BelAirOS BelAirOS User Guide Release: 12.2 Document Date: Document Number: Document Status: April 22, 2012 BDTM00000-A02 Draft Security Status: Confidential Customer Support: 613-254-7070 1-877-BelAir1 (235-2471) techsupport@belairnetworks.com © Copyright 2012 by BelAir Networks. The information contained in this document is confidential and proprietary to BelAir Networks. Errors and Omissions Excepted. Specification may be subject to change.
BelAirOS User Guide Contents Contents About This Document . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 System Overview of BelAir Networks APs . . . . . . . . . . . . . . . . . . . 5 AP Configuration Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 Command Line Interface Basics . . . . . . . . . . . . . . . . . . . . . . . . . . . 27 AP Access Methods . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
BelAirOS User Guide Contents Universal Access Method . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 201 Using Layer 2 Tunnels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 210 Quality of Service Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 225 Layer 2 Network Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . 231 Performing a Software Upgrade . . . . . . . . . . . . . . . . . . . . . . . . . . 246 Alarm and Event Reporting . . . . .
BelAirOS User Guide About This Document About This Document This document provides the information you need to install and configure BelAir Networks Wi-FI Access Points (APs) using the BelAirOS Operating System, and the procedures for using the AP Command Line Interface (CLI). This document may contain alternate references to APs. Table 1 shows possible synonyms to the product name.
BelAirOS User Guide System Overview of BelAir Networks APs System Overview of BelAir Networks APs This chapter provides a brief systems description of each available BelAir Networks AP, including an overview of its hardware modules. This chapter defines terms of reference used through the rest of the document.
BelAirOS User Guide System Overview of BelAir Networks APs Figure 1: BelAir20 Hardware Module Block Diagram Antenna 0 Antenna 2 Antenna 1 Diplexer 2.4 GHz Radio 5.8 GHz Radio HTM Reset Ethernet 10Base-TX 100Base-TX 1000Base-TX 48 V DC AC Power Adapter 100-240 V AC The BelAir20 consists of the following modules: • one High Throughput Module (HTM) providing: —a wireline 10/100/1000 Base-TX Ethernet interface to the Internet —a 2.4 GHz Wi-Fi radio and a 5.
BelAirOS User Guide BelAir20 Antenna Connectivity System Overview of BelAir Networks APs Table 2 shows which antennas to connect for 802.11a/b/g/n operation. Table 2: BelAir20 Antenna Connectivity BelAir20 Ports to Connect to Antennas Radio Operation 2.4 GHz Radio 5.0 GHz Radio 802.11a n/a all1 802.11b/g all1 n/a 802.11n, 1x1 MIMO 0 1 802.11n, 2x2 MIMO 0, 2 1, 2 802.11n, 3x3 MIMO all1 all1 Note 1: For 802.11a/b/g operation, all antennas carry the same data. For 802.
BelAirOS User Guide System Overview of BelAir Networks APs Figure 2: BelAir100i WCS Hardware Module Block Diagram Antenna 0 Antenna 1 Antenna 2 Diplexer 2.4 GHz Radio 2.3 GHz WCS Radio HTM Reset Ethernet 10Base-TX 100Base-TX 1000Base-TX 48 V DC AC Power Adapter 100-240 V AC The BelAir100i WCS consists of the following modules: • one High Throughput Module (HTM) providing: —a wireline 10/100/1000 Base-TX Ethernet interface to the Internet —a 2.4 GHz Wi-Fi radio and a 2.
BelAirOS User Guide System Overview of BelAir Networks APs BelAir100i WCS Antenna Connectivity Refer to the WCSv1 Deployment and Installation Technical Bulletin. BelAir20E The BelAir20E Access Point (AP) is an evolution of BelAir Networks indoor solution and part of BelAir Networks industry leading product portfolio. The BelAir20E adds standards-based beamforming, five Gigabit Ethernet ports (one WAN port with PoE and four LAN ports), integrated antennas, and full 802.11n compliance (802.
BelAirOS User Guide BelAir20E Hardware Description System Overview of BelAir Networks APs Figure 3 shows the relationship between the main BelAir20E hardware modules. Figure 3: BelAir20E Hardware Module Block Diagram Antenna 0 Antenna 1 Antenna 2 Antenna 3 -11 model only -11 model only 5.8 GHz Radio 2.
BelAirOS User Guide BelAir20EO System Overview of BelAir Networks APs The BelAir20EO Outdoor Access Point (AP) is an extension of BelAir Networks outdoor solutions and part of BelAir Networks industry leading product portfolio. The BelAir20EO addresses new deployment models and regional requirements and is part of BelAir Networks portfolio of outdoor hardened products.
BelAirOS User Guide System Overview of BelAir Networks APs Figure 4: BelAir20EO Hardware Module Block Diagram Antenna 1 Antenna 2 External Antenna External Antenna 2.4 GHz Radio 5.8 GHz Radio HTME Reset LAN WAN PoE The BelAir20EO consists of the following modules: • one High Throughput Module Evolved (HTME) providing: —a wireline 10/100/1000 Base-TX WAN Ethernet interface to the Internet —a wireline 10/100/1000 Base-TX LAN Ethernet interface —a 2.4 GHz Wi-Fi radio and a 5.
BelAirOS User Guide System Overview of BelAir Networks APs The BelAir100N can operate as a standalone device, or participate in a BelAir Networks mesh as an edge node or to terminate the mesh. The 802.11n Wi-Fi radios provide user traffic wireless access to the BelAir100N and can form point-to-point, point-to-multipoint, or multipoint-to-multipoint mesh backhaul links.
BelAirOS User Guide System Overview of BelAir Networks APs Figure 5: BelAir100N Hardware Module Block Diagram Antenna 1 Antenna 3 Antenna 2 Diplexer Diplexer 5 GHz Radio 2.4 GHz Radio Antenna 4 DRU Reset Power Supply Unit Ethernet 10Base-TX 100Base-TX 1000Base-TX BelAir100SN April 22, 2012 100 to 240 V AC 40 to 154 V DC The BelAir100SN is a Wi-Fi access point that meets IEEE 802.11n standards. It is fully interoperable with existing 802.
BelAirOS User Guide System Overview of BelAir Networks APs The BelAir100SN can operate as a standalone device, or participate in a BelAir Networks mesh as an edge node or to terminate the mesh. The 802.11n Wi-Fi radios provide user traffic wireless access to the BelAir100SN and can form point-to-point, point-to-multipoint, or multipoint-to-multipoint mesh backhaul links.
BelAirOS User Guide System Overview of BelAir Networks APs Figure 6: BelAir100SN Hardware Module Block Diagram Antenna 1 Antenna 3 Antenna 2 Diplexer Diplexer 5 GHz Radio 2.
BelAirOS User Guide System Overview of BelAir Networks APs The BelAir100SNE incorporates dual 802.11n-2009 Wi-Fi 3x3 MIMO radios and a DOCSIS® 3.0 or Euro-DOCSIS 3.0 modem on this innovative and commercially proven AP. The BelAir100SNE leverages the BelAirOS Operating System to support network-wide mobility and quality of service (QoS), along with edge-based security and policy enforcement.
BelAirOS User Guide System Overview of BelAir Networks APs Figure 7: BelAir100SNE Hardware Module Block Diagram Antenna 1 Antenna 2 Antenna 3 Antenna 4 Antenna 5 Antenna 6 2.4 GHz Radio 5 GHz Radio DRUE Reset Cable Modem Ethernet 10Base-TX 100Base-TX 1000Base-TX BelAir2100 Power Protection Module Power Supply Unit DOCSIS 40 to 87 V The BelAir2100 Metrocell is a compact multi-radio base station with integrated wireless backhaul options for easy outdoor deployment.
BelAirOS User Guide System Overview of BelAir Networks APs reference metrocell solution while ensuring smooth integration, fast installation and commissioning. BelAir2100 is designed to mitigate interference and enable full RF interoperability between the licensed band and Wi-Fi access radios, as well as between the metrocell and the macro network. This includes features such as duplexers, filters and a network listen radio. The BelAir2100 includes integrated dual IEEE 802.
BelAirOS User Guide System Overview of BelAir Networks APs Figure 8: BelAir2100 Hardware Module Block Diagram Antenna 3 Dual-band Wi-Fi Antenna 4 Dual-band Wi-Fi 5 GHz Radio 2.
BelAirOS User Guide AP Configuration Interfaces AP Configuration Interfaces The following sections describe the configuration interfaces you can use to access and configure BelAir Networks APs: • “Command Line Interface” on page 21 • “SNMP Interface” on page 21 • “Web Interface” on page 24 All three interfaces (CLI, SNMP and Web) have the same public IP address. All three also access the same AP database. That means that changes made with one interface are seen immediately through the other interfaces.
BelAirOS User Guide AP Configuration Interfaces The AP SNMP agent contains Management Information Base (MIB) variables. A manager can query an agent for the value of MIB variables, or request the agent to change the value of a MIB variable.
BelAirOS User Guide AP Configuration Interfaces Table 3: Standard SNMP MIBs (Continued) File Name Description SNMP-NOTIFICATION-MIB.mib implements RFC3413 SNMP-TARGET-MIB.mib implements RFC3413 SNMP-USER-BASED-SM-MIB.mib implements RFC3414 SNMPv2-CONF.mib implements RFC1450 SNMPv2-MIB.mib implements RFC1907 SNMPv2-SMI.mib implements RFC1450 SNMPv2-TC.mib implements RFC1450 SNMP-VIEW-BASED-ACM-MIB.
BelAirOS User Guide AP Configuration Interfaces Table 4: BelAir Networks Enterprise MIBs (Continued) File Name Description BELAIR-SYSTEM.mib defines basic OAM features such as software download, temperature and BelAir Networks alarms BELAIR-TC.mib defines BelAir Networks data types BELAIR-TUNNEL.mib defines L2TP data types BELAIR-WRM.mib defines BelAir Networks WiMAX data types The procedure for importing the SNMP MIB definition files depends on the deployed NMS version.
BelAirOS User Guide AP Configuration Interfaces Figure 9: Typical Login Page 2 Enter a valid user name, such as root, and a valid password. Note:The specified password is case sensitive. Figure 10 shows a typical resulting main page for the Web interface.
BelAirOS User Guide AP Configuration Interfaces Stopping a Session To stop a Web interface session, click on the Logout button located in the top right corner each page. See Figure 10 on page 25. Additional Troubleshooting Tools The Web interface provides the following tools to display radio performance metrics: • a throughput meter • histogram display of various performance metrics These tools are only available with the Web interface.
BelAirOS User Guide Command Line Interface Basics Command Line Interface Basics Use this chapter to familiarize yourself with basic CLI tasks, including: • “Connecting to the AP” on page 27 • “Starting a CLI Session” on page 28 • “Command Modes” on page 29 • “Abbreviating Commands ” on page 33 • “Command History” on page 33 • “Special CLI Keys ” on page 34 • “Help Command” on page 34 • “Common CLI Commands” on page 38 Connecting to the AP You can connect to the AP default address using one of the follow
BelAirOS User Guide Command Line Interface Basics assigned to it. Contact your system administrator to determine the IP address to use. For a detailed procedure, refer to the AP Installation Guide. Starting a CLI Session Start a Telnet or secure shell (SSH) client and connect to the AP‘s IP address. If you are configuring the AP for the first time, you must use the default IP address (10.1.1.10). The AP prompts you for your user name and password. The default super-user account is “root”.
BelAirOS User Guide Command Line Interface Basics SSH Session Example of Initial Login With secure shell, the system prompts you twice for your password. ssh -l root 10.1.1.10 root@10.1.1.10's password: BelAir Backhaul and Access Wireless Router BelAir User: root Password: /# Telnet Session Example of Initial Login With Telnet, the system prompts you only once for your password. telnet 10.1.1.
BelAirOS User Guide Command Line Interface Basics Figure 11: Sample Output of mode Command • The AP has one card. The HTME card is in slot 1. /# mode /card /htme-1 • The AP has the following physical interfaces: /interface /wifi-1-1 /wifi-1-2 /eth-1-1 /lan-1 /lan-2 /lan-3 /lan-4 (HTMEv1 5GHz 802.11n) (HTMEv1 2.4GHz 802.11n) (1000BASE-T) (1000BASE-T) (1000BASE-T) (1000BASE-T) (1000BASE-T) /mgmt —Interface wifi-1-1 is associated with the HTME 5.8 GHz radio.
BelAirOS User Guide Command Line Interface Basics Card Management Mode (/card/-) Use this mode for all hardware card management functions. can be one of: • htm - The High Throughput Module (HTM) card is available for the BelAir20 and the BelAir100i WCS. • htme - The High Throughput Module Evolved (HTME) card is available for the BelAir20E and the BelAir20EO. • dru - The Dual Radio Unit (DRU) card is available for the BelAir100N and the BelAir100SN.
BelAirOS User Guide Command Line Interface Basics Protocol Mode (/protocol/) Use this mode to configure different protocols.
BelAirOS User Guide Command Line Interface Basics Using Modes You can move between modes with the cd command. For instance, you can move from root mode to system mode using the command: /# cd /system /system# Note 1: The prompt changes to match the current mode. You can further customize the prompt to show the switch name or a 20-character string that you define. Note 2: Access to a mode is only allowed if the user has sufficient privileges to execute commands in that mode.
BelAirOS User Guide Command Line Interface Basics 8 9 10 11 12 13 14 15 16 17 18 19 20 21 Special CLI Keys h hi ? show user cd /system show loads show sessions cd / cd interface/wifi-1-1/ ? show show ssid table show statistics history Command Completion You can ask the CLI to complete a partially typed command or mode name by pressing the tab key. If the command or mode name cannot be completed unambiguously, the CLI presents you with a list of possible completions.
BelAirOS User Guide Command Line Interface Basics These commands display: • a list of commands available in the current mode • help on a particular command available in the current mode • help on commands starting with the given keyword in the current mode Entering "??" is equivalent to entering "help". Available Commands Entering ? displays the commands that apply to the currently accessed mode.
BelAirOS User Guide Command Line Interface Basics su Keyword Help Entering ?? or help followed by a keyword displays all possible commands starting with that keyword. For example: /mgmt# ?? show Available commands : show authentication-login Description : show authentication login status and RADIUS servers configuration show telnet status Description : shows the status of the telnet. show user Description : List all valid users, along with their permissible mode.
BelAirOS User Guide Command Line Interface Basics Saving your Changes If you change any settings from the system defaults, you must save those changes to the configuration database to make sure they are applied the next time the AP reboots. Similarly, you can restore the entire configuration database from a previously saved backup copy.
BelAirOS User Guide Command Line Interface Basics address of AP making the request. If you do not use the default FTP username, the FTP server must be configured to accept your username and password. The optional force parameter suppresses version checking on the configuration file that is being downloaded. You can use a backup copy that was created with a different version of software than the current software installed on the AP.
BelAirOS User Guide Command Line Interface Basics Locking the Console Display console lock Displaying the Current Software Version version Displaying the Current Date and Time show date This command lock your console display window. You must enter your password to unlock it. This command displays the version of the currently running software load. This command displays the current date and time. Example 1 The following example displays the current date and time when it is set manually.
BelAirOS User Guide Command Line Interface Basics /# whoami Current User is Replacing a Token by a String root alias [ ] This command replaces the specified token by the given string. It is provided for customers writing scripts. See “Scripting Guidelines” on page 309. Example /# alias gu guest Pinging a Host or Switch ping [-1 ] This command pings a host machine or switch using the host name or IP address.
BelAirOS User Guide Command Line Interface Basics AP admin state: ............ Backhaul: link admin state: .......... link id: ................... topology: .................. wifi-1-2 Radio description:............ Admin state: ................. Channel: ..................... Access: AP admin state: ............ Backhaul: link admin state: .......... link id: ................... topology: .................. April 22, 2012 Enabled Enabled BelAirNetworks mesh HTMv1 2.4GHz 802.
BelAirOS User Guide AP Access Methods AP Access Methods When an AP is shipped from the factory, all access methods (CLI, SNMP, Telnet, HTTP, HTTPS, SSH and TR-069) are enabled. You can use these interfaces to configure the system’s IP networking parameters. This chapter describes the CLI commands you can use to configure these access methods. Note: Some access methods, such as HTTP and HTTPS, are configured while in SSL mode.
BelAirOS User Guide AP Access Methods For sending notifications, use the set notify command described in “Notifications” on page 46 to configure the AP with the parameters of the destination SNMP manager. Refer to “SNMP Command Reference” on page 43 for detailed descriptions of all SNMP commands, including entities that need to be predefined.
BelAirOS User Guide AP Access Methods ----- --------------- --------------1 10.1.1.70 public ------v1v2 Example 2 /protocol/snmp# show config v3 EngineId: 80003d9805000d67006902 User configuration: ------------------User Name ------------------------Test Notification configuration: ------------------Name --------------TRAP Communities IP address Auth Password --------------- ---- --------------0.0.0.0 MD5 md5md5md5 Type IP address ------ --------------trap 10.1.1.
BelAirOS User Guide AP Access Methods Example 3 /protocol/snmp# show community Index ----1 2 Traps Name -----------------public private IP Address --------------0.0.0.0 10.1.1.70 Privilege ----------ReadOnly ReadWrite /protocol/snmp/set trap mgr-addr community version {v1|v2|both} /protocol/snmp/delete trap /protocol/snmp/show trap The set trap command configures the parameters of the SNMPv2 trap manager. You can configure up to 10 traps.
BelAirOS User Guide AP Access Methods The delete user command deletes the definition of the specified SNMP user. The show command displays the configured users. Passwords are only displayed to users with root privileges. See “User Privilege Levels” on page 52 for details. Example 1 /protocol/snmp# set user v3md5 ipaddr 0.0.0.0 access readwrite auth md5 md5md5md5 Example 2 /protocol/snmp# show user User Name -------------v3md5 Notifications IP address --------------0.0.0.
