Router Option Module 1200350L1 USER MANUAL 61200350L1-1A July 1998
Trademark Information: OpenView is a registered trademark of Hewlett-Packard Company. SunNet Manager is a registered trademark of Sun Microsystems, Inc. Netview is a registered trademark of IBM. IQ View is a trademark of ADTRAN. 901 Explorer Boulevard P.O. Box 140000 Huntsville, AL 35814-4000 Phone: (256) 963-8000 © 1998 ADTRAN, Inc. All rights reserved. Printed in USA.
ABOUT THIS MANUAL This manual is arranged so you can quickly and easily find the information you need. The following is an overview of the contents of this manual: • • • • • • • • • • • • Chapter 1, Introduction, familiarizes you with an over view of the Router Option Module. Chapter 2, Installation, describes the installation of the Router Option Module connectors. Chapter 3, Operation, explains how to operate your Router Option Module using the terminal interface.
Notes provide additional useful information. Cautions signify information that could prevent service interruption. Warnings provide information that could prevent damage to the equipment or endangerment to human life.
FEDERAL COMMUNICATIONS COMMISSION RADIO FREQUENCY INTERFERENCE STATEMENT: This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment.
CANADIAN EQUIPMENT LIMITATIONS Notice: The Canadian Industry and Science Canada label identifies certified equipment. This certification means that the equipment meets certain telecommunications network protective, operational, and safety requirements. The Department does not guarantee the equipment will operate to the user's satisfaction. Before installing this equipment, users should ensure that it is permissible to be connected to the facilities of the local telecommunications company.
Table of Contents Chapter 1. Introduction ............................................................................. 1-1 Product Overview ......................................................................................... 1-1 Basic Functions of Router Option Module................................................. 1-1 LAN Bridge ...................................................................................... 1-1 IP Router.........................................................................
Table of Contents General Layout............................................................................................... 3-4 Menu Path....................................................................................................... 3-4 Moving Around ............................................................................................. 3-4 Reading Menu Options .................................................................. 3-5 Navigating the Keyboard...................................
Table of Contents NAT/Web Server ..................................................................... 4-7 NAT/Default IP........................................................................ 4-7 IP/DNS.............................................................................................. 4-8 DNS/Domain Name ................................................................ 4-8 DNS/Server 1............................................................................ 4-8 DNS/Server 2..................
Table of Contents Spanning Tree/Bridge Group 1 .................................................. Bridge Group 1/Active ......................................................... Bridge Group 1/Path Cost.................................................... Bridge Group 1/Priority ....................................................... Spanning Tree/Bridge Group 2 .................................................. Bridge Group 2/Active .........................................................
Table of Contents IPX Map/IARP ....................................................................... 4-31 IPX Map/Link Network ........................................................ 4-31 DLCI Mapping/Bridge Map................................................. 4-32 Bridge Map/Active ................................................................ 4-32 Bridge Map/Bridge Group ................................................... 4-32 DLCI Mapping/Filters.....................................................
Table of Contents Filters/Out Exceptions .......................................................... 4-43 Configuration/Management ..................................................................... 4-44 Management/Telnet..................................................................... 4-44 Telnet/Server Access............................................................. 4-44 Telnet/User List ..................................................................... 4-44 User List/Name ....................
Table of Contents (Front Panel Interface) ................................................................................. 5-11 Router Statistics Available on Front Panel ............................................... 5-11 Status .............................................................................................. 5-11 Chapter 6. Diagnostics ...............................................................................6-1 Test Menu ...............................................................
Table of Contents CMD Mode....................................................................................... 7-4 Appendix A. Pinouts .............................................................................. . A-1 Appendix B. Specifications .................................................................... B-1 Ethernet Interface (LAN) ........................................................ B-1 Display.......................................................................................
List of Figures Figure 2-1. Figure 2-2. Figure 2-3. Figure 3-1. Figure 3-2. Figure 4-1. Figure 4-2. Figure 4-3. Figure 4-4. Figure 4-5. Figure 4-6. Figure 4-7. Figure 4-8. Figure 5-1. Figure 6-1. Figure 6-2. Figure 7-1. Figure 7-2. 61200350L1-1 Installing the Option Module .................................................. 2-2 Attaching the Plug-On Board ................................................. 2-3 Router Option Module Rear Panel .........................................
List of Figures xvi Router Option Module User Manual 61200350L1-1
List of Tables Table A-1: Pin Assignments for Control Connector ............................... A-1 Table A-2: 10BaseT Ethernet ......................................................................
List of Tables xviii Router Option Module User Manual 61200350L1-1
Introduction Chapter 1 PRODUCT OVERVIEW The ADTRAN Router Option Module installs in the option slot of the TSU muliplexer family of products and provides integrated routing capability access frame relay or point-to-point networks. Basic Functions of Router Option Module The Router Option Module provides the following basic functions: LAN Bridge Bridging provides a point-to-point connection between two local area networks (LANs).
Chapter 1: Introduction Network Address Translation (NAT) Single networks can connect to the Internet with this function. The Router Option Module translates outgoing IP packets over the T1 to the IP router at the Internet Service Provider. Popular Internet applications are supported. PPP or Frame Relay The layer 2 protocol used to transfer packets can be PPP or Frame Relay (RFC 1490). PPP allows a point-to-point connection, whereas Frame Relay can provide up to ten permanent virtual circuits.
Chapter 1: Introduction terface. The IP address and mask assigned to the unit’s LAN interface apply to all routing and IP operations for the unit. In Frame Relay mode, each PVC can be specified as numbered or unnumbered links. If a default gateway is specified on the network of the Ethernet interface, the unit attempts to reach the gateway through that interface. If no default gateway is specified (i.e., 0.0.0.0.
Chapter 1: Introduction Warranty and Customer Service ADTRAN will replace or repair this product within five years from the date of shipment if it does not meet its published specifications or fails while in service. For detailed warranty, repair, and return information refer to the ADTRAN Equipment Warranty and Repair and Return Policy Procedure. Return Material Authorization (RMA) is required prior to returning equipment to ADTRAN.
