Broadmore 1750 TM USER MANUAL Part Number: 770-0020-DC Product Release 4.
Copyright© 2008 Carrier Access Corporation. All rights reserved. The information presented in this manual is subject to change without notice and does not represent a commitment on the part of Carrier Access Corporation. The hardware and software described herein are furnished under a license or non-disclosure agreement. The hardware, software, and manual may be used or copied only in accordance with the terms of this agreement.
PREFACE Preface Compliance FCC Requirements, Part 15 This equipment has been tested and found to comply with the limits for a Class A digital device pursuant to Part 15 of the Federal Communications Rules. These limits are designed to provide reasonable protection against harmful interference when equipment is operated in a commercial environment.
Preface DISA Validated Defense Information System Agency, Center for Information Assurance Engineering validated Broadmore Information Assessment, 2 August 2006, contract number SP0700-98-D-1002, TAT 5-15. FIPS 140-2 Validated FIPS 140-2 Inside. National Institute of Technology (NIST) Cryptographic Module Validation Program (CMVP) validated Broadmore to FIPS 140-2, Level 1 overall, Certificate #478, November 2004. Certificate and Security Policy maintained at http://csrc.nist.gov/cryptval/.
Preface NEBS Validated Network Equipment Building System (NEBS). The Broadmore 1750 has been validated to Telcordia GR-1089-CORE, Level 3 Requirements, Issue 2, December 1997 Revision 1, February 1999. See MET Labs report ESL-9647 and TEL-9647.2000. National Electrical Code Requirements Equipment intended to be electrically connected to a telecommunications network shall be listed for the purpose. The Broadmore 1750 is listed and is in compliance with UL60950 third edition, and CSA-C22.2 NO. 60950-00. No.
Preface Safety Information CAUTION! ALWAYS USE CAUTION WHEN INSTALLING TELEPHONE LINES. READ THE CAUTIONS BELOW FOR DETAILS ON SAFETY GUIDELINES TO PREVENT INJURY. Never touch uninsulated telephone wires and terminals unless the telephone line has been disconnected at the Network Interface (NI) as voltage potentials as high as 300 VAC may be present across the transmit and receive pairs. Only use No. 26 AWG or larger telecommunication line cord, to reduce the risk of fire.
Preface Notices This manual contains important information and warnings that must be followed to ensure safe operation of the equipment. DANGER! A DANGER NOTICE INDICATES THE PRESENCE OF A HAZARD THAT CAN OR WILL CAUSE DEATH OR SEVERE PERSONAL INJURY IF THE HAZARD IS NOT AVOIDED. CAUTION! A CAUTION NOTICE INDICATES THE POSSIBILITY OF INTERRUPTING NETWORK SERVICE IF THE HAZARD IS NOT AVOIDED. WARNING! A WARNING NOTICE INDICATES THE POSSIBILITY OF EQUIPMENT DAMAGE IF THE HAZARD IS NOT AVOIDED.
Preface Electrostatic Discharge (ESD) Precautions WARNING! THE BROADMORE CONTAINS CIRCUIT CARDS AND COMPONENTS THAT ARE SUBJECT TO DAMAGE BY ELECTROSTATIC DISCHARGE. ESD can damage processors, circuit cards, and other electronic components. Always observe the following precautions before installing a system component. 1. Do not remove a component from its protective packaging until ready to install it. 2.
Preface Warranty Carrier Access warrants to BUYER that Product Hardware will be free from substantial defect in material and workmanship under normal use in accordance with its Documentation and given proper installation and maintenance for period of one year from the date of shipment by Carrier Access.
Preface b. replace the defective Licensed Software, as follows: Should a Severity 1 or 2 warranty defect with the Software occur during the 90-day warranty period, Carrier Access will provide, in its sole determination, either 1. software to resolve the defect to be downloaded into the affected units by the BUYER or 2. a documented workaround to address the issue.
Preface b. the negligent, unlawful or other improper use or storage of the Product or Software, including its use with incompatible equipment or software; or c. fire, explosion, power failures, acts of God, or any other cause beyond Carrier Access' reasonable control; or d. handling or transportation after title of the Product passes to BUYER. Other manufacturer's equipment or software purchased by Carrier Access and resold to BUYER will be limited to that manufacturer's warranty.
Preface Warranty Product Returns Before returning any equipment to Carrier Access Corporation, first contact the distributor or dealer from which you purchased the product. A Return Material Authorization (RMA) number is required for all equipment returned to Carrier Access Corporation. Call Carrier Access Corporation Customer Support at (800) 786-9929 or (303) 442-5455 for RMA number, repair/warranty information and shipping instructions.
Table of Contents TABLE OF CONTENTS Preface Compliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . iii Safety Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vi Notices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .vii Electrostatic Discharge (ESD) Precautions . . . . . . . . . . . . . . . . . . . . . . . . viii Warranty . . . . . . . . . . . . . .
Table of Contents Structured DS3 IOM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Unstructured DS3-3/E3-3 IOM . . . . . . . . . . . . . . . . . . . . . . . . . . . . Protection IOM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . CPU . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . CPU IOM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Table of Contents 4 Chassis Installation and Grounding Precautions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-2 Installation Factors. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-3 Rack Mounting. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-4 Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Table of Contents 6 Electrical Installation Precautions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-2 Electrical Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Tools. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Power . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Cable Management . . . . . . . . . . . . . .
Table of Contents ATM Address List (optional) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-11 Connection Retry . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-13 Retry Cause Codes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-13 CIP over ATM (RFC 1577) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-14 Static Routes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Table of Contents 8 Maintenance and Troubleshooting Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-2 Chassis Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-2 OC-12c/STM-4c NIM Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-3 Alarm Overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-4 Slot Statistics for NIM/SAM Cards . . . . . . . . .
Table of Contents 9 Command Line Interface CLI Access. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-2 Creating and Running Scripts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-4 Port Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-6 Monitor. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-8 About Command . . . . . . . .
Table of Contents 11 Security Management (FIPS Mode) Security Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-2 Security Guidance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-3 Authentication and Identification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-6 Authorized Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-7 Key Management . . . . . . . . . . .
Table of Contents zeroize . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-40 Authorized Access to Shell Commands . . . . . . . . . . . . . . . . . . . . . 11-41 SFTP Login . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-43 Logging in with SecurID Disabled . . . . . . . . . . . . . . . . . . . . . . . . . 11-43 Logging in with SecurID Enabled . . . . . . . . . . . . . . . . . . . . . . . . .
Table of Contents A Technical Specifications Broadmore 1750 Platform. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-2 System Architecture. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-2 Management. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-2 Network Standards. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-3 Redundancy . . . . . . . . . . . . . . . . . . . . . . . . . . .
Table of Contents F IPv6 Support Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . F-2 Configuring IPv6 Addresses for Network Interfaces. . . . . . . . . . . . . . . . . F-2 Adding an IPv6 Address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . F-2 Displaying an Address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . F-2 Deleting an IPv6 Address . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Table of Contents xii Broadmore 1750 - Release 4.
CHAPTER 1 Product Description In this Chapter Purpose ... 1-2 Applications ... 1-3 Interfaces ... 1-4 System Description ... 1-7 Module Descriptions ...
Product Description Purpose Purpose The Broadmore 1750 is an Asynchronous Transfer Mode (ATM) service multiplexer that enables connection of existing and future services through an ATM network. The Broadmore allows users to implement tailored ATM strategies. This modular system has flexible configurations for service access, network interface, and redundancy.
Product Description Applications Applications The Broadmore 1750 is currently deployed in Government and commercial ATM and satellite networks. The Central Office configuration described in this manual has fully redundant network and service interfaces, CPUs, and power supplies. The OC-12c network interface transports a variety of multiplexed TDM services including structured and unstructured DS3, and unstructured E3 services for voice and data communications. Broadmore 1750 - Release 4.
Product Description Interfaces Interfaces ATM Interfaces ... 1-4 User Equipment Interfaces ... 1-4 Management Interfaces ...
Product Description Management Interfaces Management Interfaces Security ... 1-5 FIPS Interface ... 1-5 Physical and Logical Interfaces ... 1-6 User Interfaces ... 1-6 File Access and Software Upgrades ... 1-6 Security The Broadmore is controlled via system management software embedded in the CPU’s “flash disk” memory. This software defines the system command structure and provides a user interface for operation and administration. The Broadmore supports multiple user accounts and access levels.
Product Description Management Interfaces Physical and Logical Interfaces The CPU is the entry point for both local and remote network management of the Broadmore. The management interface can be reached either in-band or out-ofband via Telnet or SecureCRT. The CPU module provides a serial port (DB9) for local console access and the CPU IOM provides a 10Base-TX Ethernet port for LAN access.
Product Description System Description System Description Features ... 1-7 Chassis ... 1-8 Fan Tray ... 1-9 Power and Redundancy ... 1-9 Grounding ... 1-9 Alarms ... 1-9 Modules ... 1-10 Features The Broadmore 1750 consists of a chassis and various plug-in modules. This fully integrated system provides the following features: Redundant power sources, CPUs, NIMs, and SAMs. Front-loadable, hot-swappable modules that allow for single part replacement without affecting other portions of the system.
Product Description Chassis Chassis The Broadmore 1750 chassis can be configured to perform various functions with plugin modules. The chassis includes a passive midplane, 17 slots for modules, and a fan assembly. The 1750 midplane also supports 1:N SAM redundancy. Attached mounting brackets are configured for standard EIA 19-inch rack installation. These brackets may be rotated 90 degrees for 23-inch relay rack installation.
Product Description Fan Tray Fan Tray A removable fan tray, with two fans, is located below the card slots. These fans provide vertical airflow to aid in heat dissipation. The fan tray can be removed for maintenance or replacement without powering down the Broadmore. Empty module slots must be covered by blank panels to maintain proper air flow. NOTE: Configurations using more than four Structured DS3 SAMs require a high-capacity 3-fan tray for cooling. (Contact factory for details.
Product Description Modules Modules Broadmore 1750 system architecture is similar to the Broadmore 1700, except that the Broadmore 1750 midplane design also supports 1:N SAM protection using a redundant SAM installed in slot P. Modules are installed from the front and rear of the chassis. There are 17 vertical slots as viewed from the front with the cover removed.
Product Description Modules Example of Fully Redundant Configuration with Unstructured DS3-3 or E3-3 SAMs J K L M N P CPU CPU APM Q R APM H CPU G uDS3-3 or uE3-3 SAM F CPU E PROTECTION SAM D CPU Slots uDS3-3 or uE3-3 SAM C uDS3-3 or uE3-3 SAM B OC-12c NIM OC-12c NIM A SAM Slots uDS3-3 or uE3-3 SAM NIM Slots Example of Fully Redundant Configuration with Structured DS3 SAMs Broadmore 1750 - Release 4.
Product Description Module Descriptions Module Descriptions Network Interface Modules OC-12c/STM-4c NIM ... 1-13 NIM IOM ... 1-14 Service Access Modules Unstructured DS3-3 SAM ... 1-15 Unstructured E3-3 SAM ... 1-16 Unstructured DS3-3/E3-3 IOM ... 1-17 Structured DS3 SAM ... 1-18 Structured DS3 IOM ... 1-19 Protection IOM ... 1-21 System Modules CPU ... 1-22 CPU IOM ... 1-23 Alarm Power Module (APM) ... 1-24 Alarm Power Module IOM ... 1-25 1-12 Broadmore 1750 - Release 4.
Product Description OC-12c/STM-4c NIM OC-12c/STM-4c NIM Module Type NIM Part Number 7660-113 (Premise Reach, Multi Mode fiber) 7660-114 (Intermediate Reach, Single Mode fiber) Slot Number A (Protection), B (Working) Features OC-12 (622.080 Mbps) SC fiber optic connectors Description The OC-12c/STM-4c NIM is available with either Intermediate Reach or Premise Reach fiber optic terminations.
Product Description NIM IOM NIM IOM Module Type NIM IOM Part Number 7660-406 Slot Number Mounts in rear behind corresponding OC-12c/STM-4c NIM Features BITS clock input Jumper selectable BITS clock termination impedance Description The NIM IOM provides a physical interface to an external clock, giving the option of synchronizing the Broadmore 1750 master clock to an external source. BITS timing is provided to the Broadmore 1750 via the NIM IOM.
Product Description Unstructured DS3-3 SAM Unstructured DS3-3 SAM Module Type SAM Part Number 7660-034 Slot Number Working: C, F, J, M Protection: P Features Three DS3 port (44.736 Mbps) 622.080 Mbps total ATM bandwidth Description The Unstructured DS3 SAM provides three bidirectional ports, each at 44.736 Mbps. Input and output coax connectors are provided for each port on the DS3 IOM. Both PVC and SVC services are provided. Either may be chosen through appropriate module configuration.
Product Description Unstructured E3-3 SAM Unstructured E3-3 SAM Module Type SAM Part Number 7660-045 Slot Number Working: C, F, J, M Protection: P Features Three E3 ports (34.368 Mbps) Description The Unstructured E3-3 SAM provides three bidirectional ports, each at 34.368 Mbps. Input and output coax connectors are provided for each port on the IOM. Both PVC and SVC services are provided. Either may be chosen through appropriate module configuration.
Product Description Unstructured DS3-3/E3-3 IOM Unstructured DS3-3/E3-3 IOM Module Type IOM Part Number 7660-409 Slot Number Mounts in chassis rear behind corresponding SAM Description Each Unstructured DS3/E3 IOM provides three ports. When used with a DS3 SAM, each port operates at 44.736 Mbps. When used with an E3 SAM, each port operates at 34.368 Mbps. Connectors Three pairs of BNC coaxial connectors for RG-59, 75 ohm cable.
Product Description Structured DS3 SAM Structured DS3 SAM Module Type SAM Part Number 7660-672 Slot Number Working: C to N Protection: P Features One DS3 port (44.736 Mbps) Logical connections directly to DS1 or DS0 Description The Structured DS3 SAM provides one bi-directional port at 44.736 Mbps. Input and output coax connectors are provided for the port on the IOM. Both PVC and SVC services are provided. Either may be chosen through appropriate module configuration.
Product Description Structured DS3 IOM Structured DS3 IOM Module Type IOM Part Number 7660-416 Slot Number Mounts in chassis rear behind corresponding SAM Description One structured DS3 port at 44.736 Mbps. Connectors One pair of BNC coaxial connectors. IN – receiver input OUT – transmitter output IN OUT 1 IOM DS3 STRUCT 7 6 6 0 -4 1 6 Broadmore 1750 - Release 4.
Product Description Unstructured DS3-3/E3-3 IOM Unstructured DS3-3/E3-3 IOM Module Type IOM Part Number 7660-409 Slot Number Mounts in chassis rear behind corresponding SAM Description Each Unstructured DS3/E3 IOM provides three ports. When used with a DS3 SAM, each port operates at 44.736 Mbps. When used with an E3 SAM, each port operates at 34.368 Mbps. Connectors Three pairs of BNC coaxial connectors for RG-59, 75 ohm cable.
Product Description Protection IOM Protection IOM Module Type IOM Part Number 7660-410 Slot Number Mounts in Broadmore 1750 chassis rear behind corresponding protection SAM in slot P. Description Provides n×1 circuit switching for the protection SAM in slot P. Connectors None. Inputs and Outputs continue to be provided by the connectors on the failed SAM’s IOM. IOM nx1 PROTECT 7 6 6 0 -4 1 0 Broadmore 1750 - Release 4.
Product Description CPU CPU Module Type CPU Part Number 7660-204 Slot Number CPU Q (primary), CPU R (redundant) Description The CPU module provides the facilities for all system monitoring, reporting, logging, and management. The CPU also performs Segmentation and Reassembly (SAR) for all in-band network management over the ATM network. The CPU stores the FIPS-2 validated Broadmore/SSHield management software on a “flash disk” system. The operating system is pSOS version 2.2.7.
Product Description CPU IOM CPU IOM Module Type IOM Part Number 7660-411 Slot Number Mounts in chassis rear behind corresponding CPU Description The CPU IOM provides physical access to the system for Ethernet and also provides the remote shutdown interface as explained below. Controls REMOTE SHUT-DOWN – Spring terminal block for installing cables for remote CPU shut-down. A remote contact closure is used to short pins 1-2 or pins 3-4. Jumpers control how these contact closures work.
Product Description Alarm Power Module (APM) Alarm Power Module (APM) Module Type APM Part Number 7660-023 Slot Number APM Description An APM is factory-installed in the right-most card slot as viewed from the front. The APM provides EMI power conditioning and over-current protection for each of the two –48 VDC power sources. Two 7.5 amp, 60 VDC fuses are located on the bottom of the module. A green LED is provided for each power source to indicate power is present.
Product Description Alarm Power Module IOM Alarm Power Module IOM Module Type IOM Part Number 7660-025 Slot Number Mounts in chassis rear behind APM Description The Alarm Power IOM comes with four Bussman GMT 7.5A, 60V fuses. Two of the fuses are used to protect the redundant DC power inputs (A and B) and the other two fuses are provided as spares. The chassis will operate with only one power source but two independent sources are recommended to provide power supply redundancy.
Product Description Alarm Power Module IOM 1-26 Broadmore 1750 - Release 4.
CHAPTER 2 Planning and Ordering Guide In this Chapter Application Planning Guide ... 2-2 System Planning Factors ... 2-6 Installation Planning Factors ... 2-13 Ordering Guide ...
Planning and Ordering Guide Application Planning Guide Application Planning Guide Basic Features ... 2-2 TDM Circuit Aggregation and Backhaul ... 2-3 Mission-Critical Circuit Resiliency ... 2-4 Basic Features The Broadmore is designed as an ATM network service access node that supports the transport of existing broadband services (voice, video, and data) over ATM networks.
Planning and Ordering Guide TDM Circuit Aggregation and Backhaul TDM Circuit Aggregation and Backhaul The Broadmore 1750 provides: Massive DS3 trunking – Remote shelf extension to the ATM network Reduced costs, increased access – Up to 11 DS3s per ATM Switch interface (versus the usual 4) Edge cross-connect capability – User connections switched directly – Central terminations are not required (as with DACS) Broadmore 1750 - Release 4.
Planning and Ordering Guide Mission-Critical Circuit Resiliency Mission-Critical Circuit Resiliency The Broadmore 1750 provides: Carrier-class equipment features including fully redundant, hot-swappable components Automatic Protection Switching (APS) – Circuit, source, and destination device protection Distributed Protection Switching (DPS) – Circuit, source, destination device, edge node, and CPE protection – Logical and physical redundancy between the switch and access shelf – Unprecedented SLA delivery
Planning and Ordering Guide Mission-Critical Circuit Resiliency DPS Features and Benefits SPVx Redundancy Group (Option 1) – Two ports are grouped as primary and secondary SPVC ports. Provides access link, core, and port redundancy for source and/or destination devices. SPVx Source Resiliency (Option 2) – SPVC connection between source switches monitors status of active switch. Once failure is identified, initiates fail-over to backup.
Planning and Ordering Guide System Planning Factors System Planning Factors System Architecture ... 2-6 Cell Bus Configuration ... 2-8 Unstructured DS3-3/E3-3 Configuration Guidelines ... 2-9 ATM Bandwidth per Cell Bus ... 2-11 ATM Bandwidth per Module ... 2-12 ATM Network Loading ... 2-12 The Broadmore 1750 is a customizable system. The following factors should be considered when planning and configuring a system to meet customer requirements.
