6-22
Frame Relay PVC configuration mode, described, 1-14
Frame Relay PVCs
aggregated
binding, creating, 9-7
binding, guidelines, 15-4
configuring attributes, 9-7
creating or selecting, 9-7
5
Draft—November 16 2005
default state, 9-7
disabling operations, 9-7
selecting MFR bundle for, 9-7
unaggregated
binding, creating, 6-23
binding, guidelines, 15-4
configuring attributes, 6-23
creating or selecting, 6-23
disabling operations, 6-23
Framing Capabilities AVP, A-1
Framing Type AVP, A-2
G
global configuration mode, described, 1-14
GRE (Generic Routing Encapsulation) tunnel circuits
binding guidelines, 15-4
configuration guidelines, 12-5
nonVPN
assigning key, 12-6
assigning private IP address, 12-6
binding, 12-7
configuring attributes, 12-6
configuring interface, 12-6
creating, 12-6
disabling operations, 12-7
selecting context, 12-6
VPN
assigning key, 12-7
assigning private IP address, 12-7
binding, 12-7
configuring attributes, 12-7
configuring interface, 12-7
creating, 12-7
disabling operations, 12-7
selecting context, 12-7
GRE (Generic Routing Encapsulation) tunnels
binding, guidelines, 15-4
configuration guidelines, 12-4
configuring attributes
context, 12-5
described, 12-6
interface, 12-5
logging of state changes, 12-6
public IP address, 12-5
creating, 12-5
enabling operations, 12-6
GRE peer configuration mode, described, 1-14
GRE tunnel configuration mode, described, 1-14
H
Host Name AVP, A-1
6
I
Initial Received LCP CONFREQ AVP, A-2
interface configuration mode, described, 1-14
IPv6-over-IPv4 tunnel circuits
assigning private IP address, 14-3
nonVPN
assigning key, 14-3
binding, 14-4
configuring interface, 14-3
creating, 14-3
disabling operations, 14-4
selecting context, 14-3
IPv6-over-IPv4 tunnels
configuring attributes
context, 14-3
described, 14-3
interface, 14-3
logging of state changes, 14-3
public IP address, 14-3
setting the MTU, 14-3
creating, 14-3
enabling operations, 14-3
K
keepalive
GRE tunnels, 12-21
keepalive messages, PPP and PPPoE, 8-5
L
L2TP (Layer 2 Tunneling Protocol)
attribute value pairs
Redback vendor-specific, A-3
table of supported AVPs, A-1
examples, tunnel switching, 13-16
tunnel switching
described, 13-3
example, 13-3
L2TP (Layer 2 Tunneling Protocol) groups
adding peers, 13-11
configuration guidelines, 13-8
configuring attributes
domain alias, 13-11
session assignment algorithm, 13-11
timer for "dead" peer, 13-11
creating, 13-11
features, 13-1
L2TP (Layer 2 Tunneling Protocol) peers
anonymous peer
configuration guideline, 13-37
described, 13-37
assigning to subscriber, 13-13
configuration guidelines, 13-8
configuring LAC attributes
Ports, Circuits, and Tunnels Configuration Guide
Draft—November 16 2005
authorization key, 13-12
control messages, retransmission, 13-12, 13-13
control messages, timeout value, 13-13
control message timer interval, 13-13
described, 13-12
domain alias, 13-12
local name, 13-12
maximum number of sessions, 13-12