Installation Chapter 2 UNPACK, INSPECT, POWER UP Receipt Inspection Carefully inspect the option module for any shipping damage. If damage is suspected, file a claim immediately with the carrier and contact ADTRAN Customer and Product Service (CAPS). If possible, keep the original shipping container for use in shipping the Router Option Module for repair or for verification of damage during shipment.
Chapter 2: Installation INSTALLATION Placement of the Option Module Figure 2-1 shows the proper placement of the option module. Perform the following steps to install the option module. 1. Remove the cover plate from the TSU/TDU unit rear panel. 2. Slide the option module into the rear panel of the TSU/TDU unit until it is positioned firmly against the front of the unit. 3. Fasten the thumbscrews at both edges of the option module. Cover Plate TSU/HSU UNIT Option Module Figure 2-1.
Chapter 1: Introduction Power Connection Each option module derives power from the base TSU/TDU unit. Power to the TSU/TDU is supplied by a captive eight-foot power cord. Attaching the Plug-On Board Figure 2-2 shows the proper attachment of a plug-on board to the option module. Perform the following steps to install the plug-on board: 1. Hold the plug-on board above the option module. 2. Using a downward and right-to-left motion, slip the V.35 Connector plug into opening in the option module back panel.
Chapter 2: Installation ROUTER X.1 CONTROL PORT X.2 10 BASE T HOT REPLACEABLE Figure 2-3. Router Option Module Rear Panel Control The Router Option Module has an 8-pin modular jack labeled CONTROL. The control port provides connection to a VT 100 EIA-232 compatible interface. An 8-foot cable with adapter connector provides a standard DB-25 EIA-232 interface. See Appendix A: Pinouts for the control port’s pin assignments. A description of the operation of this port is covered in Chapter 3: Operation.
Operation Chapter 3 FRONT PANEL Refer to the TSU Product Manual for a description of front panel operation. Terminal Menu Structure The Router Option Module uses a multilevel menu structure containing both menu items and data fields. All menu operations and data display in the terminal menu window. The Router Option Module is shipped in the Factory Default configuration. Connect any VT 100 or VT 220 type terminal emulator to the Maintenance port. The default rate is 9600 baud 8-N-1.
Chapter 3: Operation Configuration Menu The Configuration menu provides options to set up the operational configuration for the Router Option Module. See Chapter 4, Configuration Overview, for detailed information on the available options. 1 2 8 7 6 5 4 3 1. Menu Path Describes the current position in the terminal menu structure. 2. Right Pane Lists available submenus. Additional submenus available through this pane are indicated by the [+] and [DATA] symbols. 3.
Chapter 3: Operation Status Menu The Status menu provides options to review and monitor the status of the Router Option Module system. See Status Menu on page 5-1 for detailed information on the available options. Test Menu The Test menu can be used for performing diagnostic testing of the Router Option Module. See Test Menu on page 6-1 for detailed information on the tests available. Logs Menu The Logs menu can be used for viewing the operational logs for the Router Option Module.
Chapter 3: Operation NAVIGATING THE TERMINAL MENUS The following sections provide information on how to navigate through the terminal menus. General Layout When you first start a terminal mode session, the Top Level Terminal Menu screen displays, as shown in Figure 3-1 on page 3-2. The screen is divided into left and right panes. The left pane shows the current list of submenus, while the right pane shows the contents of a selected submenu.
Chapter 3: Operation Reading Menu Options The following options display throughout the menus. Menu Option Description Submenus [+] or [DATA] Menus that display [+] or [DATA] indicate that more items are available when selected. Activation Field <+> Menus that display <+> indicate that an action is to be taken, such as activating a test. Editable Data Field A highlighted menu item indicates that you can enter data in that field.
Chapter 3: Operation If you want to... Press... Travel back up the menu. Left Arrow Key Activate an item. Enter Move into a submenu. Enter Cancel an edit. Escape Travel back up the menu. Escape Dismiss the pop-up help screens. Escape Move between the left and right panes. Tab Move to the top of a screen. A Move to the bottom of a screen. Z Ascend one menu level. Backspace Session Management If you want to... Press... Log out of the session.
Chapter 3: Operation Configuration If you want to... Press... Restore factory default settings. This setting restores the factory defaults based on the location of the cursor. Entire submenus can be factory defaulted. F Copy selected items to the clipboard. (The amount of information you can copy depends on the cursor location when you press C.) C Example: If the cursor is over an editable field, only that item is copied.
Chapter 3: Operation Security Levels Each menu item on the configuration screens has an associated security level. The security level ranges from 0 (highest security level) to 5 (lowest security level). This level determines whether a Telnet session can access that menu item. The Telnet session is assigned a security level set by the user. Passwords can only be accessed at security level 0. The maintenance port is always at security level 0. The security levels are assigned as follows: Security Level No.
Chapter 3: Operation TX BYTE STATUS WAN RX BYTE RX CRC TX PCKTS RX PCKTS LAN TX ERRORS RX ERRORS 1) DS0 RATE CONFIG 1) WAN 2) L2 PROTOCOL 1) IP ADDRESS 2) LAN 2) SUBNET MASK 3) DEF GATEWAY 1) RATE 3) TERMINAL 2) DATA BITS 3) PARITY 4) STOP BITS UTIL 1) SW REVISION 2) CMD MODE 1) HOST ADDRESS TEST 1) PING UTILITY 2) NUM PCKTS 3) START/STOP 4) VIEW RESULTS Figure 3-2.
Chapter 3: Operation 3-10 Router Option Module User Manual 61200350L1-1
Chapter 4 Configuration Overview CONFIGURATION MENU Configuration/System Info The System Info menu provides basic information about the unit and displays data fields for editing information. Figure 4-1 displays the submenus available under this menu item. Figure 4-1.