Planning and Ordering Guide System Architecture The Broadmore 1750 is shipped in a minimum usable configuration with a factory installed Alarm/Power Module in the right-most slot. Unused slots are covered with blank panels except the slots for installing a single NIM, SAM, and CPU module.
Planning and Ordering Guide Cell Bus Configuration Cell Bus Configuration The Broadmore multiplexes user data onto ATM cell buses. Depending on the installed NIM and SAMs, there can be up to four cell buses, designated A, C, D, and E. Each cell bus is associated with specific module slots, as shown below. A B C CELL BUS E Available Bandwidth is 152.520 Mbps CELL BUS D Available Bandwidth is 152.520 Mbps CELL BUS C Available Bandwidth is 152.
Planning and Ordering Guide Unstructured DS3-3/E3-3 Configuration Guidelines Unstructured DS3-3/E3-3 Configuration Guidelines A Broadmore 1750 with OC-12c NIM can utilize Cell Buses A, C, D, and E and support up to 11 unstructured DS3 or 12 unstructured E3 ports within the available OC-12 ATM bandwidth of 622.080 Mbps. Because each unstructured DS3-3 and E3-3 SAM has three ports, only one SAM is needed for each cell bus.
Planning and Ordering Guide Structured DS3 Configuration Guidelines Structured DS3 Configuration Guidelines A Broadmore 1750 with OC-12c NIM can utilize Cell Buses A, C, D, and E and support up to 11 Structured DS3 ports within the available OC-12 ATM bandwidth of 622.080 Mbps.
Planning and Ordering Guide ATM Bandwidth per Cell Bus ATM Bandwidth per Cell Bus Depending on the SAMs being used, a Broadmore 1750 chassis with an OC-12c NIM can multiplex data onto all four ATM cell buses, providing a maximum ATM bandwidth of up to 599.04 Mbps. The maximum ATM bandwidth for each cell bus is shown below. Cell Bus Service Slots ATM Bandwidth Available to SAMs A C thru N (used by SAMs) Q, R (used by CPUs for AAL5 management traffic) < 129.48 Mbps C C, D, E < 155.
Planning and Ordering Guide ATM Bandwidth per Module ATM Bandwidth per Module The CPU and each SAM uses a specific amount of ATM bandwidth, as shown below. Module P/N Module Description ATM Bandwidth Required (Mbps) 7660-206 CPU, FIPS, 10Base-T, AAL5 Average: < 2.5 Mbps Maximum: 4.0 Mbps 7660-034 DS3, Unstructured, 3 port Whole DS3: 50.45 Mbps Maximum: 151.35 Mbps (all ports in service) 7660-045 E3, Unstructured, 3 port Each port: 39.21 Mbps Maximum: 117.
Planning and Ordering Guide Installation Planning Factors Installation Planning Factors The Broadmore 1750 is designed and delivered ready for installation in a standard 19" or 23" relay or EIA equipment rack. Several factors should be considered and some decisions made to ensure a smooth installation that meets all requirements. Installation factors and system specifications are shown in the following tables.
Planning and Ordering Guide Installation Planning Factors Cable Management 2-14 Overall cable lengths can be optimized by equipment placement. User equipment interface cable connections are made to the input/output modules at the rear of Broadmore chassis. ATM interface connections is via fiber cable to the network interface modules at the front of Broadmore chassis. Access and cable strain-relief tie-down points are provided. Chassis front and rear cover removal is required. Broadmore 1750 - Release 4.
Planning and Ordering Guide Ordering Guide Ordering Guide Contact Information ... 2-15 Broadmore 1750 Chassis ... 2-15 Broadmore 1750 Options and Spares ... 2-16 Network Interface Module (NIM) Options ... 2-17 Service Access Module (SAM) Options ... 2-18 Contact Information Inside Sales Direct: 800-365-2593 Fax: 303-218-5680 E-mail: inside-sales@carrieraccess.com Products and Solutions: www.carrieraccess.
Planning and Ordering Guide Broadmore 1750 Options and Spares Broadmore 1750 Options and Spares The following items are optional and are not required for basic operation. They can be included to enhance network availability or utilized as spares. Item Part No. Broadmore 1750 –48 VDC Chassis (with APM and IOM only) 7665-17B Broadmore 1700/1750 AC Power Tray 7665-17PS Converts voltage from 110/220 VAC (50-60 Hz) to –48 VDC.
Planning and Ordering Guide Network Interface Module (NIM) Options Network Interface Module (NIM) Options NIM Sets ... 2-17 Individual Modules ... 2-17 The Broadmore 1750 chassis has two NIM slots available for redundancy. Both NIMs must be identical in redundant installations. NIM Sets Each set includes the NIM, IOM, and cable option where applicable. Optical Service Sets Part No.
Planning and Ordering Guide Service Access Module (SAM) Options Service Access Module (SAM) Options SAM Sets ... 2-18 Individual Modules ... 2-18 The Broadmore 1750 chassis has 12 SAM slots available for user connectivity. SAM Sets Each set includes the SAM and corresponding IOM. TDM Service Sets Part No.
CHAPTER 3 Receipt of Product In this Chapter Receipt ... 3-2 Unpacking ... 3-2 Inspection ...
Receipt of Product Receipt Receipt All Broadmore components with FIPS 140-2 validated software are packaged and sealed at the factory with tamper-proof security tape. Upon receipt, carefully examine the security sealing tapes on the shipping containers for any signs of tampering. NOTE: Report any tampering to your security officer. Inventory all material upon receipt to ensure that a complete shipment was received in accordance with the packing list.
Receipt of Product Inspection Inspection Perform a visual inspection of all components for obvious damage or irregularities. Pay special attention to the connectors, indicators, and switches on the individual circuit cards. Follow ESD procedures when removing cards from protective bags for this inspection. Carefully return the cards to their bags for storage until installation. WARNING! SOME BROADMORE 1750 CIRCUIT BOARDS ARE ESDSENSITIVE.
Receipt of Product Damage Reporting 3-4 Broadmore 1750 - Release 4.
CHAPTER 4 Chassis Installation and Grounding In this Chapter Precautions ... 4-2 Installation Factors ... 4-3 Rack Mounting ... 4-4 Chassis Grounding ... 4-7 AC Power Supply Tray ...
Chassis Installation and Grounding Precautions Precautions DANGER! EXERCISE NORMAL PRECAUTIONS FOR LIFTING HEAVY OBJECTS. USE TWO PEOPLE TO LIFT THE BROADMORE 1750. WHEN LIFTING, SUPPORT IT FROM THE BOTTOM AND TAKE CARE TO AVOID SHARP EDGES OR CORNERS. WARNING! THE FRONT AND REAR COVERS OF THE CHASSIS MUST REMAIN IN PLACE DURING RACK-MOUNTING. THESE COVERS SHOULD ONLY BE REMOVED FOR MODULE INSTALLATION AND MAINTENANCE AS REQUIRED.
Chassis Installation and Grounding Installation Factors Installation Factors The Broadmore 1750 is designed and delivered ready for installation in a standard EIA 19" equipment rack. The mounting brackets can be repositioned for installation in a 23" rack. To ensure a smooth installation that meets all requirements, the following installation factors should be considered.
Chassis Installation and Grounding Rack Mounting Rack Mounting Tools ... 4-4 Mounting Brackets ... 4-5 Rack Mounting Procedure ... 4-6 Tools The following tools are recommended to install, configure, operate, and maintain the Broadmore 1750: #1 flathead screwdriver (for cover removal/installation) ¼-inch hex driver Rack-mounting hardware with compatible tools Other standard electronic installation tools as preferred 4-4 Broadmore 1750 - Release 4.
Chassis Installation and Grounding Mounting Brackets Mounting Brackets The Broadmore 1750 chassis 17.5" high and is shipped from the factory assembled for front-mounting in a standard 19" EIA or relay rack. WARNING! THE BROADMORE 1750 MOUNTING BRACKETS SHALL BE CONNECTED TO THE CHASSIS USING ONLY THE SCREWS PROVIDED FOR INITIAL BRACKET INSTALLATION. THE INSTALLER SHALL BE RESPONSIBLE FOR PROVIDING A STABLE RACK THAT SUPPORTS THE WEIGHT OF THE BROADMORE 1750 AS INSTALLED.
Chassis Installation and Grounding Rack Mounting Procedure Rack Mounting Procedure Rack-mounting the Broadmore 1750 chassis requires: two technicians clear access to front and rear of rack user-provided rack mounting hardware (screws) DANGER! EXERCISE NORMAL PRECAUTIONS FOR LIFTING HEAVY OBJECTS. USE TWO PEOPLE TO LIFT THE BROADMORE 1750. WHEN LIFTING, SUPPORT IT FROM THE BOTTOM AND TAKE CARE TO AVOID SHARP EDGES OR CORNERS.
Chassis Installation and Grounding Chassis Grounding Chassis Grounding The Broadmore 1750 chassis has a chassis ground stud on the rear panel for connecting a ground wire to the equipment rack building ground. WARNING! THE INSTALLER SHALL BE RESPONSIBLE FOR PROVIDING A PROPER CHASSIS GROUND CONNECTION. CONNECT BUILDING GROUND TO THE CHASSIS GROUND STUD. DO NOT USE THE SIGNAL GROUNDING STUDS FOR THE BUILDING GROUND CONNECTION.
Chassis Installation and Grounding AC Power Supply Tray Perform the following steps: 1. Attach the ground wire supplied with the Broadmore chassis to the 6-32 chassis grounding stud located on the right rear of the chassis below the rear cover. 2. Attach the other end of the ground wire to the equipment rack building ground. AC Power Supply Tray The optional AC Power Supply Tray (7665-17PS) is a 3.5-inch high rack mounted unit that converts voltage from 110/220 VAC (50-60 Hz) to –48 VDC.
Chassis Installation and Grounding AC Power Supply Tray Rack-mounting the AC Power Supply Tray requires: clear access to front of rack user-provided rack mounting hardware (screws) NOTE: No additional air space is needed above the AC Power Supply Tray when it is mounted directly below the Broadmore 1750 fan tray, which has a sloped bottom that does not interfere with air flow. Otherwise, provide at least 1.75 inch (1 RU) of free air space above the AC Power Supply Tray to ensure proper ventilation.
Chassis Installation and Grounding AC Power Supply Tray 4-10 Broadmore 1750 - Release 4.
CHAPTER 5 Module and Fan Installation In this Chapter Precautions ... 5-2 Module Installation Procedures ... 5-3 Fan Tray Installation Procedure ...
Module and Fan Installation Precautions Precautions The Broadmore 1750 chassis is normally shipped with modules and fan tray installed at the factory. If they have been shipped separately, observe the following precautions when unpacking, handling, and installing these assemblies. WARNING! THE FRONT AND REAR COVERS OF THE CHASSIS SHOULD ONLY BE REMOVED FOR MODULE INSTALLATION AND MAINTENANCE AS REQUIRED. THE COVERS SHOULD BE REPLACED AS SOON AS POSSIBLE AFTER SUCH TASKS ARE COMPLETED.
Module and Fan Installation Module Installation Procedures Module Installation Procedures Overview ... 5-4 Tools ... 5-5 Remove Chassis Covers ... 5-5 Module Locations ... 5-6 Installation Sequence ... 5-8 NIM Installation ... 5-9 SAM Installation ... 5-10 CPU Installation ... 5-10 APM Installation ... 5-10 NIM IOM Installation ... 5-11 SAM IOM Installation ... 5-11 CPU IOM Installation ... 5-12 APM IOM Installation ... 5-12 Replace Chassis Covers ... 5-13 Broadmore 1750 - Release 4.
Module and Fan Installation Overview Overview The Broadmore 1750 chassis is normally shipped with modules installed at the factory. If they have been shipped separately, perform the following procedures to configure and install the modules. NOTE: Modules with jumpers are normally configured during installation to meet user requirements. If the chassis is shipped with modules installed, the modules may need to be removed, configured, and reinstalled.
Module and Fan Installation Tools Tools The following tools are recommended to install, configure, operate, and maintain the Broadmore 1750: #1 flathead screwdriver (for cover removal/installation) Dual jeweler’s flathead/Phillips screwdriver ESD wrist strap Other standard installation tools as desired. Remove Chassis Covers 1. Loosen captive screws securing the front and rear covers and set the covers aside. 2.
Module and Fan Installation Module Locations Module Locations Obtain the office records showing the module slot installation locations for this chassis. The network design engineer will assign module slots to ensure proper system operation. (For detailed system design and configuration information, see “System Planning Factors” on page 2-6.) The Broadmore 1750 chassis is designed for modules to go into specific slots to support various user requirements and cell bus bandwidths.
Module and Fan Installation Module Locations CAUTION! WHEN USING REDUNDANT OPTICAL NIMS, BOTH NIMS MUST BE IDENTICAL.
Module and Fan Installation Installation Sequence Installation Sequence The Broadmore 1750 is shipped in a minimum usable configuration. Unused slots are covered with blank panels except the slots for a single NIM, SAM, or CPU. NOTE: After installation is complete, ensure that blank panels cover all empty module slots to provide proper cooling when the fan is turned on. NIM, SAM, APM, and CPU cards are inserted from the front. IOM cards are inserted from the rear.
Module and Fan Installation NIM Installation NIM Installation 1. If a Building Integrated Timing Supply (BITS) clock will be used, an impedance matching adjustment may be required before installing an OC-12 NIMs. BITS impedance matching jumpers are located on the NIM component side below the midplane connectors. They are labeled JMP1, JMP2, JMP3, and JMP4. The following settings are available.
Module and Fan Installation SAM Installation SAM Installation 1. Unstructured DS3-3 and E3-3 SAMs are installed in slots C, F, J, and M. Structured DS3 SAMs are installed in slots C thru N. The protection SAM is installed in slot P. All SAMs must be of the same type. 2. Place a SAM in the desired slot. so that it slides smoothly in the top and bottom card guides and the card connector aligns with the midplane connector. 3.
Module and Fan Installation NIM IOM Installation NIM IOM Installation 1. From the chassis rear, place the NIM IOM in slot B so that it slides easily in the top and bottom card guides with the connector aligned to the midplane connector. 2. Visually verify that the NIM IOM physically aligns with the NIM installed above. 3. Firmly press the NIM IOM into the chassis until the connectors completely seat. 4. Secure the retaining screws on the top and bottom of the module, being careful not to over-tighten. 5.
Module and Fan Installation CPU IOM Installation 3. Firmly press the Protection SAM IOM into the chassis until the connectors completely seat. 4. Secure the retaining screws on the top and bottom of the module, being careful not to over-tighten. CPU IOM Installation 1. Before installing the CPU IOM, an adjustment may be needed to configure the remote shutdown operation. There are two jumpers on each CPU IOM module labeled JMP1 and JMP2. These jumpers control how the remote shutdown contacts work.
Module and Fan Installation Replace Chassis Covers Replace Chassis Covers WARNING! THE FRONT AND REAR COVERS OF THE CHASSIS SHOULD ONLY BE REMOVED FOR MODULE INSTALLATION AND MAINTENANCE AS REQUIRED. THE COVERS SHOULD BE REPLACED AS SOON AS POSSIBLE AFTER SUCH TASKS ARE COMPLETED. NOTE: After installation is complete, ensure that blank panels cover all empty module slots to provide proper cooling when the fan is turned on. This completes module installation.
Module and Fan Installation Fan Tray Installation Procedure Fan Tray Installation Procedure Tools ... 5-15 Remove Front Chassis Cover ... 5-15 Fan Tray Installation ... 5-15 Replace Chassis Cover ... 5-16 The fan tray is normally shipped installed in the front of the chassis below the modules, as shown below. If it is not installed, follow the procedure below to install it.
Module and Fan Installation Tools Tools The following tools are recommended to install, configure, operate, and maintain the Broadmore 1750: #1 flathead screwdriver (for cover and fan tray removal/installation) Dual jeweler’s flathead/Phillips screwdriver ESD wrist strap Other standard installation tools as desired. Remove Front Chassis Cover Only the front cover must be removed to install the fan tray. 1. Loosen captive screws securing the front cover and set the cover aside. 2.
Module and Fan Installation Replace Chassis Cover Replace Chassis Cover WARNING! THE FRONT AND REAR COVERS OF THE CHASSIS SHOULD ONLY BE REMOVED FOR MODULE INSTALLATION AND MAINTENANCE AS REQUIRED. THE COVERS SHOULD BE REPLACED AS SOON AS POSSIBLE AFTER SUCH TASKS ARE COMPLETED. This completes fan tray installation. Replace the front and rear covers unless additional installation or maintenance procedures are to be performed at this time. 5-16 Broadmore 1750 - Release 4.
CHAPTER 6 Electrical Installation In this Chapter Precautions ... 6-2 Electrical Requirements ... 6-3 Cabling and Compliance Requirements ... 6-4 Alarm Port Connections ... 6-5 Optical Interface Connections ... 6-6 BITS Interface Connections ... 6-7 NIM/SAM IOM Connections ... 6-8 CPU IOM Connections ... 6-11 Power Supply Connections ... 6-12 Software ...
Electrical Installation Precautions Precautions WARNING! THE BROADMORE 1750 IS INTENDED FOR INDOOR INSTALLATION ONLY. A PROPER CHASSIS GROUND CONNECTION IS REQUIRED. ITS ELECTRICAL COMMUNICATIONS INTERFACES SHALL NOT BE CONNECTED TO WIRING SYSTEMS THAT LEAVE THE BUILDING UNLESS APPROPRIATE INTERFACE DEVICES ARE USED. THE INSTALLER SHALL BE RESPONSIBLE FOR PROVIDING ADEQUATE LIGHTNING OR SURGE PROTECTION FOR WIRING THAT LEAVES THE BUILDING.
Electrical Installation Electrical Requirements Electrical Requirements Tools ... 6-3 Power ... 6-3 Cable Management ...
Electrical Installation Cabling and Compliance Requirements Cabling and Compliance Requirements For FCC Part 15 Class A compliance for EMI/RFI suppression, the Broadmore 1750 requires that a ferrite bead (P/N 010-0051) must be attached to each DC power cable, Ethernet cable, and alarm cable. FCC compliance also requires that an EMI cable be attached between the chassis and air deflector. Accessory kits are included with the Broadmore chassis. Use the following guidelines for FCC compliance.
Electrical Installation Alarm Port Connections Alarm Port Connections Alarms are sent to the control console and the system log. LEDs display alarm conditions. Additionally, the Broadmore 1750 has an alarm port on the chassis rear for connection to the user’s remote indicators. The alarm port is a four-wire terminal block providing form “C” relay contact closure signals. Two wires are labeled “Major” (in and out) and two are labeled “Minor” (in and out) as shown below.
Electrical Installation Optical Interface Connections Optical Interface Connections The Broadmore 1750 interfaces to an ATM network via fiber optic cable using SC connectors on the front panel of the OC-12c NIMs. 1. Route the cable to the front of the chassis. 2. Route the cable into the chassis via the small square opening on the lower-right, front cover of the chassis. 3. Connect the cables to the labeled TX and RX connectors on the front of the NIM. (See example at right.) 4.
