OLT2406 2U Temperature-Hardened, 6-slot Mini Chassis GPON OLT Version 4.00 Edition 2, 4/2015 Quick Start Guide User’s Guide Default Login Details IP Address 192.168.0.1 (Out-of-band MGMT port) 192.168.1.1 (In-band ports) User Name www.zyxel.
IMPORTANT! READ CAREFULLY BEFORE USE. KEEP THIS GUIDE FOR FUTURE REFERENCE. Screenshots and graphics in this book may differ slightly from your product due to differences in your product firmware or your computer operating system. Every effort has been made to ensure that the information in this manual is accurate.
Contents Overview Contents Overview Introduction and Hardware ...............................................................................................................17 System Introduction ................................................................................................................................19 Hardware Installation ..............................................................................................................................29 Maintenance .....................
Contents Overview ARP Table .............................................................................................................................................253 Routing Table ........................................................................................................................................255 Running Configuration ..........................................................................................................................257 Remote ONT .........................
Table of Contents Table of Contents Contents Overview ..............................................................................................................................3 Table of Contents .................................................................................................................................5 Part I: Introduction and Hardware.................................................................. 17 Chapter 1 System Introduction ..............................................
Table of Contents Chapter 3 Maintenance ........................................................................................................................................41 3.1 Fan Maintenance ..............................................................................................................................41 3.1.1 Procedure to Remove and Install the Fan Module ..................................................................41 3.2 Power Maintenance .......................................
Table of Contents 6.2 ONT Subscriber Port Provisioning Example .....................................................................................59 6.3 MDU Subscriber Port Provisioning Example .....................................................................................65 Chapter 7 Basic Settings ....................................................................................................................................67 7.1 System Name Command ..........................................
Table of Contents 9.9 Port VLAN Trunking .........................................................................................................................95 9.9.1 VLAN Trunking Setup Commands Example ............................................................................96 9.10 Subnet Based VLANs ....................................................................................................................96 9.11 Subnet Based VLAN Commands .................................................
Table of Contents Chapter 15 Broadcast Storm Control .................................................................................................................123 15.1 Broadcast Storm Control Commands ...........................................................................................123 15.2 Broadcast Storm Control Examples ..............................................................................................123 Chapter 16 Mirroring ..................................................
Table of Contents Chapter 21 Policy Rule .......................................................................................................................................147 21.1 Policy Rules Overview .................................................................................................................147 21.2 Policy Commands .........................................................................................................................147 21.3 Policy Command Examples ............
Table of Contents 24.1.3 IGMP Snooping ..................................................................................................................167 24.2 Multicast Status ............................................................................................................................168 24.3 Multicast Commands ....................................................................................................................168 24.4 IGMP Snooping VLAN Commands ...........................
Table of Contents 27.2 Loopguard Commands ..................................................................................................................209 27.3 Loopguard Command Examples ...................................................................................................209 Chapter 28 Static Route ....................................................................................................................................... 211 28.1 Static Route Commands ........................
Table of Contents 32.4 SNMP Command Examples .........................................................................................................235 32.5 Setting Up Login Accounts ..........................................................................................................235 32.6 Login Account Commands ............................................................................................................236 32.7 Login Account Command Examples ........................................
Table of Contents Chapter 38 Running Configuration.....................................................................................................................257 38.1 OLT Configuration File ..................................................................................................................257 38.2 Running Configuration Commands ...............................................................................................257 38.3 Running Configuration Command Examples ...............
Table of Contents 42.3 PPPoE IA Configuration ................................................................................................................288 42.3.1 Activating PPPoE IA ............................................................................................................288 42.3.2 PPPoE IA Access Loop Identification Settings ....................................................................289 Chapter 43 IP and MAC Anti-spoofing .................................................
Table of Contents 16 OLT2406 User’s Guide
P ART I Introduction and Hardware 17
C HAPT ER 1 System Introduction 1.1 System Description The chassis-based OLT2406 (Optical Line Terminal) connects and manages the end to end GPON (Gigabit Passive Optical Network) solution for delivering broadband data, high-quality voice, and IP television services. The OLT provides: • Fiber to the building (FTTB) or neighborhood (FTTN) connections for chassis-based Multi-Dwelling Units (MDUs). • Fiber to the curb (FTTC) connections for standalone VDSL Outside Plant (OSP) MDUs.
Chapter 1 System Introduction 1.2 Front Panel The following figure shows the OLT chassis with the fan module, two management switching cards, two power modules, and four line cards installed. Figure 2 OLT Front Panel The following table describes the OLT slots, cards, and modules. Table 1 Slots and Cards SLOTS 1~2 3~6 SLOT TYPE MODULE OR CARD NAME DESCRIPTION Fan module OFC2406 Controls and monitors the fans.
Chapter 1 System Introduction Table 2 Management Switching Card LED Descriptions LED COLOR STATUS DESCRIPTION SFP 1 ~ 2 LINK Green On A 1 Gbps Ethernet link is up. Off The Ethernet link is down. SFP 3 ~ 6 LINK Green On A 10 Gbps or 1 Gbps Ethernet link is up. Off The Ethernet link is down. SFP ACT Green Blinking The slot is transmitting or receiving Ethernet traffic. Off The connection is idle. Blinking The port is transmitting/receiving to/from a 100 Mbps Ethernet network.
Chapter 1 System Introduction 1.3.2 Uplink and Subtending Slots The management switching card has 4 slots compliant with IEEE 802.3ae for Enhanced Small Formfactor Pluggable (SFP+) transceivers (10 Gigabit Ethernet or 1 Gigabit Ethernet) for backbone or subtending connections. It also has 2 SFP slots for backbone or subtending connections. Transceivers are not included. See Section 1.3.5 on page 23 for specifications of the supported optical transceivers. See Section 2.
Chapter 1 System Introduction Table 4 Management Switching Card Supported Transceivers SPEED MODEL DESCRIPTION Gigabit (with DDMI) SFP-BXA-20DS-ZZ01V1F GbE SFP BX 20 km (21872 yd) Bidirectional Type-A 1310~1550 Tx, DDMI version SFP-BXB-20DS-ZZ01V1F GbE SFP BX 20 km (21872 yd) Bidirectional Type-B 1550~1310 Tx, DDMI version SFP-BXC-20DS-ZZ01V1F GbE SFP BX 20 km (21872 yd) Bidirectional Type-C 1310~1490 Tx, DDMI version SFP-BXD-20DS-ZZ01V1F GbE SFP BX 20 km (21872 yd) Bidirectional Type-D 1490~13
Chapter 1 System Introduction Figure 4 Alarm Module and ALARM Connector Pin Layout 6 11 1 15 5 10 A closed circuit on the ALARM input pins indicates an alarm. • Pins 14 and 15 are alarm input one. • Pins 5 and 10 are alarm input two. • Pins 9 and 5 are alarm input three. • Pins 13 and 14 are alarm input four. The ALM2406 signals an alarm when it detects an alarm on the ALARM input pins, the OLT is overheated, the voltage readings are outside the tolerance levels a fan fails or another alarm occurs.
Chapter 1 System Introduction Table 6 GPON Line Card LED Descriptions LED COLOR STATUS DESCRIPTION ALM Red On The line card has a critical alarm. Off The line card is operating normally. On The PON link is up. Off There is no PON link. 1~4 (LINK) Green 1.5.1 GPON Line Card Connectors The GPON line card has SFP MSA compliant connectors that support Class A+, Class B+ or Class C+ GPON transceivers.
Chapter 1 System Introduction Figure 6 Power Module Front Panel This table describes the LEDs on the power module front panel. Table 9 Power Module LED Descriptions LED COLOR STATUS DESCRIPTION ALM Red On The power module is not working normally. Off The power module is working normally. On The power module is turned on. Off The power module is turned off or has failed. PWR Green See Section 46.1 on page 315 for power module specifications. 1.