maximum number of tunnels, 13-12
peer function, 13-12
slot redundancy, 13-12
unacknowledged control messages, 13-12
configuring LNS attributes
authorization key, 13-11
control messages, retransmission, 13-11
control messages, timeout value, 13-11
control message timer interval, 13-11
described, 13-10
domain alias, 13-10
local name, 13-10
maximum number of sessions, 13-11
maximum number of tunnels, 13-11
peer function, 13-10
unacknowledged control messages, 13-11
context for
automatic removal of inactive peers, 13-10
creating or selecting, 13-9
domain alias, creating, 13-9
enabling proxy authentication for LAC peers, 13-10
enabling strict enforcement for deadtime, 13-10
renegotiating with LAC, 13-10
selecting type of fragmentation, 13-10
setting deadtime, 13-10
creating or selecting
default LNS peer, 13-12
default peer for LNS peers, 13-10
named LAC peer, 13-12
named LNS peer, 13-10
default peer, described, 13-36
features, 13-1
L2TP (Layer 2 Tunneling Protocol) tunnel switches
configuring subscriber records, 13-13
creating
context, 13-13
LAC peers, 13-13
LNS peers, 13-13
L2TP group configuration mode, described, 1-14
L2TP peer configuration mode, described, 1-14
Last Received LCP CONFREQ AVP, A-2
Last Sent LCP CONFREQ AVP, A-2
link group configuration mode, described, 1-15
link PVC configuration mode, described, 1-15
load balancing, L2TP groups, 13-4
Index
M
macro configuration mode, described, 1-15
Maximum BPS AVP, A-2
maximum ports, 2-14
Message Type AVP, A-1
MFR (Multilink Frame Relay) bundles
binding, guidelines, 15-4
configuring attributes
automatic detection of LMI type, 9-6
DCE interface type, 9-6
DTE interface type, 9-6
interface type, 9-6
LMI type, 9-6
configuring Frame Relay PVC, 9-7
constituent channels
adding, 9-8
configuration restrictions, 9-7
configuring timing attributes, 9-8
creating, 9-6
default state, 9-6
described, 9-3
disabling operations, 9-6
Minimum BPS AVP, A-2
mode access commands and prompts, 1-14
MP (Multilink PPP) bundles
binding, 9-4
binding, guidelines, 15-4
configuring attributes
context, 9-4
endpoint discriminator, 9-4
interface, 9-4
IP address, 9-4
constituent channels
adding, 9-5
configuration restrictions, 9-5
creating, 9-4
default state, 9-5
described, 8-4
uses, 9-2
N
NetOp configuration mode, described, 1-15
no, form of a command, described, 1-16
P
PAP (Password Authentication Protocol), for
PPP-encapsulated circuits, 8-3
Physical Channel ID AVP, A-2
port configuration mode, described, 1-15
ports, in the SmartEdge OS, 1-7
POS (Packet over SONET/SDH) ports
and APS
assigning, 3-8
7
Draft—November 16 2005
binding for APS, 3-8
enabling for APS, 3-8
applying bulkstats schema profile, 3-7
binding
creating, 3-7
guidelines, 15-3
options, 15-5
changing to loopback state, 3-8
configuring attributes
C2byte, 3-7
CHDLC parameters, 3-7
CRC length, 3-7
described, 3-7
encapsulation, 3-7
error conditions, 3-7
framing, 3-7
MTU, 3-7
path trace message, 3-8
PPP, 8-8
scrambling, 3-7