BelAirOS User Guide AP Access Methods Example 2 /protocol/snmp# show notify Name --------------trap1 trap2 trap3 trap4 trap5 trap6 trap7 trap8 trap9 trap10 Type -----trap trap trap trap trap trap trap trap trap trap Authentication Traps IP address -------------10.1.1.70 10.1.1.70 10.1.1.70 10.1.1.69 10.1.1.69 10.1.1.11 10.1.1.12 10.1.1.12 10.1.1.9 10.1.1.
BelAirOS User Guide AP Access Methods USM: Decryption errors: Unknown user name: Unknown engine ID: Invalid security level: Telnet 0 0 0 0 /mgmt/telnet {enable|disable} /mgmt/show telnet status The telnet command enables or disables Telnet access to the AP. The show command displays the status of the Telnet interface.
BelAirOS User Guide AP Access Methods Configuring the Server Certificate To configure the server certificate: Creating RSA Key Pair /ssl/ssl gen key {rsa} 1 Create the RSA key pair. See “Creating RSA Key Pair” on page 49. 2 Create a certificate request. See “Creating Certificate Request” on page 49. The certificate request is displayed on the screen. 3 Copy the certificate request to a file and send it to the Certificate Authority (CA) that will generate the certificate.
BelAirOS User Guide AP Access Methods Example /#cd ssl /ssl# ssl save TR-069 TR-069 describes the CPE WAN Management Protocol (CWMP) required for communications between a CPE device, such as a BelAir Networks AP, and an Auto-configuration Server (ACS). This section describes how to configure the AP to communicate with an ACS. Only the following BelAir Networks APs support TR-069: BelAir20, BelAir100i WCS, BelAir100N, BelAir100SN, BelAir100SNE and BelAir2100.
BelAirOS User Guide AP Access Methods • The optional port parameter allows you to use a particular port to communicate with the CPE device. The default value is 7788. The set state command enables or disables ACS communications. By default, ACS communications are disabled. The show config command displays the current TR-069 configuration. Example /protocol/tr069# show config ACS Configuration ================= URL : http://172.16.1.
BelAirOS User Guide User and Session Administration User and Session Administration This chapter describes user administration functions with the following topics: • “User Privilege Levels” on page 52 • “User Accounts” on page 55 • “Configuring Authentication for User Accounts” on page 56 • “CLI and Web Sessions” on page 58 User Privilege Levels User accounts on an AP can be assigned the following three privilege levels: • An observer user can execute only the following commands: —most show commands —th
BelAirOS User Guide User and Session Administration Table 5: Super-user commands (Continued) Mgmt Commands adduser -p [-d ] [-g ] deluser moduser [ -p ] [ -d ] [-g ] show user set telnet {enabled|disabled} set authentication-login {local | radius } show authentication-login System Commands set country set global-session-timeout terminate session upgrade load remoteip
BelAirOS User Guide User and Session Administration Table 5: Super-user commands (Continued) renew ip {system | vlan } SSL Mode Commands set http {enable|disable} set secure-http {enable|disable} show http status show secure-http status show server-cert ssl gen cert-req algo rsa sn ssl gen key {rsa}
BelAirOS User Guide User and Session Administration Table 5: Super-user commands (Continued) set notify type {Trap | Inform} ipaddr [timeout <1-1500>] [retries <1-3>] [auth {md5 | sha} [priv-DES ]] delete notify set authentication-trap {enable | disable} User Accounts /mgmt/adduser -p [-d ] [-g ] /mgmt/deluser /mgmt/moduser [-p ] [-d ] [-g ] /mgmt/show user The adduser co
BelAirOS User Guide User and Session Administration the Reply-Message field must contain in plain text one of the following: root, NORMAL or OBSERVER. These entries in RADIUS are case sensitive, so make sure the user privilege levels are entered exactly as specified. If the privilege levels are unspecified in RADIUS, then the AP provides the user with observer privileges.
BelAirOS User Guide User and Session Administration Example 1 /mgmt# set authentication-login radius 1,2 Example 2 mgmt# show authentication-login Authentication Login is radius Radius Authentication server table ------------------------------------Index : 1 Radius Server Address : 10.1.3.254 UDP port number : 1812 Radius Client Address : 10.1.3.48 Timeout : 3 -------------------------------------------Index : 2 Radius Server Address : 10.1.3.253 UDP port number : 1812 Radius Client Address : 10.1.3.
BelAirOS User Guide User and Session Administration The timeout parameter ranges from 2 to 300. It specifies the interval (in seconds) after which the RADIUS client considers that the remote server has timed out if a reply is not received. The default value is 10 seconds. The reauthtime parameter ranges from 0 to 50000000. It specifies the RADIUS re-authentication time (in seconds).
BelAirOS User Guide Configuring the Session Timeout Interval User and Session Administration /system/set global-session-timeout /system/set session-timeout /system/show global-session-timeout By default, a CLI session is automatically disconnected if it is idle for longer than 30 minutes. These commands allows you to change the idle period, preventing unwanted disconnections. The idle period is specified in minutes. Setting a period of 0 prevents any automatic disconnection.
BelAirOS User Guide User and Session Administration Examples /system#set prompt string BelAir-128-50-46-189 /system#set prompt selection string [BelAir-128-50-46-189]/system#system switch BA20E-A [BelAir-128-50-46-189]/system#set prompt selection switch-name [BA20E-A]/system#set prompt selection switch-name [BA20E-A]/system#set prompt selection default /system# show prompt User-defined string: BelAir-128-50-46-189 prompt selection: default April 22, 2012 Confidential Document Number BDTM00000-A02 Draft
BelAirOS User Guide IP Settings IP Settings This chapter contains procedures for managing AP IP parameters as follows: • “Displaying IP Parameters” on page 61 • “Configuring IP Parameters” on page 62 —“Configuring Dynamic IP Addressing” on page 62 —“Renewing the IP Address” on page 63 —“Auto-IP” on page 63 —“Setting a Static IP Address and Subnet Mask” on page 64 —“Static IP Routes” on page 64 • “Configuring the Domain Name System Lookup Service” on page 65 • “Configuring IP Address Notification” on page
BelAirOS User Guide IP Settings Configured primary DNS server: Configured secondary DNS server: Configuring IP Parameters 0.0.0.0 0.0.0.0 You can configure: • dynamic IP addressing • a static IP address and subnet mask, as well as static IP routes.
BelAirOS User Guide IP Settings Note 1: DHCP servers usually have the ability to assign a default route to DHCP clients. Make sure that the DHCP server assigns only one default route, even you are using many different IP interfaces on the same AP (for example, a management IP interface and a VLAN IP interface). Note 2: You must configure the DHCP server lease time to be one minute or longer.
BelAirOS User Guide IP Settings The auto-IP feature automatically configures the AP to have a specific default IP address based on the AP’s MAC address if it cannot get an IP address from the DHCP server or when it is in factory default mode. When auto-IP is enabled, the default IP address is 169.254.1.x with a mask of 255.255.0.0; where x is the last byte of the AP’s MAC address. When you can connect a laptop directly to the AP, the laptop also auto-configures itself with an IP address 169.254.x.
BelAirOS User Guide IP Settings The ip route del command deletes a static route. Use the gateway parameter to specify the IP address of the network gateway. Configuring the Domain Name System Lookup Service /protocol/ip/set /protocol/ip/del /protocol/ip/set /protocol/ip/del dns dns dns dns server server domain domain {primary | secondary} {primary | secondary} name
BelAirOS User Guide System Settings System Settings This chapter contains procedures for managing AP parameters as follows: • “Country of Operation” on page 66 • “System Identification Parameters” on page 67 • “Custom Fields” on page 67 • “Configuring the System Date and Time” on page 68 • “GPS Coordinates” on page 70 • “LED Control” on page 72 • “Setting the Network Egress Point” on page 72 • “Enabling Wi-Fi Band Steering” on page 73 • “Limiting Broadcast Packets” on page 73 • “Limiting DHCP Packets from
BelAirOS User Guide System Settings These commands allow you to adjust the radios in your AP to conform to the regulatory requirements for your country. This includes valid radio channel ranges as well as transmit power levels and the use of Dynamic Frequency Selection (DFS), a regulatory requirement in some jurisdictions. The show country command displays the current country of operation.
BelAirOS User Guide System Settings Custom Custom Custom Custom Configuring the System Date and Time Field Field Field Field 2: 3: 4: 5: Used for experiments Zone 3 master Services customer xyz First in service The system date and time can be configured: • manually • using a Simple Network Time Protocol (SNTP) server In both cases, you can use an offset to convert the displayed Coordinated Universal Time (UTC) to local time.
BelAirOS User Guide System Settings Example 1 /system# set date 2004-02-10 time 06:50:00 Example 2 /system# set time 08:45:00 Example 3 /system# set time offset -4 30 Example 4 /system# show date Current date: 2011-08-11 23:04:46 (UTC) Current date: 2011-08-11 17:04:46 Managing an SNTP Server /protocol/sntp/set ip-address {primary|secondary} { | disabled} /protocol/sntp/set timeoffset /protocol/sntp/set status {enabled | disabled} /protocol/sntp/show {config | status}
BelAirOS User Guide System Settings Example 1 /protocol/sntp# set ip-address primary 10.1.1.2 Example 2 /protocol/sntp# set timeoffset -4 30 Example 3 /protocol/sntp# show status SNTP process is running Effective SNTP Timeoffset: =========================== SNTP Timeoffset origin: SNTP schema SNTP Time Offset: 6:00 Effective SNTP server: ====================== SNTP Servers origin: SNTP schema Active Server: Primary - 0.pool.ntp.org SNTP server Primary : 0.pool.ntp.org SNTP server Secondary : 1.pool.ntp.
BelAirOS User Guide System Settings coordinate detection system must be in manual mode. By default, the admin state is enabled. • The set coordinates manual command lets you manually enter the AP’s latitude and longitude coordinates. Once entered, these values are stored locally. Alternatively, you can use the set coordinates manual copygps command to locally store the coordinates determined by the AP’s automatic GPS system.
BelAirOS User Guide System Settings admin state: ................ coordinate mode: ............ running status: ............. available satellites: ....... LED Control Enabled auto synced 8 You can use the following commands to control the LED behavior of the AP: • “Find Me Function” on page 72 • “LED Enable or Disable” on page 72 Find Me Function /system/find-me {start|stop} This command helps you determine the physical location of an AP.
BelAirOS User Guide Enabling Wi-Fi Band Steering System Settings /system/show wifi-band-steering /system/set wifi-band-steering {enabled | disabled} Wi-Fi band steering applies to dual-band (2.4 GHz and 5 GHz) wireless clients. If enabled, the AP attempts to direct any dual-band Wi-Fi clients it detects to use the 5 GHz radio. Note: Band steering may not always be successful depending on operational conditions. In such cases, the dual-band client decides whether to use the 5 GHz radio or the 2.
BelAirOS User Guide System Settings Broadcast Filter Status Broadcast Filter Rate Limiting DHCP Packets from Clients :Enabled :200 /system/show dhcp-filter config /system/set dhcp-filter rate If you detect clients that send abnormally high rates of DHCP packets, then use this command to limit the number that are sent to the DHCP server. The set dhcp-filter rate command lets you set the maximum rate (in packets/ second) at which DHCP packets are sent to the server.
BelAirOS User Guide Slot 1 9 Card type DRUE CM System Settings Version 1.1.1 3.0.0 Physical Interface Table Name Type wifi-1-1 Wifi 802.11 wifi-1-2 Wifi 802.11 eth-1-1 Ethernet cm-9-1 DOCSIS cable-modem Defining a Maintenance Window Serial number K002188591 Slot 1 1 1 9 Assembly code B2XH105AA-A A01 BRG35503Bel Card type DRUE DRUE DRUE CM Description DRUEv1 2.4GHz 802.11n DRUEv1 5GHz 802.
BelAirOS User Guide Displaying System Up Time System Settings /system/show sysuptime This command displays the time the system has been operating. Example /system# show sysuptime System Up Time: 234 days, 16:45:32.34 Displaying the Running Configuration Restarting the AP /system/show running-configuration This command displays the configuration that the AP is currently operating with. It executes a series of show commands with results displayed on the CLI screen.
BelAirOS User Guide Enabling or Disabling Session Logging System Settings /system/set session-logging {enable | disable} When session logging is enabled, all commands entered during a CLI session are recorded in a command log file. However, if you run repetitive scripts, you may want to disable logging to avoid filling the file with the same sets of commands. This command allows you to enable or disable session logging. The default setting is enable.
BelAirOS User Guide AP Auto-configuration AP Auto-configuration With auto-configuration, the AP can automatically obtain a script file after it powers up. The AP then configures itself based on the content of the file. Auto-configuration minimizes the amount of manual intervention required to pre-configure the AP before you install it. To create a valid script file, refer to the guidelines listed in “Creating and Using Script Files” on page 76.
BelAirOS User Guide AP Auto-configuration • DNS server IP addresses. Up to two DNS servers are supported. See “Configuring the Domain Name System Lookup Service” on page 65. • IP address for a time server. Two time servers are supported for use by the SNTP service. See “Managing an SNTP Server” on page 69. • time offset value used by the SNTP service. See “Managing an SNTP Server” on page 69.
BelAirOS User Guide Pre-requisites AP Auto-configuration To use DHCP options, your DCHP server must be configured to supply the information requested by the AP. In particular, make sure of the following: • Your DHCP server supplies a list of SNTP servers instead of NTP servers and that they are listed in order of preference. • Your DHCP server assigns only one default route, even you are using many different IP interfaces on the same AP (for example, a management IP interface and a VLAN IP interface).
BelAirOS User Guide AP Auto-configuration The time-server parameter controls the IP address for a time server. Two time servers are supported. This information is used by the SNTP service. See “Managing an SNTP Server” on page 69. The time-offset parameter controls the time offset value that is used by the SNTP service. See “Managing an SNTP Server” on page 69. The TFTP server IP address and the script file are downloaded and executed only during a startup.
BelAirOS User Guide AP Auto-configuration server is bn_00_0d_67_0c_21_76. The username must be in lower case and must exist in the FTP server. —The FTP password used is the md5sum of the username. To obtain this, do echo | md5sum. Omit the spaces and dash at the end of the md5sum output. 3 In the FTP home directory for the user, the AP looks for a script file named bn_config.cfg.
BelAirOS User Guide AP Auto-configuration Example /system#show config-download status config-download config-download config-download config-download config-download config-download config-download April 22, 2012 adminStatus: enabled server: 0.0.0.0 servername: belairconfig.com user-name: auto-config.txt password: anonymous filename: auto-config.
BelAirOS User Guide Card Settings Card Settings This chapter contains the following topics that describe card operations: • “Determining which Cards are in an AP” on page 85 • “Displaying Card Information” on page 86 • “Card Administrative State” on page 88 • “Restarting a Card” on page 88 • “Card CPU and Memory Performance Monitoring Statistics” on page 88 • “BTS Card Commands” on page 89 This chapter applies to all cards except the cable modem.
BelAirOS User Guide Card Settings Table 6: Physical Interface Parameter Settings Physical Interface Type Pico-cellular base station Determining which Cards are in an AP Refer to... • “BTS Card Commands” on page 89 • BelAir2100 Cellular Reference Guide /mode /card/mode Use the mode command to determine and .
BelAirOS User Guide Card Settings /wifi-2-1 /eth-1-1 (DRUEv1 5GHz 802.11n) (1x1000baseTx [Electrical: Single]) /mgmt /protocol /ip /radius /rstp /snmp /sntp /te-syst /qos /services /auto-conn /mobility /ssh /ssl /syslog /system /diagnostics (tunnel) Example 3 - BelAir20E /card# mode /htme-1 Example 4 - BelAir100SNE /card# mode /drue-1 Displaying Card Information The following sections describe commands that display card parameters.
BelAirOS User Guide Displaying the Card Physical Interfaces Card Settings /card/-/show interfaces This command applies to all cards types except bts. This command displays the physical interfaces that the card provides.
BelAirOS User Guide Card Settings LowTotal: LowFree: SwapTotal: SwapFree: Dirty: Writeback: AnonPages: Mapped: Shmem: 125068 54996 0 0 0 0 9196 9876 2688 kB kB kB kB kB kB kB kB kB Note: The type and amount of card memory usage data may vary depending on the card‘s software version.
BelAirOS User Guide Card Settings Specifying fifteen-min is equivalent to specifying fifteen-min 0 and means the current 15-minute interval. Specifying day is equivalent to specifying day 0 and means the current day, excluding data from the current 15-minute period. Specifying all displays the statistics for all periods. Example 1 - BelAir20E /card/htme-1#show pm fifteen-min Int 0 1 2 3 4 5 6 7 8 9 10 11 12 13 Peak CPU Util (%) 7.0 7.0 7.0 7.0 7.0 7.0 7.0 7.0 7.0 7.0 7.0 7.0 7.0 7.0 Avg CPU Util (%) 7.
BelAirOS User Guide Card Settings The reset bts power command removes BTS power for 5 seconds. The set admin-state enables or disables BTS operation. If enabled, the BTS can operate as a NAT gateway or as a bridge. See also the BelAir2100 Cellular Reference Guide.
BelAirOS User Guide Ethernet or LAN Interface Settings Ethernet or LAN Interface Settings The HTM, HTME, DRU or DRUE card inside the AP has an Ethernet port that can be used as an egress point for the AP. The HTME card also provides LAN ports. This chapter describes how to configure the Ethernet or LAN ports provided by your AP’s card.
BelAirOS User Guide Ethernet or LAN Interface Settings Example /interface/eth-1-1# show status Type : 1x1000baseTx [Electrical: Single] Admin Status : Enabled Link State : Up Speed : 100 Mbps Mode : Full Duplex Auto-Negotiation : Enabled Mac Address : 00:0D:67:0C:23:38 Managing Egress AP Traffic In a BelAir Networks network, the Ethernet or LAN port of an AP can act as an egress point for the backhaul traffic of many other APs.