Chapter 1 System Introduction This table describes the LEDs on the fan module front panel. Table 10 Fan Module LED Descriptions LED COLOR PWR Green ALM Red STATUS DESCRIPTION On The fan module is turned on. Off The fan module is turned off or has failed. On The fan module is not working normally. Off The fan module is working normally. The fan module monitors to detect whether the fans are operating in the normal state and relays the information to the OLT’s management switching card.
Chapter 1 System Introduction 1.8.1.1 DC Power Wire Specifications The following table lists the specifications of the DC power wire. Table 11 DC Power Wire Specifications ITEM DESCRIPTION Function Electrical cable Wire Gauge AWG (American Wire Gauge) is a measurement system for wire that specifies its thickness. As the thickness of the wire increases, the AWG number decreases. Make sure you use wires of the specified wire gauge.
C HAPT ER 2 Hardware Installation This chapter describes how to install and connect the OLT and line cards. 2.1 General Installation Instructions Perform the installation as follows: • Make sure the OLT’s power switches are in the OFF position. • Install the chassis as detailed in Section 2.2 on page 29, making sure you connect the frame grounds before you make any other connections. • See Section 2.3 on page 31 to install management and line cards. • Leave the slot covers on unused slots.
Chapter 2 Hardware Installation Figure 8 Airflow Use the following procedure to install the chassis in the rack. 1 Position a mounting bracket on one side of the chassis, making sure the screw holes on the bracket are on the same side as the front panel of the chassis. 2 Use the screwdriver to install the screws through the mounting bracket holes into the chassis. 3 Repeat steps 1-2 to attach the second mounting bracket on the other side of the chassis.
Chapter 2 Hardware Installation 2.2.3 Connecting the OLT Frame Grounds Frame grounds help protect against lightning and interference functions. Use M4 machine screws with suitable lock washers to attach the frame ground cable to the OLT. The other end must be securely fastened to the chassis ground with a lug and screw arrangement of M3.5 or greater. • The OLT frame grounds are on the upper right corner of the front panel.
Chapter 2 Hardware Installation Figure 11 Loosen Slot Cover Screws Figure 12 Remove the Slot Cover Figure 13 Installing a Card 32 OLT2406 User’s Guide
Chapter 2 Hardware Installation Figure 14 Close the Ejector Levers Figure 15 Tighten the Thumbscrews 2.3.1 Removing Management and Line Cards 1 Disconnect all cables from the card. See Section 2.5 on page 35 for details on removing the fiber optic cables. 2 Loosen the two thumbscrews holding the card. 3 Pull the two ejector levers firmly until the front of the card is clear of the chassis. Pull the ejector levers until they are perpendicular to the front panel.
Chapter 2 Hardware Installation Figure 16 Loosening a Card’s Thumbscrews Figure 17 Pulling a Card’s Ejector Levers Figure 18 Pulling the Card Out 34 OLT2406 User’s Guide
Chapter 2 Hardware Installation 2.4 Transceiver Installation Use the following steps to install an SFP or SFP+ module in a slot. For slots that are at an angle; do not attempt to straighten it. 1 Remove the dust cover from the transceiver. 2 For transceivers with a flip-up or flip-down latch, close the latch. 3 Insert the fiber-optic cables into the transceiver (you may need to remove cable dust covers). 4 Insert the transceiver into the slot with the exposed section of PCB board facing down.
Chapter 2 Hardware Installation 2 Unlock the transceiver’s latch (latch styles vary). 3 Pull the transceiver out of the slot. 4 Put the transceiver’s dust cover on the transceiver. Figure 21 Opening a Transceiver Latch Figure 22 Removing the Transceiver 2.6 Connect the Power The chassis has two slots at the top of the front panel for redundant power supply modules (the OLT can run on one). The power connections are on the front of each power module.
Chapter 2 Hardware Installation 1 Use a screwdriver to loosen the power module screws. 2 Slide the power module out partially to expose the power terminal screws. 3 Connect power wires to the negative power terminals on the front of the power module, and tighten the terminal screws. 4 Connect the other ends of the power wires to the –48 V terminal on the power supply. 5 Connect power wires to the positive power terminals on the front of the OLT power module, and tighten the terminal screws.
Chapter 2 Hardware Installation Figure 25 Connect the Power Wires Figure 26 Slide the Power Module In 38 OLT2406 User’s Guide
Chapter 2 Hardware Installation Figure 27 Tighten the Power Module Thumbscrews OLT2406 User’s Guide 39
Chapter 2 Hardware Installation 40 OLT2406 User’s Guide
C HAPT ER 3 Maintenance This chapter describes how to perform maintenance on the system hardware. 3.1 Fan Maintenance This section describes how to change the fan module on the OLT. 3.1.1 Procedure to Remove and Install the Fan Module The chassis has a hot-swappable fan module. The fan module is at the left on the front panel. Replace the entire fan module if cleaning the fan filter does not solve the problem. Return any malfunctioning fan modules to the manufacturer.
Chapter 3 Maintenance Figure 29 Remove the Fan Module Figure 30 Remove the Filter 3.2 Power Maintenance This section describes how to change the power module. The power module has a built-in circuit breaker. Before you replace a power module, make sure the circuit breaker is not causing the problem. 3.2.1 Procedure to Change a Power Module The power module slots are at the upper right of the front panel of the chassis. Use the following procedure to change a power module.
Chapter 3 Maintenance 2 Disconnect the power wires from the power source. 3 Use a screw driver to loosen the thumbscrews on the front panel of the OLT power supply module. 4 Grab the handle, and slide out the power supply module. 5 Disconnect the power wires from the power module. 6 Replace the OLT power module with a new one from the manufacturer. 7 Refer to Section 2.6 on page 36 to reconnect the power after you finish.
Chapter 3 Maintenance Figure 33 Disconnect the Power Wires 44 OLT2406 User’s Guide
P ART II Commands 45
C HAPT ER 4 CLI Introduction 4.1 Accessing the CLI Use any of the following methods to access the CLI. 4.1.1 Console Port 1 Connect your computer to the console port on the OLT using the appropriate cable (see Section 1.3.2 on page 22 for console cable details).
Chapter 4 CLI Introduction 4.1.3 Remote Telnet 1 Connect to the OLT through an uplink or GE port. 2 Open a Telnet session to the OLT’s in-band management IP address. Table 14 Default In-band Management IP Address SETTING DEFAULT VALUE IP Address 192.168.1.1 Subnet Mask 255.255.255.0 Make sure your computer IP address is in the same subnet, unless you are accessing the OLT through one or more routers. 4.1.4 SSH 1 Connect your computer to one of the Ethernet ports.
Chapter 4 CLI Introduction Table 15 CLI shortcuts and help (continued) COMMAND / KEY(S) DESCRIPTION ? Displays the keywords and/or input values that are allowed in place of the ?. help Where available, this option displays the commands that are allowed in place of help. 4.4 Listing Commands Available in a Command Mode Use the help command to view the executable commands on the OLT. Follow these steps to create a list of supported commands. 1 Log into the CLI. This takes you to execution mode.
Chapter 4 CLI Introduction OLT2406# configure OLT2406(config)# help Commands available: help logout history exit -----------------------------------------------------------------no dos enable no voip-sip-profile all no voip-sip-profile no voip-common-profile all no voip-common-profile no voip-dial-plan all no voip-dial-plan vlan <1-4094> vlan <1-4094> ip address manageable -- more --, next page: Space, continue: c, quit: ESC 5 Co
Chapter 4 CLI Introduction • Optional fields are in square brackets []; for instance msc update-target [standby|all], the standby or all field is optional. The following is an example of required input within an optional field: snmp-server [contact ][location ], the contact and location fields are optional. However, if you use contact, then you must provide the system contact information and if you use location, then you must provide the system location information.