enabling operations, 3-7
selecting, 3-7
PPP (Point-to-Point Protocol)
CHAP, described, 8-3
configuring attributes
keepalive checks, 8-7
keepalive timing attributes, 8-7
LCP option values for MRU, 8-7
configuring for
ATM PVC, 8-8
DS-0 channel groups, 8-8
DS-1 channels, 8-8
DS-3 channels, 8-8
E1 channels, 8-8
MP on ATM PVCs, 8-9
POS port, 8-8
subscriber, 8-9
enabling PPP multilink for ATM PVCs, 8-9
oversubscription, 8-4
oversubscription, described, 8-4
PAP, described, 8-3
specifying endpoint discriminator for PPP multilink, 8-9
PPP Disconnect Cause AVP, A-3
PPPoE (PPP over Ethernet)
configuring attributes
accept and advertise any service name tag, 8-10
advertised domains, 8-10
configures option inside PPPoE daemon that
terminates the PPPoE session, 8-10
default AC tag value, 8-10
configuring for
802.1Q PVC child circuit, 8-11
802.1Q PVCs, 8-11
ATM PVC, 8-10
8
ATM PVC child circuit, 8-11
Ethernet port, 8-10
subscriber, 8-12
features, 8-6
Private Group AVP, A-3
Protocol Version AVP, A-1
Proxy Authen Challenge AVP, A-3
Proxy Authen ID AVP, A-3
Proxy Authen Name AVP, A-3
Proxy Authen Response AVP, A-3
Proxy Authen Type AVP, A-2
Q
Q.931 Cause Code AVP, A-2
R
Random Vector AVP, A-3
Rbak HURL vendor-specific AVP, A-3
Rbak MOTM vendor-specific AVP, A-3
Receive Window Size AVP, A-1
Result Code AVP, A-1
Rx Connect Speed AVP, A-3
S
Sequencing Required AVP, A-3
SmartEdge OS
applications, 1-4
architecture, described, 1-2
concepts, 1-5
performance, 1-1
SNMP server configuration mode, described, 1-15
software license configuration mode, described, 1-15
static bindings, described, 15-2
STM-1 configuration mode, described, 1-15
strict-priority algorithm, 13-4
Sub-Address AVP, A-2
subscriber configuration mode, described, 1-15
subscribers
bridges, 10-5
configuring attributes, L2TP peer assignment, 13-13
configuring for bridging, 10-9
system monitoring
enabling
diagnostics, 16-2
SmartEdge 400 air filter alarm, 16-2
T
Tie Breaker AVP, A-1
traffic cards
configuring attributes, maintenance features, 2-3
listed, 2-2
provisioning, 2-3
Ports, Circuits, and Tunnels Configuration Guide
Draft—November 16 2005
traffic shaping
CBR, 6-91
UBR, 6-91
UBRe, 6-91
VBR-nrt, 6-91
VBR-rt, 6-91
tunnel map configuration mode, described, 1-15
Tx Connect Speed AVP, A-2
U
UBR (unspecified bit rate), 6-91
UBRe (unspecified bit-rate, extended), 6-91
V
VBR-nrt (variable bit-rate, nonrealtime), 6-91
VBR-rt (variable bit rate, realtime), 6-91
Vendor Name AVP, A-1
W
weighted-round-robin, L2TP groups, 13-4
Index
9
Draft—November 16 2005
10
Ports, Circuits, and Tunnels Configuration Guide
Draft—November 16 2005
Commands
A
aaa provision route, 7-12
aging-time, 10-13
alarm-report-only, 3-10
algorithm, 13-19
aps, 5-8
aps group, 5-10
aps switch, 5-11
atm mode, 2-5
atm profile, 6-29
atm pvc, 6-31
atm pvc explicit, 6-31
atm scramble, 3-11
atm scramble-ds3, 3-11
atm vp, 6-39
au3, 4-18
aug-mapping, 4-19
B
bind authentication, 15-12