BelAirOS User Guide Ethernet or LAN Interface Settings ID before they are sent through the Ethernet or LAN port to the external network. Similarly, packets that are tagged with the specified VLAN ID arriving from the external network through the Ethernet or LAN port are converted to untagged packets before being sent to the APs. If you specify the keyword untagged instead of VLAN ID, then packets are not converted as they enter or leave the Ethernet or LAN port of the egress AP.
BelAirOS User Guide Ethernet or LAN Interface Settings The default is enabled. Use the corresponding show status command to view the current admin state of the Ethernet or LAN interface.
BelAirOS User Guide Ethernet or LAN Interface Settings • day, day 0 to day 7 • all, all performance measurements. Specifying fifteen-min is equivalent to specifying fifteen-min 0 and means the current 15-minute interval. Specifying day is equivalent to specifying day 0 and means the current day, excluding data from the current 15-minute period.
BelAirOS User Guide Cable Modem Configuration Cable Modem Configuration This chapter applies to the BelAir100SN or BelAir100SNE.
BelAirOS User Guide Cable Modem Configuration Attenuation State Target Displaying the Cable Modem Status : 2 dB (Manual) : Manual : 25 dBmV +/-1 dB /card/cm-/show status This command displays the operational parameters of the cable modem. For proper operation, the status must be as follows: • the QAM lock, FEC sync, and MPEG sync fields must be yes. • the weak signal field must be no. • the downstream power and the upstream power must be in the range specified in the DOCSIS 3.0 specification.
BelAirOS User Guide Cable Modem Configuration Set the auto parameter to use automatic attenuation. With automatic attenuation, the cable modem monitors the upstream or downstream power level and automatically adjusts attenuation to attempt to bring the signal level to in-lock range. Refer to the DOCSIS 3.0 specification for specific definitions of in-lock ranges for upstream and downstream signals.
BelAirOS User Guide Cable Modem Configuration modem interface, it may take time to identify and correct the root cause. During this period, multiple Interface Down alarms would be generated. Enabling the alarm threshold reduces the number of Interface Down alarms generated per calendar day. If the threshold is reached, the system generates instead a single Excess Cable Modem Interface Down Events alarm and stops generating additional Interface Down alarms.
BelAirOS User Guide Cable Modem Configuration Resets : LostSyncs : InvalidMaps : InvalidUcds : InvalidRangingResps : InvalidRegistrationResps: T1Timeouts : T2Timeouts : UsT3Timeouts : UsT4Timeouts : RangingAborteds : DocsisOperMode : Up Channel Frequency : Width : TxTimingOffset : Up time 9days20h:27m:37s Cable Modem Performance Monitoring Statistics 3 1 0 0 0 0 0 0 0 0 0 3 28000000 28000000 1243 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 /card/cm-/show pm {fifteen-min|day}[{{<0-96>|<0-7>}| all{availa
BelAirOS User Guide Wi-Fi Radio Configuration Overview Wi-Fi Radio Configuration Overview Available Wi-Fi Radios April 22, 2012 Table 7 on page 101 lists the available BelAir Networks Wi-Fi radios. Table 7: BelAir Networks Wi-Fi Radio Summary Radio Module Operating Frequency AP Can Operate as Access Point? HTMv1 2.4/5.8 GHz BelAir20 Yes mp-to-mp p-to-mp p-to-p HTMv1 2.4/2.3 GHz WCS BelAir100i Yes mp-to-mp p-to-mp p-to-p HTMEv1 2.4/5.
BelAirOS User Guide Wi-Fi Radio Configuration Overview Table 7: BelAir Networks Wi-Fi Radio Summary (Continued) Configuration Process April 22, 2012 Can Operate as Access Point? Supported Backhaul Topologies Radio Module Operating Frequency DRUv3 2.4 GHz BelAir100N BelAir100SN Yes mp-to-mp p-to-mp p-to-p DRUEv1 DRUEv2 2.4/5.8 GHz BelAir100SNE BelAir2100 Yes mp-to-mp p-to-mp p-to-p AP Use the following process to configure a Wi-Fi radio: 1 Configure basic radio parameters.
BelAirOS User Guide Configuring Wi-Fi Radio Parameters Configuring Wi-Fi Radio Parameters This chapter describes how to display and configure Wi-Fi radio parameters, including: • “Displaying Wi-Fi Radio Configuration” on page 104 • “Displaying Configuration Options” on page 105 • “Operating Channel” on page 105 • “Antenna Gain” on page 108 • “Transmit Power Level” on page 110 • “Link Distance” on page 111 • “Dynamic Frequency Selection” on page 111 • “Collision Aware Rate Adaptation” on page 112 • “WCS Du
BelAirOS User Guide Configuring Wi-Fi Radio Parameters • “Wi-Fi AP Security” on page 146 • “Wi-Fi Backhaul Link Configuration” on page 161 • “Mobile Backhaul Mesh” on page 169 Displaying Wi-Fi Radio Configuration /interface/wifi--/show config [{all|access|backhaul|qos|mobile}] This command displays various aspects of the radio’s configuration. Example - BelAir20E /interface/wifi-1-1# show config all Slot: 1, Card Type: htme, revision: 1, Port: 1, Radio: HTMEv1 5GHz 802.11n admin state: ..........
BelAirOS User Guide Configuring Wi-Fi Radio Parameters Blacklist: No blacklist entries Link Failure Detection: ...... Disabled Backhaul T1 Bandwidth limit:.. Disabled Displaying Configuration Options /interface/wifi--/show available-config-options This command displays valid channel, antenna gains and transmit power values for your AP. The displayed values vary depending on the country of operation.
BelAirOS User Guide CAUTION! Configuring Wi-Fi Radio Parameters Improper setting of channel, antenna gain and transmit power may exceed regulatory requirements and void the operator’s right to operate the radio equipment. Refer to the Radio Transmit Power Tables to determine valid combinations of channel, antenna gain and transmit power for your country.
BelAirOS User Guide Configuring Wi-Fi Radio Parameters Table 8: WCS 2.3 GHz Channel Name to Number Mapping (Continued) Channel Number (SNMP Query) Channel Name (CLI Display) 2 A1 3 A1U 6 B1L 7 B1 8 B1U 11 C 43 D 46 A2L 47 A2 48 A2U 51 B2L 52 B2 53 B2U The auto and background-scan parameters apply all 2.4 GHz and 5 GHz radios. The auto parameter causes the radio to search for surrounding APs.
BelAirOS User Guide Configuring Wi-Fi Radio Parameters If a foreign channel is at least 20% better the home channel, then the system switches to the new channel. The re-scan-channel command causes the radio to perform another search.
BelAirOS User Guide Configuring Wi-Fi Radio Parameters BelAir100SN. Refer to Figure 13 for the BelAir100N. The setting for the port parameter affects the maximum transmit power setting for your 5 Ghz radio.
BelAirOS User Guide Configuring Wi-Fi Radio Parameters See also: • “Country of Operation” on page 66 • “Operating Channel” on page 105 • the Radio Transmit Power Tables Transmit Power Level /interface/wifi--/set tx-power { [secondary ]| maximum-tx-power} /interface/wifi--/set tx-power {{ [secondary ] [tx-power-optimize {{enable [target-rssi ] [max-tx-power ]}|disable}]} | maximum-tx-power } This command se
BelAirOS User Guide Configuring Wi-Fi Radio Parameters During operation, the RSSI level of the remote end of the link is monitored and compared to the target RSSI level. If they are sufficiently different, the transmit power level is adjusted. The parameter limits the output of the radio. Automatic transmit power control operates only on the local end of the link. To operate on both ends of a link, you must enable tx-power-optimize on both ends of the link.
BelAirOS User Guide Configuring Wi-Fi Radio Parameters # -----------------primary: 53 secondary: 53 Collision Aware Rate Adaptation required --------no no detected ---------no no remaining -----------0 (sec) 0 (sec) /interface/wifi--/set advanced-collision-ctrl {enable|disable} Collision Aware Rate Adaptation (CARA) is an advanced algorithm that turns RTS on and off when it detects a collision.
BelAirOS User Guide Configuring Wi-Fi Radio Parameters By default, enhanced throughput is enabled. 802.11n Aggregation /interface/wifi--/set tx-aggr {enable|disable} This command applies to the HTM and DRU only. This command enables or disables transmit aggregation for the radio. Transmit aggregation is an 802.11n feature where multiple MSDUs or MPDUs are packed together to reduce the overhead and average them over multiple frames, thus increasing the user level data rate.
BelAirOS User Guide Configuring Wi-Fi Radio Parameters • “Backhaul RF Survey” on page 115 • “All RF Survey” on page 117 • “Sorting the Output” on page 117 • “Filtering the Output” on page 117 Specifying all displays both AP and backhaul RF surveys. AP RF Survey Rogue access points (APs) may be installed on a corporate network by employees using low-cost equipment they purchased themselves.
BelAirOS User Guide Configuring Wi-Fi Radio Parameters The ap chan others and ap chan all options display data collected with the set channel background-scan command. Background scanning is not service-affecting and clients should not be disconnected. To use these options, the background-scan option must be enabled. See “Operating Channel” on page 105.
BelAirOS User Guide Configuring Wi-Fi Radio Parameters The output may show undef as the type of privacy, meaning that the AP cannot determine the type of privacy used by that link. Example 1 - Point-to-point Topology /interface/wifi-4-1# show rf-survey backhaul mac ch rssi (dbm) ----------------- -- ---00:0D:67:08:63:31 157 -42 age priv topo (s) [S] --- ---- ---0 none p2p role [S] ----- linkIdx 12345678 --------------- noise floor (chain 1-2): .............
BelAirOS User Guide Configuring Wi-Fi Radio Parameters Example 5 - Mobile Backhaul Mesh Links This example shows a backhaul RF survey for an AP providing mobile backhaul mesh links. /interface/wifi-2-1# show rf-survey backhaul mac ----------------00:0D:67:00:C9:A8 00:0D:67:00:49:EA 00:0D:67:00:E3:A3 ch rssi (dbm) -- ---167 -79 167 -66 167 -80 age (s) --0 0 0 priv topo [S] ---- ---aes -aes mesh aes mesh role [S] ------- linkIdx 12345678 ----------------------------- noise floor (chain 1-2): ........
BelAirOS User Guide Configuring Wi-Fi Radio Parameters RX Mcast: ............ 0 TX Mcast: ............ 133805 Access Rx Fail Rate (frames/min): 0 Access Rx Dup Rate (frames/min): 0 Access Rx OOR Rate (frames/min): 0 Access Tx Fail Rate (frames/min): 0 MPDU Statistics: RX: .................. 17694466 TX: ................. 1104110 FCS Errors: .......... 0 WEP Undecryptable: ... 0 RTS Success: ......... 235053 RTS Failures: ........ 0 ACK Failures: ........ 0 Failed: .............. 0 Retries: .............
BelAirOS User Guide Configuring Wi-Fi Radio Parameters When specifying a specific time interval The output displays various statistics for that interval, including: • MAC Service Data Unit (MSDU) statistics, including the delivery error rate and the transmit on air error rate for transmitted packets • MAC Protocol Data Unit (MPDU) statistics, including the delivery error rate and the transmit on air error rate for data packets and management packets • the number of packets received and transmitted at vario
BelAirOS User Guide Configuring Wi-Fi Radio Parameters — MgtTxOk is the number of management packets successfully transmitted. — MgtTxFailed is the number of failed management transmit packets. — MgtAckFailed is the number of failed management acknowledge packets. • Selecting error-rate displays the error rates for MSDU and MPDU statistics: — Tx Error Rate (delivery) is the percent of dropped and failed packets over the total number of packets transmitted.
BelAirOS User Guide Configuring Wi-Fi Radio Parameters TxOk: 15714 TxMulticast: 0 TxDropped: 0 TxFailed: 1525 Tx Error Rate: (delivery) MPDU stats: TxOk: TxFailed: AckFailed: RxOk: RxMulticast: RxDropped: RxFailed: 9 (on air) 15714 1525 3104 140462 0 0 10190 9 MgtTxOk: MgtTxFailed: MgtAckFailed: RxNotForUs: TxRetries(1,2,3,4,>4): 54 1525 0 0 0 Data Tx Error Rate: (delivery) 9 (on air) Mgmt Tx Error Rate: (delivery) 46 (on air) 1843 1525 0 3533 RxOk: RxFramesErr: RxFrameAbort: RxPhyAbort: 140462 101
BelAirOS User Guide Configuring Wi-Fi Radio Parameters Rx Busy Indicator: Average: 0 Channel Busy Indicator: Average: 0 Max: 0 Min: 0 Max: 1 Min: 0 Example 2 - Non-WCS radios /interface/wifi-2-1# show pm fifteen-min all duty-cycle int 0 1 2 3 4 5 6 7 8 9 10 11 12 13 TxAverage 4 4 4 4 4 4 4 4 4 4 4 4 4 0 TxMax 5 5 5 5 5 5 5 5 5 5 5 5 5 0 TxMin 4 4 4 4 4 4 4 4 4 4 4 4 0 0 RxAverage 45 44 43 44 44 42 44 43 44 44 45 44 38 3 RxMax 46 46 45 46 45 44 46 45 45 46 46 46 46 6 RxMin 45 41 42 44 42 42
BelAirOS User Guide Configuring Wi-Fi Access Point Parameters Configuring Wi-Fi Access Point Parameters This chapter describes how to display and configure Wi-Fi Access Point (AP) parameters, including: • “Displaying AP Configuration” on page 124 • “AP Custom Rates” on page 124 • “Displaying Associated Wireless Clients” on page 126 • “Displaying Wireless Client Details” on page 128 • “Disconnecting a Wireless Client” on page 128 • “Wireless Client Load Balancing” on page 129 • “Configuring RTS-CTS Handsha
BelAirOS User Guide Configuring Wi-Fi Access Point Parameters • “ARP Filtering” on page 143 • “ARP to Unicast Conversion” on page 143 • “802.11b Protection” on page 144 • “Wi-Fi Client Statistics” on page 144 See also: • “Configuring Wi-Fi Radio Parameters” on page 103 • “Wi-Fi AP Security” on page 146 • “Wi-Fi Backhaul Link Configuration” on page 161 • “Mobile Backhaul Mesh” on page 169 Displaying AP Configuration Use the show config access command to display the current AP configuration.
BelAirOS User Guide Configuring Wi-Fi Access Point Parameters These commands let you customize the modulation rates used by your 802.11n radio by building a list of rates to include. Putting a rate on the list allows the radio to use that rate. The show command displays modulation rates that are currently on the list; that is, the rates that the radio uses. Rates that have short preamble are indicated with sp. Use the set command to enable or disable the custom rates feature.
BelAirOS User Guide Displaying Associated Wireless Clients Configuring Wi-Fi Access Point Parameters /interface/wifi--/show clients [ssid ] This command displays the list of associated wireless clients for a given SSID. If no SSID is specified, the displayed list shows all associated clients and their SSID. The ssid_index parameter must be a valid SSID index. In the resulting output: • The time field displays how long the client has been associated to the BelAir Networks radio.
BelAirOS User Guide Configuring Wi-Fi Access Point Parameters Table 10: DHCP Field Value Descriptions (Continued) Value Description disc Client has sent a DHCP Discover message and is waiting for a DHCP Offer message to get its IP address. (Applicable only if client does not already have a valid IP address. Otherwise client sends DHCP Request message.) offer Server has responded to the DHCP Discover message with a DHCP Offer message. This packet tells the client its IP address.
BelAirOS User Guide Configuring Wi-Fi Access Point Parameters Example /interface/wifi-2-1# show clients SS-ID vlan mac addr time IP identity rssi auth dhcp ----- ---- ----------------- ---- ------------------ ---------- ---- ------- -----2-4 0 00:11:24:26:24:AA 4m 10.9.9.20(s) -82 eapAuth static Displaying Wireless Client Details /interface/wifi--/show client <1|2|...
BelAirOS User Guide Wireless Client Load Balancing Configuring Wi-Fi Access Point Parameters /interface/wifi--/set max-num-clients [strict] This command lets you set the maximum number of clients that can associate with the AP. Once the maximum is reached, new client associations are not immediately accepted.
BelAirOS User Guide Configuring Wi-Fi Access Point Parameters If you select auto, the AP automatically adjusts the beacon period and DTIM value dynamically according to the number of MBSSIDs. The default setting is to have a fixed beacon period of 100 ms with a DTIM value of 3.
BelAirOS User Guide Configuring Wi-Fi Access Point Parameters Example - Non Aggregated Records /interface# show client-record 4 ID 11 10 9 8 SSID Radio INX wifi-2-1 1 wifi-2-1 1 wifi-2-1 1 wifi-2-1 1 Start Time Connect dd hh:mm:ss mm:ss 11 06:42:57 15:02 11 06:27:55 15:02 11 06:12:53 15:02 11 05:57:51 15:02 IP address 10:1:1:7 10:1:1:7 10:1:1:7 10:1:1:7 MAC address 00:18:de:c2:30:46 00:18:de:c2:30:46 00:18:de:c2:30:46 00:18:de:c2:30:46 RSSI max avg -25 -44 -25 -44 -25 -44 -25 -44 min -64 -64 -64 -64
BelAirOS User Guide Configuring Wi-Fi Access Point Parameters • provide vendor specific information Each AP supports up to 8 SSIDs. If associated clients use different SSIDs, then the AP can use the SSID to direct traffic to different VLANs. Displaying the SSID Table /interface/wifi--/show ssid table This command summarizes in table format the parameters of all configured SSIDs. In the resulting output: • The broadcast setting is the default for SSID 1.