Chapter 4: Configuration Overview System Name Write security: 3; Read security: 5 Provides a user-configurable text string for the name of the Router Option Module. This name can help distinguish between different installations. You can enter up to 31 alphanumeric characters in this field, including spaces and special characters (such as an under bar). The system name is also used for PPP authentication and IPX service name.
Chapter 4: Configuration Overview Configuration/WAN The WAN menu is used to set up the ISDN parameters for the Router Option Module. Figure 4-2 shows the WAN menu. Figure 4-2. Configuration/Frame Relay Screen WAN/DSO Rate WAN/L2 Protocol (also available via Front Panel) Write security: 3, Read security: 5 This parameter specifies the layer 2 data link layer transport used. When selected as PPP (def), the Router Option Module will negotiate PPP over the T1 interface.
Chapter 4: Configuration Overview Configuration/IP The IP menu is used to set up the IP parameters for the Router Option Module. Any general IP-related configuration item is under this menu. Figure 4-3 shows the IP menu. Figure 4-3. Configuration/IP Screen IP/IP Address (also available via Front Panel) Write security: 2; Read security: 5 The IP address assigned to the Router Option Module’s Ethernet port is set here. This address must be unique within the network. Factory default is 10.0.0.1.
Chapter 4: Configuration Overview IP/Static Routes Static Routes can be inserted under this menu. Static Routes/Active Write security: 4; Read security: 5 Adds this static route entry to the IP routing table when set to Yes (def) and removes it (if it was previously added) if set to No. Static Routes/IP Address Write security: 4; Read security: 5 This is the IP address of the host or network address of the device being routed to.
Chapter 4: Configuration Overview IP/IP Router The IP router is configured under this menu as follows. IP Router/Mode Write security: 3; Read security: 5 When this option is set to On (def), the Router Option Module will advertise and listen to routes from other IP routers. If Off, the route table is still used but only static routes are used for routing IP packets and only the Ethernet port is used. IP packets can be sent over the WAN, but only when bridged.
Chapter 4: Configuration Overview RIP/V2 Secret Write security: 0; Read security: 0 This is a text string used for authenticating advertised routes. IP/NAT The Network Address Translation general parameters are set up under this menu. NAT/DHCP Mode Write security: 3; Read security: 5 When this option is set to On, the Router Option Module acts as a DHCP server and will dynamically assign IP, network mask, default gateway, and DNS addresses to any device which transmits a broadcast DHCP request.
Chapter 4: Configuration Overview IP/DNS The Domain Name Server parameters used by the Router Option Module are specified here. The DNS server addresses can be exchanged between PPP peers. When a connection occurs and IPCP is negotiated, the Router Option Module will get the DNS server addresses from the PPP peer. If the configured DNS server addresses (Server 1 and Server 2) are all zeros, the addresses from the PPP peer are used. In NAT mode, the PPP peer’s DNS addresses are always used.
Chapter 4: Configuration Overview UDP Relay/UDP Relay List Up to four relay destination servers can be specified in this list. UDP Relay List/Relay Address Write security: 3; Read security: 5 This is the IP address of the server that will receive the relay packet. UDP Relay List/UDP Port Type Write security: 3; Read security: 5 Standard (def) The following standard UDP protocols are relayed when set: • DHCP, TFTP, DNS, • NTP (NetworkTime Protocol, port 123).
Chapter 4: Configuration Overview If this option is set to Yes (def), when an ARP request is received on the Ethernet port, the address is looked up in the IP routing table. If the forwarding port is not on the Ethernet port and the route is not the default route, the Router Option Module will answer the request with its own hardware address. If set to No, the Router Option Module will only respond to ARP requests received for its own IP address.
Chapter 4: Configuration Overview cause hard-to-diagnose problems. IPX network numbers should be carefully tracked. IPX/Frame Type Write security: 2; Read security: 5 The Router Option Module supports all four defined IPX frame types. The possible frame types are: Ether Type II (def), Ether 802.3 (Raw), Ether 802.2, or Ether SNMP (802.2 SNMP). Only one frame type can be used at one time.
Chapter 4: Configuration Overview Seeding Selection Description Auto-Seed The Router Option Module will listen for an IPX network number being sent by another router (including Novell software routers residing on servers) on the Ethernet segment connected to this port and use this number if it exists. If it doesn’t discover a number in use, the Router Option Module will auto-generate a valid number using its routing tables.
Chapter 4: Configuration Overview Configuration/Bridge The Bridge menu is used to set up the bridge parameters for the Router Option Module. The bridging function runs at the Media Access Control (MAC) level which allows any protocol packets that run over Ethernet to be forwarded. Bridging can run concurrently with the IP and IPX routing. However, when packets are bridged across a WAN connection, the following rules apply: • When IP routing is active, IP packets (which include ARP packets) are not bridged.
Chapter 4: Configuration Overview Bridge/WAN IP Bridge When IP routing is active, the Router Option Module will allow another WAN device to bridge IP packets to itself by using PPP BCP. Normally, two IP routers would negotiate PPP IPCP to exchange IP packets. However, if a device can only support PPP BCP, IP packets are encapsulated by the device as bridge packets. The Router Option Module can treat the WAN IP Bridge as a virtual Ethernet port connected only to a WAN device which has negotiated PPP BCP.
Chapter 4: Configuration Overview net port connected only to a WAN device which has negotiated PPP BCP. This menu allows the IPX parameters for this virtual Ethernet to be set up. WAN IPX Bridge/Network Write security: 2; Read security: 5 This is the network address of the virtual Ethernet port. See IPX/Network on page page 4-10 for explanation of the IPX network number. WAN IPX Bridge/Frame Type Write security: 2; Read security: 5 This is the frame type used for the virtual Ethernet port.
Chapter 4: Configuration Overview Spanning Tree/Priority Write security: 2; Read security: 5 This assigns a priority to the Router Option Module that permits the relative priority of multiple bridges to be managed. The range is 0 to 65535 with a default of 32768. Spanning Tree/Maximum Age Write security: 2; Read security: 5 This is the timeout value used by the Router Option Module to test against the root device. The value is in one-tenth seconds with a range between 60 (6.0 seconds) and 400 (40.