Chapter 4 CLI Introduction Use reload config <1|2> to load configuration file 1 or configuration file 2 into running configuration without restarting. Use boot config [1|2] to restart the OLT (cold reboot) with the specified configuration file. See Chapter 31 on page 223 and Chapter 38 on page 257 for more on managing the running configuration file. 4.7.1 Saving Your Configuration When you run commands, the OLT saves changes to its run-time memory.
C HAPT ER 5 Initial Setup This chapter identifies tasks you might want to do when you first configure the OLT. 5.1 Changing the Administrator Password Note: It is recommended you change the administrator password from the default. Use this command to change the administrator password. admin-password where may be 1-32 alphanumeric characters long. OLT2406# configure OLT2406(config)# admin-password t1g2y7i9 t1g2y7i9 5.
Chapter 5 Initial Setup 5.3 Prohibiting Concurrent Logins By default the OLT allows multiple concurrent CLI sessions as follows. Table 16 Access Control Overview CONSOLE PORT SSH One session TELNET Share up to nine sessions FTP SNMP One session No limit Use no multi-login to prohibit concurrent logins and not allow a console port and Telnet access control sessions to coexist. The console port has higher priority than Telnet. OLT2406# configure OLT2406(config)# no multi-login 5.
Chapter 5 Initial Setup 5.6 Looking at Basic System Information Use show system-information to display general system information about the OLT including the firmware version. OLT2406# show system-information Product Model System Name System Contact System Location System up Time Ethernet Address Bootbase Version Current ZyNOS F/W Ver.
Chapter 5 Initial Setup 5.7 Checking Installed Line Cards Use show lc status to display which line cards are installed in the OLT’s slots. For example: OLT2406# show lc status 48V power: Input-A up, Input-B down Slot Id State Card Type ------------------------1 active MSC 2 MSC 3 4 5 6 active GPON Up Time ---------00:09:13 - 00:08:08 5.8 Looking at the Operating Configuration Use show running-config [page] to look at the current operating configuration. Use page to display one page at a time.
Chapter 5 Initial Setup 1 Use “msc-1-” for an uplink port (use “msc-1-” no matter which slot the active MSC is in). Select an uplink port on the management switching card (port 1 in this example) and set the speed and duplex. This example is for a 1 Gb full duplex connection.
Chapter 5 Initial Setup 58 OLT2406 User’s Guide
C HAPT ER 6 Provisioning User Interfaces This chapter gives basic examples of provisioning subscriber data interfaces on an ONT or MDU. See Section 26.8 on page 198 for an example of provisioning a ONT subscriber VoIP port. See Chapter 39 on page 259 for more details on configuring remote ONTs. 6.1 ONT Subscriber Port Provisioning Example Overview Here is an outline of how to provision a subscriber port on an ONT. You must also have the uplink slot configured as described in Section 5.9 on page 56.
Chapter 6 Provisioning User Interfaces OLT2406# config OLT2406(config)# interface slot slot-6 OLT2406(config-slot)# cardtype gpon OLT2406(config-slot)# no inactive OLT2406(config-slot)# exit OLT2406(config)# exit 2 Set the PON port’s transceiver type. This example displays the mapping between the transceiver type number from 0-22 and the transceiver manufacturer and class. The PON port in this example has a LIGENT class B transceiver installed so this example uses transceiver type 5.
Chapter 6 Provisioning User Interfaces OLT2406(config-olt)# register-method A OLT2406(config-olt)# no inactive OLT2406(config-olt)# exit OLT2406(config)# exit OLT2406# show interfaces slot slot-6 status AID | Base_Address IP0 IP1 MAC0 MAC1 Support_Link ----------------------+---------------------------------------------------------------------------------------------------slot-6 | 0x be000000 127.168.0.1 127.168.0.
Chapter 6 Provisioning User Interfaces • bwgroup: number 1-40 of the bandwidth group on this ONT you are creating to specify upstream and downstream bandwidth profiles to limit the ONT’s bandwidth. This example uses 1 because it is the first bandwidth group the example configures for the ONT. • type: bandwidth group type from the following table. Use the one that matches your bandwidth profile’s settings.
Chapter 6 Provisioning User Interfaces OLT2406# show interfaces olt pon-6-1 status AID | State Key_Exchange SN_Acq Rogue_Detect Rogue_Destruct Proc_Interval Proc_Interval_Sec LOS ----------------------+-----------------------------------------------------------------------------------------------------pon-6-1 | ACTIVE Enable Enable Disable Disable 8000 86400 ON +-----------------------------------------------------------------------------------------------------| Details +----------------------------------
Chapter 6 Provisioning User Interfaces OLT2406# config OLT2406(config)# remote ontcard ontcard-6-1-101-1 OLT2406(config-Ontcard)# cardtype 10_100BASET data-port 3 OLT2406(config-Ontcard)# no inactive OLT2406(config-Ontcard)# exit OLT2406(config)# exit OLT2406# show remote ontcard ontcard-6-1-101-1 AID | Status AdminState ExpType ActType ExpPort ActPort ----------------------+------------------------------------------------------------------------------------------------ontcard-6-1-101-1 | IS Unlocked 10_10
Chapter 6 Provisioning User Interfaces • Network: the Network Node Interface (NNI) VID, 10 in this example. Use a number different from the UNI VLAN to apply VLAN translation. • ingprof: the QoS ingress profile to apply to the VLAN’s traffic, voip in this example. • AES encryption: enabled or disabled (disabled in this example). • Active: on or off (on in this example).
Chapter 6 Provisioning User Interfaces 3 Enable the MDU’s VDSL2 port (port 1 in this example) and check the status.
C HAPT ER 7 Basic Settings 7.1 System Name Command Use this command to configure the OLT’s system name. Table 18 System Name Command COMMAND DESCRIPTION hostname Sets the system’s name for identification purposes. name_string: 1-64 printable characters. Spaces are allowed if you enclose the string in double quotation marks (“”). 7.2 Date and Time Commands Use these commands to configure the date and time on the OLT.
Chapter 7 Basic Settings Table 19 Time and Date Commands (continued) COMMAND DESCRIPTION time daylight-saving-time startdate Sets the day and time when Daylight Saving Time starts. week: first, second, third, fourth, last. day: Sunday, Monday, Tuesday, .... month: January, February, March, .... o’clock: 0-23 In most parts of the United States, Daylight Saving Time starts on the second Sunday of March at 2 A.M. local time.
Chapter 7 Basic Settings This example looks at the current time server settings. OLT2406# show timesync Time Configuration ----------------------------Time Zone :UTC -600 Time Sync Mode :USE_DAYTIME Time Server IP Address :172.16.37.10 Time Server Sync Status:CONNECTING The following table describes the labels in this display. Table 21 show timesync LABEL DESCRIPTION Time Zone This field displays the time zone. Time Sync Mode This field displays the time server protocol the OLT uses.
Chapter 7 Basic Settings Table 22 Switch Setup Commands (continued) COMMAND mac-aging-time DESCRIPTION <10-1000000> queue priority <0-7> level <0-7> Sets learned MAC aging time in seconds. MAC address learning reduces outgoing traffic broadcasts. For MAC address learning to occur on a port, the port must be active. Sets the IEEE 802.1p priority level-to-physical queue mapping. Priority <0-7>: IEEE 802.
Chapter 7 Basic Settings 7.4.1 Configure the Out-of-band Management IP Address Settings This example changes the out-of-band management IP address to 192.168.0.2 with subnet mask 255.255.255.0. OLT2406# configure OLT2406(config)# ip address 192.168.0.2 255.255.255.0 7.4.2 Set the Out-of-band Management Default Gateway IP Address This example sets the out-of-band management default gateway from 0.0.0.0 to 192.168.0.254. OLT2406# configure OLT2406(config)# ip address default-gateway 192.168.0.254 7.4.