BelAirOS User Guide Configuring Wi-Fi Access Point Parameters • bss is for basic service set; see “Configuring SSIDs” on page 134 • a star ( * ) means that the feature is enabled for that particular SSID • a double dash ( -- ) means that the feature is not enabled for that particular SSID Displaying SSID Details /interface/wifi--/show ssid config This command displays details of a particular SSID. Use the show ssid table command to determine .
BelAirOS User Guide Configuring Wi-Fi Access Point Parameters The default management SSID is BelAir-, where is the last six digits of the AP’s MAC address. For example, if an AP has a MAC address of 00:0D:67:08:48:98, the default management SSID is BelAir-084896. By default, SSID 8: • uses WPA encryption with the following pre-shared key: DefaultKey123. Users may wish to change the security settings to suit their needs. • is not mapped to a VLAN.
BelAirOS User Guide Configuring Wi-Fi Access Point Parameters • Traffic from clients where the last three bits have a value of 0 is directed to the first VLAN on the list. • Traffic from clients where the last three bits have a value of 1 is directed to the second VLAN on the list. • Traffic from clients where the last three bits have a value of 6 is directed to the seventh VLAN on the list.
BelAirOS User Guide Upstream User Priority Marking Configuring Wi-Fi Access Point Parameters /interface/wifi--/set ssid upstream-up-marking {enabled|disabled} [ up-value ] This command enables or disables the ability to set the User Priority (UP) value of any packet received by the AP for a particular SSID. The UP values are then used throughout the network to separate and prioritize traffic through Quality of Service (QoS) settings.
BelAirOS User Guide Configuring Wi-Fi Access Point Parameters • Use the min parameter to specify the minimum number of clients this SSID is guaranteed to serve. The default setting is 0. • Use the max parameter to specify the maximum number of clients this SSID can have. The default setting is 256. Use the show ssid table command to determine . Use the show ssid config command to see the currently configured values.
BelAirOS User Guide Configuring Wi-Fi Access Point Parameters Note: There are DHCP packet length limitations. If you enable all fields, then the DHCP packet may not be large enough to contain all the vendor specific information. In such cases, some vendor specific information may not be inserted into the packet properly and the packet may be marked as Malformed Packet. However, the packet still contains the IP address. If you enable circuit ID (suboption 1), by default the field contains the SSID.
BelAirOS User Guide Configuring Wi-Fi Access Point Parameters • Suboption 151. The VPN selection ID is packaged as follows: 0x97, 0x0a, 0x00, 0xnn, 0xnn, 0xnn, 0xnn, 0xnn, 0xnn, 0xnn, 0xnn, 0xnn Where: —The first field is always 0x97, identifying Suboption 151. —The second field specifies the length of the VPN selection ID. —The remaining fields specify an ASCII string of the VPN selection ID.
BelAirOS User Guide Configuring Wi-Fi Access Point Parameters Specifying fifteen-min is equivalent to specifying fifteen-min 0 and means the current 15-minute interval. Specifying day is equivalent to specifying day 0 and means the current day, excluding data from the current 15-minute period. When specifying a specific time interval The output displays the following statistics for the specified SSID: • TxByte and RxBytes are the number of bytes sent and received.
BelAirOS User Guide Configuring Wi-Fi Access Point Parameters contain up to 14 characters. The default string is outOfService.. and by default it replaces the SSID. The out-of-service delay () ranges from 30 to 300 seconds. The default is 300 seconds. The out-of-service delay is set for the entire AP. Use the /system/show ap-oos-broadcast-delay command to display the current delay.
BelAirOS User Guide Configuring Wi-Fi Access Point Parameters See also: • “Limiting Broadcast Packets” on page 73 • “Broadcast to Unicast Packet Conversion” on page 142 Broadcast to Unicast Packet Conversion /interface/wifi--/set ssid dhcp-advanced {upstream-unicast | none} This command lets you convert broadcast packets to unicast packets.
BelAirOS User Guide ARP Filtering Configuring Wi-Fi Access Point Parameters /interface/wifi--/set arp-filtering {disabled|enabled} This command enables or disables ARP filtering on radio traffic from the AP to the wireless client. When enabled, the radio only forwards ARP request packets to a currently connected client. Otherwise, the downstream ARP requests are dropped. The default setting is disabled.
BelAirOS User Guide 802.11b Protection Configuring Wi-Fi Access Point Parameters /interface/wifi--/set b-protection {disabled|enabled} This command enables or disables 802.11b protection for the radio. Normally, an 802.11g AP uses CTS-to-self to interact with 802.11b APs. The transmitted packet is small, but in High Capacity and Interference environments the accumulated effect is a substantial performance penalty. This feature disables 802.
BelAirOS User Guide Configuring Wi-Fi Access Point Parameters Example /interface/wifi-2-1# show client 2-4 throughput stats Ssid: ........... Vlan: ........... Mac Address: .... Connected Time: . Aging Time: ..... Ip Address: ..... Identity: ....... Rssi: ........... Auth State: ..... Dhcp State: ..... Tx: Tx: Rx: Rx: Bytes Pkts Bytes Pkts 1360 10 980 10 2 0 00:11:24:26:24:AA 0 yrs 0 days 00:04:46 1 seconds 10.9.9.
BelAirOS User Guide Wi-Fi AP Security Wi-Fi AP Security This chapter describes how you can set up security to encrypt your Wi-Fi transmissions so that your data cannot be deciphered if it is intercepted, and to prevent access to the network by unauthorized clients.
BelAirOS User Guide Wi-Fi AP Security If multiple SSIDs are configured, each SSID can be configured with its own security options. The authentication options are: • instruct the AP to connect to a Remote Authentication Dial In User Service (RADIUS) server in your network that keeps a list of accepted clients. RADIUS is a standard for user authentication. For this option, you need a RADIUS server. Multiple APs can share the information from the same RADIUS server. • use a pre-shared key.
BelAirOS User Guide RADIUS Servers for Wireless Clients Wi-Fi AP Security To use RADIUS authentication, you need to configure at least one RADIUS server. Table 11 shows the attributes that are included in the access-request messages sent to the RADIUS server when using RADIUS (EAP) authentication. Table 11: RADIUS Attributes Name ID Description RA_USERNAME 1 Client identity RA_NAS_IP_ADDRESS 4 AP IP address configured with the /protocol/radius/set server command.
BelAirOS User Guide Wi-Fi AP Security Table 11: RADIUS Attributes (Continued) Name ID Description RA_CALLING_STATION_ID 31 Client MAC address If station-id-unformatting is set to enable, colons are removed. RA_NAS_IDENTIFIER 32 Name configured with the /interface/wifi--/set ssid radius command. See “RADIUS Accounting” on page 153.
BelAirOS User Guide Wi-Fi AP Security Table 11: RADIUS Attributes (Continued) Name ID Description RA_TUNNEL_TYPE 64 Refer to “RADIUS Assigned VLAN” on page 152. RA_TUNNEL_MEDIUM_TYPE 65 Refer to “RADIUS Assigned VLAN” on page 152. RA_TUNNEL_PRIVATE_GROUP_ID 81 Refer to “RADIUS Assigned VLAN” on page 152. RA_CONNECT_INFO 77 Always CONNECT 11Mbps 802.
BelAirOS User Guide Wi-Fi AP Security given RADIUS server. The default value is the IP address of the AP’s management interface, which is usually the system’s default IP address. Note: The NAS IP address parameter is entered statically with this command. If the VLAN IP addresses are determined dynamically with a DHCP server, then an updated VLAN IP address is not automatically reflected into the NAS IP address parameter. The timeout parameter ranges from 2 to 300.
BelAirOS User Guide Wi-Fi AP Security and sends it to a RADIUS server. If an access-accept message is received from the RADIUS server, the AP continues with the client’s association procedure and grants access based on other criteria such as encryption type and key matching. To use this feature, you must configure your RADIUS server to have a list of all allowed clients. Each entry in this list includes a user name and a password. The user name and the password must be set to the client’s MAC address.
BelAirOS User Guide RADIUS Accounting Wi-Fi AP Security /interface/wifi--/set ssid radius ([accounting {enable|disable}] [nas-id ] [delimiter {none|colon|dash}] [append {none|ssid}] These commands let you manage RADIUS accounting for wireless clients. By default RADIUS accounting is disabled. The nas-id parameters specify the RADIUS Network Access Server (NAS) identifier. The default value for is belair.
BelAirOS User Guide Wi-Fi AP Security [rekey {no|kpackets |seconds }] [strict {yes|no}] This command configures wireless privacy for a particular SSID. Use the show ssid table command to determine . Use the show ssid config command to show the current privacy settings. The dot1x-open parameter specifies an open privacy setting, but uses a RADIUS server for SSID authentication. The RADIUS server authenticates a wireless client by its username and password.
BelAirOS User Guide Wi-Fi AP Security The default rekey setting is no meaning that the group key is not changed. If rekey is set to n seconds, the group key is changed after that time period. If rekey is set to n kpackets, the group key is changed after that many thousand packets. If strict is set to yes, the group key changes immediately when one client leaves the network. The default is no. The strict setting applies to wpa and wpa2 encryption only.
BelAirOS User Guide Wi-Fi AP Security You should only use an ACL as an extra security measure if: • you cannot or prefer not to set up a RADIUS server • your network provides access to network clients which do not support RADIUS authentication In both cases, it is recommended that you enable pre-shared key encryption (WEP, WPA, WPA2 or WPA2mixed). The enabled setting for the set acl command means that only the wireless clients on the ACL can access the network. All other clients are denied access.
BelAirOS User Guide Wi-Fi AP Security 3 Disable inter-AP wireless client communications: a Add the previously determined gateway MAC address or addresses to the secure MAC white list. This allows wireless clients to communicate with the Internet. The secure MAC white list typically contains the MAC address of the gateway interfaces. b If the DHCP server for your network is on a different machine than the gateway, add the MAC address of the DHCP server machine to the secure MAC white list.
BelAirOS User Guide Wi-Fi AP Security Disabling Inter-AP Wireless Client Communication Disabling inter-AP wireless client communications involves setting up a secure MAC white list and enabling secure port mode for each AP.
BelAirOS User Guide Wi-Fi AP Security The content of the secure MAC white list takes effect only when the AP secure port mode is enabled. AP Secure Port Mode /interface/wifi--/set ssid secure-port {enabled|disabled} Use the show ssid table command to determine . To prevent wireless clients associated with different APs from communicating with each other, you must enable the secure port mode on each of the APs in your network. By default, the secure port mode is disabled.
BelAirOS User Guide Wi-Fi AP Security The AP also automatically generates alarms when it detects the following conditions: • If the AP detects more than 600 DHCP requests within 30 seconds, it raises a DHCP_STARVATION alarm. • If the AP detects a client with a MAC address that matches any of the addresses in the secure MAC white list, it raises a SECURE_MAC_SPOOF alarm.
BelAirOS User Guide Wi-Fi Backhaul Link Configuration Wi-Fi Backhaul Link Configuration This chapter describes how to display and configure Wi-Fi backhaul parameters, including: • “Displaying Backhaul Link Configuration” on page 161 • “Configuring Backhaul Link Identifier, Topology and Privacy” on page 162 • “Managing MP-to-MP Meshes” on page 164 —“Displaying the Mesh Topology” on page 164 —“Setting a Link RSSI Threshold” on page 165 —“Managing the Mesh Blacklist” on page 166 —“Mesh Auto-connections” on p
BelAirOS User Guide Wi-Fi Backhaul Link Configuration Common Backhaul: privacy: ................... key: ....................... mesh-min-rssi............... Stationary Backhaul: link admin state: .......... link id: ................... topology: .................. Mobile Backhaul: mobile admin state: ........ mobile link id: ............ mobile link role: .......... Blacklist: No blacklist entries Link Failure Detection: ...... Backhaul T1 Bandwidth limit:..
BelAirOS User Guide Wi-Fi Backhaul Link Configuration As well, you must meet the requirements listed in Table 12 on page 163. Table 12: Wi-Fi Backhaul Configuration Requirements Topology Requirements P-to-P 1 Set the topology parameter to p2p. P-to-MP 1 Set the topology parameter to star. 2 Set the AP’s role. The AP can be a base station (bs) or a subscriber station (ss). A base station is located at the center of the star and can support up to eight subscriber stations. 3 Set the parameter.
BelAirOS User Guide Managing MP-to-MP Meshes Wi-Fi Backhaul Link Configuration This section describe additional commands to help you configure and manage an MP-to-MP mesh clusters, including: • “Displaying the Mesh Topology” on page 164 • “Setting a Link RSSI Threshold” on page 165 • “Managing the Mesh Blacklist” on page 166 • “Mesh Auto-connections” on page 166 • “Managing Mesh Auto-connections” on page 167 Displaying the Mesh Topology /interface/wifi--/show backhaul status This command displays
BelAirOS User Guide Wi-Fi Backhaul Link Configuration In the previous output, link 1 goes to RadioC and link 2 goes to RadioA. RadioB is measuring a signal strength of -68 dBm from RadioC. As in example 1, RadioC has a MAC address of 00:0d:67:0b:55:17 and is physical interface wifi-3-1 on an AP with IP address 180.1.5.120. As in example 1, RadioB is measuring a signal strength of -54 dBm from RadioA.
BelAirOS User Guide Managing the Mesh Blacklist Wi-Fi Backhaul Link Configuration /interface/wifi--/add backhaul blacklist /interface/wifi--/del backhaul blacklist These commands allow you to control whether or not a link is used between two mesh points in an MP-to-MP mesh. To blacklist a link, you need to log in to both ends of the link and put the radio of other AP on the local blacklist.
BelAirOS User Guide Wi-Fi Backhaul Link Configuration If there are several candidate meshes to connect to, then the link is made to the mesh that: • matches the longest possible mesh identifier string • has the better signal level • has the minimum hop count to the egress AP Once a new link is established, the radio does not automatically revert back to the old mesh, even if the old mesh’s egress AP regains its ability to route traffic outside of the mesh.
BelAirOS User Guide Wi-Fi Backhaul Link Configuration Use the show config command to display the current auto-connection configuration. Use the show status command to display whether the auto-connection capability is enabled or disabled. Refer to “Mesh Auto-connection Example” on page 299. Egress Protection /interface/wifi--/set backhaul protection-admin-state {enable|disable} This command controls egress protection. The default setting is disable.
BelAirOS User Guide Mobile Backhaul Mesh Mobile Backhaul Mesh This feature extends the BelAir Networks fixed wireless infrastructure onto high-speed vehicles such as trains, buses, police and fire vehicles, and ambulances. Refer to Figure 15.
BelAirOS User Guide Mobile Backhaul Mesh When the mobile subscriber station determines that a listening link has a better link quality than the current forwarding link, it changes the link state so that the listening link with the higher quality becomes forwarding. These look ahead and make before break handover schemes allow the AP with mobile backhaul mesh links to provide uninterrupted support for a wide variety of applications, including voice and video.
BelAirOS User Guide Configuring MIMO Operation for Mobile Applications Mobile Backhaul Mesh /interface/wifi--/set mimo-mode {1x1|1x2|2x2|2x3|3x3} This command configures the Multiple-Input and Multiple-Output (MIMO) antenna settings for mobility applications using 802.11n radios, such as those for the BelAir20M. In such applications. the 5.8 GHz radio must operate with a MIMO setting of 1x1 while the 2.4 GHz access radio must operate with a MIMO setting of 2x2.
BelAirOS User Guide Mobile Backhaul Mesh As well, you must meet the requirements for the P-to-MP topology listed in Table 12 on page 163. The privacy setting determines whether AES privacy is used or not. The pre-shared key must be exactly 32 bytes long (16 characters).
BelAirOS User Guide Mobile Backhaul Point-to-point Links Mobile Backhaul Point-to-point Links This feature extends the BelAir Networks fixed wireless infrastructure onto low-speed vehicles such as ships travelling near a sea port. An AP with mobile backhaul point-to-point links provides redundant high-performance broadband connectivity. In such a deployment, the mobile AP mounted on a ship acts as a subscriber station to a stationary base station AP mounted on shore.
BelAirOS User Guide Mobile Backhaul Point-to-point Links sure the mobile link identifiers and mobile channels are not used elsewhere in the network. If a neighboring stationary subscriber station uses a link identifier and channel similar to a mobile subscriber station, then it can interfere with the creation of links between the mobile backhaul APs. With mobile backhaul point-to-point links, the base station is passive.
BelAirOS User Guide Mobile Backhaul Point-to-point Links d Set release 7 compatibility to yes if this AP is connecting to a shore AP running Release 7.1.0 software. /services/mobility# set release-7-compatibility no e Optionally set the RSSI threshold. The minimum parameter specifies the minimum signal strength required to connect.
BelAirOS User Guide Mobile Backhaul Point-to-point Links wifi-2-1 (MRMv1 4.4GHz 802.11n) scan list Mac Address CH ANT RSSI(dBm) AVL-BS ENBL-BS NET-ID-MATCH Age MESH ID -------------------------- ------ ------- ------------ --- ------00:0d:67:09:c4:79 91 1 -58 Yes Yes Yes 0 mobilityTest current time: 01:06:30 last scan time: 21:01:38 wifi-3-1 (MRMv1 4.4GHz 802.
BelAirOS User Guide Mobile Backhaul Point-to-point Links b Add links needed to support service /services/mobility# add interface wifi-3-1 Note: The scan-list, release-7-compatibility and RSSI thresholds parameters and apply only to subscriber stations. The show available-infra command applies only to subscriber stations. 4 Display the configuration and correct any settings as required. Use following commands as required. a Display the mobility configuration.