Chapter 4: Configuration Overview LAN Port/Priority Write security: 2; Read security: 5 The priority adjusts the relative priority of the Ethernet port among the multiple bridge ports. The range is 0 to 255 with a default of 128. Spanning Tree/Bridge Group 1 The Bridge Group 1 is either the first PPP BCP connection or part of multiple DLCI destinations when running Bridge (RFC 1490) over Frame Relay.
Chapter 4: Configuration Overview Bridge/Address Table The Router Option Module automatically maintains a table of MAC addresses detected and associates those addresses with the LAN, WAN0, or WAN1 port from which they were received. WAN0 represents Bridge Group 1, and WAN1 represents Bridge Group 2. This menu permits the user to adjust the parameters or rules for the table as addresses are learned.
Chapter 4: Configuration Overview Configuration/Security The Security menu is used to set up the authentication parameters needed to authenticate PPP connection. Also, the filter defines are placed under this menu. Figure 4-6 shows the Security menu. Figure 4-6. Configuration/Security Screen Security/Authentication Write security: 1; Read security: 2 The method used for authenticating the PPP peer is selected here. The possible values are: None (def) - No attempt is made to authenticate the PPP peer.
Chapter 4: Configuration Overview Radius Server/Primary Server Write security: 1; Read security: 2 This is the IP address of the first RADIUS server that the Router Option Module should attempt to communicate with when authenticating a PPP peer. Radius Server/Secondary Server Write security: 1; Read security: 2 This is the IP address of the back-up RADIUS server that the Router Option Module should attempt to communicate with when the primary server does not respond.
Chapter 4: Configuration Overview Security/PPP Write security: 1; Read security: 2 The PPP peer can be authenticated using three standard methods: 1. PAP (Password Authentication Protocol), 2. CHAP (Challenge Handshake Protocol) 3. EAP (Extensible Authentication Protocol). The strength of the authentication is determined in the following order: 1. EAP 2. CHAP 3.
Chapter 4: Configuration Overview Security/Filter Defines The Router Option Module can filter packets based on certain parameters within the packet. The method used by the Router Option Module allows the highest flexibility for defining filters and assigning them to a profile. The filters are set up in two steps: 1. Defining the packet types, 2. Adding them to a list under the PPP profile or DLCI map. See the section DLCI Mapping/Filters on page 4-32 for information on how to set up filter profiles.
Chapter 4: Configuration Overview Filter Defines /Pattern Filter Defines Write security: 2; Read security: 3 The pattern filter is applied to bridge packets only. That is any packet which is forwarded by the bridge functionality of the Router Option Module. Up to 32 pattern defines can be specified. Name Identifies the filter entry Offset Offset from beginning of packet of where to start the pattern comparison Pattern 64 bits used for comparison.
Chapter 4: Configuration Overview Dst Port IP destination port number used for comparison Range: 0 to 65535. (decimal format) Dst Port Cmpr Type of comparison that is performed: = -- ports equal to not = -- port not equal to > -- port greater than < -- port less than None -- the destination port is not compared Proto Protocol used for comparison. Range: 0 to 255.
Chapter 4: Configuration Overview Src Socket 16-bit value which is the source socket. Range:0-65535. Src Socket Comp Type of comparison that is performed: = -- socket equal to Not = -- socket not equal to > -- socket greater than < --socket less than None -- no comparison is done on source socket Dest Socket 16-bit value which is the destination socket. Range is 0-65535.
Chapter 4: Configuration Overview Frame Relay (also available via Front Panel) Frame Relay is a connection-oriented service requiring circuits to be configured by your carrier to establish a physical link between two or more locations. Multiple virtual circuits (which appear as virtual point-to-point links) can be run through the same physical connection.
Chapter 4: Configuration Overview Frame Relay/Maintenance Protocol Write security: 3, Read security: 5 The Frame Relay maintenance protocol is used on the WAN port. The maintenance protocol is used to send link status and virtual circuit information between Frame Relay switches and other devices (such as routers) that communicate with them. Possible choices are listed below. Annex D(def) An ANSI standard that is most commonly used in the US. Annex A The CCITT European standard.
Chapter 4: Configuration Overview When more than one DLCI mapping is listed, the Router Option Module will try to match the DLCIs learned from the Frame Relay switch with the DLCI values in the map. If there is a match, the protocols specified in the map are used. However, if an active DLCI is not in the list, the Router Option Module falls back to using IARP as in the above paragraph to determine the protocols to use with that particular virtual circuit.
Chapter 4: Configuration Overview DLCI Mapping/Active Write security: 3, Read security: 5 When this parameter is set to Yes (def), the mapping is used to determine the protocols used. If set to No, the Router Option Module will ignore the virtual circuit with this DLCI. DLCI Mapping/DLCI Write security: 3, Read security: 5 This is the DLCI associated with this virtual circuit. This value can range from 16 to 1007.
Chapter 4: Configuration Overview IP Map/Link IP Address Write security: 3, Read security: 5 The virtual circuit may require an IP address to be specified at this DLCI, or numbered, interface. This address is used by the Router Option Module to respond to Inverse ARP requests. If this IP address is left as 0.0.0.0, the link is treated as unnumbered and the Router Option Module responds to the Inverse ARP with its Ethernet IP address.
Chapter 4: Configuration Overview IP Map/RIP Direction Write security: 3, Read security: 5 This parameter allows the direction at which RIP advertisements are sent and listened to be specified. Tx and Rx (def) RIP advertisements are periodically transmitted and are listened to on this virtual circuit. Tx Only RIP advertisements are periodically transmitted but are not listened to on this virtual circuit. Rx Only RIP is not transmitted on this virtual circuit but they are listened to.
Chapter 4: Configuration Overview DLCI Mapping/Bridge Map This menu is used to permit bridging of packets over this DLCI. Each DLCI or virtual circuit must be assigned a bridge group. The bridge group treats all virtual circuits as one circuit. Bridge packets destined to be transmitted out a particular bridge group are copied and transmitted individually out each DLCI in the bridge group.