Chapter 7 Basic Settings Enable the slot. OLT2406(config-slot)# no inactive 7.6 Port Setup The following table describes the commands for configuring ports. Table 25 Port Setup Commands COMMANDS DESCRIPTION execution mode show interfaces config Displays port settings. aid: slot- | -- baudrate <1|2|3|4|5> Changes the console port baud rate (in bps).
Chapter 7 Basic Settings Table 25 Port Setup Commands (continued) COMMANDS flow-control DESCRIPTION Enables flow control on the interface. A concentration of traffic on a port decreases port bandwidth and overflows buffer memory causing packet discards and frame losses. Flow Control is used to regulate transmission of signals to match the bandwidth of the receiving port. The OLT uses IEEE 802.3x flow control in full duplex mode and backpressure flow control in half duplex mode. IEEE 802.
Chapter 7 Basic Settings Display the port’s settings. OLT2406(config-interface)# exit OLT2406(config)# exit OLT2406# show interfaces config ge-6-1 Port Configurations: Port No Active Name PVID Type BPDU 74 :ge-6-1 :Yes :2406 :1 :1000M :tunnel Flow Control :Yes Speed/Duplex :1000-full 802.
C HAPT ER 8 IPv6 8.1 IPv6 Overview IPv6 (Internet Protocol version 6), is designed to enhance IP address size and features. The increase in IPv6 address size to 128 bits (from the 32-bit IPv4 address) allows up to 3.4 x 1038 IP addresses. At the time of writing, the OLT supports the following features. • Static address assignment (see Section 8.1.
Chapter 8 IPv6 compose the network address. The prefix length is written as “/x” where x is a number. For example, 2001:db8:1a2b:15::1a2f:0/32 means that the first 32 bits (2001:db8) is the subnet prefix. Interface ID In IPv6, an interface ID is a 64-bit identifier. It identifies a physical interface (for example, an Ethernet port) or a virtual interface (for example, the management IP address for a VLAN). One interface should have a unique interface ID.
Chapter 8 IPv6 Multicast scope allows you to determine the size of the multicast group. A multicast address has a predefined prefix of ff00::/8. The following table describes some of the predefined multicast addresses. Table 28 Predefined Multicast Address MULTICAST ADDRESS DESCRIPTION FF01:0:0:0:0:0:0:1 All hosts on a local node. FF01:0:0:0:0:0:0:2 All routers on a local node. FF02:0:0:0:0:0:0:1 All hosts on a local connected link. FF02:0:0:0:0:0:0:2 All routers on a local connected link.
Chapter 8 IPv6 EUI-64 The EUI-64 (Extended Unique Identifier) defined by the IEEE (Institute of Electrical and Electronics Engineers) is an interface ID format designed to adapt with IPv6. It is derived from the 48-bit (6byte) Ethernet MAC address as shown next. EUI-64 inserts the hex digits fffe between the third and fourth bytes of the MAC address and complements the seventh bit of the first byte of the MAC address. See the following example.
Chapter 8 IPv6 addresses. An IA_NA option contains the T1 and T2 fields, but an IA_TA option does not. The DHCPv6 server uses T1 and T2 to control the time at which the client contacts with the server to extend the lifetimes on any addresses in the IA_NA before the lifetimes expire. After T1, the client sends the server (S1) (from which the addresses in the IA_NA were obtained) a Renew message.
Chapter 8 IPv6 • Router solicitation: A request from a host to locate a router that can act as the default router and forward packets. • Router advertisement: A response to a router solicitation or a periodical multicast advertisement from a router to advertise its presence and other parameters. IPv6 Cache An IPv6 host is required to have a neighbor cache, destination cache, prefix list and default router list.
Chapter 8 IPv6 MLD Port Role A port on the OLT can be either a downstream port or upstream port in MLD. A downstream port (DSP in the figure) connects to MLD hosts and acts as a multicast router to send MLD queries and listen to the MLD host’s Report and Done messages. An upstream port (USP in the figure) connects to a multicast router and works as a host to send Report or Done messages when receiving queries from a multicast router.
Chapter 8 IPv6 one query from a router (X) or MLD Done or Report message from any upstream port, it will be broadcast to all connected upstream ports. X 1 Query 2 9 8 3 Report 7 4 6 5 Done 8.2 IPv6 Commands The following section lists the commands for this feature. Table 32 ipv6 address Commands COMMAND DESCRIPTION vlan <1-4094> Enters config-vlan mode for the specified VLAN. Creates the VLAN, if necessary. ipv6 Globally enables IPv6 in this VLAN.
Chapter 8 IPv6 Table 32 ipv6 address Commands (continued) COMMAND DESCRIPTION no ipv6 Disables IPv6 in this VLAN. no ipv6 address / Removes a specified static global address. no ipv6 address / eui-64 Removes a specified static global address whose interface ID was generated using the EUI-64 format. no ipv6 address autoconfig Disables IPv6 address autoconfiguration in this VLAN.
Chapter 8 IPv6 Table 34 ipv6 nd Commands COMMAND DESCRIPTION vlan <1-4094> Enters config-route-domain mode for the specified VLAN. Creates the VLAN, if necessary. ipv6 nd dad-attempts <0-600> Sets the number of consecutive neighbor solicitations the OLT sends for this VLAN.
Chapter 8 IPv6 Table 34 ipv6 nd Commands (continued) COMMAND DESCRIPTION no ipv6 nd managed-config-flag Configures the OLT to set the “managed address configuration” flag (the M flag) to 0 in IPv6 router advertisements, which means hosts do not use DHCPv6 to obtain IPv6 stateful addresses. no ipv6 nd ns-interval Resets the time interval between retransmissions of neighbor solicitations to the default setting (3000 milliseconds).
Chapter 8 IPv6 8.3 IPv6 Command Examples This example shows how to enable IPv6 in VLAN 1 and display the link-local address the OLT automatically generated and other IPv6 information for the VLAN. OLT2406# config OLT2406(config)# vlan 1 OLT2406(config-vlan)# ipv6 OLT2406(config-vlan)# exit OLT2406(config)# exit OLT2406# show ipv6 vlan 1 VLAN : 1 (VLAN1) IPv6 is enabled. MTU is 1500 bytes. ICMP error messages limited to 10 every 100 milliseconds. Stateless Address Autoconfiguration is disabled.
Chapter 8 IPv6 This example shows the OLT owns (L displays in the T field) two manually configured (permanent) IP addresses, 2001::1234 and fe80::219:cbff:fe00:1. It also displays a neighbor fe80::2d0:59ff:feb8:103c in VLAN 1 is reachable from the OLT.
Chapter 8 IPv6 This example sends ping requests to an Ethernet device with IPv6 address fe80::2d0:59ff:feb8:103c in VLAN 1. The device also responds the pings. OLT2406# ping6 ffe80::2d0:59ff:feb8:103c -i vlan 1 PING6(56=40+8+8 bytes) fe80::219:cbff:fe00:1 --> fe80::2d0:59ff:feb8:103c 16 bytes from fe80::2d0:59ff:feb8:103c, icmp_seq=0 hlim=64 time=1.0 ms 16 bytes from fe80::2d0:59ff:feb8:103c, icmp_seq=1 hlim=64 time=1.0 ms 16 bytes from fe80::2d0:59ff:feb8:103c, icmp_seq=2 hlim=64 time=1.
C HAPT ER 9 VLAN 9.1 Introduction to VLANs A VLAN (Virtual Local Area Network) allows a physical network to be partitioned into multiple logical networks. Devices on a logical network belong to one group. A device can belong to more than one group. With VLAN, a device cannot directly talk to or hear from devices that are not in the same group(s); the traffic must first go through a router. In MTU (Multi-Tenant Unit) applications, VLAN is vital in providing isolation and security among the subscribers.