bind auto-subscriber, 15-15
bind interface, 15-18
bind subscriber, 15-20
bridge, 10-14
bridge mac-entry, 10-16
bridge-only, 10-17
bridge profile, 10-18
bridge profile broadcast rate-limit, 10-20
broadcast rate-limit, 10-20
C
c2byte, 3-13
cablelength
channelized ports, 4-20
clear-channel ports, 3-15
card, 2-9
ccod-mode port-listen, 3-16
channel-mapping itu, 4-21
circuit protocol, 11-17
Commands
clear-df, 12-14
clips-group, 7-12
clips pvc, 7-14
clock-source
ATM ports, 3-18
cards, 2-12
channelized ports, 4-23
clpbit, 6-41
congestion, 6-42
counters, 6-45
crc16, 3-21
crc32, 4-25
D
deadtime, 13-21
description
APS groups, 5-14
ATM and dot1q PVCs, 6-46
bridge groups, 10-21
channels and channelized ports, 4-26
clear-channel ports, 3-22
GRE tunnels and tunnel circuits, 12-15
IPv6-over-Pv4 tunnels, 14-6
L2TP peers, 13-23
diag pod, 16-3
domain, 13-24
dot1q profile, 6-47
dot1q pvc, 6-48
dot1q tunnel, 6-52
dsu bandwidth, 4-28
dsu mode, 4-29
dsu scramble, 4-30
E
encapsulation
channels and channel groups, 4-31
Ethernet ports with 802.1Q VLANs, 6-53
Ethernet ports without 802.1Q PVCs, 3-23
POS ports, 3-23
1
Draft—November 16 2005
equipment-loopback
channelized ports, 4-33
clear-channel ports, 3-25
F
flow-control, 3-26
frame-relay auto-detect, 6-54
frame-relay intf-type, 6-56
frame-relay keepalive, 6-58
frame-relay lmi-n391dte, 6-60
frame-relay lmi-n392dce, 6-62
frame-relay lmi-n392dte, 6-64
frame-relay lmi-n393dce, 6-66
frame-relay lmi-n393dte, 6-68
frame-relay lmi-t392dce, 6-70
frame-relay lmi-type, 6-72
frame-relay multilink, 9-17
frame-relay profile, 6-74
frame-relay pvc, 6-75
framing
channels, 4-35
clear-channel ports, 3-27
function, 13-26
G
gre-peer, 12-16
gre-tunnel, 12-18
H
hello-timer, 13-27
I
idle-character, 4-38
idle-down, 6-77
invert-data, 4-40
ip host
802.1Q, ATM, and Frame Relay PVCs, 6-79
802.1Q multiprotocol PVCs, 11-19
ATM multiprotocol PVCs, 11-19
GRE tunnels, 12-20
ipv6-tunnel, 14-8
ipv6 v4tunnel-peer, 14-10
K
keepalive
channels and channel groups, 4-41
POS ports, 3-29
L
l2tp calling-number format, 13-28
l2tp clear-radius-peer, 13-30
l2tp deadtime, 13-31
2
l2tp fragment, 13-33
l2tp-group, 13-34
l2tp-peer, 13-36
l2tp proxy-auth, 13-39
l2tp renegotiate lcp, 13-40
l2tp strict-deadtime, 13-42
learning, 10-22
link-dampening
ATM ports, 3-31
Ethernet ports, 3-31
link-group, 9-19
lns card, 13-43
local-name, 13-45
log-state-changes
IPv6-over-IPv4 tunnels, 14-12
log-state-changes, command, 12-22
loopback
channels and channelized ports, 4-43
clear-channel ports, 3-33
M
mac-address
ATM ports, 3-35
Gigabit or Fast Ethernet cards, 6-81
link groups, 9-22
mac-entry, 10-23
mac-limit, 10-24
max-sessions, 13-46
max-tunnels, 13-48
medium, 3-36
minimum-links, 9-23
mp endpoint-discriminator, 9-24
mtu
channels and channel groups, 4-47
clear-channel ports, 3-37
IPv6-over-IPv4 tunnels, 14-13
multicast rate limit, 10-25
N
national, 4-49
O
oam fault-monitor, 6-83
oam manage, 6-84
oam xc, 6-86