Chapter 4: Configuration Overview Block All - All incoming packets from this PVC are blocked except as defined in the Filters/In Exceptions list. Forward All - All incoming packets from this PVC are not blocked except as defined in the Filters/In Exceptions list. Filters/In Exceptions Write security: 2; Read security: 5 This is a list of up to 32 filter entries which can be combined using the operations field. The operations are performed in the order they appear on the list.
Chapter 4: Configuration Overview Filters/Out to PVC Write security: 2; Read security: 5 The packets which transmit out this PVC from the Router Option Module can be filtered in three ways: Disabled (def) - Turns off packet output filtering. No outgoing packets to this PVC are blocked. Block All - All outgoing packets to this PVC are blocked except as defined in the Filters/Out Exceptions list.
Chapter 4: Configuration Overview Configuration/PPP Profile The Router Option Module uses the PPP profile to specify the profile used when connected using PPP. Figure 4-7 shows the PPP profile menu. Figure 4-7. Configuration/PPP Profile Screen PPP Profile/Authentication The authentication menu contains the required parameters for the authentication of the PPP peer and for being authenticated by the PPP peer.
Chapter 4: Configuration Overview Authentication/Tx Method Write security: 2; Read security: 3 This parameter specifies how the Router Option Module is to be authenticated by the PPP peer. There are four possible selections. See Security/PPP on page page 4-21 for an explanation of the three PPP standard authentication types. None (def) The connection will not allow the PPP peer to authenticate it. PAP, CHAP or EAP The connection can be authenticated using PAP, CHAP, or EAP.
Chapter 4: Configuration Overview IP/Mode Write security: 3; Read security: 5 When set to On (def), this connection profile negotiates PPP IPCP with the PPP peer for exchanging of IP packets. IP/NAT Write security: 3; Read security: 5 The Router Option Module can perform Network Address Translation. This feature is most widely used when connecting to the Internet. The Ethernet network can consist of private network numbers.
Chapter 4: Configuration Overview IP/RIP The RIP parameters can be adjusted from their defaults under this menu. RIP/Mode Write security: 3; Read security: 5 When set to On (def), the Router Option Module will perform RIP over the WAN connection. RIP/Protocol Write security: 3; Read security: 5 The Router Option Module can perform version 1, V1 (def), or version 2, V2, of RIP on this WAN connection.
Chapter 4: Configuration Overview RIP/Triggered Write security: 3; Read security: 5 When set to Yes, only IP RIP updates are sent when the routing table has changed and learned routes are not “aged.” When set to No (def), updates are sent periodically. PPP Profile/IPX The IPX menu contains the parameters for exchanging IPX data with the PPP peer. IPX/Mode Write security: 3; Read security: 5 When set to On (def), the connection profile to negotiate PPP IPXCP with the PPP peer for exchanging of IPX packets.
Chapter 4: Configuration Overview The Type 20 IPX packet is used specifically for this purpose. This causes special handling of this packet by the Router Option Module. When a router receives this type of packet, it rebroadcasts it across all interfaces except the one it is received on and includes the network number of that interface in the data portion of the packet.
Chapter 4: Configuration Overview PPP/Max Config Write security: 3; Read security: 5 This value is the number of unanswered configuration requests that should be transmitted before giving up on a call. Possible values: 5, 10 (def), 15, 20. PPP/Max Timer Write security: 3; Read security: 5 This value is the number of seconds to wait between unanswered configuration requests. Possible values: 1 sec, 2 secs (def), 3 secs, 5 secs, 10 secs.
Chapter 4: Configuration Overview Forward All All incoming packets from the WAN are not blocked except as defined in the Filters/In Exceptions list. Filters/In Exceptions Write security: 2; Read security: 5 This is a list of up to 32 filter entries which can be combined using the operations field. The operations are performed in the order they appear on the list.
Chapter 4: Configuration Overview Filters/LAN-to-WAN (Out) Write security: 2; Read security: 5 The packets which come out toward the WAN from the Router Option Module can be filtered in three ways: Disabled (def) Turns off packet output filtering. No outgoing packets are blocked. Block All All outgoing packets to the WAN are blocked except as defined in the Filters/Out Exceptions list. Forward All All outgoing packets to the WAN are not blocked except as defined in the Filters/Out Exceptions list.
Chapter 4: Configuration Overview Configuration/Management The Router Option Module can be managed using Telnet, Simple Network Management Protocol (SNMP), or the maintenance port. See Appendix C for a description of the MIBs supported by the Router Option Module. Each of the three methods can be protected using authentication. Figure 4-8 shows the Configuration/Management menu. Figure 4-8.
Chapter 4: Configuration Overview User List/Name Write security: 1; Read security: 3 A text string of the user name for this session. User List/Authen Method Write security: 1; Read security: 3 The user can be authenticated in two ways: Password Used to authenticate the user Radius Used for authenticating the user User List/Password Write security: 0; Read security: 3 When the authenticating method is Password, this text string is used for the password.
Chapter 4: Configuration Overview SNMP Access Write security: 3; Read security: 5 When set to: No - SNMP access is denied. On (def) - the Router Option Module will respond to SNMP managers based on the following lists. SNMP/Communities This list is used to set up to eight SNMP communities’ names that the Router Option Module will allow. Factory default sets the community “public” with “Get” privileges. Communities/Name Write security: 1; Read security: 3 This is a text string for the community name.
Chapter 4: Configuration Overview Management/Maint Port The Router Option Module has an EIA-232 connector on the back of the unit. The setup for that port is under this menu. Maint Port/Password Protect Write security: 0; Read security: 1 When set to No, the maintenance port is not password protected. When set to On (def), the Router Option Module will prompt for a password upon startup.