Chapter 9 VLAN 9.2.1 Forwarding Tagged and Untagged Frames Each port on the OLT is capable of passing tagged or untagged frames. To forward a frame from an 802.1Q VLAN-aware switch to an 802.1Q VLAN-unaware switch, the OLT first decides where to forward the frame and then strips off the VLAN tag. To forward a frame from an 802.1Q VLANunaware switch to an 802.1Q VLAN-aware switch, the OLT first decides where to forward the frame, and then inserts a VLAN tag reflecting the ingress port's default VID.
Chapter 9 VLAN 9.5 VLAN Commands The following section lists the commands for this feature. Table 37 VLAN Commands COMMAND DESCRIPTION show vlan Displays the status of all VLANs. show vlan Displays the status of the specified VLAN. vlan-type <802.1q> Specifies the VLAN type. Currently the OLT supports IEEE 802.1q VLAN. vlan Enters config-vlan mode for the specified VLAN. Creates the VLAN, if necessary.
Chapter 9 VLAN 9.5.1 VLAN Command Examples This example configures ports 1 to 5 as fixed and untagged ports in VLAN 2000. OLT2406 (config)# vlan 2000 OLT2406 (config-vlan)# fixed 1-5 OLT2406 (config-vlan)# untagged 1-5 This example deletes entry 2 in the static VLAN table. OLT2406 (config)# no vlan 2 This example shows the VLAN table. OLT2406# show vlan The Number of VLAN : Idx.
Chapter 9 VLAN This example enables ingress checking on ports ge-5-1 ~ ge-5-4. OLT2406(config)# interface port-channel ge-5-1&&-4 OLT2406(config-interface)# ingress-check 9.6 Automatic VLAN Registration GARP and GVRP are the protocols used to automatically register VLAN membership across switches. 9.6.1 GARP GARP (Generic Attribute Registration Protocol) allows network switches to register and de-register attribute values with other GARP participants within a bridged LAN.
Chapter 9 VLAN Table 40 IEEE 802.1Q VLAN Terminology (continued) VLAN PARAMETER TERM DESCRIPTION VLAN Port Port VID This is the VLAN ID assigned to untagged frames that this port received. Acceptable Frame Type You may choose to accept both tagged and untagged incoming frames, just tagged incoming frames or just untagged incoming frames on a port. Ingress filtering If set, the OLT discards incoming frames for VLANs that do not have this port as a member. 9.
Chapter 9 VLAN 9.8 GVRP Commands The following section lists the commands for this feature. Table 42 GVRP Commands COMMAND DESCRIPTION show vlan1q gvrp Displays GVRP settings. vlan1q gvrp Enables GVRP. no vlan1q gvrp Disables GVRP on the OLT. interface port-channel Enters config-interface mode for the specified port(s). aid: -- gvrp Enables this function to permit VLAN groups beyond the local OLT. no gvrp Disable GVRP on the port(s). 9.8.
Chapter 9 VLAN Figure 34 Port VLAN Trunking C E A D B V1 V2 V1 V2 The following section lists the commands for this feature. Table 43 Port VLAN Trunking Commands COMMAND DESCRIPTION interface port-channel Enters config-interface mode for the specified port(s). aid: -- | < -&&- Use “msc-1-” for an uplink port (“msc-1-” applies to the active MSC no matter which slot it is in).
Chapter 9 VLAN For example, an ISP (Internet Service Provider) may divide different types of services it provides to customers into different IP subnets. Traffic for voice services is designated for IP subnet 172.16.1.0/24, video for 192.168.1.0/24 and data for 10.1.1.0/24. The OLT can then be configured to group incoming traffic based on the source IP subnet of incoming frames. You can then configure a subnet based VLAN with priority 6 and VID of 100 for traffic received from IP subnet 172.16.1.
Chapter 9 VLAN Table 44 Subnet Based VLAN Commands (continued) COMMAND DESCRIPTION subnet-based-vlan name source-ip mask-bits source-port vlan priority <0-7> Specifies the name, IP address, subnet mask, source-port and VLAN ID of the subnet based VLAN you want to configure along with the priority you want to assign to the outgoing frames for this VLAN.
Chapter 9 VLAN Figure 36 Protocol Based VLAN Application Example 9.12.1 Protocol Based VLAN Commands The following section lists the commands for this feature. Table 45 Protocol Based VLAN Commands COMMAND DESCRIPTION show interfaces config protocol-based-vlan Displays the protocol based VLAN settings for the specified port(s). aid: slot- | -- interface port-channel Enters sub-command mode for configuring the specified ports.
Chapter 9 VLAN Table 45 Protocol Based VLAN Commands (continued) COMMAND protocol-based-vlan name ethernet-type vlan priority <0-7> inactive DESCRIPTION Creates a disabled protocol based VLAN with the specified parameters. name: Use up to 32 alphanumeric characters. ether-num: If you don’t select a predefined Ethernet protocol (ip, ipx, arp, rarp, appletalk or decnet), type the protocol number in hexadecimal notation with a prefix, "0x".
C HAPTER 10 Static MAC Forwarding Setup Use this chapter to configure static MAC address forwarding. 10.1 Overview This chapter discusses how to configure forwarding rules based on MAC addresses of devices on your network. A static MAC address is an address that has been manually entered in the MAC address table. Static MAC addresses do not age out. When you set up static MAC address rules, you are setting static MAC addresses for a port. This may reduce the need for broadcasting.
Chapter 10 Static MAC Forwarding Setup This example configures unicast address 10:11:11:11:11:11 as a static MAC address on VLAN 2 belonging to interface ge-5-1.
C HAPTER 11 Static Multicast Forward Setup Use these commands to configure static multicast address forwarding. 11.1 Static Multicast Forwarding Overview A multicast MAC address is the MAC address of a member of a multicast group. A static multicast address is a multicast MAC address that has been manually entered in the multicast table. Static multicast addresses do not age out.
Chapter 11 Static Multicast Forward Setup Figure 39 Static Multicast Forwarding to Multiple Ports 11.2 Static Multicast Forwarding Commands Use the multicast-forward command to configure rules to forward specific multicast frames, such as streaming or control frames, to specific port(s). The following section lists the commands for this feature. Table 47 Static Multicast Forwarding Commands COMMAND DESCRIPTION show mac address-table multicast Displays the multicast MAC address table.
Chapter 11 Static Multicast Forward Setup 11.3 Static Multicast Forwarding Command Examples This example shows the current multicast table. The Type field displays User for rules that were manually added through static multicast forwarding or displays System for rules the OLT has automatically learned through IGMP snooping. OLT2406# show mac address-table multicast The Number of Multicast-forward : 1 Idx.
Chapter 11 Static Multicast Forward Setup 106 OLT2406 User’s Guide
C HAPTER 12 Filtering This chapter discusses MAC address port filtering. 12.1 Overview Configure the OLT to filter traffic based on the traffic’s source, destination MAC addresses and VLAN group (ID). 12.2 MAC Filtering Commands Summary The following section lists the commands for this feature. Table 48 MAC Filtering Commands COMMAND DESCRIPTION no mac-filter mac vlan Deletes the specified MAC filter rule.
Chapter 12 Filtering 12.3.1 Command Example: Filter Source The next example is for OLTes that support the filtering of frames based on the source or destination MAC address only. This example creates a filter “sourcefilter” that drops packets originating from the unicast MAC address 00:12:00:12:00:12 on VLAN 2.