Electrical Installation BITS Interface Connections BITS Interface Connections NIM IOMs include a Building Integrated Timing Supply (BITS) input connector for network timing. If required, the BITS impedance jumpers on the OC-12 NIMs are normally adjusted during “NIM Installation” on page 5-9.) 1. Use cable rated for Category 3 (CAT3) or better. 2. Route the cable to the lower-left, rear of the chassis. 3. Connect the cable to the RJ48C BITS connector on the rear of the chassis. (See example at right.) 4.
Electrical Installation NIM/SAM IOM Connections NIM/SAM IOM Connections General Instructions ... 6-8 Unstructured DS3-3/E3-3 IOM Connections ... 6-9 Structured DS3 IOM Connections ... 6-10 General Instructions Network equipment (excluding fiber optic) and user equipment connect to the Broadmore 1750 via cables routed to connectors on the back of each IOM. The physical interface varies by type of IOM (see “Module Descriptions” on page 1-12).
Electrical Installation Unstructured DS3-3/E3-3 IOM Connections Unstructured DS3-3/E3-3 IOM Connections Each Unstructured DS3 IOM provides three pairs of BNC coaxial connectors (labeled 1 to 3) for RG-59, 75 ohm cable. 1. Connect receiver RX inputs to the IN ports. 2. Connect transmitter TX outputs to the OUT ports. IN OUT 1 IN 2 OUT IN OUT 3 IOM DS3 7 6 6 0 -4 0 9 Broadmore 1750 - Release 4.
Electrical Installation Structured DS3 IOM Connections Structured DS3 IOM Connections Each Structured DS3 IOM provides one pair of BNC coaxial connectors for RG-59, 75 ohm cable. 1. Connect receiver RX input to the IN port. 2. Connect transmitter TX output to the OUT port. IN OUT 1 IOM DS3 STRUCT 7 6 6 0 -4 1 6 6-10 Broadmore 1750 - Release 4.
Electrical Installation CPU IOM Connections CPU IOM Connections Remote Shutdown Connections The CPU Remote Shutdown feature allows a connection to be made across one of the contact pairs to remotely close the contacts, which forces a reset of the CPU in the event that the CPU cannot be reset through software. R E M O T E S H U T D O W N 1 2 3 4 The behavior of these terminals are set by jumpers on the card (see “CPU IOM Installation” on page 5-12).
Electrical Installation Power Supply Connections Power Supply Connections Optional AC Power Supply Connections ... 6-12 Broadmore Power Input Connector ... 6-14 Connecting –48 VDC Power ... 6-14 WARNING! THE INSTALLER SHALL ENSURE THAT ALL POWER CONNECTIONS TO THE BROADMORE 1750 HAVE AN APPROVED SERVICE DISRUPTION FEATURE EXTERNAL TO THE BROADMORE 1750 FOR EMERGENCY USE. THIS MAY BE A FUSE, CIRCUIT BREAKER, CORRECTLY LABELED SWITCH, OR OTHER APPROPRIATE DEVICE.
Electrical Installation Optional AC Power Supply Connections Blank Panel if only one supply AC Power Switches AC Connector DC Connector Broadmore 1750 - Release 4.
Electrical Installation Broadmore Power Input Connector Broadmore Power Input Connector Power is provided as –48 VDC to the connection points in the rear of the chassis. Voltage may be provided directly from the user’s power source. Optionally, the Broadmore 1750 comes with a redundant AC power supply. The power connector on the lower back of the chassis is shown below.
Electrical Installation Software Software The Broadmore 1750 is delivered with operating software pre-installed. The FIPS 140-2 validated Broadmore/SSHield Management software is installed on each CPU’s disk-on-chip memory. DSP software code also exists on each NIM and SAM and is unique for each type of module. Two programs may be used to communicate with the CPU operating system. These are the Communication Access Multiplexer Management Interface (CAMMI) and Command Line Interface (CLI).
Electrical Installation Software 6-16 Broadmore 1750 - Release 4.
CHAPTER 7 Configuration In this Chapter: Overview ... 7-2 Power Supply Redundancy ... 7-24 Module Redundancy ... 7-25 Module Configuration ... 7-37 PVC Connection ... 7-63 SVC Connection ... 7-65 VP Reservation ... 7-67 System Configuration ... 7-70 Help ...
Configuration Overview Overview Power-up ... 7-3 User Interface Requirements ... 7-4 Screen Display Annotation ... 7-5 Key Map ... 7-6 CAMMI Access ... 7-7 System Services Configuration ... 7-8 CAM Name ... 7-8 Ethernet IP Configuration ... 7-9 ATM Address ... 7-11 ATM Address List (optional) ... 7-11 Connection Retry ... 7-13 Retry Cause Codes ... 7-13 CIP over ATM (RFC 1577) ... 7-14 Static Routes ... 7-16 LANE Configuration ... 7-17 UNI Version ... 7-19 General Properties ...
Configuration Power-up CAM\CONFIG\CURRENT – contains the complete set of startup configuration data for all modules. This data is saved when Save Config. For PowerUp is selected from the user interface. CAM\CONFIG\DEFAULTS – contains the defaults to be used for new cards and ports. Default values for new modules are automatically loaded if a startup configuration for that module does not exist.
Configuration User Interface Requirements User Interface Requirements Communicate with the CPU to complete configuration actions in one of several ways. An RS-232 serial connection is provided on the front of the CPU card (via the CPU IOM card will be a future release). This serial connection requires a VT100 compatible emulating software package running on the PC. NOTE: We do not recommend using Microsoft Hyperterm due to unsatisfactory terminal emulation.
Configuration Screen Display Annotation Screen Display Annotation The symbol ↵ (Enter key) will be used throughout this manual to indicate selection. Typically the selection is from a list of choices on a drop-down menu. Often, there is a sequence of multiple drop-down menus where the selection process will be displayed as a series of ↵ symbols. For example, the CAMMI main menu is shown below. Highlight System Management and press Enter to display the first submenu.
Configuration Key Map This method of annotating screen displays will make the text and logic easier to follow and less prone to error. Specific steps will be clear and easy to follow, leading to more efficient system operation. Key Map The following key map correlation is provided to assist in navigating through the various menus. This may be required since some terminal emulation packages do not recognize the full keyboard character set.
Configuration CAMMI Access CAMMI Access To access the CAMMI main menu, log into the system with a valid user identification (SYSADMIN) and password (INITIAL). This default user ID/password is delivered with the system with supervisor access as explained in “General Properties” on page 7-20. User ID and password are case-sensitive when entered. At this point, you may change the terminal interface baud rate. The default is 9600 baud and the system reverts to this at every reboot.
Configuration System Services Configuration System Services Configuration Configure System Services to communicate with the ATM switch and set up parameters for Broadmore 1750 control. The data entry screens are accessed as shown. Select System Management ↵ Select Configuration ↵ Select System Services ↵ Configure each item as explained below CAM Name Each Broadmore 1750 can be named locally. A short (10-character) name and a long (64-character) name are available.
Configuration Ethernet IP Configuration Ethernet IP Configuration Select Ethernet IP and the screen below appears. On initial boot-up, enter the IP address, which will not go into effect until the system is rebooted. Use the reset toggle switch on the front of the CPU to reboot the system. Follow the pull-down menu selections to enter the Broadmore 1750’s IP address. This address is then used for Telnet access to the CAMMI program.
Configuration Ethernet IP Configuration NOTE: Changes to the following settings only take effect upon system reboot: IP Configuration CIP Configuration LANE Configuration Redundancy (APS) Configuration UNI Version Configuration Cause Code changes ATM Address Changes On initial setup, configure all of these items before doing a system reboot. Subnet is the mask for the network. Subnet and Gateway are assigned by your facility’s network administrator.
Configuration ATM Address ATM Address Follow the sequence below and choose Change on the user-defined ATM address screen. CAUTION! AN ADDRESS CHANGE WILL CAUSE SERVICE DISRUPTION. Select System Management ↵ Select Configuration ↵ Select System Services ↵ Select This ATM Address ↵ A screen displays to enter the ATM address. The Media Access Control (MAC) address is the initial default ATM address. Save the new ATM address after entry to update ATM access information.
Configuration ATM Address List (optional) This displays the Known ATM Addresses. Follow the sequence below to Edit, Copy, Delete, or add a New user to the ATM list.
Configuration Connection Retry Connection Retry Applicable to SVCs only, the retry throttle value is the number of SVC call setups/ teardowns that the Broadmore 1750 works on at one time. An initial throttle value of 80 and interval of 30 seconds are recommended. These values can then be adjusted to meet local requirements. Retry Cause Codes Applicable to SVCs only, each item in this list can be set to yes or no, based upon local requirements.
Configuration CIP over ATM (RFC 1577) CIP over ATM (RFC 1577) RFC 1577 support is also known as Classical IP (CIP) over ATM. CIP is provided as a path for controlling multiple Broadmore 1750s when IP connectivity over Ethernet is not available to all of the installed Broadmore 1750s. Control signals are sent to a Broadmore 1750 over the ATM if the Broadmore 1750 is not on the Ethernet with the control station. As a prerequisite, the configuration process must be completed.
Configuration CIP over ATM (RFC 1577) Item Description ATM IP Address Enter the IP address within the subnet. Set to all zeros to disable CIP. ATM Subnet Mask The mask is the same for all Broadmore 1750s on the network. Server Address The address of the server containing the LIS. This may be a workstation on the ATM network or ATM switch. Set to zero if you want to use AAL5 PVCs for CIP instead of SVCs. Peak Cell Rate This controls the bandwidth allocation to RFC 1577 support.
Configuration Static Routes Static Routes Each Broadmore 1750 has an additional Ethernet route to support RFC 1577 unless it is on the same Ethernet network as the master control station. Follow the steps below to add this routing. For sample configuration with static routes, see “Sample Network with RFC 1577 Configuration” on page D-1. 1. Connect to the Broadmore 1750 via the serial port and log-in using the default user ID and password, SYSADMIN and INITIAL. 2.
Configuration LANE Configuration LANE Configuration The Broadmore 1750 supports LANE version 1 and 2 acting as LAN Emulation Client, LEC. Follow the sequence below to display the LANE configuration screen shown. Six fields appear for data entry. Select System Management Select Configure ↵ Select System Services ↵ Select LANE Configure ↵ ↵ Explanations are provided for each in the table below. Broadmore 1750 - Release 4.
Configuration LANE Configuration Item Description LANE IP Address This is the IP Address for the Broadmore 1750. To get onto the ELAN, the address must be on a different logical subnet than the OSC’s Ethernet IP Address. This address must be different than the ATM CIP Address subnet. Subnet Mask This is the subnet mask to be used in conjunction with the Broadmore 1750’s LANE IP Address. LECS ATM Address This address is optional.
Configuration UNI Version UNI Version The signaling options are UNI 3.1, UNI 4.0, Auto, and Off. Follow the sequence below and make the appropriate choice from the screen shown. Select System Management Select Configuration ↵ Select System Services ↵ Select UNI Version ↵ ↵ NOTE: You must select the UNI Version before configuring any SVCs. If there are active SVCs, the UNI Version will not appear in the menu until you release all the SVCs. This is done to prevent interrupting service on those circuits.
Configuration General Properties General Properties Max VP/VC ... 7-20 Bandwidth Meter ... 7-22 Max VP/VC The Max VP/VC option allows you to set the maximum number of Virtual Paths (VPs) and corresponding Virtual Channels (VCs). The maximum number of VCs allowed per VP is based on the number of VPs set. Table 7-1 shows the Max VP/ VC settings and the valid values for VP and VC numbering.
Configuration General Properties To set Max VP/VC, follow the sequence below and make the appropriate choice from the screen shown. Select System Management ↵ Select Configuration ↵ Select System Services ↵ Select General Properties ↵ Select Max VP/VC ↵ Broadmore 1750 - Release 4.
Configuration General Properties Bandwidth Meter The Bandwidth meter allows you to track the amount of bandwidth in use. Follow the sequence below and make the appropriate choice from the screen shown. Select System Management ↵ Select Configuration ↵ Select System Services ↵ Select General Properties ↵ Select Bandwidth Meter ↵ NOTE: The Bandwidth meter uses the clock rate of the HSSI NIM as the bus rate.
Configuration User Security Configuration User Security Configuration The Broadmore 1750 system has a user identification procedure for security. Each user has a unique password. Users are divided into four privilege levels providing access to selected command functions. Browser – Limited to viewing current configurations, statistics, and logs. Operator – Can perform all normal operations such as configuring modules, establishing connections and removing connections.
Configuration Power Supply Redundancy Power Supply Redundancy The Broadmore 1750 has two power input connectors for receiving –48 VDC. The user may provide power to these connectors from different sources as one form of redundancy. Carrier Access offers an optional dual AC power supply with 110 VAC, and provides two sources of –48 VDC to the Broadmore 1750. This is power supply contains two independent modules, each sufficient to operate the Broadmore 1750.
Configuration Module Redundancy Module Redundancy Protection Definitions ... 7-25 NIM Redundancy ... 7-26 SAM Redundancy ... 7-29 CPU Redundancy ... 7-33 Protection Definitions Automatic protection switching (APS) is performed in accordance with specifications except as noted. The following definitions are provided to clarify the terms used in NIM redundancy.
Configuration NIM Redundancy Item Definition 1:1 Protection A special case of 1:n protection where n=1. Each critical component has a dedicated backup, which assumes operation if the primary unit fails, so that connectivity is not adversely impacted. NIM Redundancy ATM redundancy is provided by installation of a second NIM. The Broadmore 1750 can then be configured to provide 1+1 or 1:1 NIM protection in accordance with the SONET-GR-253-CORE specification.
Configuration NIM Redundancy 2. From the CAMMI main screen, follow the selection sequence above to display the redundancy screen. 3. Following the instructions on the bottom of the screen and toggle through available choices for each item. Select Maintenance/Diagnostics Select Redundancy ↵ Select APS Install ↵ ↵ 4. Follow the sequence above to display the SONET screen below and make choices to meet your specific configuration. Use the space bar to toggle between reverting and non-reverting.
Configuration NIM Redundancy 5. In the redundancy configuration on the Protection Parameters shown above, the Command field choices are prioritized per the SONET GR-253-CORE specification. The available choices in priority order top-to-bottom are: Lockout Force A Force B Switch to A Switch to B Clear The Command Request field indicates the current request status and cannot be changed. The command “Clear” is not prioritized but it acts to remove the last request from its control station.
Configuration SAM Redundancy SAM Redundancy In the Broadmore 1750, installing an Unstructured DS3 SAM in slot P provides 1:N SAM redundancy. A special Protection IOM with no user interface is used, since input/ output will continue to be provided via the cables attached to the slot of the failed SAM. The Unstructured DS3 in slot P is called the protection SAM, or P-SAM. The working SAMs, called W-SAMs, are installed in slot C, slot F, slot J, and slot M.
Configuration SAM Redundancy Slot M has the highest priority, followed in order by slot J, slot F, and slot C.
Configuration SAM Redundancy 2. Go to SAM Request and manually set each W-SAM to Online. Select Maintenance/Diags Select Redundancy ↵ Select SAM ↵ Select Request ↵ Change Online ↵ ↵ NOTE: Protection switching is non-revertive. After correcting the fault problem, the Offline W-SAM must be manaully set back to Online if it is to be protected. Broadmore 1750 - Release 4.
Configuration SAM Redundancy 3. After setting a W-SAM to Online, you can test the protection feature by performing a Manual Switch to divert traffic through the P-SAM and a Manual Revert to return traffic back to the W-SAM. 7-32 Broadmore 1750 - Release 4.
Configuration CPU Redundancy CPU Redundancy CPU redundancy is automatically activated when a second CPU is detected in the system. If two CPUs are detected at initial boot, the first to boot becomes “online” and the other goes into the standby mode. CPU redundancy allows the standby CPU to take control if the online CPU experiences a failure. Data files on the two CPUs are synchronized automatically when the standby CPU is powered up.
Configuration CPU Redundancy System Log The system log is unique to each CPU. Entries are sent from each CPU and copied to the partner CPU. Each entry has a time stamp followed by an upper-case or lower-case slot letter. An upper-case letter (Q or R) indicates that the message originated from the current CPU. A lower-case letter (q or r) indicates that the message originated from the partner CPU.
Configuration CPU Redundancy Synchronizing CPU CAUTION! MODULE REMOVAL AND INSERTION – ON A POWERED-UP SYSTEM, WAIT AT LEAST 15 SECONDS AFTER ANY MODULE REMOVAL OR INSERTION TO ALLOW THE SYSTEM TO STABILIZE. FAILURE TO FOLLOW THIS PROCEDURE MAY RESULT IN SYSTEM ERRORS REQUIRING TOTAL SYSTEM REBOOT. WHEN INSTALLING A REPLACEMENT CPU IN A REDUNDANT CPU SYSTEM, DO NOT REBOOT OR POWER DOWN THE SYSTEM BEFORE CPU SYNCHRONIZATION IS COMPLETE AS INDICATED BY A SOLID STATUS LIGHT.
Configuration CPU Redundancy Release CPU Control If desired, the online CPU can be made to release control (switch) to the standby CPU by performing the following steps. The online CPU will then become the standby CPU, and vice versa. This command may be used during maintenance procedures. Select Maintenance/Diags ↵ Select Redundancy ↵ Select CPU ↵ Select Release CPU Control ↵ Reboot Standby CPU If desired, the standby CPU can be rebooted by performing the following steps.
Configuration Module Configuration Module Configuration How to Configure Specific Modules ... 7-38 OC-12c/STM-4c ... 7-39 OC-12c/STM-4c BITS/Timing Redundancy ... 7-40 Unstructured DS3 SAM ... 7-43 Structured DS3 SAM ... 7-50 Unstructured E3-3 SAM ... 7-57 Broadmore 1750 - Release 4.
Configuration How to Configure Specific Modules How to Configure Specific Modules The NIM and SAM configuration process applies to each module installed in the system. The parameters vary by module as delineated below. For each module, start the procedure by following the pull-down sequence shown.
Configuration OC-12c/STM-4c OC-12c/STM-4c Choose the slot (A or B) containing the OC-12c/STM-4c to be configured and a parameter input screen appears. The table below is a guide to parameter configuration. Item Options Comment Port Mode On-line Off-line Test Download Standby Configuration Request Broken This field is a status indicator and the items displayed are the result of configuration (or other) actions. Framing Type SONET SDH SDH is for International ITU applications.
Configuration OC-12c/STM-4c BITS/Timing Redundancy OC-12c/STM-4c BITS/Timing Redundancy Configuration of the timing options on a redundant OC-12c/STM-4c system requires correct settings on both NIMs, the DS3 port, and the NIM redundancy screen. Either of the Broadmore 1750 BITS inputs on NIM IOMs, in slots A and B, can be selected as the primary clock reference. Each BITS input has an enable/disable menu option on the coinciding OC-12c/STM-4c interface.
Configuration OC-12c/STM-4c BITS/Timing Redundancy 2. Follow the sequence below to set the clock mode configuration on the port of interest. Select System Management ↵ Select Configure ↵ Select Slot with DS3 ↵ Select Port of interest ↵ Select Operational Configuration ↵ Select Clock Mode ↵ Choose the BITS option to allow the DS3 port to derive clock from either BITS or the cell bus 3. Follow the sequence below to set the OC12 transmit timing to either recovered or local/BITS.