Chapter 4: Configuration Overview Maint Port/Stop Bits (also available via Front Panel Terminal /Stop Bits) Write security: 5; Read security: 5 This is the stop bit used for the maintenance port. Possible values: 1 (def), 1.5 or 2. Configuration/Terminal Mode This is an activator which places the Router Option Module terminal session into a command prompt mode. All menu options are accessible during this mode. See Appendix E for the command structure and command list.
Statistics Chapter 5 STATUS MENU The Router Option Module’s Status menu contains comprehensive status and diagnostic information used in verifying configuration and identifying problems. The menus are divided into protocol types and sessions. Figure 5-1 shows the Status menu. Figure 5-1.
Chapter 5: Statistics Status/Sessions This menu contains the current status of all dial-in sessions and spanning tree ports. Sessions/PPP Session Read security: 5 This menu reflects the results of PPP negotiations, user name, time connected, and data rates for the session.
Chapter 5: Statistics Sessions/DLCI Table The status of all virtual circuits is displayed here. DLCI - The DLCI that is associated with this virtual circuit. State - The state of the virtual circuit: State Definition Inactive The circuit exists but has been deactivated by the Frame Relay switch. Exists The circuit exists at this point and should be activated soon. Active The circuit is fully active. Off The circuit has been turned off by the DLCI mapping active selection.
Chapter 5: Statistics Sessions/Spanning Tree Read security: 5 When Bridge mode and Spanning Tree mode are active, this reflects the current state of the LAN and WAN ports.
Chapter 5: Statistics Status/Bridge Table Read security: 5 This lists the contents of the Router Option Module’s bridge table. Name Description Bridge Cache/MAC Address Ethernet address for device learned Bridge Cache/Port Port device learned from: LAN, WAN0, or WAN1 Bridge Cache/TTL Seconds until address is removed from table Status/IP Routes Read security: 5 This lists the contents of the Router Option Module’s IP router table.
Chapter 5: Statistics 5-6 Name Description IP Routes/Flags Important tags associated with this route entry: H - route is a host route G - route is a gateway route D - route learned dynamically from RIP I - route learned from an ICMP redirect P - route is private and is not advertised with RIP T - route is to a triggered port (updates only when table changes) IP Routes/Hops Number of routers that must go through to get to destination. Ranges from 0-15 or 16 for infinite (can’t get there from here).
Chapter 5: Statistics Status/IPX Routes Read security: 5 This lists the contents of the Router Option Module’s IPX router table. Name Description IPX Routes /Network Network destination address IPX Routes /Gateway Node or Ethernet address of gateway to receive this packet IPX Routes /Port Port gateway is located on: local Sent directly to the Router Option Module router eth0 Router Option Module’s ethernet port wan0 Router Option Module’s first PPP bundle fr 0 . . .
Chapter 5: Statistics Status/IPX Servers Read security: 5 This lists the contents of the Router Option Module’s IPX server table. Name Description IPX Servers/Type The server type IPX Servers/Name The server name IPX Servers/Network The server network address IPX Servers /Address The servers node address IPX Servers/Socket The servers socket address IPX Servers/Hops Number of routers that must go through to get to server. Ranges from 0-15 or 16 for infinite.
Chapter 5: Statistics Status/LAN Stats Read security: 5 This menu contains statistics for the Ethernet port.
Chapter 5: Statistics Status/IP Stats Read security: 5 This menu contains IP statistics that can be useful when diagnosing problems. All are taken from the SNMP MIB-2 variables. TCP failed attempts TCP passive connections TCP current connections TCP segments sent TCP segments received Total TCP resets Active TCP connections Total TCP retransmits UDP datagrams sent No application at dest.
Chapter 5: Statistics Viewing Statistical Information (Front Panel Interface) To view statistical information: Step Action Result 1 Select 1)STATUS from the Main menu. 2 Select Port Status. 3 Choose the Router Option Module. A menu appears. 4 From this menu, choose to view: WAN LAN Reset the statistics. The first Statistics screen appears 5 Scroll through the remaining screens using the arrow keys. Statistic counts are running totals for the current day (i.e., since 12 AM).
Chapter 5: Statistics 5-12 Router Option Module User Manual 61200350L1-1
Diagnostics Chapter 6 TEST MENU The Router Option Module’s Test menu contains built-in tests that can be used to diagnose problems. Figure 6-1 shows the Test menu screen. The following tests are listed below. Figure 6-1. Test Screen Test Menu/Echo Request Write security: 4, Read security: 5 When activated, the echo request test will begin sending continuous PPP echo request packets to any open LCP ports. Results are displayed on the screen. This test is not used in the Frame Relay mode.
Chapter 6: Diagnostics LOGS MENU The Logs menu contain logs displaying important information about the running condition of the Router Option Module. The logs can be set to capture diagnostics of error conditions only by way of a log level. The levels are divided up as follows: Level Description 0 Fatal event (causes reset) 1 Critical event 2 Error event 3 Warning event 4 Notify event 5 Informational event 6 Debugging event Figure 6-2 shows the Logs menu.
Chapter 6: Diagnostics Logs/Syslog Host Set this to the IP address or domain name (if DNS configured) of the sys log host device. All log events are sent to this device. Logs/PPP Log Information pertaining to the PPP negotiation and authentication will be logged here. PPP Log/Active When set to Yes (def), PPP events below or equal to this level are logged. PPP Log/Wrap When set to Yes (def), new PPP events will overwrite old PPP events when the log is full.
Chapter 6: Diagnostics Logs/Connection Log Information pertaining to the connection over the T1 link. Connection Log/Active When set to Yes (def), connection events less than or equal to the log level are logged into the log. Connection Log/Wrap When set to Yes (def), new connection events will overwrite old connection events when the log is full. When set to No, all logging will stop when the log is full. Connection Log/Level In order to log events, they must be at or below this level. Range is 0 to 6.
Chapter 6: Diagnostics Network Log/Wrap When set to Yes (def), new Network events will overwrite old Network events when the log is full. When set to No, all logging will stop when the log is full. Network Log/Level In order to log events, they must be at or below this level. Range is 0 to 6. The default is 3. Network Log/View This menu displays the log list. The fields are as follows: Date/Time - Date and time event occurred. Level - Level associated with this event (0-6).