BelAirOS User Guide Mobile Backhaul Point-to-point Commands Mobile Backhaul Point-to-point Links Commands are available to do the following tasks: • “Displaying Mobile Backhaul Point-to-point Configuration” on page 178 • “Displaying Link Status” on page 178 • “Displaying Scan Results” on page 179 • “Managing Interfaces” on page 179 • “Managing the Scan List” on page 180 • “Associating a Scan List to an Interface” on page 180 • “Configuring RSSI Threshold” on page 180 • “Primary Link Drop” on page 181 • “M
BelAirOS User Guide Mobile Backhaul Point-to-point Links Example /services/mobility# show link-state LINK ROLE --------Primary Secondary INTERFACE --------wifi-3-1 wifi-2-1 CH -148 151 Displaying Scan Results RSSI ----44 -40 MESH ID ------------------------------mobilityTest mobilityTest NODE IP --------------10.1.1.13 10.1.1.209 NODE NAME ------------------ba100tBSmode BA200CEM209 /services/mobility/show available-infra This command displays detected channel links and base station MAC addresses.
BelAirOS User Guide Managing the Scan List Mobile Backhaul Point-to-point Links /services/mobility/add scan-list <1-8> /services/mobility/add scan-list <1-8> /services/mobility/show scan-list {<1-8>|all} These commands let you manage the contents of up to eight scan lists. Example /services/mobility# show scan-list 2 Scan list [2] channels: 61 148 151 Scan list [2] used by: wifi-2-1 (5GHz 802.11a) wifi-3-1 (5GHz 802.
BelAirOS User Guide Primary Link Drop Mobile Backhaul Point-to-point Links /services/mobility/set p2p-mobile drop-primary-at-min-rssi {true|false} Once a link has been established based on the RSSI threshold parameters, the AP can maintain the link, even if the signal strength drops below the minimum threshold setting. This commands let you configure this feature. If set to false, the AP maintains the link even when the signal strength drops below the minimum threshold setting.
BelAirOS User Guide Mobile Backhaul Point-to-point Links • If the system egress point is set to indirect with a gateway IP address, then the base station pings the gateway IP address and starts the out-of-service timer if it does not receive a reply. If the timer expires and the gateway still does not reply, then the base station is taken out of service by prepending bsOutOfService to the mobile link identifier.
BelAirOS User Guide Mobile Backhaul Point-to-point Links When a single channel mesh is created, the resulting links are simple point-to-point backhaul links, as described in “Wi-Fi Backhaul Link Configuration” on page 161. Typical mobile backhaul point-to-point notions, such as scan-lists, RSSI thresholds, and primary and secondary links, do not apply to them.
BelAirOS User Guide Operating in High Capacity and Interference Environments Operating in High Capacity and Interference Environments High Capacity and Interference (HCI) environments usually have the following characteristics: • high number of wireless clients in a relatively small geographic area • wireless traffic is restricted to relatively few wireless APs • sudden surges of demand for connectivity • building structure or geometry may restrict connectivity Stadiums and other sports venues are typical
BelAirOS User Guide Operating in High Capacity and Interference Environments • Secure Port Mode, described on page 189 • Wireless Bridging, described on page 189 • Client Load Balancing, described on page 189 • Client Authentication History, described on page 190 • Automatic Mesh Connect, described on page 190 • Traffic Test Tool, described on page 190 Modulation Rate Control This feature allows the operator to directly control the allowed modulation rates (and select the basic rates).
BelAirOS User Guide Traffic Priority Based on Modulation Rate Operating in High Capacity and Interference Environments A Wi-Fi AP sorts traffic according to priority and transmits it by priority in order of arrival. Different QOS schedulers (EDCA, LSPQ, SPQ) result in different performance for the various priorities. This feature applies a priority based on modulation rate on top of the QOS priority. It tries to give clients equal amounts of air-time instead of equal numbers of packets.
BelAirOS User Guide Access Receive and Transmit Error Statistics with SNMP Support Operating in High Capacity and Interference Environments BelAir Networks radios provide extensive statistics for insight into network behavior and to guide network optimization. The relevant commands are: • /interface/wifi--/show statistics • /interface/wifi--/show pm • /interface/wifi--/show client These commands are described in detail in the Troubleshooting Guide.
BelAirOS User Guide Operating in High Capacity and Interference Environments Blacklist SNMP Support BelAir Networks APs support adding and deleting backhaul blacklist members through SNMP. This allows operators using BelView Network Management System (NMS) Release 6 or later to override the mesh paths selected by particular APs to optimize performance.
BelAirOS User Guide Operating in High Capacity and Interference Environments • In the downstream direction (to the client), only ARP response, DHCP offer, DHCP ACK, and DHCP NAK are allowed. In HCI environments, this feature reduces the overall traffic load by reducing broadcast flooding throughout the network. For details, see “Filtering Broadcast and Multicast Packets” on page 141.
BelAirOS User Guide Client Authentication History Operating in High Capacity and Interference Environments This feature lets the operator display the details of the association and authentication process of the clients connected to the AP. In HCI environments, it can be used to troubleshoot client issues and determine how much success clients are having when attempting to access and use the network.
BelAirOS User Guide DHCP Relay Settings DHCP Relay Settings This chapter describes how to configure your AP’s DHCP Relay agent settings. You can configure up to five profiles for the DHCP Relay agent on your AP. Each profile specifies a subnet interface, which can be either the AP’s system interface or a VLAN. The DHCP server assigns an IP address to the client according to the subnet of this interface. Each profile also contains the IP addresses for up to three DHCP servers.
BelAirOS User Guide DHCP Relay Settings • Use show config relay all to display information for all DHCP Relay profiles only. • Use show config relay to display information on the specified DHCP Relay profile. • Use show config dhcp-allowed-subnet all to display all configured DHCP allowed subnet entries. • Use show config dhcp-allowed-subnet to display information on the specified DHCP allowed subnet entry.
BelAirOS User Guide Interface Administrative State Assigning SSID Traffic to Use DHCP Relay DHCP Relay Settings /protocol/dhcp/set relay admin-state {enabled|disabled} This command allows you to activate individual DHCP relay profiles. When enabled, the Relay Agent forwards the packets from the client to the DHCP servers specified in the profile.
BelAirOS User Guide DHCP Relay Settings Use the equivalent /interface/wifi--/del command to remove a subnet entry from an SSID. The /interface/wifi--/set command allows you to enable or disable DHCP address filtering on individual SSIDs. Use the /interface/wifi--/show ssid (ssid_index> config command to display whether DHCP address filtering is enabled for the SSID and the allowed subnets for the SSID.
BelAirOS User Guide DHCP Relay Settings DHCP relay messages sent: BOOTREPLY: DHCP Offer: DHCP ACK: DHCP NAK: 3 0 3 0 Example 2 /protocol/dhcp# show relay 1 pm fifteen-min all int Request: Discover 00 0 01 0 Decline 0 0 Inform 0 0 Release 0 0 Request 3 0 Reply: NAK 0 0 ACK 3 0 Offer 0 0 Example 3 /protocol/dhcp# show relay aggregate pm fifteen-min 0 DHCP relay aggregate PMs: Interval type: current 15 minute DHCP relay total dropped Pkt: Invalid DHCP Pkt: Invalid DHCP Relay: Interval number: 0
BelAirOS User Guide Network Address Translation Network Address Translation Network Address Translation (NAT) allows the AP to modify network address information in packet headers to remap a given address space into another. This technique can hide several private network IP addresses behind a single IP address in another public address space. The AP implements NAT IP masquerading, where the AP acts as a DHCP server to assign IP addresses in the private network starting from a specified base IP address.
BelAirOS User Guide Displaying the Operational Status Network Address Translation /protocol/nat/show status This command displays NAT operational status and settings. Example /protocol/nat# show status NAT admin state is DISABLED, oper state is NOT RUNNING Egress interface - eth-1-1 Dns1: undefined Dns2: undefined DHCP scopes: Num ===== 1 2 3 4 5 6 7 8 Displaying the Current DHCP Lease Status Status VLAN IP subnet Lease(min) Mgmt ======== ==== ============= ============ ==== enabled untg 192.168.5.
BelAirOS User Guide Network Address Translation Example /protocol/nat# show leases history IP address MAC address Lease & State =============== ================= ================================== 192.168.5.254 00:0d:67:10:e8:1a starts 2 2009/08/04 12:04:24 - State active 192.168.5.
BelAirOS User Guide Preventing AP Management from within the Scope Network Address Translation /protocol/nat/set scope management {enabled | disabled} This command lets you control whether clients within a particular scope can access the AP’s management interface. The default setting is disabled, meaning that the APs within that scope cannot access the management interface of the AP providing NAT.
BelAirOS User Guide Port Forwarding Network Address Translation /protocol/nat/add port-fwd protocol {tcp | udp} port dest-ip dest-port /protocol/nat/del port-fwd protocol {tcp | udp} port dest-ip dest-port These commands let you create a port forwarding table for TCP or UDP traffic.
BelAirOS User Guide Universal Access Method Universal Access Method The Universal Access Method (UAM) is key element of BelAir Networks’ Policy Enforcement Point (PEP) module. UAM is a simple authentication method where a user needs only a Web browser. When a user requests a URL, the request is checked against a series of white lists containing hosts, MAC addresses and protocols.
BelAirOS User Guide Universal Access Method Table 13: Attributes for UAM Client Access Policy Enforcement (Continued) RADIUS Attribute Value used if unspecified by RADIUS Maximum upstream client traffic Unlimited Termination time Unlimited As well, UAM can also provide accounting information, again depending on correct provisioning of the RADIUS server. The AP lets you configure up to eight UAM scopes.
BelAirOS User Guide Displaying the Current Configuration Universal Access Method /services/uam/show config [scope ] This command displays the current UAM configuration. Specifying a scope displays just that scope. Note: This command displays only the host, mac and protocol white list entries that you control through the add and del commands. (See “Managing White List Entries” on page 206.) This commands does not display the white list entries that the AP automatically tracks internally.
BelAirOS User Guide Universal Access Method ---------------------admin state: .................... Enabled mac authentication state:........ Enabled accounting state:................ Enabled authentication web server ip:.... secure2.worldspot.net resolved IP addresses: 69.64.50.37 authentication shared secret:.... Mm94XVjzug splash web server ip:............ resolved IP addresses: radius servers:.................. 2 radius nasid:.................... BelAirHotspot host-white-list: www.paypal.
BelAirOS User Guide Universal Access Method ---------------------ip address: .................... Mac address: ................... Scope: ......................... Vlan: .......................... Authenticated: ................. User Name: ..................... Redirect url: .................. User url: ...................... en-US/firefox/headlines.xml Bandwidth MaxUp: ............... Bandwidth MaxDown: ............. Max Input Octets: .............. Max Output Octets: ............. Max Total Octets: ....
BelAirOS User Guide Universal Access Method Both the splash-url and the auth-url (if specified) are automatically tracked internally as UAM host white list entries. The uam-interface parameter is used for communications between the wireless client and AP. You can set the uam-interface to be the AP’s system IP address, or a particular VLAN interface. The default is the system interface.
BelAirOS User Guide Universal Access Method Host entries can contain URLs or IP addresses. The host white list and the MAC address white list can have up to 10 entries. The protocol white list can be empty or contain ICMP only. In addition to the entries you control with these add and del commands, the AP has an internal white list that contains the DHCP, DNS and ARP protocols, and the URLs for the authentication server and the splash page (if specified).
BelAirOS User Guide Universal Access Method The success-redir parameter allows you to control the behavior of the AP if the RADIUS server authenticates the user and responds with a Redirection-URL as part of the WISPr Vendor Specific Attribute: • If success-redir is enabled and the RADIUS server provides a Redirection-URL, the client is redirected to the URL the first time it associates to the AP. Afterwards, the user has full access to the Internet.
BelAirOS User Guide Operating in WAN Mode Universal Access Method /services/uam/set scope wan-mode admin-state {enabled|disabled} [web-server-key ] UAM WAN mode is for special applications that use alternate communications between the AP, the Web server and the RADIUS authentication server. For additional details, contact your BelAir Networks representative.
BelAirOS User Guide Using Layer 2 Tunnels Using Layer 2 Tunnels Layer 2 tunnels use the Layer 2 Tunneling Protocol (L2TP), version 2, to provide the following benefits: • provide a bi-directional communication path between the AP and a central router. The path is unaffected by the size, topology and complexity of the Layer 2 and Layer 3 access network between them.
BelAirOS User Guide Using Layer 2 Tunnels The TEP strips off the encapsulation data to reveal the original Ethernet frame exactly as sent by the AP. The TEP delivers the Ethernet frame to a VLAN-aware Ethernet switch. The switch applies normal Ethernet forwarding rules to send it to a gateway router with one router port per subnet. The gateway router switches the Ethernet frame to the appropriate outgoing router port.
BelAirOS User Guide Using Layer 2 Tunnels • “Configuring Tunnel Advanced Parameters” on page 215 • “Enabling Backhaul Protection for Tunnels” on page 216 • “Bandwidth Limits” on page 216 • “Configuring Tunnels for the RedBack SmartEdge Router” on page 217 • “Configuring Tunnels for a Router using GRE” on page 219 • “Configuring Tunnels for PMIP Implementations” on page 220 • “Mapping User Traffic” on page 221 • “Configuring Authentication” on page 222 • “Configuring a Tunnel Group Name” on page 222 • “Rela
BelAirOS User Guide Using Layer 2 Tunnels 10 N/C Example 2 /protocol/te-syst# show status Upstream Downstream Upstream Downstream N Active Uptime Packets Packets Bytes Bytes Fragmented Reassembled == ======= ============= ========== ========== ========== ========== ========== =========== 1 Primary 0d 01:02:24 Brdcst Mltcst Up_Exc/Dn_Inv 0 0 0 0 1023 388 12 10980 0 229497 0 0 2 3 4 5 6 7 8 9 10 The output of the show status command shows: • which LNS is active at the moment – primary or backup •
BelAirOS User Guide Configuring Layer 2 Tunnels Using Layer 2 Tunnels /protocol/te-/set tunnel ip name [backup-ip [backup-name ]] [switch {non-revertive | revertive}] /protocol/te-/delete tunnel {all|} The set tunnel command creates a new tunnel to be terminated at the specified peer IP address, which is usually the network central router. You can create up to 10 tunnels to the same peer or to different peers.
BelAirOS User Guide Using Layer 2 Tunnels egress mode when the AP puts its own access traffic and that of many other APs into the tunnel. If the VLAN interface is not specified, the AP’s management IP address is used to identify the local tunnel end point. IP addresses may be manually configured or obtained by DHCP. If a VLAN interface is specified, it must be previously configured. Refer to “Layer 2 Network Configuration” on page 231.
BelAirOS User Guide Using Layer 2 Tunnels count and L2TP Hello retransmission maximum interval are reached. If none of the retransmitted Hello packets are answered, then the tunnel is considered unavailable. For additional details, refer to the L2TP specification. The PPP echo parameters are also used to determine tunnel availability. PPP echo packets are sent periodically with the interval specified by the PPP echo transmission interval.
BelAirOS User Guide Using Layer 2 Tunnels Example /protocol/te-syst# show limits N Us limit Ds limit == ========== ========== 1 2 3 4 5 6 7 8 9 10 Configuring Tunnels for the RedBack SmartEdge Router 0 0 /protocol/te-/set tunnel-l2vpn oam {enabled | disabled} {auto | ip label [backup-ip ] [backup-label ]} [switch {non-revertive | revertive}] /protocol/te-/set l2vpn autoconfig {ip | hostname } username password <
BelAirOS User Guide Using Layer 2 Tunnels tunnels. Use these parameters to manually configure a test environment or small deployments. The label and backup-label parameters specify the MPLS labels of the head end tunnel endpoint virtual circuit. Use these parameters to manually configure a test environment or small deployments. The switch parameter controls whether the use of a backup router is revertive or not.
BelAirOS User Guide Using Layer 2 Tunnels Use the l2vpn autoconfig renew command to trigger getting a new set of configuration parameters from the NetOp NSM configuration server. Use the set l2vpn advanced inactivity-timer command to specify how long to wait until declaring the L2VPN tunnel down. The parameter ranges from 10 to 1000 seconds. The default value is 60 seconds.
BelAirOS User Guide Using Layer 2 Tunnels least 60 seconds. The default value is 60 seconds. The heartbeat server uses the pseudo heartbeat packet to determine whether the tunnel’s operational state is up or down. The heartbeat server also uses the pseudo heartbeat packet to determine the AP’s tunnel configuration and corrects it if required. The optional port parameter specifies the TCP port to communicate with the heartbeat server. The default value is 4040.
BelAirOS User Guide Using Layer 2 Tunnels parameters (it must provide at least the client's IP address), the following logic is used by the AP: • The subnet mask is determined as corresponding to the IP class by IP address. For example, for IP address 67.100.125.10 subnet mask is 255.0.0.0. • The gateway is taken as first address within a specified subnet. For the previous example, the gateway address is 67.0.0.1.
BelAirOS User Guide Configuring Authentication Using Layer 2 Tunnels /protocol/te-/set tunnel [secret ] [ppp-name ] [ppp-password ] [backup-secret ] [backup-ppp-name ] [backup-ppp-password ] /protocol/te-/set tunnel authentication {enabled|disabled} The set secret command configures the parameters for L2TP authentication for a specified tunnel.
BelAirOS User Guide Using Layer 2 Tunnels • The none setting means that QOS information from the client data packet is not sent to upstream equipment. The default setting is none. Setting the Tunnel Down Alarm Threshold /protocol/te-/set alarm-threshold {disabled | enabled } Typically, a Tunnel Down alarm is generated when a tunnel fails to respond. However, if there are intermittent issues with the tunnel, it may take time to identify and correct the root cause.
BelAirOS User Guide Using Layer 2 Tunnels The output displays Unavailable Seconds statistics for that interval. The counter does not start incrementing until the tunnel has been unavailable for 60 seconds.