Configuration OC-12c/STM-4c BITS/Timing Redundancy The recommended configuration for maximum clocking stability is: 1. Connect BITS sources to NIM I/O A and NIM I/O B. 2. Select a Primary Reference Source (A or B), and then enable the clock loss alarm menu option on each OC-12c/STM-4c. 3. Configure the DS3 SAM to BITS clock mode. The equipment connected to the Broadmore 1750 OC-12c/STM-4c interface is configured to BITS and provides a BITS reference clock embedded in the SONET serial stream. 4.
Configuration Unstructured DS3 SAM Unstructured DS3 SAM Choose the slot containing the DS3 SAM to be configured to display a screen for port selection. The table below is a guide to configuration parameters. Operational, Diagnostics, and Alarm configuration are the three menu options. Descriptions of the configurable items are found in the following tables. Highlight each item and use the space bar to toggle available options for each. Save the configuration after making changes.
Configuration Unstructured DS3 SAM Table 7-2: Unstructured DS3 SAM Configuration Items Item Options Comments Port Name Port Mode Framing Clock Mode 7-44 On-line Off-line C-bit M13 Unframed SRTS Adaptive Network BITS Loop A descriptive field to identify the port This is a status field that can be toggled to online or offline. When the port is in offline status, it is not available to make calls, and passive SVCs are refused.
Configuration Unstructured DS3 SAM Item Options Comments Network RAI Auto X-bits 1 X-bits 0 Service RAI Auto X-bits 1 X-bits 0 Indication (RAI) configuration. Allows user configuration of the X-bits associated with C-bit parity framing. Auto makes it transparent; the other choices set the X-bits to either 1 or 0. Indication (RAI) configuration. Allows user configuration of the X-bits associated with C-bit parity framing. Auto makes it transparent; the other choices set the X-bits to either 1 or 0.
Configuration Unstructured DS3 SAM Item Options Comments Network AIS Activate/Deactivate Sends Alarm Indication Signal to the network when activated. Service AIS Activate/Deactivate Sends Alarm Indication Signal to the connected local service equipment when activated. Loopback Normal Local Normal is no loopback. Local sets a service side loopback (DS3) on the port. Remote sets a network side loopback (ATM) on the port.
Configuration Unstructured DS3 SAM Select System Management ↵ Select Configure ↵ Select Slot ↵ Select Port of interest ↵ Select Alarm Configuration ↵ Press Network Alarms or Service Alarms ↵ Use the space bar to toggle to the available options and press Esc to save the settings. Table 7-5: Network Alarm Definitions Network Alarm Definition Cell Starvation Cell Starvation indicates there are no cells being received from the network side.
Configuration Unstructured DS3 SAM Network Alarm Definition Sequence Errors This alarm indicates that frames are out of sequence as they arrive at the DS3 port.
Configuration Unstructured DS3 SAM Service Alarm Definition Line Code Violation This alarm indicates that a long string of zeros is being received by the DS3 port from any attached equipment.
Configuration Structured DS3 SAM Structured DS3 SAM Choose the slot containing the structured DS3 SAM to be configured to display a screen for port selection. The table below is a guide to configuration parameters. Operational, Diagnostics, Alarm, T1 Tributary, and DS0 configuration are the menu options. Descriptions of the configurable items are found in the following tables.
Configuration Structured DS3 SAM Table 7-7: Structured DS3 SAM Operational Configuration Item Options Description Port Mode On-line Off-line This is a status field that can be toggled to offline, in which case the port will not be available to make calls and passive SVCs are refused. Framing C-bit M13 C-bit is a framing mode using DS2 stuff bits associated with M13 multiplexing for other purposes such as Far End Alarm Control (FEAC) Channel. M13 is a mode that maps 28 DS1s directly into the DS3.
Configuration Structured DS3 SAM Table 7-8: Structured DS3 SAM Diagnostics Configuration Item Options Description Port Mode On-line Off-line This is a status field that can be toggled to offline, in which case the port will not be available to make calls and passive SVCs are refused. Framing C-bit M13 C-bit is a framing mode using DS2 stuff bits associated with M13 multiplexing for other purposes such as Far End Alarm Control (FEAC) Channel. M13 is a mode that maps 28 DS1s directly into the DS3.
Configuration Structured DS3 SAM Item Options Description Automatic FEAC Alarms Activate/Deactivate Activates or deactivates Far End Alarm and Control Channel (FEAC) alarms. FEAC alarms can only be active when the port is configured for C-bit parity framing. Activate to detect and transmit RAI as applicable and detect FEAC channel activate/deactivate commands Service FEAC Loopback Activate/Deactivate Activate sends a FEAC command to the far end service equipment to go into service loopback.
Configuration Structured DS3 SAM Follow the sequence below to set service alarms. DS3 alarms are set on a port basis with alarm definitions as shown. Select System Management ↵ Select Configure ↵ Select Slot ↵ Select Structured DS3 SAM ↵ Select Alarms Configuration ↵ Select from the list of Alarms ↵ Use the space bar to toggle to the available options and press Esc to save the settings.
Configuration Structured DS3 SAM Service Alarm Definition Excessive F-bit Errors The Excessive F-bit Errors alarm is triggered when the DS3 port receives -4 F-bit errors at a rate of 1 x 10 Excessive Parity Errors The Excessive Parity Errors alarm will be triggered when the DS3 port -4 receives parity errors at a rate of 1 x 10 Excessive C-bit Errors The Excessive C-bit Errors alarm will be triggered when the DS3 port -4 receives C-bit errors at a rate of 1 x 10 Excessive FEBE Errors The Excessive
Configuration Structured DS3 SAM Item Options Description CBR Service Type Structured No CAS Structured with CAS Unstructured Structured No CAS allows DS0 (fractional) allocation without Channel Associated Signalling (CAS). Structured with CAS allows DS0 allocation with CAS enabled, using robbed-bit signalling. Unstructured assigns all the timeslots to one VP/ VC. Structured No CAS and Structured with CAS can assign a timeslot or group of timeslots to a VP/VC.
Configuration Unstructured E3-3 SAM Unstructured E3-3 SAM Choose the slot containing the Unstructured E3 SAM to be configured to display a screen for port selection. The table below is a guide to configuration parameters. Operational, Diagnostics, and Alarm configuration are the three menu options. Descriptions of the configurable items are found in the following tables. Highlight each item and use the space bar to toggle available options for each. Save the configuration after making changes.
Configuration Unstructured E3-3 SAM Table 7-13: Unstructured E3-3 SAM Operational Configuration Item Options Comments Port Name Port Mode Framing Clock Mode 7-58 On-line Off-line G.751 G.832 Unframed SRTS Adaptive Network BITS Clock Loop A descriptive field to identify the port This is a status field that can be toggled to off-line, in which case the port will not be available to make calls and passive SVCs are refused. G.751 is a European framing standard used for PDH applications. G.
Configuration Unstructured E3-3 SAM Item Options Comments Network RDI Auto X-bits 1 X-bits 0 Service RDI Auto X-bits 1 X-bits 0 A Remote Defect Indication (RDI) is LOS or LOF detected on the attached equipment of the network side. Auto sets the RDI to automatically reflect whether or not an error is present. 1 sets an error to occur whether one is present or not. 0 indicates no errors even if one is present.
Configuration Unstructured E3-3 SAM Table 7-15: Unstructured E3-3 SAM Alarm Configuration Network Alarms Options Service Alarms Cell Starvation Ignore/Major/Minor LOS LOF Ignore/Major/Minor LOF AIS Ignore/Major/Minor AIS RDI Ignore/Major/Minor RDI Sequence Errors Ignore/Major/Minor Line Code Violation Excessive SNP Errors Ignore/Major/Minor Excessive F-bit Errors Excessive F-bit Errors Ignore/Major/Minor Excessive Parity Errors Excessive Parity Errors Ignore/Major/Minor Excessive
Configuration Unstructured E3-3 SAM Table 7-16: Unstructured E3-3 SAM Network Alarms Network Alarm Definition Cell Starvation Cell Starvation indicates there are no cells being received from the network side. LOF Loss Of Framing indicates that the framing alignment of the signal coming into the Broadmore 1750 from the ATM side has been lost. AIS This alarm indicates an Alarm Indication Signal is being received from the network side.
Configuration Unstructured E3-3 SAM Table 7-17: Unstructured E3-3 SAM Service Alarms Service Alarm Definition LOS Loss Of Signal indicates that there is no signal being input to the E3 from the service side. LOF Loss of Framing indicates that the framing alignment of the signal coming into the Broadmore 1750 from the ATM side has been lost. AIS This alarm indicates that the E3 port is receiving an Alarm Indication Signal from the attached equipment.
Configuration PVC Connection PVC Connection Follow the selection process shown below to add a new PVC. The Establish a PVC Call screen appears for data entry. Select System Management Select Configure ↵ Select Configure PVC ↵ Select Insert (shift +:) ↵ Broadmore 1750 - Release 4.
Configuration PVC Connection Table 7-18: PVC Configuration Items Item Definition Connection Name Press the space bar to select Connection Name and type a descriptive identifier (For example, test port 2). Local Slot The Local Slot is the chassis slot. Local Port Number Port number depends on the configuration. Local Channel Map Channel map depends on the configuration. Channel map only applies to the Structured DS3 SAMs.
Configuration SVC Connection SVC Connection Follow the selection process shown below to add a new SVC. The Establish a Call screen appears for data entry as shown below. Select System Management Select Configure ↵ Select Configure SVC ↵ ↵ From here, use the Insert (or shift:) key to access the input screen below. Broadmore 1750 - Release 4.
Configuration SVC Connection Item Definition Connection Name Press the space bar to select Connection Name and type a descriptive identifier (For example, test port 2). Local Slot The Local Slot is the chassis slot. Local Port Number The Port number depends on the configuration. Local Channel Map The Channel map depends on the configuration. Channel map only applies to the Structured DS3 SAMs.
Configuration VP Reservation VP Reservation NOTE: The functionality described in this section is only available with Broadmore release 4.6 (or higher). To support this functionality, all ATM DS3, CBI, HSSI-CBI, OC-3c, or OC-12c modules in the chassis must be upgraded to the levels released with 4.6 (or higher). Firmware and instructions are provided on the upgrade CD. VP Reservation allows you to reserve a block of up to 65,535 virtual channels (VCs) within a virtual path (VP).
Configuration VP Reservation The VP Reservation Table Editor is shown below. Press the Enter key to edit or clear an existing connection or create a new connection, then follow the on-screen instructions. VP Reservation settings are described on the following page. 7-68 Broadmore 1750 - Release 4.
Configuration VP Reservation Item Comments Connection Name Press the space bar to select Connection Name and type a descriptive identifier (For example, test port 2). Local Slot The Local Slot is the chassis slot. VP The range is 0 to one less than the value set for maximum VPs (see “Max VP/VC” on page 7-20 for valid values). If the Max VP/VC value is set to 2/65536, the VP number must be set to 0; a value of 1 is invalid. NOTE: A maximum of 40 VPs can be defined for reservation.
Configuration System Configuration System Configuration Save Configuration ... 7-70 Restore Configuration ... 7-71 Delete Configuration ... 7-71 Set Power-on Default ... 7-72 Save Card Defaults ... 7-72 Restore Card Defaults ... 7-72 The system configuration is quickly accessed via the configuration files as shown below. There is a special option to save a configuration for powerup. This configuration will automatically load with the application of power to the Broadmore 1750 after a power interruption.
Configuration System Configuration Restore Configuration Select Restore Configuration to restore a previously saved configuration as shown below. The Restore Configuration results in the tear-down of all calls, configuration of all modules, and establishment of all calls found in the named configuration. The UNI must be UP to restore a configuration file containing one (or more) SVC. Follow the sequence below to check UNI status. If necessary, configure UNI before restoring the configuration.
Configuration System Configuration Set Power-on Default Select Save Config. for PowerUp to save a particular configuration for system power-up. Select Save Config. for PowerUp as shown below to retain the current configuration for PowerUp. Select System Management ↵ Select Configuration Files ↵ Select Save Config. For PowerUp ↵ Save Card Defaults Select Save Card Defaults to save the default configuration for the specific card.
Configuration Help Help The Help main menu item has two pull-down items: About and About Security. Choose About to obtain the hardware and software version data. This information is important when contacting customer service. Choose About Security to display the security mode and software version numbers. Broadmore 1750 - Release 4.
Configuration Help 7-74 Broadmore 1750 - Release 4.
CHAPTER 8 Maintenance and Troubleshooting In this Chapter Statistics ... 8-2 Troubleshooting ... 8-15 Repair/Replacement ... 8-30 General Maintenance ... 8-39 Summary of Front Panel LEDs ...
Maintenance and Troubleshooting Statistics Statistics Chassis Statistics ... 8-2 OC-12c/STM-4c NIM Statistics ... 8-3 Alarm Overview ... 8-4 Slot Statistics for NIM/SAM Cards ... 8-4 24-Hour Statistics ... 8-13 PLOA/AAL5 Statistics ... 8-14 Statistics are available to monitor the Broadmore 1750 operation at the chassis, individual module, or connection level. Thus, the statistics provide a good initial indication of performance and a means to isolate any problems that may arise.
Maintenance and Troubleshooting OC-12c/STM-4c NIM Statistics OC-12c/STM-4c NIM Statistics Slot statistics provide specific module level information. Follow the sequence below to select an OC-12c/STM-4c and view the statistics shown on the next page. Select System Management ↵ Select Monitor Activity ↵ Select Slot statistics ↵ Select OC-12 NIM (slot A shown) ↵ Broadmore 1750 - Release 4.
Maintenance and Troubleshooting Alarm Overview Alarm Overview When the slot selection screen (below) appears, the last column provides an alarm overview. This screen is accessed from either the monitor activity or configuration path and gives an indication for each slot of any major or minor alarm. From Monitor Activity, select the slot for more detailed alarm information. From Configuration, select the slot for more detailed alarm configuration information.
Maintenance and Troubleshooting Slot Statistics for NIM/SAM Cards Unstructured DS3 and Unstructured E3 SAM Statistics Operational statistics are provided in accordance with RFC 1407. Statistics for the Unstructured DS3 and Unstructured E3 are shown in separate windows below. Unstructured DS3 Statistics For Unstructured DS3 SAMs, the most recent 24 hours of statistical data is maintained in a separate file. This data is presented in 15-minute increments by port in spreadsheet format.
Maintenance and Troubleshooting Slot Statistics for NIM/SAM Cards The alarm display below has two columns to differentiate network and service errors. 8-6 Broadmore 1750 - Release 4.
Maintenance and Troubleshooting Slot Statistics for NIM/SAM Cards The standard error terms (such as PES for P-Bit Error Seconds) have a preceding letter, either S or N. The S represents the Service side of the DS3, and the N for the Network side. The display is divided into two columns, service and network, for clarity. Definitions are provided below for reference.
Maintenance and Troubleshooting Slot Statistics for NIM/SAM Cards Unstructured E3 SAM Statistics For Unstructured E3 SAMs, the most recent 24 hours of statistical data is maintained in a separate file.
Maintenance and Troubleshooting Slot Statistics for NIM/SAM Cards Structured DS3 SAM Statistics Operational statistics are provided in accordance with RFC 1407. Counters, alarms, and a summary are shown in separate windows following the sequence below. For Structured DS3 SAMs, the most recent 24 hours of statistical data is maintained in a separate file. This data is presented in 15-minute increments by port in spreadsheet format. Use the following steps to view the Structured DS3 SAM statistics.
Maintenance and Troubleshooting Slot Statistics for NIM/SAM Cards Select System Management ↵ Select Monitor Activity ↵ Select Slot Statistics ↵ Select Structured DS3 SAM ↵ Select one of the following statistics to view: * Port Counters * Port Alarms * Tributary Alarms * Select VP/VC for Statistics Collection * Connection Counters 8-10 Broadmore 1750 - Release 4.
Maintenance and Troubleshooting Slot Statistics for NIM/SAM Cards Broadmore 1750 - Release 4.
Maintenance and Troubleshooting Slot Statistics for NIM/SAM Cards 8-12 Broadmore 1750 - Release 4.
Maintenance and Troubleshooting 24-Hour Statistics 24-Hour Statistics Statistics for the most recent 24-hour period are maintained for DS3 modules. Statistics for each port are maintained in a file that may be transferred via FTP to a PC and viewed, using a spreadsheet program such as Microsoft Excel. The files are in the STATS directory, and named according to the following sequence: STATS\DS3C1.STA STATS\DS3C2.STA STATS\DS3C3.STA STATS\DS3F1.
Maintenance and Troubleshooting PLOA/AAL5 Statistics PLOA/AAL5 Statistics Follow the sequence below to select and view the PLOA/AAL5 statistics shown. Select System Management ↵ Select Monitor Activity ↵ Select PLOA/AAL5 Statistics ↵ 8-14 Broadmore 1750 - Release 4.
Maintenance and Troubleshooting Troubleshooting Troubleshooting LED Alerts ... 8-15 Error Codes ... 8-16 Redundancy ... 8-16 CPU Sync ... 8-17 Problem Isolation ... 8-18 Port Loopback ... 8-19 Failure Recovery ... 8-21 Alarm Response/Reset ... 8-22 Flowchart ... 8-22 Troubleshooting is the process of isolating the cause of a problem so that corrective action can be taken. Steps in this process narrow the focus of attention to the problem area.
Maintenance and Troubleshooting Error Codes Error Codes The software system will recognize and return both system and setup errors. These error codes provide troubleshooting clues for the user and Customer Service use in solving configuration and system errors. If a software error is returned to the display screen, follow the procedure below: 1. Record the error exactly as it appears on the screen. 2.
Maintenance and Troubleshooting CPU Sync CPU Sync Follow the sequence below to view the CPU synchronization status between redundant CPUs. This screen shows the progress of a normal CPU Sync and will refresh every few seconds. The messages usually do not indicate any problem but can be useful if troubleshooting is required. When a CPU sync is in progress, the screen will list the number of files remaining and the current file name being synchronized.
Maintenance and Troubleshooting Problem Isolation Problem Isolation Once you have determined that a problem exists, perform the following steps to isolate the problem for repair: 1. Check to ensure power is available to all modules. 2. Review the LED displays to determine if any module is in an alarm state. Evaluate the alarms and isolate the problem to the extent possible. 3. Review the slot configuration and look at the individual ports. Evaluate any information to further isolate the problem.
Maintenance and Troubleshooting Port Loopback Port Loopback The loopback function is the primary troubleshooting aid for isolation of circuit connectivity problems, both internal and external to the Broadmore 1750. Loopback is available on both the NIM and SAM. There are three loopback options on each SAM module, four on each NIM, see Figure 8-1. These loopbacks are set as a card configuration function (see “Module Configuration” on page 7-37 for details).