Chapter 6: Diagnostics 6-6 Router Option Module User Manual 61200350L1-1
Utility Menu Chapter 7 TERMINAL MODE Utilities Menu The Router Option Module has utilities embedded in it to help in managing and testing the network and to facilitate software upgrades. Figure 7-1 shows the Utilities menu. Figure 7-1.
Chapter 7: Utility Menu Utilities/Ping Write security: 4; Read security: 5 This option is available under the Test Menu via the Front Panel. The ping menu is used to send ICMP ping messages to hosts. The following items are under the this menu: Ping Menu Description Start/Stop Activator to start and cancel a ping test Host Address IP address or domain name (if DNS is configured) of device to receive the ping Size Total size of ping to send. Range is 40 (def) to 1500 bytes No.
Chapter 7: Utility Menu Upgrade/Transfer Method The two methods for upgrading are TFTP and XMODEM. 1. TFTP requires a TFTP server running somewhere on the network. The Router Option Module starts a TFTP client function which gets the upgrade code from the TFTP server. 2. Selecting XMODEM will load the upgrade code through the maintenance port using any PC terminal emulator with XMODEM capability. Upgrade/TFTP Host This is required when the transfer method is TFTP.
Chapter 7: Utility Menu Upgrade/Abort Transfer Use this activator to cancel any TFTP transfer in progress. Upgrade/TFTP Server Set to Yes, to allow another Router Option Module to upgrade its code using TFTP client. This, in effect, turns on the Router Option Module TFTP server function and allows its code to be “cloned.” Set to No (def) to deny any request from TFTP clients.
Pinouts Appendix A The following table gives the pin assignments for the Router Option Module card connectors. For more information on these connectors, see Chapter 2: Installation.
Appendix A: Pinouts A-2 Router Option Module User Guide 61200350L1-1
Specifications Appendix B SPECIFICATIONS AND FEATURES This section describes the standard specifications and features incorporated in the Router Option Module. Ethernet Interface (LAN) Ethernet/IEEE 802.3 10BaseT. Display Available through terminal interface, or Telnet session, or TSU XX0 Front Panel. Environmental • Operating Temperature: 0 - 50 °C • Storage Temperature: 20 - 70 °C • Relative Humidity: Up to 95% noncondensing Physical • Dimensions: 1-9/16" H x 6-1/2" W x 8-1/4" D • Weight: 2.
Appendix B: Specifications B-2 Router Option Module User Guide 61200350L1-1
Log Messages Appendix C The Router Option Module Log menu contains messages of events that occur. The definitions for some of those log messages are as follows: PPP Log Messages BCP down level 5 Bridge Control Protocol port has been dropped between Router Option Module and PPP peer. BCP up level 5 Bridge Control Protocol port has been successfully negotiated between Router Option Module and PPP peer.
Appendix C: Log Messages EAP authen failed level 3 The PPP peer has rejected the Router Option Module’s username and/or password used for authenticating. Check to make sure the Configuration/Connection List/Authentication parameters Tx Method, Tx Username, and Tx Password are correct. IPCP down level 5 IP Control Protocol port has been dropped between Router Option Module and PPP peer.
Appendix C: Log Messages Negot not converging level 2 Negotiation of the LCP layer is unattainable due to misconfiguration or the Router Option Module or PPP peer is requiring authentication and the other is refusing. No IP addr for peer level 2 The Router Option Module cannot continue the connection because there was no IP address received from the PPP peer or it was not set in Configuration/Connection List/IP/Route/IP/Net parameter.
Appendix C: Log Messages Peer failed PAP authen level 3 The PPP peer’s reported PAP username and/or password does not match the Router Option Module’s parameters. This is most likely caused by PPP peer sending incorrect username and/or password. Make sure the Configuration/Connection List/Authentication parameters Rx Username and Rx Password are correctly entered. Also, if using RADIUS, check that the server is configured and running properly.
Appendix C: Log Messages Call Log Messages Power Up - last down cause: level 0 (displayed as level 1 after the unit is reset) This is the for the last reset. Most are caused by internal errors.
Appendix C: Log Messages Network Log Messages Attempting to add bad IP iface route: ifnum= dest= level 4 An IP address could not be used for the interface number . DHCP couldn't alloc mem level 1 A DHCP response could not be generated due to memory allocation problems. DHCP response sent level 4 A DHCP response was successfully sent to requesting device. DHCP socket failed level 1 Internal error occurred when attempting to start DHCP server.
Appendix C: Log Messages syslog: no port level 2 Syslog function cannot open port to send Log entries. TEL: Telnet Session Closed level 4 Telnet server session has been closed. telclient bad host level 2 Telnet client could not use host name or IP address set in Configuration/Utilities/Telnet Client/Host. telclient bad init level 2 Telnet client could not initialize a session. Telnet Client: Clr TCBF_BUFFER flag failed level 6 Debugging message related to Telnet client function.
Appendix C: Log Messages TELNETD: Set TCPC_LISTENQ failed level 6 Debugging message related to Telnet server function. TELNETD: Clr TCBF_BUFFER flag failed level 6 Debugging message related to Telnet client function. TELNETD: could not obtain peer ip level 2 Telnet server function could not get IP address of Telnet client. TELNETD: Session failed, error level 2 A Telnet server session has failed because of an error.
SNMP Appendix D UNDERSTANDING SNMP The Simple Network Management Protocol (SNMP) is the de facto standard for managing commercial Transmission Control Protocol/Internet Protocol (TCP/IP) networks. It allows vendor equipment to be managed from a single control console. The term SNMP broadly refers to the message protocols used to exchange information between the network and the managed devices, as well as to the structure of network management databases.
Appendix D: SNMP MIB • An index to the organized data within a network device. • Defines the operating parameters that can be controlled or monitored. When requesting the network manager to retrieve or modify a particular piece of information about a network device, the network manager transmits the request to that network device. The agent in that device interprets the incoming request, performs the requested task, and sends its response to the network manager.