C HAPTER 13 Spanning Tree Protocol The OLT supports Spanning Tree Protocol (STP), Rapid Spanning Tree Protocol (RSTP) and Multiple Spanning Tree Protocol (MSTP) as defined in the following standards. • IEEE 802.1D Spanning Tree Protocol • IEEE 802.1w Rapid Spanning Tree Protocol • IEEE 802.1s Multiple Spanning Tree Protocol The OLT also allows you to set up multiple STP configurations (or trees). Ports can then be assigned to the trees. 13.
Chapter 13 Spanning Tree Protocol Table 49 STP Path Costs LINK SPEED RECOMMENDED VALUE RECOMMENDED RANGE ALLOWED RANGE Path Cost 1Gbps 4 3 to 10 1 to 65535 Path Cost 10Gbps 2 1 to 5 1 to 65535 On each bridge, the bridge communicates with the root through the root port. The root port is the port on this OLT with the lowest path cost to the root (the root path cost). If there is no root port, then this OLT has been accepted as the root bridge of the spanning tree network.
Chapter 13 Spanning Tree Protocol • One Common and Internal Spanning Tree (CIST) that represents the entire network’s connectivity. • Grouping of multiple bridges (or switching devices) into regions that appear as one single bridge on the network. • A VLAN can be mapped to a specific Multiple Spanning Tree Instance (MSTI). MSTI allows multiple VLANs to use the same spanning tree. • Load-balancing is possible as traffic from different VLANs can use distinct paths in a region. 13.1.4.
Chapter 13 Spanning Tree Protocol Figure 41 MSTP Network Example A VLAN 1 VLAN 2 B 13.1.4.2 MST Region An MST region is a logical grouping of multiple network devices that appears as a single device to the rest of the network. Each MSTP-enabled device can only belong to one MST region. When BPDUs enter an MST region, external path cost (of paths outside this region) is increased by one. Internal path cost (of paths within this region) is increased by one when BPDUs traverse the region.
Chapter 13 Spanning Tree Protocol Figure 42 MSTIs in Different Regions 13.1.4.4 Common and Internal Spanning Tree (CIST) A CIST represents the connectivity of the entire network and it is equivalent to a spanning tree in an STP/RSTP. The CIST is the default MST instance (MSTID 0). Any VLANs that are not members of an MST instance are members of the CIST. In an MSTP-enabled network, there is only one CIST that runs between MST regions and single spanning tree devices.
Chapter 13 Spanning Tree Protocol See Section 13.3 on page 116 for more information on MSTP commands. See also Chapter 27 on page 207 for information on loopguard commands. Table 51 STP and RSTP Commands COMMAND DESCRIPTION show spanning-tree config Displays Spanning Tree Protocol (STP) settings. spanning-tree mode Specifies the STP mode you want to implement on the OLT. spanning-tree Enables STP on the OLT. no spanning-tree Disables STP on the OLT.
Chapter 13 Spanning Tree Protocol 4 Enables STP on port 2 (on the uplink card in slot 3) with a path cost of 150. 5 Sets the priority for port 2 to 20. OLT2406(config)# OLT2406(config)# OLT2406(config)# OLT2406(config)# OLT2406(config)# spanning-tree spanning-tree spanning-tree spanning-tree spanning-tree priority 0 hello-time 4 maximum-age 20 forward-delay 15 msc-1-2 path-cost 150 msc-1-2 priority 20 This example shows the current STP settings.
Chapter 13 Spanning Tree Protocol Table 52 show spanning-tree config (continued) LABEL DESCRIPTION BridgeForwardDelay This field displays the time (in seconds) the OLT will wait before changing states (that is, listening to learning to forwarding). TransmissionLimit This field displays the maximum number of BPDUs that can be transmitted in the interval specified by BridgeHelloTime.
Chapter 13 Spanning Tree Protocol Table 53 MSTP Commands (continued) COMMAND DESCRIPTION mstp interface port-channel edge-port Sets the specified ports as edge ports. This allows the port to transition to a forwarding state immediately without having to go through the listening and learning states. Note: An edge port becomes a non-edge port as soon as it receives a Bridge Protocol Data Units (BPDU).
Chapter 13 Spanning Tree Protocol 13.3.1 MSTP Command Examples This example shows the current MSTP configuration.
Chapter 13 Spanning Tree Protocol This example shows the current CIST configuration (MSTP instance 0).
Chapter 13 Spanning Tree Protocol Table 56 show mstp instance (continued) LABEL DESCRIPTION CIST_RRootID This field displays the unique identifier for the CIST regional root bridge, consisting of bridge priority plus MAC address. CIST_RRootPathCost This field displays the path cost from the root port on this OLT to the CIST regional root switch. This example adds the OLT to the MST region MSTRegionNorth. MSTRegionNorth is on revision number 1.
C HAPTER 14 Bandwidth Control This chapter shows you how you can cap the maximum bandwidth using the bandwidth control settings. 14.1 Bandwidth Control Bandwidth control means defining a maximum allowable bandwidth for out-going traffic flows on a port. The following table describes the related commands. Table 57 Bandwidth Control Commands COMMAND DESCRIPTION bandwidth-control Enables bandwidth control on the OLT. no bandwidth-control Disables bandwidth control on the OLT.
Chapter 14 Bandwidth Control 122 OLT2406 User’s Guide
C HAPTER 15 Broadcast Storm Control This chapter introduces and shows you how to configure the broadcast storm control feature. 15.1 Broadcast Storm Control Commands Broadcast storm control limits the number of broadcast, multicast and destination lookup failure (DLF) packets the OLT receives per second on the ports. When the maximum number of allowable broadcast, multicast and/or DLF packets is reached per second, the subsequent packets are discarded.
Chapter 15 Broadcast Storm Control Disable broadcast storm control on the OLT. OLT2406(config)# no storm-control Set broadcast storm control on a port (ge-5-1) which is active, to limit its broadcast type traffic with a threshold of 999 packets per second. OLT2406(config)# interface port-channel ge-5-1 OLT2406(config-interface)# broadcast-limit OLT2406(config-interface)# broadcast-limit 999 Display storm control status and settings. This example displays the settings for slots 3 to 12.
C HAPTER 16 Mirroring This chapter discusses port mirroring setup. 16.1 Port Mirroring Overview Port mirroring allows you to copy a traffic flow to a monitor port (the port you copy the traffic to) in order that you can examine the traffic from the monitor port without interference. Use these commands to copy a traffic flow for one or more ports to a monitor port (the port you copy the traffic to) so that you can examine the traffic on the monitor port without interference.
Chapter 16 Mirroring 16.3 Port Mirroring Command Examples This example enables port mirroring and copies outgoing traffic from ge port 4 on the card in slot 6 to uplink port 3 on the MSC. Use “msc-1-” for an uplink port (“msc-1-” applies to the active MSC no matter which slot it is in).
C HAPTER 17 Link Aggregation This chapter shows you how to logically aggregate physical links to form one logical, higherbandwidth link. 17.1 Link Aggregation Overview Link aggregation (trunking) is the grouping of physical ports into one logical higher-capacity link. You may want to trunk ports if for example, it is cheaper to use multiple lower-speed links than to under-utilize a high-speed, but more costly, single-port link.
Chapter 17 Link Aggregation Configure trunk groups or LACP before you connect the Ethernet switch to avoid causing network topology loops. 17.2.
Chapter 17 Link Aggregation Table 64 LACP Commands (continued) COMMAND DESCRIPTION no lacp Disables the link aggregation control protocol (dynamic trunking) on the OLT. lacp system-priority <1-65535> Sets the priority of an active port using LACP. 17.4 Link Aggregation Commands Examples This example activates trunk 1 and places ports msc-2-1 and msc-2-2 in the trunk using static link aggregation.