Maintenance and Troubleshooting Port Loopback CAM 7665 Broadmore User Equipment Tx ATM Network NIM SAM Rx Normal Normal -- No NoLoopbacks Loopback Broadmore CAM 7665 User Equipment Tx ATM Network NIM SAM Rx NIM Remote, Local, and Terminal NIM Remote, Local and Terminal Loopbacks Loopbacks Broadmore CAM 7665 User Equipment Tx ATM Network NIM SAM Rx SAM Local and Remote Loopbacks SAM Remote and Local Loopbacks Figure 8-1: Loopback Options 8-20 Broadmore 1750 - Release 4.
Maintenance and Troubleshooting Failure Recovery Failure Recovery Failure recovery is the sequence of events necessary to bring the Broadmore 1750 back to fully operational status after an unexpected service interruption. Throughout the recovery process, specific problems should be corrected following the troubleshooting flowchart (see Figure 8-2). The steps in failure recovery are: 1. Ensure sufficient stable electrical power is available to both the Broadmore 1750 and the control station.
Maintenance and Troubleshooting Alarm Response/Reset The failure recovery process is a logical sequence of events to restore connectivity.
Maintenance and Troubleshooting Flowchart Start Loss of Power Indication? Yes Check Cables/ Power Source/ Fuses & Repair No Overtemp Alarm ? Yes Inspect/replace/repair Fan Tray Assembly Yes Major Alarm ? No APM Alarm ? Yes 1 No Minor Alarm ? No Yes 2 No NIM Alarm ? Yes Major Alarm ? Yes 3 No Minor Alarm ? Yes 4 No No SAM Alarm ? Yes Major Alarm ? Yes 5 No No Minor Alarm ? Return to Normal Operation Yes 6 No Figure 8-2: Troubleshooting Flowchart Based On LEDs Broad
Maintenance and Troubleshooting Flowchart From 1 NIM Major Alarm? Yes Use loopbacks to verify alarm condition Check following most likely causes/correct as necessary: -equipment cable connectors -NIM configuration -reseat NIM module -replace NIM module Alarm Clears? Yes 1B No No 1A CPU Failure ? Yes Reset CPU from front panel switch Alarm Clears ? Yes 1B No No SAM Major Alarm? Yes Check following most likely causes/ correct as necessary: -cable connector to CPU/CPU I/O -reseat CPU/CPU I
Maintenance and Troubleshooting Flowchart From 2 NIM Minor Alarm? Yes Use loopbacks to isolate problem Check following most likely causes/correct as necessary: -equipment cable connectors -connected equipment operating normal -reseat NIM and NIM I/O -coordinate with distant end for AIS or loss of active service access channel as problem may be external Alarm Clears? Yes No 2A No SAM Major Alarm? Yes -Use loopbacks to isolate circuit -Check equipment cables -Check configuration -Reseat module -Rep
Maintenance and Troubleshooting Flowchart From 3 Use loopbacks to isolate alarm condition Alarm Internal? Yes Check following most likely causes/correct as necessary: -equipment cable connectors -NIM configuration -reseat NIM module -replace NIM module Alarm Clears? Yes No No Contact distant end have them start troubleshooting LOS-check Fiber LOF/LOP/LOCD check Sync Alarm Clears ? Alarm Clears? Yes Yes 3B No 3A No 3A Review Alarm Summary and System log- call Customer Service with pertinent
Maintenance and Troubleshooting Flowchart From 4 Use loopbacks to isolate alarm condition Alarm Internal? Yes Check following most likely causes/correct as necessary: -equipment cable connectors -NIM configuration -reseat NIM module -replace NIM module Alarm Clears? Yes No No RDI check alarms at far end and transmitter AIS-disable unused service channels or those not provisioned.
Maintenance and Troubleshooting Flowchart From 5 Use loopbacks to isolate alarm condition Alarm Internal ? Yes Ckeck most likely causes as necessary -SAM configuration -Reseat module -cable connections -replace SAM Alarm Clears ? Yes No No Contact Distant end - have them commence troubleshooting Reset Connected Equipment Alarm Clears ? Yes 5B Alarm Clears ? Yes No 5A No Review Alarm Summary and System Log - call Customer Service with pertinent information 5B Return to 5 Figure 8-7: SA
Maintenance and Troubleshooting Flowchart From 6 Use loopbacks to isolate alarm condition Alarm Internal? Yes Check most likely causes as necessary -Port configuration -reseat module -cable connections -replace SAM Alarm clears ? Yes No No Define actions to correct most probable causes Contact distant end have them commence troubleshooting Alarm Clears ? Yes 6 B Alarm clears ? Yes No No 6A Review Alarm Summary and System Log- call Customer Service with pertinent information 6B Return to
Maintenance and Troubleshooting Repair/Replacement Repair/Replacement Power Supply ... 8-31 NIM Replacement ... 8-32 SAM Replacement ... 8-33 IOM Replacement ... 8-34 CPU Replacement ... 8-35 CPU IOM Replacement ... 8-36 Fan Replacement ... 8-36 Integrated Fan/Alarm Module Replacement ... 8-37 Fan Filter Cleaning and Replacement ... 8-39 All repair/replacement actions should be accomplished by a qualified technician familiar with the Broadmore 1750 system.
Maintenance and Troubleshooting Power Supply Power Supply The Broadmore 1750 receives –48 VDC power at the chassis rear from a user-provided source. Repair/replacement of this source is external to the scope of this manual. Optionally, the Broadmore 1750 may be configured with a dual AC power supply. When an AC power source is used, the following steps are required to repair/replace a power supply module. The power supply is usually mounted directly below the Broadmore 1750.
Maintenance and Troubleshooting NIM Replacement NIM Replacement There are no field repairable items on a NIM. In a redundant configuration, replacement of a NIM will not impact user ATM network connectivity. In a single NIM configuration, all ATM connectivity will be disrupted during card replacement. Follow the steps below to replace a NIM. 1. Ensure that a replacement module is available. 2. Remove the chassis front cover.
Maintenance and Troubleshooting SAM Replacement SAM Replacement There are no field repairable items on a SAM. All user equipment connected to the defective SAM will lose ATM connectivity during replacement. Equipment connected via other SAM(s) will not have an ATM service disruption. Follow the steps below to replace a SAM: 1. Ensure that you have a replacement module. 2. Remove the chassis front cover.
Maintenance and Troubleshooting IOM Replacement IOM Replacement There are no field repairable items on an IOM. All user equipment connected to the defective IOM will lose ATM connectivity during replacement. Equipment connected via other IOM(s) will not have an ATM service disruption. Follow the steps below to replace an IOM: 1. Ensure that you have a replacement module. 2. Remove the chassis rear cover.
Maintenance and Troubleshooting CPU Replacement CPU Replacement CAUTION! WHEN INSTALLING A REPLACEMENT CPU IN A REDUNDANT CPU SYSTEM, DO NOT REBOOT OR POWER DOWN THE SYSTEM BEFORE CPU SYNCHRONIZATION IS COMPLETE AS INDICATED BY A SOLID STATUS LIGHT. NOTE: Each CPU card has a battery that should be replaced periodically. See Appendix B, Spare Parts List for part number information. There are no field-repairable items on the CPU card.
Maintenance and Troubleshooting CPU IOM Replacement 9. Return the defective CPU card for repair. Contact Customer Service for an RMA number and detailed procedures. CPU IOM Replacement There are no field-repairable items on the CPU IOM. This module does contain a unique part of the Ethernet address such that the Broadmore 1750 system must be alerted to the module change in order to restore service. Only replace the standby CPU or CPU IOM on a redundant system.
Maintenance and Troubleshooting Integrated Fan/Alarm Module Replacement 5. Firmly press the new fan assembly into place so that it is fully seated. Tighten both retaining screws (finger tight only). 6. Return the defective fan assembly for repair. Contact Customer Service for an RMA number and procedures. Integrated Fan/Alarm Module Replacement The integrated fan/alarm module has two replaceable fuses. Follow the steps below to replace a fuse. 1.
Maintenance and Troubleshooting Integrated Fan/Alarm Module Replacement 5. Remove the defective integrated fan/alarm module card by pulling it straight out the chassis front. 6. Insert the replacement integrated fan/alarm module, ensuring correct alignment with the card guides and midplane connector. 7. Firmly press the new integrated fan/alarm module into place so that it is fully seated with the midplane connector. Tighten the retaining screw (finger tight only). 8. Replace the chassis front cover. 9.
Maintenance and Troubleshooting General Maintenance General Maintenance Fan Filter Cleaning and Replacement ... 8-39 Maintenance/Diagnostics ... 8-40 Engineering Analysis ... 8-42 The Broadmore 1750 is designed to provide continuous service with minimal maintenance provided operational conditions remain within specifications. Cooling fans are included in the Broadmore 1750 to aid in heat dissipation. The fan tray has two air filters, one on each fan.
Maintenance and Troubleshooting Maintenance/Diagnostics Maintenance/Diagnostics CAMMI provides access to several maintenance and test functions under the Maintenance/Diagnostics main menu. These items are explained below. View System Log provides a historical record of events, such as configuration, establishing a PVC, or other action that affects service. Messages are filtered by privilege level.
Maintenance and Troubleshooting Maintenance/Diagnostics Bandwidth Utilization displays the amount of bandwidth being used, the remaining bandwidth available, and the percentage used. This can be recalculated by pressing 'R' when the screen displays. Reset to Defaults allows you to reset the Broadmore 1750 to the factory defaults settings. Broadmore 1750 - Release 4.
Maintenance and Troubleshooting Engineering Analysis Engineering Analysis There are several options under the Maintenance/Diags. menu reserved for use by Carrier Access engineers. A brief description is provided to aid in understanding the system. These commands should only be used in close coordination with Carrier Access engineers. Card Specific Functions leads to individual card diagnostics where you Peek and Poke various information fields.
Maintenance and Troubleshooting Engineering Analysis Reboot System reboots the CPU and uses the system setting in place prior to the reboot. This option is necessary when downloading new software revisions or changing your system’s IP address. The changes you make to system settings will not take effect until you reboot. Save Connection Table will preserve the current connection data in a text file format so that it can be viewed using any standard text editor. Broadmore 1750 - Release 4.
Maintenance and Troubleshooting Summary of Front Panel LEDs Summary of Front Panel LEDs The following table provides descriptions of the front panel LEDs for the Broadmore 1750. Module LED Display LED Color Definition APM Major Alarm Red Major fault for 2.5 seconds Minor Alarm *Over Temp None No major alarm Amber Minor alarm for 2.5 seconds Not Lit No minor alarm Red * Not supported at this time.
Maintenance and Troubleshooting Summary of Front Panel LEDs Module CPU LED Display LED Color Definition Amber Minor Green Normal, enabled Not Lit Out of service Master Green online as master Amber Standby On-line Activity Amber Normal activity Broadmore 1750 - Release 4.
Maintenance and Troubleshooting Summary of Front Panel LEDs 8-46 Broadmore 1750 - Release 4.
CHAPTER 9 Command Line Interface In this Chapter: CLI Access ... 9-2 Creating and Running Scripts ... 9-4 Port Configuration ... 9-6 Monitor ... 9-8 About Command ...
Command Line Interface CLI Access CLI Access The Command Line Interface (CLI) provides much the same functional control of the Broadmore 1750 as the CAMMI program. CLI commands are entered as text. The command prompt displays the current location from the cascading menu structure that parallels CAMMI. Therefore, a working knowledge of CAMMI makes navigation through CLI easier. NOTE: Use CAMMI for administrative features such as changing passwords or identifying new users.
Command Line Interface CLI Access Example: At the cli > prompt, enter ? to display a list of available commands. At this point, the level commands are: sys maintain about General commands are: up clear quit ? (help) The level commands correspond with the CAMMI main menu except for the administrative function, which is not implemented in CLI. Broadmore 1750 - Release 4.
Command Line Interface Creating and Running Scripts Creating and Running Scripts To reduce the time required to configure one or more Broadmores, you can script a series of CLI commands that can be saved to a file, uploaded to the Broadmore, and executed as needed. You can use a text editor or a terminal emulation program to create a script file. For example, using a terminal emulator such as Symantec Procomm®, you can perform the following steps to create a script and save it to a file.
Command Line Interface Creating and Running Scripts To upload and run a script file: 1. Log in to the Broadmore using FTP or SFTP. See “FTP Login” on page 10-21 or “SFTP Login” on page 11-43 for instructions. 2. Using your FTP or SFTP software, upload the script file to the script directory on the Broadmore’s online CPU. 3. Log into the Broadmore’s operating system using a valid user name and password.
Command Line Interface Port Configuration Port Configuration This example shows how to use CLI to configure a DS3 port. Follow the steps below from the initial CLI screen to access the configuration items. The steps shown below must be entered in sequence one-at-a-time. CLI does not support going directly to the last screen via a single entry (e.g., a single entry of sys/config/slot/c/port1/ configoperation/show will give an error for unrecognized entry). Each parameter can be revised.
Command Line Interface Port Configuration Then type show and press Enter to see that the change has taken effect. Note that the above general commands have two additional items: cancel and save. The normal way to leave any screen is to enter up, which takes you to the previous command level. However, this is not allowed on this screen because configuration data has been altered. This data must be either discarded (cancel) or retained (save) before proceeding.
Command Line Interface Monitor Monitor Use Monitor to display system operation statistics. The CLI command string to monitor and show port counters is displayed below. Note that an additional command, reset, is available. Reset will zero all counters. This was done as the first command in the display below. 9-8 Broadmore 1750 - Release 4.
Command Line Interface About Command About Command The About command, accessed from the initial CLI> prompt will provide information about each slot, including: Type module Module serial number Hardware revision Software revision The information displayed is tailored for the type of module. This information is particularly valuable when contacting Customer Service. Broadmore 1750 - Release 4.
Command Line Interface About Command 9-10 Broadmore 1750 - Release 4.
10 CHAPTER Security Management In this Chapter: Security Features ... 10-2 Security Guidance ... 10-3 Logging In ... 10-5 Log-in Banner ... 10-6 System Clock ... 10-7 Network Time Protocol ... 10-8 Managing Users and Audit Trails ... 10-10 IP ICMP Messages ... 10-17 SNMP Messages ... 10-18 Shell Commands (Non-FIPS Mode) ... 10-19 FTP Login ...
Security Management Security Features Security Features The Broadmore provides the following security features: User ID and password authentication Four levels of user privileges for accessing command functions Configuration activity audit trails Enable/disable SNMP and ICMP messages SNMPv3 USM/VACM Log-in Banner for special user instructions Only the Network Administrator (SuperUser) can create and modify user accounts, set access privileges, and monitor user activity audit trails.
Security Management Security Guidance Security Guidance Receipt and Inspection – Broadmore components containing operating system software are packaged and sealed at the factory with tamper-proof security tape. Upon receipt, carefully examine the security sealing tapes on the shipping containers for any signs of tampering. (See “Receipt” on page 3-2.
Security Management Security Guidance System Clock – The system clock is used to time stamp all events recorded in the system log and user audit log. To set the system clock, see “System Clock” on page 10-7. User Administration – The Broadmore authenticates users by identification and role-based access privilege levels and maintains an audit trail activity log.
Security Management Logging In Logging In The following example uses the Windows telnet client software. To log into the Broadmore: 1. Open a telnet window. 2. Type in the Hostname and Username. The Hostname is the IP address of the Broadmore, and the Username is admin. 3. Select Keyboard Interactive from the Primary pull-down menu in the Authentication panel. 4. Click Connect. NOTE: For initial system installation, the factory default user name is SYSADMIN and the password is INITIAL.
Security Management Log-in Banner Log-in Banner The Broadmore provides the ability to insert a customizable banner that will appear when a user logs in. The banner is a simple way to provide special instructions to the user. A SuperUser can implement this feature by using ftp or SFTP to download a banner text file, named banner.txt, to the Broadmore cam directory.
Security Management System Clock System Clock The Broadmore CPU system clock provides the time and date stamp used for system logs, events, and audit trails. A SuperUser must set the system clock either manually after powering up the Broadmore or configure the Broadmore to use a network timing source (see “Network Time Protocol” on page 10-8). Select Set System Time from the Administration menu. Then set the Month, Day, Year, Hour, and Minute to the correct values.
Security Management Network Time Protocol Network Time Protocol The Broadmore CPU system clock provides the time and date stamp used for system logs, events, and audit trails. A SuperUser must set the system clock either manually after powering up the Broadmore (see “System Clock” on page 10-7) or configure the Broadmore to use a network time source as described below.
Security Management Network Time Protocol Item Options Comments SNTP Enable, Disable When enabled, the Broadmore system clock will be synchronized to the network time source. NTP Server IP The IP address of the primary network time source. Server Port 0 to 32767 Timeout (sec) 1 to 100 Aux NTP Server IP The time to wait for a response from the primary network time source.
Security Management Managing Users and Audit Trails Managing Users and Audit Trails User ID Rules ... 10-10 Change User ID ... 10-11 User Audit Trails ... 10-13 User ID Rules A SuperUser can set the minimum allowable number of characters in user names and passwords by selecting User ID Rules from the Administration menu. From this menu, select the Username or Password and enter the required minimum number of characters. 10-10 Broadmore 1750 - Release 4.
Security Management Change User ID Change User ID The Change User ID menu allows a SuperUser to add, delete, and modify user IDs. (Any user can change their own password using the Change Password menu.) Adding a User Enter the following information for each user that is added. Item Options Comments User ID A unique user identifier Password/ Password A unique password for the user and a second password field to confirm Privilege BROWSER OPERATIONS SYS_ADMIN SUPER_USER The level of user access.
Security Management Change User ID Deleting a User After you select the user to be deleted, a confirmation message appears. Select Yes to delete the user, or No to exit without making any changes. Modifying a User After you select the user to be modified, enter the appropriate information in the 10-12 Broadmore 1750 - Release 4.
Security Management User Audit Trails Modify User fields. See “Adding a User” on page 10-11 for more information on the individual fields. User Audit Trails NOTE: It is recommended that audit trails remain disabled until deployment of the Broadmore with the anticipated “power up” configuration is complete. This prevents the audit logging of numerous initial installation configuration changes. Only a SuperUser can enable or disable this function or use shell commands to access the audit file.
Security Management User Audit Trails NOTE: The audit file is located in the cam directory. The craft port will allow cat, head, or tail commands in the non-FIPS mode. NOTE: Audit files can be up to 200k bytes, with the most recent data being located at the end of the file. Use the tail command to display the end of the file. For detailed examination, it is best to upload the file via FTP. To display the audit file, at the Broadmore > prompt, enter the following commands: cd cam ↵ tail audit.
Security Management User Audit Trails Deleting Audit Trails A user can delete the contents of the system log by using the CAMMI (Maintenance/Diags, View System Log, Delete command) or the corresponding CLI command. However, this only deletes the events that can be viewed by their access level. Archiving Audit Trails A SuperUser can archive the audit.txt and audit_o.txt files using an FTP client to copy the files to another computer or storage device.
Security Management User Audit Trails To display the system log, log into the Broadmore and enter the following commands at the Broadmore prompt: cli ↵ maintain ↵ systemlog ↵ showi ↵ You can then navigate through the system log by following the instructions appearing at the bottom of the window. To delete the system log, enter clearlog instead of showi. 10-16 Broadmore 1750 - Release 4.