over-subscription-rate, 3-39
P
path-trace
4-port ATM OC-3c/STM-1c and POS ports, 3-40
channelized STM-1 ports, 4-50
peer, 13-49
Ports, Circuits, and Tunnels Configuration Guide
Draft—November 16 2005
port atm, 3-42
port channelized-ds3, 4-52
port channelized-oc12, 4-54
port channelized-stm1, 4-56
port ds0s, 4-58
port ds1, 4-61
port ds3, 4-63
port e1, 4-65
port e3, 4-67
port ethernet, 3-44
port pos, 3-46
ppp keepalive, 8-16
ppp mtu, 8-19
ppp multilink, 8-20
ppp multilink lfi, 8-21
pppoe always send padt, 8-30
pppoe client route, 8-31
pppoe motm, 8-32
pppoe service-name accept-all, 8-33
pppoe services, 8-34
pppoe tag, 8-35
pppoe url, 8-36
ppp our-options mru, 8-23
ppp our-options multilink, 8-25
ppp peer-options mru, 8-27
ppp ppoe-large-mru, 8-29
L2TP peers, 13-54
timeslot, 4-72
transport unmatched-encap, 3-52
traps
DS-0 channel groups, 4-74
trunk, 10-27
tunnel-auth key, 13-55
tunnel domain, 13-56
tunnel map, 12-25, 14-16
tunnel name, 13-58
tunnel-window, 13-59
U
unknown-dest, 10-28
X
xc, 11-21
Y
yellow-alarm, 4-76
R
report, 6-88
restricted, 10-26
retry, 13-51
revert, 5-15
S
scramble, 3-48
service clips, 7-16
service clips exclude, 7-18
service clips-group, 7-20
session-auth, 13-52
shaping, 6-90
shutdown
channelized ports, channels, and channel groups, 4-69
clear-channel ports, 3-49
GRE tunnels and tunnel circuits, 12-23
IPv6-over-IPv4 tunnels and tunnel circuits, 14-14
PVCs and link groups, 6-93
sonet-eu, 2-16
speed, 4-71
system alarm, 16-5
T
threshold, 3-51
timeout
Commands
3
Draft—November 16 2005
4
Ports, Circuits, and Tunnels Configuration Guide
Modes
A
APS configuration mode
description, 5-14
revert, 5-15
ATM child protocol configuration mode
bind authentication, 15-12
ATM DS-3 configuration mode
atm pvc, 6-31
atm pvc explicit, 6-31
atm scramble-ds3, 3-11
atm vp, 6-39
cablelength, 3-15
ccod-mode port-listen, 3-16
clock-source, 3-18
description, 3-22
equipment-loopback, 3-25
framing, 3-27
loopback, 3-33
mac-address, 3-35
mtu, 3-37
over-subscription-rate, 3-39
shutdown, 3-49
ATM OC configuration mode
alarm-report-only, 3-10
atm pvc, 6-31
atm pvc explicit, 6-31
atm scramble, 3-11
atm vp, 6-39
ccod-mode port-listen, 3-16
clock-source, 3-18
description, 3-22
framing, 3-27
loopback, 3-33
mac-address, 3-35
mtu, 3-37
over-subscription-rate, 3-39
path-trace, 3-40
shutdown, 3-49
threshold, 3-51
Modes
ATM profile configuration mode
clpbit, 6-41
congestion, 6-42
counters, 6-45
description, 6-46
oam fault-monitor, 6-83
oam manage, 6-84
oam xc, 6-86
report, 6-88
shaping, 6-90
ATM PVC configuration mode
bind authentication, 15-12
bind auto-subscriber, 15-15
bind interface, 15-18
bind subscriber, 15-20
bridge mac-entry, 10-16
bridge profile, 10-18
circuit protocol, 11-17
clips pvc, 7-14
idle-down, 6-77
ip host
cross-connected PVCs, 11-19
non-cross-connected PVCs, 6-79
service clips, 7-16
service clips-exclude, 7-18
shutdown, 6-93
ATM PVC configuration mode, description, 6-46
ATM PVC protocol configuration mode