Chapter 17 Link Aggregation This example displays the current LACP settings. OLT2406# show lacp AGGREGATOR INFO: ID: 1 [(0000,00-00-00-00-00-00,0000,00,0000)][(0000,00-00-00-00-00-00,0000,00,0000)] LINKS : SYNCS : ID: 2 [(0000,00-00-00-00-00-00,0000,00,0000)][(0000,00-00-00-00-00-00,0000,00,0000)] LINKS : SYNCS : The following table describes the labels.
C HAPTER 18 Port Authentication This chapter describes the IEEE 802.1x and MAC authentication methods. 18.1 Port Authentication Overview Port authentication is a way to validate access to ports on the OLT to clients based on an external server (authentication server). The OLT supports the following methods for port authentication: • IEEE 802.1x3 - An authentication server validates access to a port based on a username and password provided by the user.
Chapter 18 Port Authentication Figure 44 IEEE 802.1x Authentication Process 1 New Connection 2 Identity Request 3 4 Login Credentials Authentication Request 5 6 Access Challenge Challenge Request 7 8 Challenge Response Access Request 9 Authentication Reply Session Granted/Denied 18.1.2 MAC Authentication MAC authentication works in a very similar way to IEEE 802.1x authentication. The main difference is that the OLT does not prompt the client for login credentials.
Chapter 18 Port Authentication Figure 45 MAC Authentication Process 1 New Connection 2 Authentication Request 3 Authentication Reply Session Granted/Denied 18.1.3 Guest VLAN When 802.1x port authentication is enabled on the OLT and its ports, clients that do not have the correct credentials are blocked from using the port(s). You can configure your OLT to have one VLAN that acts as a guest VLAN.
Chapter 18 Port Authentication 18.2 Port Authentication Configuration The setting descriptions are listed below. Max-req: Specify the number of times the OLT tries to authenticate client(s) before sending unresponsive ports to the Guest VLAN. Reauth: Specify if a subscriber has to periodically re-enter his or her username and password to stay connected to the port.
Chapter 18 Port Authentication Table 67 Port Authentication Commands (continued) COMMAND DESCRIPTION port-access-authenticator supp-timeout <30-65535> Sets the number of seconds the OLT waits for client's response to the challenge request before sending a request again. port-access-authenticator tx-period <1-65535> Sets the number of seconds the OLT waits before re-sending an identity request to clients on the listed ports.
Chapter 18 Port Authentication Configure port ge-5-1 to remain in the HELD state and rejects further authentication requests from the client for 120 seconds after a failed authentication exchange. OLT2406# config OLT2406(config)# port-access-authenticator ge-5-1 quiet-period 120 Configure port ge-5-1 to wait 30 seconds for the client's response to the challenge request before sending a request again.
Chapter 18 Port Authentication Set the guest VLAN host Multi-secure number on port ge-5-1 to 5. OLT2406# config OLT2406(config)# port-access-authenticator ge-5-1 guest-vlan Host-mode Multi-secure 5 Display all 802.1X port authentication settings. OLT2406# show port-access-authenticator 802.
Chapter 18 Port Authentication 18.4 MAC Authentication Commands This table lists the commands for this feature. Table 68 MAC Authentication Commands COMMAND DESCRIPTION mac-authentication Enables MAC authentication on the OLT. Note: You must first enable MAC authentication on the OLT before configuring it on each port. no mac-authentication Disables MAC authentication on the OLT. interface port-channel Enters the sub-commands for configuring the specified interfaces.
Chapter 18 Port Authentication 18.5 MAC Authentication Command Examples Activate MAC authentication on the OLT and on port GE-5-1. OLT2406# config OLT2406(config)# mac-authentication OLT2406(config)# interface port-channel ge-5-1 OLT2406(config-interface)# mac-authentication OLT2406(config-interface)# exit Set the MAC authentication prefix to MyOLT, the password to MyPassword, and the MAC authentication time out to 600 seconds.
Chapter 18 Port Authentication Table 69 RADIUS Server Commands (continued) COMMAND DESCRIPTION radius-server timeout <1-1000> Specify the amount of time (in seconds) that the OLT waits for an authentication request response from the RADIUS server. In index-priority mode, the timeout is divided by the number of servers you configure. For example, if you configure two servers and the timeout is 30 seconds, then the OLT waits 15 seconds for a response from each server.
C HAPTER 19 Port Security This chapter shows you how to set up port security. 19.1 About Port Security Port security allows only packets with dynamically learned MAC addresses and/or configured static MAC addresses to pass through a port on the OLT. The OLT can learn up to 32K MAC addresses in total with no limit on individual ports other than the sum cannot exceed 32K. For maximum port security, enable this feature, disable MAC address learning and configure static MAC address(es) for a port.
Chapter 19 Port Security Display the port security settings.
C HAPTER 20 Classifier This chapter introduces and shows you how to configure the packet classifier on the OLT. 20.1 About the Classifier and QoS Quality of Service (QoS) refers to both a network's ability to deliver data with minimum delay, and the networking methods used to control the use of bandwidth. Without QoS, all traffic data is equally likely to be dropped when the network is congested.
Chapter 20 Classifier 20.2 Classifier Commands Use these commands to classify packets into traffic flows. After classifying traffic, policy commands (Chapter 21 on page 147) can be used to ensure that a traffic flow gets the requested treatment in the network. Table 71 Classifier Commands COMMAND DESCRIPTION show classifier [] Displays classifier configuration details. classifier <[packetformat <802.3untag|802.
Chapter 20 Classifier Table 72 Common Ethernet Types and Protocol Number ETHERNET TYPE PROTOCOL NUMBER XNS Compat 0807 Banyan Systems 0BAD BBN Simnet 5208 IBM SNA 80D5 AppleTalk AARP 80F3 In an IPv4 packet header, the “Protocol” field identifies the next level protocol. The following table shows some common IPv4 protocol types and the corresponding protocol number. Refer to http:// www.iana.org/assignments/protocol-numbers for a complete list.
Chapter 20 Classifier 20.3 Classifier Command Examples This example creates a classifier for packets with a VLAN ID of 3. The resulting traffic flow is identified by the name VLAN3. The policy command can use the name VLAN3 to apply policy rules to this traffic flow. See the policy example in Section 21.3 on page 148.
C HAPTER 21 Policy Rule This chapter shows you how to configure policy rules. 21.1 Policy Rules Overview A classifier distinguishes traffic into flows based on the configured criteria (refer to Chapter 20 on page 143 for more information). A policy rule ensures that a traffic flow gets the requested treatment in the network. 21.2 Policy Commands Use these commands to configure policies based on the classification of traffic flows.
Chapter 21 Policy Rule Table 75 Policy Commands (continued) COMMAND DESCRIPTION policy classifier <[vlan ][egress-port ][mirror-port ][priority <0-7>][dscp <063>][tos <0-7>][bandwidth ][outgoing-packetformat ][forwardaction ][queueaction ][outgoingmirror][outgoingeport][outgoing-setvlan][metering][out-of-profileaction <[drop][forward] [setdrop-precedence]>][inactive]> Configur
Chapter 21 Policy Rule This example creates a policy (Policy1) for the traffic flow identified via classifier Class1 (see the classifier example in Chapter 20 on page 143). This policy forwards Class1 packets to port ge-5-4.
Chapter 21 Policy Rule Figure 47 TRTCM - Color-blind Mode Exceed NO CIR? Exceed NO PIR? Low Packet Loss YES YES High Packet Loss Medium Packet Loss 21.4.2 TRTCM - Color-aware Mode In color-aware mode the evaluation of the packets uses the existing packet loss priority. TRTCM can increase a packet loss priority of a packet but it cannot decrease it. Packets that have been previously marked red or yellow can only be marked with an equal or higher packet loss priority.