BelAirOS User Guide Quality of Service Settings Quality of Service Settings The AP includes Quality of Service (QoS) settings for the following functional areas: • traffic switching. See “System QoS” on page 225. • client to access point radio communications. See “Radio QoS” on page 228. System QoS BelAir Networks APs work in conjunction with one another to allow you to separate and prioritize traffic. Each AP can inspect incoming traffic and prioritize traffic into four priority queues.
BelAirOS User Guide Quality of Service Settings The prioritization commands (map and no map) described in this chapter apply strictly to the AP that you are currently logged on to. You must repeat them on each related AP. For example, when specifying that particular VLAN traffic has a particular priority, you must execute the associated commands on each possible AP in the path of that VLAN.
BelAirOS User Guide Quality of Service Settings and from 3018 to 4045. The queue_id parameter ranges from 0 to 3, as described in Table 14 on page 225. The none parameter removes the mapping of a VLAN ID to priority queue. Note: Settings made with this command have precedence over settings made with the set up-to-queue-mapping command. The show command displays a summary of the QoS settings that are based on VLAN IDs.
BelAirOS User Guide Quality of Service Settings No Vlan based Qos Configured! ----------------------------- Displaying the Prioritization Settings /qos/show user-priority-map The show user-priority-map command displays how User Priority bits are currently mapped to the priority queues.
BelAirOS User Guide Quality of Service Settings QOS: wmm: ....................... uapsd: ..................... mapping: ................... voice acm: ................. video acm: ................. Enabling or Disabling Wireless Multi-media Enabled Enabled UP/DSCP Disabled Disabled /interface/wifi--/set qos wmm {enable|disable} Wireless Multi-media is normally enabled. It allows the access point to communicate with a WMM enabled wireless client using WMM features.
BelAirOS User Guide Quality of Service Settings Table 16: UP and DSCP Value to Priority Queue Processing Unscheduled Automatic Power-save Delivery UP Value DSCP Value Target Priority Queue 6 192 (0xC0) 3 7 224 (0xE0) 3 /interface/wifi--/set qos uapsd {enable|disable} Unscheduled Automatic Power-save Delivery (UAPSD) extends the battery life of wireless clients and reduces radio transmission traffic. To enable UAPSD, you must first enable Wireless Multi-media (WMM) for the radio.
BelAirOS User Guide Layer 2 Network Configuration Layer 2 Network Configuration The AP acts as a transparent bridge and layer 2 switch without the need to configure any software features.
BelAirOS User Guide Layer 2 Network Configuration Loops can also occur accidentally or maliciously. For example, a technician may connect their laptop to the Ethernet port of an AP and also have a wireless link to an AP in the same network. If the laptop is configured to act as a bridge then it creates a loop in the network, and broadcast traffic quickly proliferates until the slowest link in the loop is saturated. This broadcast storm renders part—or all—of the network unusable.
BelAirOS User Guide Layer 2 Network Configuration Refer to your network plan for details. Use the command described in “RSTP Priority” on page 240 and “RSTP Version” on page 240 to specify the STP priority and the version of STP used by the AP. Configuring Other Spanning Tree Parameters Table 17 describes spanning tree parameters that you can configure in addition to the STP AP priority and path cost.
BelAirOS User Guide Layer 2 Network Configuration Table 17: Configurable Spanning Tree Timers and Associated Parameters Parameter Link Detection Count Default Value 3 Description Possible Range Represents the number Hello timer periods to wait before declaring the link is down 3 to the ratio of the Maximum Age timer to the Hello timer Note: BelAir Networks recommends that you do not change the RSTP parameter values in Table 17 from their default values.
BelAirOS User Guide Layer 2 Network Configuration Specifying the port keyword displays RSTP configuration settings for each physical interface and radio link. Use the parameter to specify a particular interface and radio link, as shown under the Name column of the /protocol/rstp/show config port all command.
BelAirOS User Guide 22 23 24 25 26 27 28 29 30 31 32 33 wifi-3-1-6 wifi-3-1-7 wifi-3-1-8 wifi-4-1-1 wifi-4-1-2 wifi-4-1-3 wifi-4-1-4 wifi-4-1-5 wifi-4-1-6 wifi-4-1-7 wifi-4-1-8 eth-5-1 128 128 128 128 128 128 128 128 128 128 128 128 Layer 2 Network Configuration 2000000 2000000 2000000 2000000 2000000 2000000 2000000 2000000 2000000 2000000 2000000 200000 False False False False False False False False False False False False False/False False/False False/False False/False False/False False/False False
BelAirOS User Guide Layer 2 Network Configuration In the resulting output when the port keyword is omitted, Root Cost reflects the AP's cost to root that it would advertise in its BPDUs sent out to designated or alternate ports. Specifying the port keyword displays per port RSTP topology information for each physical interface and radio link.
BelAirOS User Guide 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 wifi-2-1-5 wifi-2-1-6 wifi-2-1-7 wifi-2-1-8 wifi-3-1-1 wifi-3-1-2 wifi-3-1-3 wifi-3-1-4 wifi-3-1-5 wifi-3-1-6 wifi-3-1-7 wifi-3-1-8 wifi-4-1-1 wifi-4-1-2 wifi-4-1-3 wifi-4-1-4 wifi-4-1-5 wifi-4-1-6 wifi-4-1-7 wifi-4-1-8 eth-5-1 Layer 2 Network Configuration 00:00:00:00:00:00:00:00 00:00:00:00:00:00:00:00 00:00:00:00:00:00:00:00 00:00:00:00:00:00:00:00 60:00:00:23:34:b0:3e:80 00:00:00:00:00:00:00:00 00:00:00:00:00:00:00:00
BelAirOS User Guide Displaying RSTP Port Roles and States Layer 2 Network Configuration /protocol/rstp/show port roles [all] This command displays the roles and states of the RSTP ports. Specifying the all option displays all possible links for a specific interface. If the all option is omitted, then the command outputs data only for links with a status of UP.
BelAirOS User Guide 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 wifi-3-1-2 wifi-3-1-3 wifi-3-1-4 wifi-3-1-5 wifi-3-1-6 wifi-3-1-7 wifi-3-1-8 wifi-4-1-1 wifi-4-1-2 wifi-4-1-3 wifi-4-1-4 wifi-4-1-5 wifi-4-1-6 wifi-4-1-7 wifi-4-1-8 eth-1-1 eth-1-2 Layer 2 Network Configuration 10.5.1.14 10.5.1.
BelAirOS User Guide Layer 2 Network Configuration Note: BelAir Networks recommends that you do not change the RSTP parameter values from their default values. Experience has shown that the default values work well in a variety of networks.
BelAirOS User Guide RSTP Static Path Cost Layer 2 Network Configuration /protocol/rstp/set interface defaultcost <1 - 200000000> This command sets the static path cost in the pathcost field. This command is available only if dynamic path costs are disabled. Refer to “Dynamic Path Cost” on page 242. The parameter specifies a particular interface, such as wifi-2-1.
BelAirOS User Guide Layer 2 Network Configuration However, if the new link cost is only slightly different from the current link cost, then the current topology is maintained. As further protection against transient behaviour, the RSTP verifies that the new link cost is maintained for 30 minutes before it implements any potential topology changes. In all cases when a link is enabled or disabled, RSTP takes into account the new link costs as it creates a new topology.
BelAirOS User Guide RSTP Point-To-Point Status of an Interface Layer 2 Network Configuration /protocol/rstp/set interface p2p {forcetrue|forcefalse} This command indicates whether the interface can do RSTP point-to-point communications or not. RSTP point-to-point communications is special case where the interface can communicate with only one other RSTP enabled device, such as when only two APs are connected through a simple switch.
BelAirOS User Guide Layer 2 Network Configuration Specifying the port keyword displays per port RSTP statistics. The parameter specifies a particular interface and link. Example 1 /protocol/rstp# show stats RSTP Statistics -------------------Rstp UP Count : 1 Rstp DOWN Count : 0 Buffer Failure Count : 0 Memory Alloc Failure Count : 0 Count of Root Bridge Changes : 1 Stp Time since Topology change: 39 seconds Total No.
BelAirOS User Guide Performing a Software Upgrade Performing a Software Upgrade This section instructs you how to upgrade an AP by downloading a new software load from a remote server. The procedures in this section assume the following: • You have connected to the AP. • You have started a Command Line Interface (CLI) session and you have logged in as root. When you need to login again, such as after a reboot, use the root user account so you have access to all the required commands.
BelAirOS User Guide Performing a Software Upgrade Figure 17: Active and Standby Software Loads AP Active Software Load Pointer to software load for next restart A B Active Software Load Standby Software Load Under normal operating conditions, the contents of the two software load banks are identical. During a software upgrade, the new software load is copied into the standby bank at the time of the upgrade. A software upgrade consists of the following steps: 1 Ensure the current configuration is saved.
BelAirOS User Guide Performing a Software Upgrade Note: Any configuration changes that you make before you commit the new software load are lost if you back out of the upgrade. You can also use BelView NMS to manage how APs are upgraded. For details, refer to the BelView NMS User Guide and “Auto-upgrade” on page 253. CAUTION! Do not change or save the AP configuration while upgrading the system. CAUTION! It is always possible to downgrade a committed software load to an older release.
BelAirOS User Guide Canceling a Software Upgrade Performing a Software Upgrade /system/cancel upgrade This command stops the transfer of the new software load into the standby software load bank. If you reboot the AP, the software in the active software load bank is used. See Figure 18. To cancel the upgrade process: 1 Start another CLI session to the AP being upgraded and log in as in as root. 2 Issue the following command: /system/cancel upgrade 3 When requested, confirm your intent.
BelAirOS User Guide Verifying a Successful Download Performing a Software Upgrade Verify that the new software downloaded successfully with the following command: /system/show loads verify The verify option calculates and verifies the checksum. A bad checksum indicates an issue with the load. If there are any issues, perform the download again. Example /system# show loads verify Application BankA ----------------Sw Version: BA100 9.0.0.S.2009.01.05.16.
BelAirOS User Guide Verifying the New Software Load Performing a Software Upgrade BelAir Networks recommends that you fully verify the configuration and operation of an upgraded AP before you commit the new load. Use the following steps as guidelines. 1 Fully verify the AP’s configuration and operation. 2 If required, adjust any settings and save the new configuration. 3 Reboot the AP and verify that all changes take effect.
BelAirOS User Guide Performing a Software Upgrade The commit command copies the system software and the configuration database to the adjacent bank at the time of execution. However, changes to the active load’s configuration after the commit command is executed are not automatically stored in the standby bank. To keep both banks synchronized, you must use the commit command after every configuration change of the active load.
BelAirOS User Guide Performing a Software Upgrade If you have just upgraded the software, you must set the AP to reboot with the currently standby load.
BelAirOS User Guide Alarm and Event Reporting Alarm and Event Reporting The AP alarm and event reporting subsystem monitors both active alarms and alarm history. Active alarms are stored in system memory and are not persistent. The AP maintains the history of the last 10 000 reported alarms. The alarm history is persistent during normal operation.
BelAirOS User Guide Displaying Active Alarms Alarm and Event Reporting /system/show alarms [type {all|dcomm|eqpt|sw|qos|env|secu|sys}] [severity {all|critical|major|minor|warning|info}] This command allows you to display up to “n” active alarms, filtered by alarm type or alarm severity. If the alarm severity is to be specified, then the alarm type must also be specified, but can be specified as all if no filtering by type is desired.
BelAirOS User Guide Alarm and Event Reporting In the alarm history display: • The Id field indicates the log index number. • The Ignored field indicates whether or not a notification (through Syslog or through SNMP traps) was sent for this item. The parameter cannot be greater than 200. To display alarms that occurred previous to that, note the log index number of the last displayed alarm and re-issue the show alarm history command with the appropriate parameter.
BelAirOS User Guide Alarm and Event Reporting 1 2004-11-08 14:04:43 critical Set No brm3 dcom Link Down 0 2004-11-05 19:16:06 critical Set No brm1 dcom Link Down April 22, 2012 Confidential Document Number BDTM00000-A02 Draft Page 257 of 362
BelAirOS User Guide Using Syslog Using Syslog In addition to the alarm subsystem, the BelAir Networks APs can generate other event notifications.
BelAirOS User Guide Configuring the Syslog Server IP Address Using Syslog /syslog/logserver {enable [] |disable} This command sets the Syslog server IP address for remote logging. Only one server can be defined at a time. If a different IP address was configured before, this command closes the previous connection. Use the disable parameter to remove a Syslog server. Example /syslog# logserver enable 10.6.4.
BelAirOS User Guide Using Syslog Example /syslog# loglevel error In the preceding example, after the command is issued, the AP generates error, critical, alert and emerg messages.
BelAirOS User Guide Using Syslog Sample Output Jan 16 09:46:15 172.16.0.235 Intercept 00:21:6a:78:fb:a4 UDP start 192.168.5.254/1102 <---> 239.255.255.250/1900 rxBytes:0 txBytes:0 Jan 16 09:48:51 172.16.0.235 Intercept 00:21:6a:78:fb:a4 UDP end 192.168.5.254/1102 <---> 239.255.255.250/1900 rxBytes:0 txBytes:322 In the previous sample output: • 172.16.0.235 is the IP address of the BelAir Networks gateway. • 00:21:6a:78:fb:a4 is the wireless client’s MAC address. • UDP is the protocol in use.
BelAirOS User Guide Gathering Additional Troubleshooting Information Gathering Additional Troubleshooting Information This chapter shows you how to gather and display additional information that may be useful in resolving potential operational issues.
BelAirOS User Guide Gathering Additional Troubleshooting Information Example 1 /interface/wifi-1-2# show service-health-level-thresholds Threshold Type Good Threshold Marginal Threshold --------------------------------------------------------------------Noise Floor -90 -80 Access Tx Error Rate 10 25 Access Rx Error Rate 10 25 Access Rx Duplicate Error Rate 10 25 Access Low Modulation Rate 10 25 Mesh Link RSSI -75 -80 Mesh Link Tx Error Rate 10 25 Example 2 /interface/wifi-1-2# show service-health-levels H
BelAirOS User Guide Gathering Additional Troubleshooting Information your BelAir Networks representative to identify potential issues. Flight recorder and log files can be produced for all BelAir Networks cards. The flightrecorder, logs and commands parameters allows you to specify whether to send the card’s flight recorder information, log information, or a list of commands that were executed at that AP. The slot parameter allows you to specify a particular card.
BelAirOS User Guide Troubleshooting Wireless Client Connections Troubleshooting Wireless Client Connections This section provides troubleshooting methods for wireless client access issues. • “Troubleshooting Client Access” on page 265 • “Troubleshooting Client Association and DHCP” on page 267 • “Authentication History Log Messages” on page 268 See also “Wi-Fi Client Statistics” on page 144.
BelAirOS User Guide Troubleshooting Wireless Client Connections Figure 22: Troubleshooting Wireless Client Access 1 Are there any known outages? If not, go to step 2. AP B AP A 127.16.46.2 127.16.46.1 2 Determine the client’s location. Use the network map to identify the AP associated with the client. For example, Wireless Client 2.4 GHz 2.4 GHz AP A at 172.16.46.1. DRU DRU or or 3 Use Telnet to access the AP’s radio interface. Backhaul Link HTM HTM a If AP access succeeds, go to step 4.
BelAirOS User Guide Troubleshooting Client Association and DHCP Troubleshooting Wireless Client Connections The AP offers authentication history commands to help you troubleshoot client association or DHCP issues.
BelAirOS User Guide Troubleshooting Wireless Client Connections -------------------------------end---------------------------------- Authentication History Log Messages The following success or failure codes precede the displayed log messages: • , (red), indicating a failure • , (green), indicating a successful or complete association or authentication • , (blue), indicating a significant non-failure event, such as the beginning of authentication Information events do not display a preceding su
BelAirOS User Guide Troubleshooting Wireless Client Connections Table 19: DHCP State Descriptions (Continued) Normal Client Events DHCP State Description Offer The server sent a DHCP offer packet to the client. Request The client sent a DHCP request packet. Decline The server declined the requested IP from the client. Ack The server acknowledges the IP requested by the client. Nack The server sends a negative acknowledgement for the IP requested by the client.
BelAirOS User Guide Troubleshooting Wireless Client Connections “ENCRYPTION_TYPE” authentication complete EAP processing has completed successfully. The encryption type is one of dot1x, wpa, wpapsk, wpa2 or wpa2psk. Disassociation packet received The client has sent a disassociation or deauthentication packet to invoke a disconnection from the BelAir Networks authenticator. Received EAP identity: %s The authenticator has captured the client’s EAP identity during EAP authentication.
BelAirOS User Guide Troubleshooting Wireless Client Connections denied by ACL The client MAC address is not in the ACL. does not have proper WPA or RSN IE's in assoc req WPA IE does not match the advertised WPA IE RSN IE does not match the advertised RSN IE The information element in the association packet does not match the configured AP information element.
BelAirOS User Guide Troubleshooting Wireless Client Connections This applies only to WPA1 and WPA2. Received msg didn't contain same IE as in assoc req The EAP key contains an information element that should match the information element in the association request packet. This applies only to WPA1 and WPA2. EAP key descriptor doesn't match The EAP packet contains information about what encryption type to use. The client must supply the information so that it matches the AP encryption type.
BelAirOS User Guide Running Link Diagnostics Running Link Diagnostics This chapter describes tools to help you determine the relative health of your links. This chapter contains the following sections: • “Path Trace Tool” on page 273 • “Traffic Tool” on page 273 Path Trace Tool /diagnostics/trace path This command displays the number of hops between you and the supplied IP address. The trace path command only operates on BelAir Networks APs.
BelAirOS User Guide Running Link Diagnostics To perform multiple simultaneous link tests, each to a different destination IP address, use multiple CLI sessions with each session running its own link test. The rate-kbps parameter specifies amount of traffic to be run, in kbps.