bind interface, 15-18
AU3 configuration mode, path-trace, 4-50
B
bridge configuration mode
aging-time, 10-13
bridge-only, 10-17
description, 10-21
learning, 10-22
mac-entry, 10-23
bridge profile configuration
1
bridge profile broadcast rate-limit, 10-20
bridge profile configuration mode
mac-limit, 10-24
multicast rate-limit, 10-25
restricted, 10-26
trunk, 10-27
unknown-dest, 10-28
bridge profile configuration mode, broadcast
rate-limit, 10-20
C
card configuration mode
atm mode, 2-5
clock-source, 2-12
maximum ports, 2-14
sonet-eu, 2-16
CLIPS PVC configuration mode
bind auto-subscriber, 15-15
bind subscriber, 15-20
context configuration mode
gre-peer, 12-16
ipv6 v4tunnel-peer, 14-10
l2tp clear-radius-peer, 13-30
l2tp deadtime, 13-31
l2tp fragment, 13-33
l2tp-group, 13-34
l2tp-peer, 13-36
l2tp proxy-auth, 13-39
l2tp renegotiate lcp, 13-40
l2tp strict-deadtime, 13-42
ppp keepalive, 8-16
context configuration mode, bridge, 10-14
D
dot1q child protocol configuration mode
bind authentication, 15-12
dot1q profile configuration mode
description, 6-46
dot1q PVC configuration mode
bind authentication, 15-12
bind auto-subscriber, 15-15
bind subscriber, 15-20
bridge mac-entry, 10-16
bridge profile, 10-18
circuit protocol, 11-17
clips pvc, 7-14
ip host
cross-connected PVCs, 11-19
non-cross-connected PVCs, 6-79
mac-address, 6-81
service clips, 7-16
service clips-exclude, 7-18
service clips-group, 7-20
2
shutdown, 6-93
dot1q PVC configuration mode, bind interface, 15-18
dot1q PVC configuration mode, description, 6-46
dot1q PVC protocol configuration mode
bind interface, 15-18
DS-0 group configuration mode
bind interface, 15-18
crc32, 4-25
description, 4-26
encapsulation, 4-31
frame-relay auto-detect, 6-54
frame-relay intf-type, 6-56
frame-relay keepalive, 6-58
frame-relay lmi-n391dte, 6-60
frame-relay lmi-n392dce, 6-62
frame-relay lmi-n392dte, 6-64
frame-relay lmi-n393dce, 6-66
frame-relay lmi-n393dte, 6-68
frame-relay lmi-t392dce, 6-70
frame-relay lmi-type, 6-72
frame-relay pvc, 6-75
idle-character, 4-38
invert-data, 4-40
keepalive, 4-41
mtu, 4-47
shutdown, 4-69
timeslot, 4-72
traps, 4-74
DS-1 configuration mode
bind interface, 15-18
clock-source, 4-23
crc32, 4-25
description, 4-26
encapsulation, 4-31
equipment-loopback, 4-33
frame-relay auto-detect, 6-54
frame-relay intf-type, 6-56
frame-relay keepalive, 6-58
frame-relay lmi-n391dte, 6-60
frame-relay lmi-n392dce, 6-62
frame-relay lmi-n392dte, 6-64
frame-relay lmi-n393dce, 6-66
frame-relay lmi-n393dte, 6-68
frame-relay lmi-t392dce, 6-70
frame-relay lmi-type, 6-72
frame-relay multilink, 9-17
frame-relay pvc, 6-75
framing, 4-35
idle-character, 4-38
invert-data, 4-40
keepalive, 4-41
link-group, 9-19
loopback, 4-43
mtu, 4-47
Ports, Circuits, and Tunnels Configuration Guide
shutdown, 4-69
speed, 4-71
timeslot, 4-72
yellow-alarm, 4-76
DS-3 configuration mode
bind interface, 15-18
cablelength, 4-20
clock-source, 4-23
crc32, 4-25