Security Management IP ICMP Messages IP ICMP Messages You can use the Internet Control Message Protocol selection to enable or disable all ICMP messages for Internet Protocols such as ping or echo. Disabling ICMP is a common defense against denial-of-service attacks using ping floods. Broadmore 1750 - Release 4.
Security Management SNMP Messages SNMP Messages You can use the SNMP Properties selection to enable or disable SNMP messages. The Broadmore supports older SNMP v1 and v2, as well as newer SNMPv3 protocols. You have the option to disable only SNMPv1 and v2 messages, or all SNMP messages. Only a SuperUser or SysAdmin can access or change these properties (see “SNMP Properties” on page 12-3).
Security Management Shell Commands (Non-FIPS Mode) Shell Commands (Non-FIPS Mode) Shell commands are UNIX-like commands provided by the embedded pSOS operating system. Command syntax is available using the “help” command. Authorized Access to each command is based on the user privilege level. FIPS Mode The Broadmore is shipped with FIPS mode security turned off. A SuperUser can use the fipsmode shell command to enable FIPS mode operation (see “Security Management (FIPS Mode)” on page 11-1).
Security Management Authorized Access to Shell Commands User ID → ↓ Authorized Services head help ifconf ls md mem mkdir move mv netstat ping pwd rd resetSecurID resetSecurIDIp rm rmdir route savert scp selftest setbaud setenv settimeout setwrite sigmem sshdSessionShow sshdShow tail 10-20 Super_User Sys_Admin Operations • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • Browser • • • • • • • • • • • • • • Broadmore 1750 - Rele
Security Management FTP Login User ID → ↓ Authorized Services Super_User Sys_Admin • • • touch zeroize Operations Browser FTP Login Users can login using ftp to access Broadmore administrative functions over IP. To log in to the Broadmore: 1. 2. 3. 4. Open your ftp program. The Connect window opens. Enter the IP address of the Broadmore. Enter the Username: SYSADMIN (the username is case sensitive).
Security Management FTP Login 10-22 Broadmore 1750 - Release 4.
11 CHAPTER Security Management (FIPS Mode) In this Chapter: Security Features ... 11-2 Security Guidance ... 11-3 Authentication and Identification ... 11-6 Authorized Services ... 11-7 Key Management ... 11-8 Logging In ... 11-9 Log-in Banner ... 11-13 System Clock ... 11-14 Network Time Protocol ... 11-15 Changing Security Modes ... 11-17 User Administration and Audit Trails ... 11-26 Shell Commands (FIPS Mode) ... 11-34 SFTP Login ... 11-43 SecurID Features ...
Security Management (FIPS Mode) Security Features Security Features This release of the Broadmore includes the Broadmore/SSHield Management Module, which is a FIPS 140-2 validated software-only module that meets the security requirements of Federal Information Processing Standard PUB 140-2. The Broadmore/ SSHield Management Module enables the secure operation and control of the Broadmore’s ATM configuration parameters via a command line interface (CLI) or menu based interface (CAMMI).
Security Management (FIPS Mode) Security Guidance Additional security-relevant features include: Enable/disable SNMP and ICMP messages SNMPv3 USM/VACM Log-in Banner for special user instructions Security Guidance Receipt and Inspection – Broadmore components containing FIPS 140-2 validated software are packaged and sealed at the factory with tamper-proof security tape. Upon receipt, carefully examine the security sealing tapes on the shipping containers for any signs of tampering.
Security Management (FIPS Mode) Security Guidance Potential Security Vulnerabilities (1) Disabling fipsmode deletes existing user access accounts and cryptographic keys and reverts the Broadmore to the factory default SuperUser ID and password, which can deny management access and compromise security. No one can log in till the Broadmore is rebooted. It is recommended that the fipsmode be changed only during initial setup and decommissioning.
Security Management (FIPS Mode) Security Guidance User Administration – The Broadmore authenticates users by identification and role-based access privilege levels and maintains an audit trail activity log. Only a SuperUser can assign users and access levels, set the minimum number of characters required for user names and passwords (user ID rules), and clear the system log. The security officer must ensure that all users change their passwords periodically in accordance with local security practice.
Security Management (FIPS Mode) Authentication and Identification Authentication and Identification The cryptographic module supports distinct operator roles and enforces the separation of these roles using identity-based operator authentication that requires a Username and Password, and optional SecurID. The SecurID option has no effect on FIPS 140-2 compliance. When SecurID is enabled, operators must also enter a SecurID token before they can gain access to the Broadmore.
Security Management (FIPS Mode) Authorized Services Authorized Services The following table lists the authorized services available to each privilege level.
Security Management (FIPS Mode) Key Management Key Management A DSA private hosts key is required for SSH2 connection to the Broadmore. Default DSA Key During manufacture, a default host_dsa key file is placed in the /SSHD directory of the Broadmore CPU. This default key is intended only for use in initializing the Broadmore after installation at the customer site and should be changed by the SuperUser (Crypto Officer) before making the Broadmore operational.
Security Management (FIPS Mode) Logging In Logging In NOTE: If FIPS mode is currently turned off, you must follow the nonFIPS mode instructions for “Logging In” on page 10-5. Broadmore units are shipped from the factory with SecurID turned off and FIPS mode turned off. After logging into the Broadmore, the Crypto Officer can configure the Broadmore to use SecurID, if desired. Using both SecurID and FIPS mode with the Broadmore provides a two-stage login. First, users log in using RSA SecurID.
Security Management (FIPS Mode) Logging in with SecurID Disabled 3. Type in the Hostname and Username. The Hostname is the IP address of the Broadmore, and the Username is the Broadmore user name. 4. Click Connect. 5. When the Broadmore Login message appears, type in the Login and Password. You will need to press Enter after each. (The factory defaults for the initial installation are SYSADMIN and INITIAL.) After successfully logging in, the Broadmore command prompt displays.
Security Management (FIPS Mode) Logging in with SecurID Enabled Logging in with SecurID Enabled The following example uses SecureCRT as the secure client software. To log into the RSA SecurID server: 1. Open SecureCRT. The Quick Connect window opens. 2. Select ssh2 from the Protocol pull-down menu. 3. Type in the Hostname and Username. The Hostname is the IP address of the Broadmore, and the Username is the SecurID user name that is configured on the RSA SecurID server with a token assigned to it. 4.
Security Management (FIPS Mode) Logging in with SecurID Enabled The Keyboard Interactive Authentication opens. 6. Type in the SecurID passcode, and click OK. 7. After successfully logging into SecurID, the Broadmore login displays. 8. Type the Login and Password. You will need to press Enter after each. (The factory defaults for the initial installation are SYSADMIN and INITIAL.) After successful login, the Broadmore command prompt appears. 11-12 Broadmore 1750 - Release 4.
Security Management (FIPS Mode) Log-in Banner Log-in Banner The Broadmore provides the ability to insert a customizable banner that will appear when a user logs in. The banner is a simple way to provide special instructions to the user. A SuperUser can implement this feature by using ftp or SFTP to download a banner text file, named banner.txt, to the Broadmore cam directory. There is no limit to the size of this file.
Security Management (FIPS Mode) System Clock System Clock The Broadmore CPU system clock provides the time and date stamp used for system logs, events, and audit trails. A SuperUser must set the system clock either manually after powering up the Broadmore or configure the Broadmore to use a network timing source (see “Network Time Protocol” on page 11-15). Select Set System Time from the Administration menu. Then set the Month, Day, Year, Hour, and Minute to the correct values.
Security Management (FIPS Mode) Network Time Protocol Network Time Protocol The Broadmore CPU system clock provides the time and date stamp used for system logs, events, and audit trails. A SuperUser must set the system clock either manually after powering up the Broadmore (see “System Clock” on page 11-14) or configure the Broadmore to use a network time source as described below.
Security Management (FIPS Mode) Network Time Protocol Item Options Comments SNTP Enable, Disable When enabled, the Broadmore system clock will be synchronized to the network time source. NTP Server IP The IP address of the primary network time source. Server Port 0 to 32767 Timeout (sec) 1 to 100 Aux NTP Server IP The time to wait for a response from the primary network time source.
Security Management (FIPS Mode) Changing Security Modes Changing Security Modes Help About Security ... 11-17 Enabling FIPS Mode ... 11-18 Disabling FIPS Mode ... 11-20 Enabling SecurID ... 11-21 Disabling SecurID ... 11-24 IP ICMP Messages ... 11-24 SNMP Messages ... 11-25 Only a Crypto Officer (SuperUser) can change the security modes. The Broadmore is shipped from the factory with FIPS mode and SecurID turned off.
Security Management (FIPS Mode) Enabling FIPS Mode Item Comments FIPS Mode Active Broadmore is in FIPS 140-2 validated operating mode Security inactive; non-FIPS mode Broadmore is not in FIPS approved operating mode FIPS Lib Rev Version of FIPS Library. SSHield Version of SSHield software Built Build date of SSHield software Enabling FIPS Mode Only a Superuser (Crypto Officer) can change the security modes. The Broadmore is shipped from the factory with FIPS mode turned off.
Security Management (FIPS Mode) Enabling FIPS Mode 4. Reboot the Broadmore for the change to take effect by entering the following commands at the Broadmore prompt: cli ↵ maintain ↵ redundancy ↵ cpu ↵ rebootstandby ↵ releasecpu ↵ NOTE: The above command sequence reboots the standby CPU (if any) and then the online CPU. In a redundant system, both CPUs must be rebooted into the FIPS mode. Rebooting the online CPU will terminate the current management session.
Security Management (FIPS Mode) Disabling FIPS Mode Disabling FIPS Mode Only a Superuser (Crypto Officer) can change the security modes. The security mode can only be changed after successfully logging into the Broadmore, then performing the following steps. CAUTION! DISABLING FIPSMODE WILL DELETE EXISTING USER ACCESS ACCOUNTS AND CRYPTOGRAPHIC KEYS AND REVERT THE BROADMORE TO THE FACTORY DEFAULT SUPERUSER ID AND PASSWORD, WHICH CAN DENY MANAGEMENT ACCESS AND COMPROMISE SECURITY.
Security Management (FIPS Mode) Enabling SecurID 4. Log into the Broadmore using a conventional terminal emulator such as Telnet (see “Logging In” on page 10-5). 5. Start up the CAMMI interface by entering the following command at the Broadmore prompt: cammi ↵ 6. Verify that the Broadmore is not in FIPS mode by observing that the CAMMI Help / About Security screen shows that FIPS mode is inactive.
Security Management (FIPS Mode) Enabling SecurID Setting up the first CPU 2. Using an SSH terminal emulator, log into the online CPU and ensure that the Broadmore is operating in FIPS mode (see “Help About Security” on page 11-17). If FIPS mode is not enabled, follow the procedure in “Enabling FIPS Mode” on page 11-18 to turn on FIPS mode and then reboot the Broadmore. 3. On the SecurID server, create an Agent Host for the Broadmore and a sdconf.rec file. 4. Using SFTP software, put the sdconf.
Security Management (FIPS Mode) Enabling SecurID Item Options Comments SecurID Enable, Disable This feature is described in the Carrier Access RSA SecurID Ready Implementation Guide for the Broadmore 500, 1700, and 1750. This guide also describes how to manipulate the security options in the “sdopts.rec” file. SecurID IP Interface No change, IP, LANE, CIP If you choose “no change,” any pre-existing sdopts.rec file will not be affected. If no sdopts.
Security Management (FIPS Mode) Disabling SecurID Disabling SecurID NOTE: SecurID is only available when FIPS mode is turned on (see “Enabling FIPS Mode” on page 11-18). Only the online CPU can be accessed when SecurID is enabled. Only a Superuser (Crypto Officer) can change the security modes. The Broadmore is shipped from the factory with SecurID turned off. The security mode can only be changed after successfully logging into the Broadmore while in its current security mode. 1.
Security Management (FIPS Mode) SNMP Messages SNMP Messages You can use the SNMP Properties selection to enable or disable SNMP messages. The Broadmore supports older SNMP v1 and v2, as well as newer SNMPv3 protocols. You have the option to disable only SNMPv1 and v2 messages, or all SNMP messages. Only a SuperUser or SysAdmin can access or change these properties (see “SNMP Properties” on page 12-3).
Security Management (FIPS Mode) User Administration and Audit Trails User Administration and Audit Trails User ID Rules ... 11-26 Change User ID ... 11-27 User Audit Trails ... 11-30 User ID Rules A SuperUser can set the minimum allowable number of characters in user names and passwords by selecting User ID Rules from the Administration menu. From this menu, select the Username or Password and enter the required minimum number of characters.
Security Management (FIPS Mode) Change User ID Change User ID The Change User ID menu allows a SuperUser to add, delete, and modify user IDs. NOTE: After logging in, any user can change their own password using the Change Password menu. Adding a User Enter the following information for each user that is added.
Security Management (FIPS Mode) Change User ID Item Options Comments Craft Access Enable, Disable Access through the serial port on the front of the CPU. Remote Access Enable, Disable Access through the Ethernet port on the CPU IOM. Deleting a User After you select the user to be deleted, a confirmation message appears. Select Yes to delete the user, or No to exit without making any changes. 11-28 Broadmore 1750 - Release 4.
Security Management (FIPS Mode) Change User ID Modifying a User After you select the user to be modified, enter the appropriate information in the Modify User fields. Item Options Comments User ID A unique user identifier Password/ Password A unique password for the user and a second password field to confirm Privilege BROWSER OPERATIONS SYS_ADMIN SUPER_USER The level of user access. See “User Configuration” on page 7-23.
Security Management (FIPS Mode) User Audit Trails User Audit Trails NOTE: It is recommended that audit trails remain disabled until deployment of the Broadmore with the anticipated “power up” configuration is complete. This prevents the audit logging of numerous initial installation configuration changes. Only a SuperUser can enable or disable this function or use shell commands to access the audit file. Only a SuperUser can enable or disable this function or use shell commands to access the audit files.
Security Management (FIPS Mode) User Audit Trails NOTE: The audit file is located in the cam directory and can only be accessed via SSH2. The craft port does not allow cat, head, or tail commands in the FIPS mode. NOTE: Audit files can be up to 200k bytes, with the most recent data being located at the end of the file. Use the tail command to display the end of the file. For detailed examination, it is best to upload the file via FTP or SFTP.
Security Management (FIPS Mode) User Audit Trails to audit_o.txt, in case a SuperUser wants to access the old file via SecureFX in SFTP mode. A new file is then opened named audit.txt and new data is written to that file. Deleting Audit Trails A user can delete the contents of the system log by using the CAMMI (Maintenance/Diags, View System Log, Delete command) or the corresponding CLI command. However, this only deletes the events that can be viewed by their access level.
Security Management (FIPS Mode) User Audit Trails To display the system log, log into the Broadmore and enter the following commands at the Broadmore prompt: cli ↵ maintain ↵ systemlog ↵ showi ↵ You can then navigate through the system log by following the instructions appearing at the bottom of the window. To delete the system log, enter clearlog instead of showi. Broadmore 1750 - Release 4.
Security Management (FIPS Mode) Shell Commands (FIPS Mode) Shell Commands (FIPS Mode) fipsmode ... 11-34 selftest ... 11-34 settimeout ... 11-35 sshdShow ... 11-35 sshdSessionShow ... 11-37 scp ... 11-38 resetSecurID ... 11-39 zeroize ... 11-40 Authorized Access to Shell Commands ... 11-41 Shell commands are UNIX-like commands provided by the embedded operating system. Command syntax is available using the “help” command. Authorized Access to each command is based on the user privilege level.
Security Management (FIPS Mode) settimeout DSA Passed FIPS 186-2 RAND Passed RSA Passed SHA1 Passed IMAGE SIG VERIFY Passed HMAC-SHA1 Passed NOTE: If a manually initiated self-test results in a self-test failure, the management module will reboot. NOTE: A FIPS algorithm self-test failure will immediately disable all management connections, as required by FIPS-2.
Security Management (FIPS Mode) sshdShow 11-36 Broadmore 1750 - Release 4.
Security Management (FIPS Mode) sshdSessionShow sshdSessionShow A SuperUser (Crypto Officer) can access the information about current active ssh server sessions, at the Broadmore prompt, by typing sshdSessionShow. An example of the output is provided in the following graphic.
Security Management (FIPS Mode) scp scp A SuperUser (Crypto Officer) can copy files to a specific directory, using the secure copy (scp) command. Using SCP The scp client can be invoked from a target-OS shell by running scp and passing all options as parameter strings. Examples are provided below.
Security Management (FIPS Mode) resetSecurID resetSecurID A SuperUser (Crypto Officer) can use the resetSecurID command to reset the node secret file. This command is necessary if the system administrator has, for example, changed the server and needs to get a fresh node secret file. At the Broadmore> prompt, type resetSecurID as shown in the following figure, and then press Enter. The node secret file resets, and the screen returns to the prompt. There is no output with this command.
Security Management (FIPS Mode) zeroize zeroize WARNING! THE ZEROIZE COMMAND WILL DECOMMISSION THE CPU MODULE AND MAKE IT INOPERABLE (THE CPU WILL NOT REBOOT). THIS COMMAND WILL PERMANENTLY ERASE ALL CRITICAL SECURITY PARAMETERS AND CPU DISK-ON-CHIP MEMORY. A ZEROIZED CPU CONTAINS NO SECURITY DATA OR OPERATING SYSTEM SOFTWARE. A ZEROIZED CPU CAN BE RETURNED TO THE FACTORY FOR REPAIR. This command is not intended for normal operational use.
Security Management (FIPS Mode) Authorized Access to Shell Commands Authorized Access to Shell Commands The following table lists the authorized commands available to each access privilege level when operating in FIPS mode. User ID → ↓ Authorized Services arp cammi (start GUI interface) cat cd cli cmp comp copy cp del dir du echo fipsmode head help ifconf ls md mem mkdir move mv netstat ping Broadmore 1750 - Release 4.
Security Management (FIPS Mode) Authorized Access to Shell Commands User ID → ↓ Authorized Services pwd rd resetSecurID resetSecurIDIp rm rmdir route savert scp selftest setbaud setenv settimeout setwrite sigmem sshdSessionShow sshdShow tail touch zeroize 11-42 Super_User Sys_Admin Operations • • • • • • • • • • • • • • • • • • • • • • Browser • • • • • • • Broadmore 1750 - Release 4.
Security Management (FIPS Mode) SFTP Login SFTP Login Users can login using SFTP to access Broadmore administrative functions the same way as ftp. With SFTP, the data is encrypted as it flows to and from the Broadmore over IP. The following procedure provides an example of how to login using SFTP using SecureFX. Logging in with SecurID Disabled To log in to RSA SecurID and the Broadmore: 1. Open SecureFX. The Connect window opens. 2. Right-click on the connection you want to use, and select Properties.
Security Management (FIPS Mode) Logging in with SecurID Disabled 3. In the Session panel, type the IP address of the Broadmore, and select SFTP from the Protocol pull-down menu. NOTE: Some secure ftp clients do not allow a colon as the first character. The following step works with SecureFX. 4. In the SFTP logon panel, type in the Hostname and Username. The Hostname is the IP address of the Broadmore; the Username is Broadmore local user name prefixed by a colon (for example, :SYSADMIN). 5.
Security Management (FIPS Mode) Logging in with SecurID Disabled Broadmore 1750 - Release 4.