BelAirOS User Guide Running Link Diagnostics ID. The session_id parameter identifies each session, The session_id parameter ranges from 1 to the maximum number of radios in the AP. Example 1 - Hop-by-hop diagnostics# test link IP 10.1.1.201 rate 1 hop-by-hop Trace path: PING 10.1.1.201 (10.1.1.201): 56 data bytes 64 bytes from 10.1.1.201: icmp_seq=0 ttl=64 time=22.3 ms 64 bytes from 10.1.1.201: icmp_seq=1 ttl=64 time=31.7 ms 64 bytes from 10.1.1.201: icmp_seq=2 ttl=64 time=36.6 ms --- 10.1.1.
BelAirOS User Guide Running Link Diagnostics hop 2: IP 10.1.1.201 Test Enb By End. scope 192.168.3.0 Test link between 10.1.1.100 and 10.1.1.201, for 10 sec at 1 mbps, update interval 1 sec using unidirectional TCP test: RX. (Default output in Kbit/s). Link test started: Time Sec Rx/Tx Kbit/s 1 858/0K 2 924/0K 3 946/0K 4 971/0K 5 976/0K 6 987/0K 7 988/0K 8 988/0K 9 992/0K 10 989/0K Example 3 /diagnostics# show status Traffic test status on this node: session 2 on IP scope 192.168.3.
BelAirOS User Guide Web Radio Troubleshooting Tools Web Radio Troubleshooting Tools The Web interface provides the following tools to display radio performance metrics: • a throughput meter • histogram display of various performance metrics These tools allow you to: • monitor your network in greater detail • identify APs that are approaching their maximum capacity so network improvements can be made • identify clients that are heavy users • identify channels that are approaching their maximum capacity, so
BelAirOS User Guide Web Radio Troubleshooting Tools Figure 23: Throughput Meter Sample Output Histogram This tool collects data from the radio and records it in a histogram table. See Figure 24 on page 279. Histogram Modes A histogram can be displayed for the following types of data, as specified by the Mode list: • Valid Packet Rx Host (rh) - displays a distribution of all valid incoming packets destined for the local AP.
BelAirOS User Guide Web Radio Troubleshooting Tools Figure 24: Histogram Sample Output Select Mode April 22, 2012 Zoom Confidential Document Number BDTM00000-A02 Draft Shift Page 279 of 362
BelAirOS User Guide AP LED Descriptions AP LED Descriptions This chapter contains the following sections describing the LEDs available for each AP: • “BelAir20” on page 280 • “BelAir100i WCS” on page 282 • “BelAir20E” on page 283 • “BelAir20EO” on page 285 • “BelAir100N and BelAir2100” on page 286 • “BelAir100SN and BelAir100SNE” on page 288 BelAir20 The BelAir20 includes four status LED indicators described in Figure 25 and Table 20 on page 281. Figure 25: LEDs Power 802.
BelAirOS User Guide AP LED Descriptions Table 20: LED Behavior LED Status Description RF-1 (802.11 a/n 5.8 GHz) Off No power to unit or unit cannot boot. Flashing Green 802.11 a/n is disabled. Green 802.11 a/n is enabled, backhaul is disabled. Flashing Blue 802.11 a/n is enabled, some backhaul links are down. Blue 802.11 a/n is enabled, all backhaul links are up. Off No power to unit or unit cannot boot. Flashing Green 802.11 b/g/n is disabled. Green 802.
BelAirOS User Guide AP LED Descriptions BelAir100i WCS The BelAir100i WCS includes four status LED indicators described in Figure 25 and Table 20 on page 281. Figure 26: LEDs Power 802.11 n Indicator 802.11 b/g/n Ethernet Link/ Indicator Activity Table 21: LED Behavior LED Status Description RF-1 (802.11 n 2.3 GHz) Off No power to unit or unit cannot boot. Flashing Green 802.11 n is disabled. Green 802.11 n is enabled, backhaul is disabled. Flashing Blue 802.
BelAirOS User Guide AP LED Descriptions Table 21: LED Behavior (Continued) LED Status Description LAN Off There is no connection on the LAN port. Blue Indicates a 1000 Mbps link. Green Indicates a 100 Mbps link. Orange Indicates a 10 Mbps link. Flashing Indicates activity. Off Indicates that there is no power to the unit. Flashing Red Indicates that a hardware fault has been detected. Red Indicates that there is a software error, system cannot boot.
BelAirOS User Guide AP LED Descriptions Figure 27: LEDs POWER 2.4G Power 802.11 b/g/n Indicator 5G INTERNET 802.11 a/n Indicator Ethernet Link/ Activity Table 22: LED Behavior LED Status Description POWER Off No power to the AP. Red Hardware fault, software error, or system cannot boot. Flashing Blue Configuration data is being downloaded or that AP is searching for a configuration server Blue AP is up and running. Off No power to AP or AP cannot boot.
BelAirOS User Guide BelAir20EO AP LED Descriptions The BelAir20EO includes four status LED indicators described in Figure 25 and Table 20 on page 281. Figure 28: LEDs INTERNET 5G Ethernet Link/ Activity 2.4G POWER 802.11 a/n 802.11 b/g/n Power Indicator Indicator Table 23: LED Behavior LED Status Description POWER Off No power to the AP. Red Hardware fault, software error, or system cannot boot.
BelAirOS User Guide AP LED Descriptions Table 23: LED Behavior (Continued) LED Status Description INTERNET Off No power to AP or AP cannot boot. Flashing Blue or Steady Blue WAN port has Ethernet connectivity. BelAir100N and BelAir2100 The unit has three external LEDs as described inTable 24. Table 24: LED Behavior - BelAir100N, BelAir100NE or BelAir2100 LED Name LED State Unit State Description Power Off Off No power to the unit. Check power cable connection and power source.
BelAirOS User Guide AP LED Descriptions Table 24: LED Behavior - BelAir100N, BelAir100NE or BelAir2100 LED Name LED State Radio or Mesh BelAir100N and BelAir2100 Power-up LED Sequence Unit State Description Off Hardware failure Hardware failure, no power to the unit or radio initialization Amber Not operational All of the P-to-P and P-to-MP links are down. Flashing Amber P-to-P and/or P-to-MP link failure One or more, but not all, of the P-to-P and/or P-to-MP links are down.
BelAirOS User Guide BelAir100SN and BelAir100SNE AP LED Descriptions The unit has three external LEDs as described inTable 26. Table 26: LED Behavior - BelAir100SNE and BelAir100SNE LED Power Colour State Description Off Off No power to the unit. Check power cable connection and power source. If the voltage is low, 45 VAC or less, check the cable connection between the AP and the power tap. You may need to use a solid 0.5-inch cable rather than a lossy 75-ohm cable.
BelAirOS User Guide AP LED Descriptions Table 26: LED Behavior - BelAir100SNE and BelAir100SNE (Continued) LED Cable Modem or Ethernet Colour State Description Off Not operational Cable Modem link is down. Flashing Blue Initialization Synchronizing with the Cable Modem Termination System (CMTS). May take up to 5 minutes.
BelAirOS User Guide AP LED Descriptions Table 26: LED Behavior - BelAir100SNE and BelAir100SNE (Continued) LED Radio or Mesh BelAir100SN and BelAir100SNE Power-up LED Sequence Colour State Description Off Hardware failure Hardware failure, no power to the unit or radio initialization Amber Not operational All of the P-to-P and P-to-MP links are down. Flashing Amber P-to-P and/or P-to-MP link failure One or more, but not all, of the P-to-P and/or P-to-MP links are down.
BelAirOS User Guide For More Information For More Information BelAir Networks documentation is modular and organized to be of best use to you during the logical process of setting up a network of BelAir devices. Use the documents as outlined in the following sections.
BelAirOS User Guide For More Information • upgrading the unit • saving and restoring the configuration • troubleshooting and in need of technical support • looking up system configuration details: —Alarms and events —System logs —Statistics April 22, 2012 Confidential Document Number BDTM00000-A02 Draft Page 292 of 362
BelAirOS User Guide Technical Support Technical Support This section provides direction should you have questions about your AP. Support Resources In general, BelAir Networks recommends that you do the following steps to seek the information you want: 1 Refer to the BelAirOS User Guide to see if it describes your situation. If it does, do the provided corrective actions.
BelAirOS User Guide Definitions and Acronyms Definitions and Acronyms ACL Access Control List AES Advanced Encryption System AP Access Point. A wireless LAN data transceiver that uses radio waves to provide connectivity services to a network Beacon A protocol packet that signals the availability and presence of a wireless device BID Bridge identifier used in spanning-tree calculations BPDU Bridge protocol data unit.
BelAirOS User Guide Definitions and Acronyms OUI Organizationally Unique Identifier (first 3 bytes of a MAC address) PVID Port VLAN identifier PDU Protocol Data Unit QoS Quality of Service RADIUS Remote Authentication Dial-In User Service.
BelAirOS User Guide AP Configuration Sheets Appendix A: AP Configuration Sheets You can use this sample worksheet to document the basic configuration of an AP. Store your worksheets in a secure location because they contain sensitive information (super-user password and privacy keys).
BelAirOS User Guide AP Configuration Sheets Wi-FI Access Point (AP) Settings (if configured) Interface: wifi-___-___ Channel: ________ Table 28: AP Privacy Setting Table (Optional) SSID (1 to 8) ACL Encryption and Authentication __________________ Y or N wep40 RADIUS or 5-byte pre-shared key: _______________________________________________ wep104 RADIUS or 13-byte pre-shared key: ______________________________________________ wpa encryption (TKIP or AES):____________________ RADIUS or 8 to 63-byte pr
BelAirOS User Guide AP Configuration Sheets Wi-Fi Backhaul Setting (if configured) Interface: wifi-___-___ Channel: ________ Link ID: _____________________ AES Privacy (Y or N):__________ Key (16 characters):_____________________________________ Topology (P-to-P, MP-to-MP mesh, P-to-MP star): ________________________________ P-to-MP star role (base-station or subscriber-station): ____________________________ P-to-MP star link index: ____________________________ April 22, 2012 Confidential Document Numbe
BelAirOS User Guide Mesh Auto-connection Example Appendix B: Mesh Auto-connection Example This example uses two meshes of BelAir20 APs to show how mesh auto-connection operates. Setup and Initial Conditions See Figure 29.
BelAirOS User Guide Mesh Auto-connection Example • The egress AP of each mesh must have its system egress point set to either yes direct or yes indirect. See “Setting the Network Egress Point” on page 72 for details. The following series of CLI commands show this for both meshes. AP122 (Child AP of Mesh A) Display the backhaul configuration. /interface/wifi-1-1# show config backhaul Slot: 1, Card Type: htm, revision: 1, Port: 1, Radio: HTMv1 5GHz 802.11n admin state: ................. Enabled channel: ...
BelAirOS User Guide Mesh Auto-connection Example Enable auto-connection and verify it. /services/auto-conn# set admin enabled /services/auto-conn# show config admin state: ................. Enabled /services/auto-conn# show status Oper State Ether Link State Egress Reachable ----------------------------------up down no Use Alternate Mesh ---------------no AP120 (Egress AP of Mesh A) Display the mesh topology.
BelAirOS User Guide Mesh Auto-connection Example Common: privacy: ................. mesh-min-rssi............. Stationary Backhaul: link admin state: ........ link id: ................. topology: ................ Mobile Backhaul: mobile admin state: ...... mobile link id: .......... mobile link role: ........ Protection Backhaul: protection admin state: .. Blacklist: No blacklist entries Link Failure Detection: ...... Backhaul T1 Bandwidth limit:..
BelAirOS User Guide Mesh Auto-connection Example Identify AP121 as an egress AP. /system# set system-egress-point yes direct /system# show system-egress-point egress point:................. direct Enable auto-connection and verify it. /services/auto-conn# set admin enable /services/auto-conn# show config admin state: .................
BelAirOS User Guide Mesh Auto-connection Example Figure 30: Auto-connection and Fault Conditions Mesh A Mesh B AP123 BelAir20 Child AP122 BelAir20 Child BA20MeshA Link ID BA20MeshB Link ID AP121 BelAir20 Egress AP120Bel Air20 Egress Ethernet Egress Connection Ethernet Egress Connection AP120 (Egress AP of Mesh A) Display the mesh topology.
BelAirOS User Guide Mesh Auto-connection Example Display the auto-connect topology. It shows that the Mesh A egress AP still operates normally. /services/auto-conn# show status Oper State Ether Link State -------------------up up Egress Reachable ---------------yes Use Alternate Mesh ---------------no AP122 (Child AP of Mesh A) Display the mesh topology.
BelAirOS User Guide Mesh Auto-connection Example mobile admin state: ...... mobile link id: .......... mobile link role: ........ Protection Backhaul: protection admin state: .. Blacklist: No blacklist entries Link Failure Detection: ...... Backhaul T1 Bandwidth limit:.. Disabled ss Disabled Disabled Disabled Display the mesh topology.
BelAirOS User Guide Mesh Auto-connection Example AP121 (Egress AP of Mesh B) Display the auto-connect topology after the Ethernet connection is re-established. /services/auto-conn# show status Oper State Ether Link State -------------------up up Egress Reachable ---------------yes Use Alternate Mesh ---------------no Display the AP’s links to neighboring mesh, even after the Ethernet connection is re-established.
BelAirOS User Guide Mesh Auto-connection Example Figure 31: Auto-connection after Recovery before Revert Mesh A Mesh B AP123 BelAir20 Child AP122 BelAir20 Child BA20MeshA Link ID BA20MeshB Link ID AP121 BelAir20 Egress AP120Bel Air20 Egress Ethernet Egress Connection Ethernet Egress Connection Display the mesh topology after the Ethernet connection is re-established on AP121 and after the auto-connection revert command is given.
BelAirOS User Guide Scripting Guidelines Appendix C: Scripting Guidelines This appendix provides guidance so you can create, manage and run scripts for BelAirOS™ platforms. General Scripting Guidelines This chapter introduces you to the concepts of creating and managing scripts for platforms that use the BelAirOS.
BelAirOS User Guide Scripting Guidelines then your script must include special declarations. For details, see “Including a Reboot Command in a Script” on page 316. Caution! Using the reboot command in an auto-configuration script without the correct declarations may cause the AP to enter a continuous reboot loop. • Test the final script to ensure all commands are valid, syntactically correct and appropriate for the installed hardware. To help debugging, redirect the output of the script to a file.
BelAirOS User Guide Scripting Guidelines • For FTPS, the default user name is the AP’s MAC address stripped of colons. The default password is AP’s MAC address stripped of colons, followed by @, followed by the AP IP address. For example, if the AP has 11:22:33:44:55:66 as a MAC address and 148.16.4.123 as an IP address, then the default user name is 112233445566 and the default password is 112233445566@148.16.4.123.
BelAirOS User Guide Specifying Physical Interfaces Scripting Guidelines If you want your script file to specify and control physical interfaces, such as wifi-1-1, then your script must contain the declarations described in the following sections: • “Physical Interface Declaration Summary” on page 312 • “Physical Interface Declaration Specifications” on page 312 As well, this chapter contains examples of the setup, contents and results of a typical script.
BelAirOS User Guide Scripting Guidelines specifies the AP’s assembly code. This part of the declaration is optional. If provided, it must match at least part of the text in the Assembly code field output by the /system/show phyinv command. must start with BelAir or BA. See also “Common AP Assembly Codes” on page 319. specifies the type of physical interface. This part of the declaration is mandatory. It must be one of wifi, wimax, pwe, eth or opt.
BelAirOS User Guide Scripting Guidelines Physical Inventory Table Slot Card type Version 1 LPM 2.2.8 2 BRM 3.2.1 3 BRM 3.2.1 Physical Interface Table Name Type wifi-1-1 Wifi 802.11 eth-1-1 Ethernet wifi-2-1 Wifi 802.11 wifi-3-1 Wifi 802.11 Physical Interface Script Example - Script Serial number K002092633 K001362023 A000003408 Slot 1 1 2 3 Assembly code B2CH082AA-B B08 B2CC033AA-B B01 B2CC033AA-B B01 Card type LPM LPM BRM BRM Description LPMv2 4.9GHz 802.
BelAirOS User Guide Scripting Guidelines Interface stop /# Interface int-wifi-4.9GHz-1 ---> /interface/wifi-1-1/ start /# /interface/wifi-1-1/set channel 10 /# /interface/wifi-1-1/set admin-state disabled /# /interface/wifi-1-1/show config Slot: 1, Card Type: lpm, revision: 2, Port: 1, Radio: LPMv2 4.9GHz 802.11a admin state: ................. Disabled frequency band: .............. 4900MHz SchemeA channel: ..................... 10 tx power: .................. 20.0 (dBm) bandwidth: ................. 10.
BelAirOS User Guide Scripting Guidelines Interface stop /# Interface int-BELAIR100T_20-wifi-5GHz-1 ---> /interface/wifi-2-1/ start /# /interface/wifi-2-1/show config Slot: 2, Card Type: brm, revision: 3, Port: 1, Radio: BRMv3 5GHz 802.11a admin state: ................. Enabled channel: ..................... 155 tx power: .................. 20.0 (dBm) tx-power-optimize: ......... Disabled antenna gain: ................ 10.5 (dBi) link distance: ............... 1 (km) base radio MAC : .............
BelAirOS User Guide Reboot Declaration Summary Scripting Guidelines Table 29 summarizes the declarations required in your script if it needs to include a reboot command. Table 30: Script Declaration Summary for Reboot Command Script Declaration Description check-db-change-start Verifies and records whether the following commands change the AP’s settings. For details, see “Reboot Declaration Specification” on page 317 check-db-change-stop Stops verifying whether commands change the AP’s settings.
BelAirOS User Guide Scripting Guidelines • int-db-change-start. This declaration is used with the previous check-db-change declarations. The int-db-change-start declaration instructs the AP to execute the commands that follow if the AP’s settings have changed. Typically, your script uses the declarations in the following sequence: 1 Use valid CLI commands and physical interface declarations as required. 2 Use the config-save command to save the changes to this point to the AP’s database.