description, 4-26
dsu bandwidth, 4-28
dsu mode, 4-29
dsu scramble, 4-30
encapsulation, 4-31
equipment-loopback, 4-33
frame-relay auto-detect, 6-54
frame-relay intf-type, 6-56
frame-relay keepalive, 6-58
frame-relay lmi-n391dte, 6-60
frame-relay lmi-n392dce, 6-62
frame-relay lmi-n392dte, 6-64
frame-relay lmi-n393dce, 6-66
frame-relay lmi-n393dte, 6-68
frame-relay lmi-t392dce, 6-70
frame-relay lmi-type, 6-72
frame-relay pvc, 6-75
framing, 4-35
idle-character, 4-38
keepalive, 4-41
loopback, 4-43
mtu, 4-47
shutdown, 4-69
E
E1 configuration mode
bind interface, 15-18
clock-source, 4-23
crc32, 4-25
description, 4-26
encapsulation, 4-31
frame-relay auto-detect, 6-54
frame-relay intf-type, 6-56
frame-relay keepalive, 6-58
frame-relay lmi-n391dte, 6-60
frame-relay lmi-n392dce, 6-62
frame-relay lmi-n392dte, 6-64
frame-relay lmi-n393dce, 6-66
frame-relay lmi-n393dte, 6-68
frame-relay lmi-t392dce, 6-70
frame-relay lmi-type, 6-72
frame-relay multilink, 9-17
frame-relay pvc, 6-75
framing, 4-35
Modes
idle-character, 4-38
invert-data, 4-40
keepalive, 4-41
link-group, 9-19
loopback, 4-43
mtu, 4-47
shutdown, 4-69
timeslot, 4-72
E3 configuration mode
bind interface, 15-18
clock-source, 4-23
crc, 4-25
description, 4-26
encapsulation, 4-31
framing, 4-35
idle-character, 4-38
keepalive, 4-41
loopback, 4-43
mtu, 4-47
national, 4-49
shutdown, 4-69
F
Frame Relay profile configuration mode
description, 6-46
Frame Relay PVC configuration mode
bind interface, 15-18
ip host, 6-79
shutdown, 6-93
Frame Relay PVC configuration mode, description, 6-46
G
global configuration mode
aps group, 5-10
atm profile, 6-29
bridge profile, 10-18
card, 2-9
clips-group, 7-12
diag pod, 16-3
dot1q profile, 6-47
frame-relay profile, 6-74
link-group, 9-19
port atm, 3-42
port channelized-ds3, 4-52
port channelized-oc12, 4-54
port channelized-stm1, 4-56
port ds0s, 4-58
port ds1, 4-61
port ds3, 4-63
port e1, 4-65
port e3, 4-67
port ethernet, 3-44
port pos, 3-46
3
ppp multilink, 8-20
ppp multilink lfi, 8-21
pppoe service-name accept-all, 8-33
pppoe services, 8-34
pppoe tag, 8-35
ppp our-options mru, 8-23
ppp our-options multilink, 8-25
ppp peer-options mru, 8-27
ppp ppoe-large-mru, 8-29
system alarm, 16-5
tunnel map, 12-25
xc, 11-21
GRE peer configuration mode
description, 12-15
log-state-changes, 12-22
shutdown, 12-23
GRE tunnel configuration mode
bind interface, 15-18
clear-df, 12-14
description, 12-15
ip host, 12-20
keepalive, 12-21
shutdown, 12-23
I
interface configuration mode
bridge, 10-14
IPv6 tunnel configuration mode
bind interface, 15-18
shutdown, 14-14
L
L2TP group configuration mode
algorithm, 13-19
deadtime, 13-21
peer, 13-49
L2TP peer configuration mode
description, 13-23
domain, 13-24
function, 13-26
hello-timer, 13-27
lns card, 13-43
local-name, 13-45
max-sessions, 13-46
max-tunnels, 13-48
retry, 13-51
session-auth, 13-52
timeout, 13-54
tunnel-auth key, 13-55
tunnel-window, 13-59
link group configuration mode