Security Management (FIPS Mode) Logging in with SecurID Enabled Logging in with SecurID Enabled To log in to RSA SecurID and the Broadmore: 1. Open SecureFX. The Connect window opens. 2. Right-click on the connection you want to use, and select Properties. The Session Configuration window opens. 3. In the Session panel, type the IP address of the Broadmore, and select SFTP from the Protocol pull-down menu. 4. In the SFTP logon panel, type in the Hostname and Username.
Security Management (FIPS Mode) Logging in with SecurID Enabled 6. Click OK. The following prompt appears: 7. Click OK. The Keyboard Interactive Authentication window opens. 8. Type in the SecurID passcode, and click OK. A second Keyboard Interactive Authentication window opens. 9. Type in the local Broadmore password, and click OK. After successfully logging into SecurID, the SecureFX window appears as shown in the following graphic. Broadmore 1750 - Release 4.
Security Management (FIPS Mode) Logging in with SecurID Enabled 11-48 Broadmore 1750 - Release 4.
Security Management (FIPS Mode) SecurID Features SecurID Features SecurID is an option that may be used to help authenticate a user prior to logging into the Broadmore/SSHield Management Module. SecurID does not use FIPS approved algorithms but using SecurID does not in any way affect the security provided by the FIPS-2 validated Broadmore/SSHield Management Module. Feature Details RSA Authentication Methods Supported Native SecurID RSA Authentication Manager/Agent Library Version 5.0.
Security Management (FIPS Mode) Residual Data and Memory Volatility Residual Data and Memory Volatility Non-Volatile Memory ... 11-50 Network Interfaces ... 11-51 Sanitation Procedures ... 11-51 This notice summarizes relevant security concerns associated with the movement of sensitive data through any Broadmore ATM Multiplexer and subsequent redeployment of these products into open environments.
Security Management (FIPS Mode) Network Interfaces Network Interfaces Network Interface Modules (NIMs) are installed in the Broadmore ATM Multiplexer and provide an interface to the ATM network. Each NIM contains non-volatile Flash memory for storing run-time code. These chips are not physically accessible from the ATM data path and thus cannot store data that passes through the Broadmore.
Security Management (FIPS Mode) Sanitation Procedures 11-52 Broadmore 1750 - Release 4.
12 CHAPTER SNMP Configuration In this Chapter: SNMP Overview ... 12-2 SNMP Properties ... 12-3 USM/VACM Configuration ... 12-6 Trap Configuration ...
SNMP Configuration SNMP Overview SNMP Overview Simple Network Management Protocol (SNMP) is a plain-text service with no access to any critical security parameters (CSPs). The Broadmore supports SNMP v1, v2, and v3. Follow the sequence below to configure the SNMP parameters. NOTE: SNMPv3 configuration must be performed through CAMMI. Do not use the CLI to configure SNMPv3 parameters.
SNMP Configuration SNMP Properties SNMP Properties These settings can only be accessed and changed by a SuperUser or SysAdmin. SNMP properties allow the user to control SNMP operation. . Select System Management ↵ Select Configure ↵ Select System Services ↵ Select SNMP Configure ↵ Select SNMP Properties ↵ Select the item you want to configure. With each selection, confirm your changes and press Esc to exit. Broadmore 1750 - Release 4.
SNMP Configuration SNMP Properties The following table lists the SNMP property selections. Item Options Comments SNMP (any) Enable, Disable Enables or disables all SNMP messages. SNMP v1/v2 Enable, Disable Enables or disables only SNMP v1 and v2 messages. SNMPv3 messages are enabled. CLI Traps Enable, Disable This selection is a switch (enable/disable) that allows you to view trap messages when logged into CLI. When enabled, trap messages will echo to the screen when they occur.
SNMP Configuration SNMP Properties Example: Squelching Traps The system will be delivered from the factory with the squelch level at “below current level”.
SNMP Configuration USM/VACM Configuration USM/VACM Configuration Users ... 12-8 Groups ... 12-13 Views ... 12-16 Access ... 12-19 Communities ... 12-24 SNMPv3 supports the User-based Security Model (USM) and View-based Access Control Model (VACM). These settings can only be accessed and changed by a SuperUser (Crypto Officer).
SNMP Configuration USM/VACM Configuration USM provides authentication and privacy services for SNMPv3. USM provides improved security over SNMPv1 and SNMPv2 by adding encryption and synchronized time indicators. Although USM uses cryptography to support the underlying protocol, it is a plain-text service and does not provide the level of data confidentiality or protection required by FIPS-2. Consequently, it should be treated like any other plaintext service port.
SNMP Configuration Users Users This selection allows you to control users and their access privileges. Once this menu option is chosen, a list of existing users will be displayed. The screen below shows the two predefined users.
SNMP Configuration Users When adding a new user (either through New or Copy action), the system will present an option to either enter the Authentication and Privacy (Encryption) Key either directly (Key) or as a Password (Password to Key), as shown below. In case you choose to enter the key information as a password, the system will internally generate a key value corresponding to the password entered and maintain that information for the user.
SNMP Configuration Users Screen for entering User Key Screen for entering User Password 12-10 Broadmore 1750 - Release 4.
SNMP Configuration Users Use the Esc key to exit this menu. If you have made any changes to the Users information the system will ask you for confirmation on whether you want to accept the changes or not. NOTE: The entries in the User table are not actual users of the system. These usernames cannot be used for authentication in order to access the Broadmore administration functionality. The following table describes the selections.
SNMP Configuration Users User Edit Rules The following table describes which parameters can be modified in a Users table entry. 12-12 Item Edit Allowed User Name No Auth Password No Priv Password No Auth Yes Priv Yes Storage Yes Broadmore 1750 - Release 4.
SNMP Configuration Groups Groups The VACM model supports the concept of categorizing users into groups. A group is a unique pair defined by the parameters “User Name” and “Security Model” (see table below). The screen below shows the four predefined groups. Follow the sequence below to modify the list.
SNMP Configuration Groups Once this menu option is chosen, a list of existing groups will be displayed. To choose the required action on groups, highlight any of the existing entries and press the Enter key. The screen below shows the New Groups Entry. The following table describes the selections. Item Options Comments Group Name string value for Group Name, 1 to 30 characters. User Name string value for User Name, 1 to 30 characters.
SNMP Configuration Groups Use the Esc key to exit this menu. If you have made any changes to the user information, the system will prompt you for confirmation on whether you want to accept the changes or not. Group Edit Rules The following table describes which parameters can be modified in a Groups table entry. Item Edit Allowed Group Name Yes User Name No Security Model No Storage Yes Broadmore 1750 - Release 4.
SNMP Configuration Views Views This selection allows you to create a views and assign object identifiers. The screen below shows the predefined “iso” view.
SNMP Configuration Views Once this menu option is chosen, a list of existing groups will be displayed. To choose the required action on groups, highlight any of the existing entries and press the Enter key. The following shows the New View SubTrees Entry screen. The managed objects in Broadmore are organized in a tree structure, known as a MIB tree, based on the OID (Object Identifier) of each object. A view defines a particular subtree in this MIB tree.
SNMP Configuration Views Item Options Comments Storage Volatile Non-volatile Permanent Readonly Other Settings lost without power. Settings can be changed. Settings can not be deleted. Settings can not be changed. Use the Esc key to exit this menu. If you have made any changes to the Users information, the system will prompt you for confirmation on whether you want to accept the changes or not. View Edit Rules The following table describes which parameters can be modified in a Views table entry.
SNMP Configuration Access Access This selection allows you to control access to each Group.
SNMP Configuration Access Once this menu option is chosen, a list of existing access entries will be displayed. To choose the required action on an entry, highlight any of the existing entries and press the Enter key. The following shows the New Access Entry screen. The Access entries implement the SNMP access policy for the Broadmore. For more details, see Access Policy below. The access table is used to enforce fine-grained access rights that form an access policy.
SNMP Configuration Access Item Options Comments Notify View Name string A view name from the Views in the system, 1 to 30 characters. The Notify View Name is for traps and notifications. Context Prefix string A string, 1 to 30 characters. The interpretation depends on the value of the Prefix Match. If not specified, the default is an empty string, "". Prefix Match Exact Prefix Exact – the contextName must match the Context Prefix.
SNMP Configuration Access Access Edit Rules The following table describes which parameters can be modified in a Access table entry. Item Edit Allowed Group Name No Read View Name Yes Write View Name Yes Notify View Name Yes Security Model No Security Level No Storage Yes Access Policy The USM/VACM configuration defines the complete access policy in effect for incoming SNMP requests in the system. SNMP users and a Security model define a SNMP group.
SNMP Configuration Access • whether the user sending the SNMP request is eligible to get or set the MIB variable. This is determined by looking up the “Read” and “Write” parameters of the Access table • the exact set of MIB variables (managed objects) that will be visible to the user. This is determined by the Views table entries. • access based on the security model set in Groups and Access table.
SNMP Configuration Communities Communities Broadmore supports SNMPv1 and SNMPv2 through the SNMPv3 co-existence model. SNMPv1 and SNMPv2 community strings can be defined using the following menu option. Broadmore permits up to 20 entries in this table. These settings can only be accessed and changed by a SuperUser.
SNMP Configuration Communities NOTE: Selecting the Validate command on this table will check each “User Name” value for existence in the “usmUserTable” and check each Tag Name for existence in the “snmpNotifyTable”. NOTE: So that the Broadmore properly registers with the ATM Switch, the Broadmore automatically creates an “ILMI” community with predefined Views, Users, Groups, and Access. These properties are read-only.
SNMP Configuration Communities The following table describes the selections. Item Options Comments Community Name string SNMPv1 and SNMPv2 Community Name, 1 to 30 characters. The Community Name is used with the User Name and Tag Name to determine get, set, and trap access. Index string The Index permits the table to specify the same actual string multiple times. A particular Index must be unique. User Name string Value for User Name, 1 to 30 characters.
SNMP Configuration Communities Example 2: Use a different string for “set” Create a user “v1v2SetUser” with all the set privilege you desire using the view, user, group, and access tables Create a community name “private” with index “Set” and no tag. Specify the user “v1v2SetUser”. Create a community name “public” with index “Trap” and tag “Trap”. Specify the predefined user “v12TrapsUser”. Create a community name “public” with index “Get” and no tag. Specify the predefined user “v12Getuser”.
SNMP Configuration Trap Configuration Trap Configuration Trap Detection Overview ... 12-28 Trap Management Overview ... 12-29 Table Usage ... 12-32 Targets ... 12-33 Target Parameters ... 12-35 Notifications ... 12-37 Notify Filters ... 12-40 Notify Profiles ... 12-42 Trap Detection Overview The Broadmore supports trap-directed notifications. This means that the Broadmore can automatically send a notification message to a network manager when a certain trap event occurs.
SNMP Configuration Trap Management Overview Network operations organizations also have varying policies on what conditions to monitor and what alarm severities to assign to each condition. The Broadmore gives selective control over traps to mitigate these issues. Squelching traps following a serious outstanding trap, to focus attention only on that “first fault.” Enabling or disabling individual traps, to match local monitoringpolicies.
SNMP Configuration Trap Management Overview The idea is to organize the information into specific tables that can be tied to other tables, as shown in the figure below. All the target addresses used by notifications and proxies are put into one table. Another table is used to identify which elements belong to the notifications. The target parameter table contains the information for creating SNMPv3 PDUs. Other tables are used to identify which notifications should go to which targets.
SNMP Configuration Trap Management Overview The sequence of events in using these tables is as follows: 1. An event occurs and the Notification Originator goes to work. 2. The Notification Originator uses the notify table to identify possible targets to which to send a message. These are only possible targets because there may be notification filters setup to identify a subset of these possible targets that will be sent the message. 3.
SNMP Configuration Table Usage Table Usage The following summarizes the way that the SNMP tables are used. User Management: User, Community, View, Access, and Group Tables (from VACM) Format for the PDU to send (also used for Proxies): Target Address Table – contains domain and addressing information, timeout and retry information, and a tag list (snmpTargetAddrTagList) to define where to send notifications (and to forward proxied messages). There is also a link into the Target Params table.
SNMP Configuration Targets Targets This selection allows you to enter up to 10 target IP addresses to receive trap notifications. The screen below shows the New Targets Entry. Follow the sequence below to modify the list.
SNMP Configuration Targets The following table describes the selections. Item Options Comments Target Name A unique value for Target Name, 1 to 30 characters. IP Address Format xxx.xxx.xxx.xxx where xxx is a decimal number, 0 to 255 Port A number between 1024 and 65535. Parameter Name A unique value for Parameter Name, 1 to 30 characters. Trap Tag A unique value for Trap Tag, 1 to 30 characters. Enabled Enabled Disabled Enables/disables this target.
SNMP Configuration Target Parameters Target Parameters This selection allows you to enter the kind of protocol and security to be used for the target destinations. The screen below shows the New Target Parameters Entry.
SNMP Configuration Target Parameters NOTE: Selecting Validate Table will check that each Parameter Name in this table exists in the Notify Profiles table. The following table describes the selections. Item Options Comments Parameter Name string Value for Parameter Name, 1 to 30 characters. Note: This entry must agree with the Parameters Name in the Notify Profiles table (see “Notify Profiles” on page 12-42). User Name string Value for User Name, 1 to 30 characters.
SNMP Configuration Notifications Notifications This selection displays a list of all available trap events that can be used for notifications. These entries automatically appear in the MIB “snmpNotifyTable” accessible by a remote manager. The notification names cannot be changed but individual traps can be enabled and assigned a tag name and a severity level.
SNMP Configuration Notifications NOTE: Entries in this table cannot be added or deleted, only edited. The storage type for these entries is automatically configured to “permanent”. The screen below shows the Edit Notifications Entry. The following table describes the selections Item Options Notify Name Comments This parameter cannot be changed. Trap Tag string The default name is “Trap”. If remote managers are to receive all traps, there is no need to modify the Trap Tag.
SNMP Configuration Notifications Item Options Comments Severity Critical Major Minor Inform Reboot failure, NIM major alarm. SAM major alarm, slot failure, Uni up/down. SAM minor alarm, NIM minor alarm. Card insert/removed, NIM switchover, CPU switchover, restore, user reboot. NOTE: “Severity” is an attribute only available for Broadmore enterprise traps; it is not described in the RFCs. Severity is reported as a variable with the trap.
SNMP Configuration Notify Filters Notify Filters Entries may be completely maintained using the cammi Notify Filters table (which is a direct representation of "snmpNotifyFilterTable") or via a remote SNMP manager. This table allows finer grained control over trap reports. Broadmore permits up to 20 entries in this table. An empty table is acceptable. These settings can only be accessed and changed by a SuperUser.
SNMP Configuration Notify Filters NOTE: Selecting Validate Table will check that each Profile Name in this table exists in the Notify Profiles table. The Notify Filters table is used to avoid sending traps for specific mib variables. Each variable in the VarBindList is checked against the Subtree. If a match occurs, the trap is not sent. The following table describes the selections. Item Options Comments Profile Name string Value for Profile Name, 1 to 30 characters.
SNMP Configuration Notify Profiles Notify Profiles Entries may be completely maintained using the cammi Notification Profiles table (which is a direct representation of “snmpNotifyFilterProfileTable”) or via a remote SNMP manager. This table allows finer grained control over trap reports. Broadmore permits up to 20 entries in this table. An empty table is acceptable. These settings can only be accessed and changed by a SuperUser.
SNMP Configuration Notify Profiles NOTE: Selecting Validate Table will check that each Parameter Name in this table exists in the Target Parameters table. The only reason for this table is to allow more than one notify filter with the same Profile Name and different subtree, so that “profile_name” + “subtree” is the key into the Notify Filter table. When a “profile_name” is found in the Notify Profiles table, the Notify Filter table is searched for all entries having the same “profile_name”.
SNMP Configuration Notify Profiles 12-44 Broadmore 1750 - Release 4.
APPENDIX A Technical Specifications In this Appendix: Broadmore 1750 Platform ... A-2 Broadmore Modules ...
Technical Specifications Broadmore 1750 Platform Broadmore 1750 Platform System Architecture Mid-plane architecture Internal Stratum 3E clock with dual BITS clock inputs Redundant CPUs, NIMs, SAMs, backplane, power supplies OC-12c/STM-4c ATM network interfaces Up to 80 T1s, 60 E1s, 11 DS-3s, or 12 E3s per chassis Management RS-232/V.
Technical Specifications Network Standards Network Standards ATM Forum compliant AAL1 and AAL5 QoS ATM Forum compliant SVCs and PVCs ATM Forum Circuit Emulation Service v2.0 (CES) ITU-T and ANSI compliant UNI 3.0, 3.1, and 4.0 Signaling ATM Forum compliant ILMI 4.
Technical Specifications Testing & Diagnostics Testing & Diagnostics Network loop-backs (structured DS3: DS3 port; unstructured DS3, E3 port) Service loop-backs (structured DS3: DS3 port, tributary and DS0; unstructured DS3, E3) Internal BERT generation and monitoring (structured DS3, unstructured DS3, E3) FEAC loop-back generation and detection Power –48 VDC dual inputs, labeled A and B 240 W maximum for fully populated system 10 watts per NIM 8 watts per SAM 20 watts per CPU Fused at 7.
Technical Specifications Physical Physical 17-slot chassis Card slots: 1 to 12 SAMs, 1 or 2 NIMs, 1 or 2 CPUs, 1 alarm power module Rack mountable in 19 in (48.26 cm) or 23 in (58.42 cm) racks Dimensions: 17.5 in (H) x 17.25 in (W) x 15.3 in (D) 44.45 cm (H) x 43.82 cm (W) x 38.86 cm (D) Weight: 31 lb. (14.1 kg) empty, 48 lbs (21.
Technical Specifications Broadmore Modules Broadmore Modules OC-12c Network Interface Modules (NIMs) SONET/ SDH OC-12c/ STM-4c 622.08 Mbps: network synchronization Single mode and multi-mode options Optical connectors type: SC Premise Reach: Type - multi-mode Wavelength - 1300 nm Tx Output power - greater than or equal to –18.0 dBm Rx sensitivity - less than or equal to –28.0 dBm Intermediate Reach: Type - single-mode Wavelength - 1300nm Tx Output power - greater than or equal to –11.
Technical Specifications DS3 Unstructured Circuit Emulation SAM DS3 Unstructured Circuit Emulation SAM 3 ports per card BNC connector access on rear panel IOM Unstructured CES Version 2 (AAL1) and ITU-T recommendation I.363 DS3 options: C Bit parity, clear channel Clocking: Network, BITS, Adaptive, SRTS, Loop NOTE: SRTS is a proprietary timing algorithm and may ONLY be used with specific written prior permission from Carrier Access Corporation. Additional license fees may apply.
Technical Specifications E3 Unstructured Circuit Emulation SAM A-8 Broadmore 1750 - Release 4.
APPENDIX B Spare Parts List The most common spare parts are listed below. The fan filters and fuse/fuse cover assemblies may be ordered from Carrier Access Corporation or directly from the manufacturer. The manufacturer’s name and part numbers are provided for these items. Contact your local Sales Account Manager for the latest availability and pricing information. Please have your system model and serial number available when calling to facilitate service.