BelAirOS User Guide Scripting Guidelines show config int-stop int-wifi-5GHz-1 set channel 155 set backhaul admin-state disabled show config config-save int-BELAIR-20 check-db-change-start /protocol/nat/set scope 1 dhcp-server vlan 401 based-ip 45.89.233.
BelAirOS User Guide Scripting Guidelines Table 31: Common AP Assembly Codes (Continued) April 22, 2012 AP Assembly Code BelAir100T-12 BELAIR100T_12 BelAir100T-21 BELAIR100T_21 BelAir100T-12R BELAIR100T_12R BelAir100T-21R BELAIR100T_21R BelAir100S-10 BELAIR100S_10 BelAir100S-11 BELAIR100S_11 BelAir100N-10 BA100N-10 BelAir100N-11 BA100N-11 BelAir100N-10R BA100N-10R BelAir100N-11R BA100N-11R BelAir100SN-10 BA100SN-10 BelAir100SN-11 BA100SN-11 BelAir100SN-10R BA100SN-10R BelAir100
BelAirOS User Guide Common Radio Card Descriptions Scripting Guidelines This section lists the most common card descriptions for radios so you can specify a physical interface in a script. Additional card descriptions are possible. For details contact your BelAir Networks representative. Table 32: Common Radio Card Descriptions Card Description ARMv3 ARMv3 2.4GHz 802.11b/g BRMv3 BRMv3 5GHz 802.11a BRMv4 BRMv4 5GHz 802.11a ERMv1 ERMv1 5GHz Multiband 802.11a ERMv2 ERMv2 5GHz 802.
BelAirOS User Guide Scripting Guidelines Table 32: Common Radio Card Descriptions (Continued) Card Description Notes DRUv4 DRUv4 5GHz 802.11n 5-GHz radio DRUv4 2.4GHz 802.11n 2.4-GHz radio DRUv5 5GHz 802.11n 5-GHz radio DRUv5 2.4GHz 802.11n 2.4-GHz radio DRUEv1 5GHz 802.11n 5-GHz radio DRUEv1 2.4GHz 802.11n 2.
BelAirOS User Guide Scripting Guidelines set rts-cts 2347 set backhaul admin-state disabled set admin-state enabled int-stop int-wifi-5Ghz 802.
BelAirOS User Guide Scripting Guidelines set ssid 1 group-address-filter ipv4 set ssid 1 secure-port disabled set ssid 1 admin-state enabled set ssid 2 service-set-identifier ultrawifi broadcast vlan 200 set ssid 2 wireless-bridge disabled set ssid 2 privacy none set ssid 2 group-address-filter ipv4 set ssid 2 secure-port disabled set ssid 2 admin-state enabled set ssid 3 service-set-identifier maxwifi broadcast vlan 245 set ssid 3 wireless-bridge disabled set ssid 3 privacy none set ssid 3 group-address-
BelAirOS User Guide Alarm and Event Definitions Appendix D: Alarm and Event Definitions Table 33 describes the alarms and events that are displayed by the user interface. Table 33: User Interface Alarms Id Alarm Description 1 Text: Temperature above high temperature threshold Trigger condition: Internal temperature is above 85 degree C. Severity: Major Trap OID Name: belairSysTemperatureChange Trap OID Numeric: 1.3.6.1.4.1.15768.3.1.2.0.
BelAirOS User Guide Alarm and Event Definitions Table 33: User Interface Alarms (Continued) April 22, 2012 Id Alarm Description 6 Text: SNTP server not available Trigger condition: System has lost contact with the SNTP server. Severity: Minor Trap OID Name: belairSntpOperStatusChange Trap OID Numeric: 1.3.6.1.4.1.15768.3.1.2.0.1 MIB Module: BELAIR-SYSTEM 7 Text: Software download in progress Trigger condition: User entered the upgrade command to start software upgrade.
BelAirOS User Guide Alarm and Event Definitions Table 33: User Interface Alarms (Continued) April 22, 2012 Id Alarm Description 15 Text: Link Down Trigger condition: Lost backhaul link connectivity. Severity: Critical Trap OID Name: linkDown/linkUp Trap OID Numeric: 1.3.6.1.6.3.1.1.5.3/4 MIB Module: IF-MIB 20 Text: Battery active. Main power failure. Trigger condition: Lost main power and switched to battery operation.
BelAirOS User Guide Alarm and Event Definitions Table 33: User Interface Alarms (Continued) Id Alarm Description 22 Text: Battery charging, voltage low. Trigger condition: Low battery voltage detected while main power is still active. For BelAir200, alarm is set when battery voltage is less than 11.0 V. Clears when voltage is greater than 11.3 V. For all other platforms, alarm is set when battery voltage is less than 7.65 V. Clears when voltage is greater or equal to 7.75 V.
BelAirOS User Guide Alarm and Event Definitions Table 33: User Interface Alarms (Continued) Id Alarm Description 24 Text: Battery charging, voltage critically low. Trigger condition: Battery voltage has dropped below critical level while main power is still active. For BelAir200, alarm is set when battery voltage is less than 10.6 V. Clears when voltage is greater than 10.9 V. For all other platforms, alarm is set when battery voltage is less than 7.55 V. Clears when voltage is greater or equal to 7.
BelAirOS User Guide Alarm and Event Definitions Table 33: User Interface Alarms (Continued) April 22, 2012 Id Alarm Description 26 Text: Radar detected on channel X Trigger condition: Radar detected. Severity: Warning Trap OID Name: belairGenericInterfaceTrap Trap OID Numeric: 1.3.6.1.4.1.15768.3.1.2.0.
BelAirOS User Guide Alarm and Event Definitions Table 33: User Interface Alarms (Continued) Id Alarm Description 49 Text: Manual reboot. Trigger condition: User entered card reboot command (instead of an AP reboot command). Severity: Info Trap OID Name: belairCardStatusChange Trap OID Numeric: 1.3.6.1.4.1.15768.3.1.2.0.7 MIB Module: BELAIR-SYSTEM 50 Text: Admin down. Trigger condition: User has set card to admin down state. Severity: Info Trap OID Name: belairCardStatusChange Trap OID Numeric: 1.3.6.
BelAirOS User Guide Alarm and Event Definitions Table 33: User Interface Alarms (Continued) April 22, 2012 Id Alarm Description 53 Text: Link down. Trigger condition: One of the links in the point-to-point topology has lost connectivity. Severity: Critical Trap OID Name: linkDown/linkUp Trap OID Numeric: 1.3.6.1.6.3.1.1.5.
BelAirOS User Guide Alarm and Event Definitions Table 33: User Interface Alarms (Continued) April 22, 2012 Id Alarm Description 62 Text: Tunnel X - Main becomes active Trigger condition: Main tunnel active Severity: Info Trap OID Name: baTunnelStatusChange Trap OID Numeric: 1.3.6.1.4.1.15768.5.1.2.0.1 MIB Module: BELAIR-TUNNEL 63 Text: Tunnel X - Backup becomes active Trigger condition: Backup tunnel is active Severity: Info Trap OID Name: baTunnelStatusChange Trap OID Numeric: 1.3.6.1.4.1.15768.5.
BelAirOS User Guide Alarm and Event Definitions Table 33: User Interface Alarms (Continued) April 22, 2012 Id Alarm Description 72 Text: Use alternate mesh link to reach egress AP Trigger condition: An alternate mesh link was used to reach the egress AP Severity: Major Trap OID Name: N/A Trap OID Numeric: N/A MIB Module: N/A 82 Text: PLL Lock Detect Failed Trigger condition: PLL Lock Detect Failed Severity: Critical Trap OID Name: belairGenericInterfaceTrap Trap OID Numeric: 1.3.6.1.4.1.15768.3.1.2.
BelAirOS User Guide Alarm and Event Definitions Table 33: User Interface Alarms (Continued) April 22, 2012 Id Alarm Description 85 Text: No secondary link available Trigger condition: No secondary link is available Severity: Major Trap OID Name: noSecondaryLinkAvailable Trap OID Numeric: 1.3.6.1.4.1.15768.6.6.2.0.
BelAirOS User Guide Alarm and Event Definitions Table 33: User Interface Alarms (Continued) April 22, 2012 Id Alarm Description 90 Text: Cable modem IP address changed Trigger condition: Cable modem configuration change Severity: Info Trap OID Name: belairCmIpAddressChange Trap OID Numeric: 1.3.6.1.4.1.15768.6.4.2.0.1 MIB Module: BE BELAIR-CABLE-MODEM 91 Text: Secure MAC [AA:BB:CC:DD:EE:FF] spoof Trigger condition: The AP has detected a secure MAC address spoof attack.
BelAirOS User Guide Alarm and Event Definitions Table 33: User Interface Alarms (Continued) April 22, 2012 Id Alarm Description 98 Text: Authentication fail: IP_ADDRESS [detail] Trigger condition: Authentication failure when user logs in through CLI or Web interface. Severity: Info Trap OID Name: belairAuthenticationFailure Trap OID Numeric: 1.3.6.1.4.1.15768.3.1.2.0.
BelAirOS User Guide Alarm and Event Definitions Table 33: User Interface Alarms (Continued) April 22, 2012 Id Alarm Description 105 Text: Mobile link down, link x peer 00:0d:67:12:34:56 Trigger condition: When link status for a mobile link changes Severity: Info Trap OID Name: linkDown/linkUp Trap OID Numeric: 1.3.6.1.6.3.1.1.5.3/1.3.6.1.6.3.1.1.5.
BelAirOS User Guide Resetting to Factory Defaults Appendix E: Resetting to Factory Defaults You can reset the configuration of an AP to the factory default settings by using a CLI command. For the BelAir20, BelAir100i WCS and the BelAir20E, you can also press a reset button on the AP. Typically, you would reset to factory defaults only when all other methods of changing the AP’s configuration have failed. The reset button is used when there is no way of communicating to the AP.
BelAirOS User Guide BelAir20, BelAir100i WCS and BelAir20E Resetting to Factory Defaults To reset the AP configuration to factory defaults, do the following steps: 1 Access the AP rear panel. You may need to detach it from its mounting bracket. 2 With a pen tip or paperclip, gently press the AP’s reset button for more than 15 seconds. Refer to Figure 32 and Figure 33.
BelAirOS User Guide Resetting to Factory Defaults —For the BelAir100SN, see Figure 35 on page 342. —For the BelAir100SNE, see Figure 36 on page 343. —For the BelAir2100, see Figure 37 on page 344.
BelAirOS User Guide Resetting to Factory Defaults Figure 35: BelAir100SN Connector Field Power Status LED Reset Cover Screw April 22, 2012 Confidential Document Number BDTM00000-A02 Draft Page 342 of 362
BelAirOS User Guide Resetting to Factory Defaults Figure 36: BelAir100SNE Connector Field Reset Cover Screw April 22, 2012 Confidential Document Number BDTM00000-A02 Draft Page 343 of 362
BelAirOS User Guide Resetting to Factory Defaults Figure 37: BelAir2100 Connector Field Status LEDs for BTS card Status LEDs for DRUE card Reset Cover Screw 2 Carefully remove the Reset Cover Screw with its gasket and place it in a secure location. 3 With a pen tip or paperclip, gently press the AP’s reset button for more than 5 seconds. The reset button is located in the hole exposed by removing the Reset Cover Screw. Refer to Figure 34 on page 341 to Figure 37 on page 344.
BelAirOS User Guide Detailed Table of Contents Detailed Table of Contents About This Document . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Typographical Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4 Related Documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4 System Overview of BelAir Networks APs . . . . . . . . . . . . . . . . . . 5 BelAir20 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
BelAirOS User Guide Detailed Table of Contents Additional Troubleshooting Tools . . . . . . . . . . . . . . . . . . . . . .26 Command Line Interface Basics . . . . . . . . . . . . . . . . . . . . . . . . . . 27 Connecting to the AP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .27 Starting a CLI Session . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .28 Command Modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
BelAirOS User Guide Detailed Table of Contents Communities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .44 Traps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .45 Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .45 Notifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .46 Authentication Traps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
BelAirOS User Guide Detailed Table of Contents Configuring IP Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .62 Configuring Dynamic IP Addressing . . . . . . . . . . . . . . . . . . . . .62 Renewing the IP Address . . . . . . . . . . . . . . . . . . . . . . . . . . . . .63 Auto-IP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .63 Setting a Static IP Address and Subnet Mask . . . . . . . . . . . . . .64 Static IP Routes . . . . . . . . . .
BelAirOS User Guide Detailed Table of Contents DHCP Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .78 Pre-requisites . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .80 Configuring and Using DHCP Options . . . . . . . . . . . . . . . . . .80 Accepting Specific DHCP Parameters . . . . . . . . . . . . . . . . . . .80 DNS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
BelAirOS User Guide Detailed Table of Contents Rebooting the Cable Modem . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .99 Cable Modem Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .99 Cable Modem Performance Monitoring Statistics . . . . . . . . . . . . . . .100 Wi-Fi Radio Configuration Overview . . . . . . . . . . . . . . . . . . . . 101 Available Wi-Fi Radios . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
BelAirOS User Guide Detailed Table of Contents Displaying Associated Wireless Clients . . . . . . . . . . . . . . . . . . . . . . .126 Displaying Wireless Client Details . . . . . . . . . . . . . . . . . . . . . . . . . . .128 Disconnecting a Wireless Client . . . . . . . . . . . . . . . . . . . . . . . . . . . .128 Wireless Client Load Balancing . . . . . . . . . . . . . . . . . . . . . . . . . . . . .129 Configuring RTS-CTS Handshaking . . . . . . . . . . . . . . . . . . . . . . . . . .
BelAirOS User Guide Detailed Table of Contents RADIUS Accounting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .153 Client Authentication and De-authentication Trap . . . . . . . . . . . . . .153 AP Privacy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .153 Wireless Client Blacklist . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .155 Wireless Client Access Control List . . . . . . . . . . . . . . . . . . . . . . . . .
BelAirOS User Guide Detailed Table of Contents Sample Subscriber Station Configuration . . . . . . . . . . . . . . . . . . . . .174 Sample Base Station Configuration . . . . . . . . . . . . . . . . . . . . . . . . . .176 Mobile Backhaul Point-to-point Commands . . . . . . . . . . . . . . . . . . .178 Displaying Mobile Backhaul Point-to-point Configuration . .178 Displaying Link Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .178 Displaying Scan Results . . . . . . . . . . . . . . . . .
BelAirOS User Guide Detailed Table of Contents Client Load Balancing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .189 Client Authentication History . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .190 Automatic Mesh Connect . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .190 Traffic Test Tool . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .190 DHCP Relay Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . .
BelAirOS User Guide Detailed Table of Contents Performing MAC Address Authentication . . . . . . . . . . . . . . . . . . . . .207 Collecting Accounting Information . . . . . . . . . . . . . . . . . . . . . . . . . .208 Operating in WAN Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .209 Changing UAM Admin State . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .209 Using Layer 2 Tunnels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
BelAirOS User Guide Detailed Table of Contents Enabling or Disabling Wireless Multi-media . . . . . . . . . . . . .229 QoS Mapping Scheme . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .229 Unscheduled Automatic Power-save Delivery . . . . . . . . . . .230 Layer 2 Network Configuration. . . . . . . . . . . . . . . . . . . . . . . . . 231 Spanning Tree Protocol Overview . . . . . . . . . . . . . . . . . . . . . . . . . . .231 Configuring Spanning Tree Priority . . . . . . . . . . . . . . . . .
BelAirOS User Guide Detailed Table of Contents Displaying the Status of the Software Upgrade . . . . . . . . . . . . . . . . .253 Clearing the Upgrade Failure Alarm . . . . . . . . . . . . . . . . . . . . . . . . .253 Auto-upgrade . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .253 Alarm and Event Reporting . . . . . . . . . . . . . . . . . . . . . . . . . . . . 254 Alarm Types and Severity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
BelAirOS User Guide Detailed Table of Contents Path Trace Tool . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .273 Traffic Tool . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .273 Web Radio Troubleshooting Tools . . . . . . . . . . . . . . . . . . . . . . 277 Tool Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .277 Throughput Meter . . . . . . . . . . . . . . . . . . . . . . . . . .
BelAirOS User Guide Detailed Table of Contents Recovery Conditions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .306 Appendix C: Scripting Guidelines . . . . . . . . . . . . . . . . . . . . . . . . 309 General Scripting Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .309 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .309 Creating a BelAirOS Script . . . . . . . . . . . . . . . . . . . . . . . . . .
BelAirOS User Guide Detailed Table of Contents Figure 2: BelAir100i WCS Hardware Module Block Diagram . . . . . . . . . . . . . .8 Figure 3: BelAir20E Hardware Module Block Diagram . . . . . . . . . . . . . . . . . .10 Figure 4: BelAir20EO Hardware Module Block Diagram. . . . . . . . . . . . . . . . .12 Figure 5: BelAir100N Hardware Module Block Diagram . . . . . . . . . . . . . . . . .14 Figure 6: BelAir100SN Hardware Module Block Diagram . . . . . . . . . . . . . . . .
BelAirOS User Guide Detailed Table of Contents List of Tables Table 1: Product Name Synonyms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4 Table 2: BelAir20 Antenna Connectivity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7 Table 3: Standard SNMP MIBs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .22 Table 4: BelAir Networks Enterprise MIBs . . . . . . . . . . . . . . . . . . . . . . . . . . .23 Table 5: Super-user commands . . . . . . . .
BelAirOS User Guide BelAir Networks Inc. 603 March Road Kanata, Ontario Canada K2K 2M5 General Information info@belairnetworks.com Sales sales@belairnetworks.com Visit us on the web at: www.belairnetworks.com Technical Support techsupport@belairnetworks.