Appendix D: SNMP SNMP Embedded Agent The Router Option Module supports the following groups from MIB-II (RFC 1213): • • • • • • • System Group UDP Group Interfaces Group ICMP Group Address Translation Group IP Group TCP Group Also, the Ethernet transmission MIB is supported (RFC 1643). The following manager requests are supported: • Get object • Get next object • Set object Communities The Router Option Module permits up to eight communities to be defined.
Appendix D: SNMP D-4 Router Option Module User Guide 61200350L1-1
Terminal Mode Commands Appendix E The Router Option Module supports a command line interface. All menu options are configurable and readable from the terminal mode. Additional commands are also available. MENU COMMANDS Every menu item in the menu structure can be accessed through the terminal mode interface. Terminal commands are as follows: top_menu sub_menu1 sub_menu2 … config_item Each config_item is entered as shown below.
Appendix E: Terminal Mode Commands Key Words One of the following key words must be used first: Key Word Goes directly to the following menu . . .
Appendix E: Terminal Mode Commands Additional Commands Other commands available from the terminal mode are given below: Command Description save Saves the configuration to non-volatile RAM (flash). mac Returns the MAC address for the Router Option Module. version Returns the firmware version and routing stack version. reset Resets the unit. exit Leaves terminal mode and returns to menus. download Downloads complete configuration to the terminal screen for capture.
Appendix E: Terminal Mode Commands E-4 Router Option Module User Guide 61200350L1-1
Index A address table 4-18 address table/aging 4-18 address table/forward policy 4-18 ADTRAN Equipment Warranty 1-4 ADTRAN Shipments Include 2-1 ADTRAN Web 2-1 ADTRAN Web page 2-1 Adtran Web Page 2-1 agent D-1, D-3 ARP cache 5-4 authentication 4-19, 4-35 with Express XL/XLT as authenticator 4-35 authentication/Rx password 4-36 authentication/Rx username 4-36 authentication/Tx method 4-36 authentication/Tx password 4-36 authentication/Tx username 4-36 B baud rate 4-47 bridge 4-40 bridge group 1 4-17 bridge
Index configuration/security 4-19 configuration/system info 4-1 configuration/terminal mode 4-48 configuration/WAN 4-3 filter defines 4-22 filter defines /IP filter defines 4-23 filter defines /IPX filter defines 4-24 filter defines /MAC filter defines 4-22 filter defines /pattern filter defines 4-23 filters 4-41 filters/in exceptions 4-42 filters/LAN-to-WAN (out) 4-43 filters/out exceptions 4-43 filters/WAN-to-LAN (in) 4-41 firmware revision 4-2 forward delay 4-16 frame relay 1-2 frame relay/DLCI mapping
Index IP router/mode 4-6 IP routes 5-5 IP routing 1-2 IP stats 5-10 IP/default gateway 4-4 IP/DNS 4-8 IP/IP address 4-4 IP/IP router 4-6 IP/mode 4-37 IP/NAT 4-7, 4-37 IP/proxy ARP 4-9 IP/RIP 4-6, 4-38 IP/route 4-37 IP/static routes 4-5 IP/subnet mask 4-4 IP/UDP relay 4-8 IPX filter defines 4-24 IPX map/active 4-31 IPX map/IARP 4-31 IPX map/link network 4-31 IPX menu 4-10 IPX router 1-1 IPX routes 5-7 IPX routing 1-3 IPX servers 5-8 IPX/frame type 4-11 IPX/mode 4-10, 4-39 IPX/network 4-10 IPX/remote network
Index NAT/DHCP mode 4-7 NAT/DHCP renewal time 4-7 NAT/web server 4-7 network device GetResponse D-2 network log 6-4 network log messages C-6 network log/active 6-4 network log/clear 6-5 network log/level 6-5 network log/view 6-5 network log/wrap 6-5 network manager D-1 GetRequest D-2 none 4-6 NxIQ 4-1 NxIQ Front Panel Menu Structure 3-9 O operation, front panel 4-35 R 3-1 P packets filtering 4-22 PAP 4-21, 4-36 parity 4-47 password 4-47 pattern filter defines 4-23 physical specifications B-1 pin assi
Index route/netmask 4-37 routing concurrent routing and bridging 1-3 IP 1-2 IPX 1-3 Rx only 4-6 S SAP 1-1, 1-3 SAP timer 4-12 security levels 3-8 security menu 4-19 security/authentication 4-19 security/filter defines 4-22 security/PPP 4-21 security/radius server 4-19 seed status 4-11 Service 1-4 sessions 5-2 sessions/DLCI table 5-3 sessions/PPP session 5-2 sessions/spanning tree 5-4 SetRequest D-2 shipping damage 2-1 SNMP 4-45, D-1 SNMP access 4-46 SNMP/communities 4-46 SNMP/traps 4-46 spanning tree 4-15
Index TFTP host 7-3 transfer methods 7-3 Trap D-2 traps D-3 traps/manager IP 4-46 traps/manager name 4-46 Tx and Rx 4-6 Tx methods 4-36 Tx only 4-6 type 20 packets 4-39 utilities/upgrade menu V VJ compression 4-40 W U UDP port type 4-9 UDP relay 4-8 UDP relay list 4-9 UDP relay list/relay address 4-9 UDP relay list/UDP port type 4-9 UDP relay list/UDP ports 1, 2, 3 4-9 UDP relay/mode 4-8 UDP relay/UDP relay list 4-9 upgrade menu 7-2 upgrade/abort transfer 7-4 upgrade/filename 7-3 upgrade/start transfer
Product Support Information Presales Inquiries and Applications Support Please contact your local distributor, ADTRAN Applications Engineering, or ADTRAN Sales: Applications Engineering (800) 615-1176 Sales (800) 827-0807 Post-Sale Support Please contact your local distributor first. If your local distributor cannot help, please contact ADTRAN Technical Support and have the unit serial number available.