Spare Parts List B-2 P/N Description Page 7660-022 Fan Tray Assembly 7660-023 Module, Alarm/Power (APM) 7660-034 Module, Unstructured DS3 SAM, CE, 3-Port 7660-045 Module, Unstructured E3 SAM, 3 Port 7660-110 Module, OC-12/STM-4, NWK INTFC, IR, FC 7660-114 Module, OC-12/STM-4, IR, SC 7660-206 Module, CPU with FIPS, Ethernet and SAR 7660-403 Module, DS3 SAM IOM, 3-Port 7660-404 Module, SAM IOM, 8 RJ48 Connectors 7660-406 Module, NIM IOM 7660-410 Module, Protection IOM 7660-411 Modu
APPENDIX C Software Error Messages In this Appendix: Overview System Errors Setup Errors
Software Error Messages Overview Overview Error messages are displayed for a number of reasons. In many cases an error message is the result of normal operation and no operator action is required. The messages shown below are divided into two groups: SYSTEM ERRORS and SETUP ERRORS. Typically, the SETUP ERRORS are configuration problems which the user can correct through normal operations as noted in chapters three and four.
Software Error Messages System Errors System Errors The user cannot address these errors. Contact Carrier Access Customer Support. MALLOC_FAILED = 0x1000 NULL_POINTER = 0x1001 NOT_A_NIM = 0x1002 NOT_A_SAM = 0x1003 BAD_ATMIFNUM = 0x1004 /* Illegal value for atmIfNum */ ENTRY_ZERO_NOT_RESERVED = 0x1005 /* Connection table entry 0 must be * reserved for use by error handling * code.
Software Error Messages Setup Errors Setup Errors These errors can usually be corrected by the user.
Software Error Messages Setup Errors WRITE_OC3NIMFILE_ERROR = 0x111d DATABASE_CREATION_ERROR = 0x111e WRITE_7665INIFILE_ERROR = 0x111f CONMAN_RETRIES_EXCEEDED = 0x1120 SVCS_CARDTYPE_MISMATCH = 0x1121 WRONG_RX_TX_DATALEN = 0x1122 WRONG_LOAD_XTABLE_DATALEN = 0x1123 VPVC_NOT_TRANSLATABLE = 0x1124 /* VP/VC incompatible with the * current OC3 Translation Table * Address Format.
Software Error Messages Setup Errors C-6 INVALID_INTERNAL_VCI = 0x1131 INVALID_CALL_IDENT = 0x1132 INVALID_CARD_TYPE = 0x1133 CONFIG_DEFAULTS_USED = 0x1134 INVALID_MESSAGE_TYPE = 0x1135 UNKNOWN_ACTION_ID = 0x1136 Broadmore 1750 - Release 4.
APPENDIX D Sample Network with RFC 1577 Configuration This Appendix provides a sample network configuration to explain how the Classic IP (CIP) over ATM functions. CIP provides the path for control of remote Broadmore 1750s from a master control station over the ATM network.The three possible configurations are shown in the figure on the next page. These are: 1. The master control station has Ethernet access to the Broadmore 1750 (Broadmore 1750 #1). 2.
Sample Network with RFC 1577 Configuration device on the ATM network, maintains the Logical IP Subnetwork (LIS) as explained in the CIP over ATM section of Chapter 4. Ethernet traffic for Broadmore 1750 #1 goes through the gateway directly to Broadmore 1750 #1. Ethernet traffic for Broadmore 1750 #2 and Broadmore 1750 #3 is routed by the gateway to Broadmore 1750 #1.
Sample Network with RFC 1577 Configuration Broadmore 1750 #3 addresses its local control station by IP address and the master control station via static route and Broadmore 1750 #1. The master control station addresses Broadmore 1750 #1 as IP 192.40.100.90, Broadmore 1750 #2 as CIP 10.10.10.174, and Broadmore 1750 #3 as CIP 10.10.10.63. The local control station addresses Broadmore 1750 #3 as IP 192.50.200.63. Broadmore 1750 - Release 4.
Sample Network with RFC 1577 Configuration Sample Network with RFC 1577 Classic IP (CIP) Over ATM IP submask gateway Ethernet 192.40..100.200 255.255.255.0 000.000.000.000 Gateway Ethernet # 1 IP submask gateway Broadmore CAM 7665 1750#2#2 100.100.100.174 255.255.255.0 000.000.000.000 CIP 10.10.10.174 ATM subnet mask 255.255.255.0 Static Routes 192.50.200.0 to 10.10.10.63 192.40.100.0 to 10.10.10.90 ATM Fiber ATM Fiber Broadmore 1750#1 #1 CAM 7665 Master Control Station IP submask gateway 192.
APPENDIX E Chassis Differences
Chassis Differences Broadmore Chassis Differences Broadmore Chassis Differences This user manual covers the 7665-17B and 7665C chassis. The 7665C chassis is the newest chassis in the Broadmore series and has the most functionality. There is also a 17A chassis. Hardware Differences Major differences between chassis include mid-plane wiring, alarm/power modules, and fan trays as shown in the following table. Chassis Major Assemblies Part Nos.
Chassis Differences Software Differences Software Differences Software release v3.4.1 was introduced to support the 7665-17C chassis used in the Broadmore 1700. However, software release 3.4.1 and higher can be used on all Broadmore chassis. The CPU module can be moved between different chassis but it must be configured to recognize the chassis in which it is installed. The chassis version is specified by the presence of a file pointer in the \CAM directory.
Chassis Differences Software Differences E-4 Broadmore 1750 - Release 4.
APPENDIX F IPv6 Support In this Appendix: Overview ... F-2 Configuring IPv6 Addresses for Network Interfaces ... F-2 Pinging over IPv6 ... F-4 Testing route6 Application ...
IPv6 Support Overview Overview This Appendix provides methods for demonstrating IPv6 functionality on Broadmore. You can find more test methods in the Product Application Notice: Broadmore IPv6 (PAN-07-0001), which is available on the Customer Support website. Configuring IPv6 Addresses for Network Interfaces When the system boots up, an IPv6 address of link-local scope is configured on all the network interfaces. This section provides steps to configure a network interface.
IPv6 Support Deleting an IPv6 Address Physical Address : 00:e0:97:6b:7f:fe MTU Size : 1500 Packets received : 23 Packets sent : 2 Mcast Packets received : 0 Mcast Packets sent : 0 Total Bytes received : 1480 Total Bytes sent : 64 Input errors : 0 Output errors : 0 Packets dropped on input : 0 Flags : 0xa8e1 Deleting an IPv6 Address To delete the IPv6 address from an Ethernet interface, from the Broadmore shell issue the command ifconf6 with the argument -d.
IPv6 Support Pinging over IPv6 Pinging over IPv6 To ping a remote host over IPv6, issue the command ping6. The remote host must also be configured with an IPv6 address of global scope and must be in the same subnet as the Broadmore. Pinging an IPv6 Host The following example shows a ping6 operation to a host with an IPv6 address 3ffe:0:0:13::4. The subnet in this case is 3ffe:0:0:13::x.
IPv6 Support Testing route6 Application Testing route6 Application This section provides examples for adding, deleting and displaying routes. Adding an IPv6 Route To add an IPv6 route, issue the Broadmore command route6.
IPv6 Support Showing all IPv6 routes configured in the Broadmore Showing all IPv6 routes configured in the Broadmore To display all the IPv6 routes configured in the system, issue the command route6 with option -a.
IPv6 Support Deleting the Default Route Deleting the Default Route The following example deletes the default route on the Broadmore: Broadmore->route6 delete default gateway 3ffe:0:0:13::4 Deleting a Host Route The following example deletes a host route on the Broadmore: Broadmore->route6 delete host dst 3ffe:0:0:14::41 gateway 3ffe:0:0:13::4 Deleting a Network Route The following example deletes a network route on the Broadmore: Broadmore->route6 delete net dst 3ffe:0:0:14:: gateway 3ffe:0:0:13::4 prefi
IPv6 Support Deleting a Network Route F-8 Broadmore 1750 - Release 4.
APPENDIX G Broadmore Command List In this Appendix: Commands Available at the Command Prompt Commands Available at the CLI Prompt
Broadmore Command List Commands Available at the Command Prompt Commands Available at the Command Prompt The commands listed below are available immediately after you log into the Broadmore. Type ‘help’ at the command prompt to view the list of commands. You can also type ‘help command’ to obtain help on any of the listed commands.
Broadmore Command List Commands Available at the CLI Prompt mem mkdir move mv nd6Cache netStackTcpPcbShow netStackUdpPcbShow tc6 timeoutStatsShow touch ts6 uc6 us6 zeroize See “Shell Commands (Non-FIPS Mode)” on page 10-19 and “Shell Commands (FIPS Mode)” on page 11-34 for information about the availability of commands based on user access level. Commands Available at the CLI Prompt The commands listed below are available at the cli> prompt. Type ? at the command prompt to view the list of commands.
Broadmore Command List Commands Available at the CLI Prompt G-4 Broadmore 1750 - Release 4.
GLOSSARY Glossary Acronyms and Abbreviations AAL ATM Adaptation Layer AIS Alarm Indication Signal ANSI American National Standards Institute APM Alarm Power Module APS Automatic Protection Switching ARP Address Resolution Protocol AS Available Seconds ATM Asynchronous Transfer Mode AWG American Wire Gage BITS Building Integrated Timing System Bps Bits Per Second
Glossary C Centigrade CAM Communications Access Multiplexer CAMMI CAM Management Interface CBES C-Bit Errored Seconds (network) CBR Constant Bit Rate CCV C-Bit Coding Violation CDVT Cell Delay Variation Tolerance CES C-Bit Errored Seconds CES Circuit Emulation SAM CIP Classic IP CLI Command Line Interface CPU Central Processor Unit CSES C-Bit Severely Errored Seconds DSP Digital Signal Processor DS-n Digital Signal level n EIA Electronic Industries Alliance ESD Electrostati
Glossary GUI Graphical User Interface IOM Input Output Module IP Internet Protocol IR Intermediate Reach LCV Line Coding Violation LED Light-Emitting Diode LES Line Errored Seconds LIS Logical IP Subnetwork LIU Line Interface Unit LOCD Loss of ATM Cell Delineation LOF Loss of Frame LOP Loss of Pointer LOS Loss of Signal MAC Media Access Control MBR Multi-bit-rate Mbps Megabits per second MIB Management Information Base NEBS Network Equipment Building System NIM Network
Glossary OC-n Optical Carrier level n PC Personal Computer PCB Printed Circuit Board PCMCIA Personal Computer Memory Card International Association PCV P-Bit Coding Violation PES P-Bit Errored Second PLOA Protocol Layer Over ATM POST Power On Self Test PSES P-Bit Severely Errored Seconds PWR Power RDI Remote Defect Indicator RMA Return Material Authorization RX Receive SAM Service Access Module SAR Segmentation and Reassembly SEFS Severely Errored Framing Seconds SEQ Sequen
Glossary TBD To Be Determined TX Transmit UAS Unavailable Seconds UNI User Network Interface VGA Video Graphics Adapter VOM Volt Ohm Meter Broadmore 1750 - Release 4.
Glossary Glossary of Terms ATM Adaptation Layer (AAL) Type 1 AAL functions in support of constant bit rate, time-dependent traffic such as voice or video (default in CES-CBR configuration). Type 2 AAL undefined by International Standards bodies. Its anticipated use is for variable bit rate video transmission. Type 3/4 AAL functions in support of variable bit rate, delay-tolerant data traffic requiring some sequencing and/or error detection support. This was originally two AAL types, i.e.
Glossary Constant Bit Rate An ATM service category that supports a constant or guaranteed rate to transport services such as video or voice as well as circuit emulation requiring rigorous timing control and performance parameters. Circuit Emulation Service (CES) The ATM Forum circuit emulation service interoperability specification provides interoperability agreements for supporting constant bit rate (CBR) traffic over ATM networks that comply with the other ATM Forum interoperability agreements.
Glossary Quality of Service (QoS) A QoS class can have specified performance parameters (specified QoS class) or no specified performance parameters (unspecified QoS class). QoS classes are inherently associated with a connection. A specified QoS class specifies a set of performance parameters and the objective values for each performance parameter identified. Examples of performance parameters that could be in a QoS class are: 1. Cell Loss Ratio 2. Cell Transfer Delay 3.
Glossary User Plane Connection Signaling operates in the control plane (doing control-type functions such as setting up the connection). After signaling is finished, it drops out of the way and the established connection is used to move data. This moving of payload data is done in the user plane. Control and user planes are parts of the conceptual model of ATM. Variable Bit Rate An ATM Forum defined service category supporting variable bit rate data traffic with average and peak traffic parameters.
Glossary Glossary-10 Broadmore 1750 - Release 4.
Index INDEX Numerics 1 to 1 Protection . . . . . . . . . . . . . . . . . . . . . . 7-26 1 to n Protection . . . . . . . . . . . . . . . . . . . . . . 7-25 1+1 Protection . . . . . . . . . . . . . . . . . . . . . . . 7-25 24-Hour Statistics . . . . . . . . . . . . . . . . . . . . . 8-13 –48 VDC Power, Connecting . . . . . . . . . . . . 6-14 A About Command, CLI . . . . . . . . . . . . . . . . . . 9-9 AC Power Supply Connections . . . . . . . . . . 6-12 AC Power Supply Tray . . . . . . . . . . . . . . . . .
Index B Backhaul, TDM Circuit Aggregation and . . . 2-3 Bandwidth per Cell Bus, ATM . . . . . . . . . . 2-11 Bandwidth per Module, ATM . . . . . . . . . . . 2-12 Banner Text . . . . . . . . . . . . . . . . . . . 10-6, 11-13 Basic Features . . . . . . . . . . . . . . . . . . . . . . . . 2-2 Battery, CPU-2 Replacement . . . . . . . . . . . 2-16 BER . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-28 Bit Error Rate . . . . . . . . . . . . . . . . . . . . . . . 7-28 BITS . . . . . . . . . . . .
Index FIPS 140-2 Validated . . . . . . . . . . . . . . . . iv JITC Validation . . . . . . . . . . . . . . . . . . . . . iv National Electrical Code . . . . . . . . . . . . . . v NEBS Validation . . . . . . . . . . . . . . . . . . . v Compliance Requirements . . . . . . . . . . . . . . . 6-4 Configuration . . . . . . . . . . . . . . . . . . . . . . . . 1-10 APM . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-10 Broadmore 1750 . . . . . . . . . . . . . . . . . . . 7-1 Cell Bus . . . . . . . . . . . .
Index User . . . . . . . . . . . . . . . . . . . . 10-12, 11-28 Deleting Audit Trails . . . . . . . . . . . 10-15, 11-32 DISA Validated . . . . . . . . . . . . . . . . . . . . . . . . iv Disk-On-Chip, Part Number . . . . . . . . . . . . 2-16 DS3 IOM . . . . . . . . . . . . . . . . . . . . . . 1-17, 1-20 Structured . . . . . . . . . . . . . . . . . . . 1-19 SAM Structured . . . . . . . . . . . . . . . . . . .
Index Fan Tray . . . . . . . . . . . . . . . . . . . . . . . . . 1-9 Grounding . . . . . . . . . . . . . . . . . . . . . . . . 1-9 Modules . . . . . . . . . . . . . . . . . . . . . . . . 1-10 Power . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-9 Redundancy . . . . . . . . . . . . . . . . . . . . . . 1-9 System . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-7 File Access . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-6 Filter, Fan, Part Number . . . . . . . . . . . . . . .
Index Installing the DSA Key . . . . . . . . . . . . . . . . 11-8 Instructions, General . . . . . . . . . . . . . . . . . . . 6-8 Interface BITS Connections . . . . . . . . . . . . . . . . . 6-7 Optical Connections . . . . . . . . . . . . . . . . 6-6 Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-4 ADT . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-4 FIPS . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-5 Logical . . . . . . . . . . . . . . . . . . . . . . . . . .
Index Loading, ATM Network . . . . . . . . . . . . . . . 2-12 Local/BITS Timing . . . . . . . . . . . . . . . . . . . 7-40 Locations Module . . . . . . . . . . . . . . . . . . . . . . . . . . 5-6 LOF . .7-46, 7-47, 7-48, 7-54, 7-60, 7-61, 7-62 Log System . . . . . . . . . . . . . . . . . . . 10-15, 11-32 Logging In . . . . . . . . . . . . . . . . . . . . . 10-5, 11-9 Logging in with SecurID Disabled . . . . . . . . . . . . . 11-9 with SecurID Enabled . . . . . . . . . . . . . 11-11 Logical Interfaces . . .
Index Configuration Guidelines OC-12c . . . . . . . . . . . . . . . . . 2-9, 2-10 Installation . . . . . . . . . . . . . . . . . . . . . . . 5-9 IOM . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-14 IOM Connections . . . . . . . . . . . . . . . . . . 6-8 IOM Installation . . . . . . . . . . . . . . . . . . 5-11 IOMs . . . . . . . . . . . . . . . . . . . . . . . . . . 7-40 OC-12c . . . . . . . . . . . . . . . . . . . . . . . . . 1-13 Options . . . . . . . . . . . . . . . . . . . . . . . . .
Index IOM . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-21 SAM IOM Installation . . . . . . . . . . . . . 5-11 Protection IOM . . . . . . . . . . . . . . . . . . . . . . 1-10 PSES . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-7 Purpose . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2 PVC Connection . . . . . . . . . . . . . . . . . . . . . . 7-63 Input Screen . . . . . . . . . . . . . . . . . . . . . 7-63 R Rack Mounting . . . . . . . . . . . . . . . . . . .
Index Residual Data and Memory Volatility 11-50 Sanitation Procedures . . . . . . . . . . . . . 11-51 Shell Commands . . . . . . . . . . 10-19, 11-34 SNMP Overview . . . . . . . . . . . . . . . . . 12-2 SEFS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-7 SEQ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-7 Sequence Errors . . . . . . . .7-46, 7-48, 7-60, 7-61 Serial Number, Module . . . . . . . . . . . . . . . . . . 9-9 Port Connections . . . . . . . . . . . . . . . .
Index DS3, Unstructured . . . . . . . . . . . . . . . . . 8-5 Monitor, CLI . . . . . . . . . . . . . . . . . . . . . . 9-8 NIM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-4 OC-12c/STM-4c . . . . . . . . . . . . . . . . . . . 8-3 PLOA/AAL5 . . . . . . . . . . . . . . . . . . . . . 8-14 SAM . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-4 Slot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-4 STM-4c BITS/Timing Redundancy . . . . . . . . . . 7-40 Configuration . . . . .
Index User Administration . . . . . . . . . . . . . . . . . . 11-26 Change ID . . . . . . . . . . . . . . . 10-11, 11-27 Deleting . . . . . . . . . . . . . . . . . 10-12, 11-28 Equipment Interfaces . . . . . . . . . . . . . . . 1-4 ID Rules . . . . . . . . . . . . . . . . . 10-10, 11-26 Interface Requirements . . . . . . . . . . . . . 7-4 Interfaces . . . . . . . . . . . . . . . . . . . . . . . . 1-6 Modifying . . . . . . . . . . . . . . . . 10-12, 11-29 Security Configuration . . . . . . . . . . . . .