bind interface, 15-18
dot1q pvc, 6-48
4
frame-relay auto-detect, 6-54
frame-relay intf-type, 6-56
frame-relay keepalive, 6-58
frame-relay lmi-n391dte, 6-60
frame-relay lmi-n392dce, 6-62
frame-relay lmi-n392dte, 6-64
frame-relay lmi-n393dce, 6-66
frame-relay lmi-n393dte, 6-68
frame-relay lmi-t392dce, 6-70
frame-relay lmi-type, 6-72
frame-relay pvc, 6-75
mac-address, 9-22
minimum-links, 9-23
mp endpoint-discriminator, 9-24
shutdown, 6-93
link PVC configuration mode
bind interface, 15-18
ip host, 6-79
shutdown, 6-93
P
port configuration mode
aps, 5-8
aps switch, 5-11
bind authentication, 15-12
bind interface, 15-18
bridge mac-entry, 10-16
bridge profile, 10-18
c2byte, 3-13
clips pvc, 7-14
clock-source, 3-18
crc16, 3-21
description
channelized ports, 4-26
clear-channel ports, 3-22
dot1q pvc, 6-48
dot1q tunnel, 6-52
encapsulation
Ethernet ports with 802.1Q VLANs, 6-53
Ethernet ports without 802.1Q PVCs, 3-23
POS ports, 3-23
flow-control, 3-26
frame-relay auto-detect, 6-54
frame-relay intf-type, 6-56
frame-relay keepalive, 6-58
frame-relay lmi-n391dte, 6-60
frame-relay lmi-n392dce, 6-62
frame-relay lmi-n392dte, 6-64
frame-relay lmi-n393dce, 6-66
frame-relay lmi-n393dte, 6-68
frame-relay lmi-t392dce, 6-70
frame-relay lmi-type, 6-72
frame-relay pvc, 6-75
Ports, Circuits, and Tunnels Configuration Guide
framing, 3-27
keepalive, 3-29
link-dampening, 3-31
link-group, 9-19
loopback
channelized OC-12 ports, 4-43
Ethernet ports, 3-33
medium, 3-36
mtu, 3-37
path-trace, 3-40
port ds3, 4-63
scramble, 3-48
service clips, 7-16
service clips-exclude, 7-18
service clips-group, 7-20
shutdown
channelized ports, 4-69
clear-channel ports, 3-49
threshold, 3-51
transport unmatched-encap, 3-52
S
STM-1 configuration, channel-mapping itu, 4-21
STM-1 configuration mode
au3, 4-18
aug-mapping, 4-19
description, 4-26
loopback, 4-43
path-trace, 4-50
shutdown, 4-69
subscriber configuration mode
bridge, 10-14
bridge profile, 10-18
ppp mtu, 8-19
pppoe client route, 8-31
pppoe motm, 8-32
pppoe url, 8-36
tunnel domain, L2TP peers, 13-56
tunnel name, L2TP peers, 13-58
T
tunnel map configuration mode
gre-tunnel, 12-18
ipv6-tunnel, 14-8
tunnel peer configuration mode
description, 14-6
log-state-changes, 14-12
mtu, 14-13
shutdown, 14-14
Modes
5
6
Ports, Circuits, and Tunnels Configuration Guide
Related documents
www.tutor-homework.com
www.tutor-homework.com
Phase Diagram Worksheet: Chemistry Practice
Phase Diagram Worksheet: Chemistry Practice
Tutorial 1
Tutorial 1
KRRC MSPowerPoint Prop Template 2008
KRRC MSPowerPoint Prop Template 2008
Turing Parallel Port Commands: Tutorial
Turing Parallel Port Commands: Tutorial
ANNEX C: JURONG PORT`S GREEN INITIATIVES Since starting
ANNEX C: JURONG PORT`S GREEN INITIATIVES Since starting
Resetting COM PORT NUMBER ASSIGNMENTS - Probe-TEC
Resetting COM PORT NUMBER ASSIGNMENTS - Probe-TEC
Port Planning Toolkit Brainstorming Session Notes
Port Planning Toolkit Brainstorming Session Notes
Download