Chapter 21 Policy Rule Table 76 TRTCM Commands (continued) COMMAND DESCRIPTION trtcm Enables TRTCM on the specified port(s). no trtcm Disables TRTCM on the port(s). trtcm cir Sets the Commit Information Rate on the port(s). trtcm pir Sets the Peak Information Rate on the port(s). trtcm dscp green <0-63> Specifies the DSCP value to use for packets with low packet loss priority. trtcm dscp yellow <0-63> Specifies the DSCP value to use for packets with medium packet loss priority.
Chapter 21 Policy Rule 152 OLT2406 User’s Guide
C HAPTER 22 Queuing Method This chapter introduces the queuing methods supported. 22.1 Queuing Method Overview Queuing is used to help solve performance degradation when there is network congestion. Queuing algorithms allow switches to maintain separate queues for packets from each individual source or flow and prevent a source from monopolizing the bandwidth. 22.1.1 Strictly Priority Strictly Priority (SP) services queues based on priority only.
Chapter 22 Queuing Method an equal amount of bandwidth, and then moves to the end of the list; and so on, depending on the number of queues being used. This works in a looping fashion until a queue is empty. Weighted Round Robin Scheduling (WRR) uses the same algorithm as round robin scheduling, but services queues based on their priority and queue weight (the number you configure in the queue Weight field) rather than a fixed amount of bandwidth.
Chapter 22 Queuing Method 22.4 System-Wide Queuing Commands The following section lists the commands for this feature. Table 78 System-Wide Queuing Commands COMMAND DESCRIPTION queue priority <0-7> level <0-7> Sets the IEEE 802.1p priority level-to-physical queue mapping. priority <0-7>: IEEE 802.1p defines up to eight separate traffic types by inserting a tag into a MAC-layer frame that contains bits to define class of service.
Chapter 22 Queuing Method 156 OLT2406 User’s Guide
C HAPTER 23 VLAN Stacking and Translation This chapter shows you how to configure VLAN stacking and VLAN translation on your OLT. See Chapter 9 on page 89 for more background information on Virtual LAN. 23.1 VLAN Stacking Overview A service provider can use VLAN stacking to allow it to distinguish multiple customers VLANs, even those with the same (customer-assigned) VLAN ID, within its network. Use VLAN stacking to add an outer VLAN tag to the inner IEEE 802.1Q tagged frames that enter the network.
Chapter 23 VLAN Stacking and Translation Figure 49 VLAN Stacking Example 23.1.2 VLAN Stacking Port Roles Each port can have three VLAN stacking “roles”, normal, access port and tunnel port (the latter is for Gigabit ports only). • Use normal for “regular” (non-VLAN stacking) IEEE 802.1Q frame switching. • Use access port for ingress ports on the service provider's edge devices (1 and 2 in the VLAN stacking example figure).
Chapter 23 VLAN Stacking and Translation 23.2.1 VLAN Translation Example In the following example figure, packets that carry VLAN ID 12 and are received on port 3 match a pre-configured VLAN translation rule. The OLT translates the VLAN ID from 12 into 123 before forwarding the packets. Figure 50 VLAN Translation Example 123 Service Provider Network 12 Port 3 10 10 23.3 VLAN Tag Format A VLAN tag (service provider VLAN stacking or customer IEEE 802.1Q) consists of the following three fields.
Chapter 23 VLAN Stacking and Translation 23.3.1 Frame Format The frame format for an untagged Ethernet frame, a single-tagged 802.1Q frame (customer) and a “double-tagged” 802.1Q frame (service provider) is shown next. Table 80 Single and Double Tagged 802.11Q Frame Format DA SA SPTPID DA SA Len/ Etype Data FCS Untagged Ethernet frame DA SA TPID Priority VID Len/ Etype Data FCS IEEE 802.
Chapter 23 VLAN Stacking and Translation 23.6 VLAN Stacking Commands Use these commands to add an outer VLAN tag to the inner IEEE 802.1Q tagged frames that enter your network. Table 82 VLAN Stacking Commands COMMAND DESCRIPTION interface port-channel Enters config-interface mode for the specified port(s). aid: -- vlan-stacking priority <0-7> Sets the priority of the specified port(s) in port-based VLAN stacking.
Chapter 23 VLAN Stacking and Translation Figure 51 Example: VLAN Stacking VLAN 24 VLAN 24 Customer A Customer A SPN A: 37, 24 x y B: 48, 24 VLAN 24 Customer B VLAN 24 Customer B This example shows how to configure ports ge-5-1 and ge-5-2 on the OLT to tag incoming frames with the service provider’s VID of 37 (ports are connected to customer A network). This example also shows how to set the priority for ports ge-ge-5-1 and ge-5-2-1 to 3. It also sets port msc-2-1 as a tunnel port with TPID 8100.
Chapter 23 VLAN Stacking and Translation 23.8 VLAN Translation Commands Use these commands to configure VLAN translation on the OLT. With VLAN translation enabled, the OLT can translate the VLAN ID and priority level of packets received from a private network to those used in the service provider’s network. Table 83 VLAN Translation Commands COMMAND DESCRIPTION interface uni-port Enter config-uniport mode for the specified port.
Chapter 23 VLAN Stacking and Translation Table 83 VLAN Translation Commands (continued) COMMAND vlan-translation name [ing-ovid ] [ing-ivid ] [ing-opri ] [ing-ipri ] [egr-svid ] [egr-cvid ] [egr-spri ] [egr-cpri ] [N1map ] [cross-connect ] [crossport ] [tr156 ] [active ] DESCRIPTION Create a VLAN translation rule (with the specified name) on the port. vid: VLAN ID, 1~4094.
Chapter 23 VLAN Stacking and Translation Table 83 VLAN Translation Commands (continued) COMMAND DESCRIPTION no vlan-translation Disable VLAN translation on the port. no vlan-translation all Remove all VLAN translation rules on the port. no vlan-translation name Remove the specified VLAN translation rule on the port. no vlan-xlate-miss-drop Disable upstream VLAN translation miss drop on the port.
Chapter 23 VLAN Stacking and Translation 166 OLT2406 User’s Guide
C HAPTER 24 Multicast This chapter shows you how to configure various multicast features. 24.1 Multicast Overview Traditionally, IP packets are transmitted in one of either two ways - Unicast (1 sender to 1 recipient) or Broadcast (1 sender to everybody on the network). Multicast delivers IP packets to just a group of hosts on the network. IGMP (Internet Group Management Protocol) is a network-layer protocol used to establish membership in a multicast group - it is not used to carry user data.
Chapter 24 Multicast 24.2 Multicast Status Use the show multicast command to display the multicast group information. OLT2406# show multicast Multicast Status Total VID Multicast Group(Filter Mode) Timeout Up Time [Source Address] {IGMP channel, univid} ---------- ---- ---------------------------------------- ------- ----------1 1001 225.1.1.1(EXCLUDE) 98 0:23:58 {uniport-5-1-1-4-1, 1001} Source IP ------------------1.5.1.1 The following table describes the labels in the output.
Chapter 24 Multicast Table 85 igmp-snooping Commands (continued) COMMAND DESCRIPTION igmp-snooping report-tag Configure the tag of outgoing IGMP control packets to be either multicast VLAN or ANI VLAN on NNI ports. igmp-snooping reserved-multicastgroup The IP address range of 224.0.0.0 to 224.0.0.255 is reserved for multicasting on the local network only. For example, 224.0.0.1 is for all hosts on a local network segment and 224.0.0.
Chapter 24 Multicast The following table describes the commands for IGMP snooping VLAN. Table 87 IGMP Snooping VLAN Commands COMMAND DESCRIPTION show igmp-snooping vlan Displays the VLANs on which IGMP snooping is enabled. igmp-snooping vlan mode Specifies how the VLANs on which the OLT snoops IGMP packets are selected. auto: The OLT learns multicast group membership on any VLAN. See the User’s Guide for the maximum number of VLANs the switch supports for IGMP snooping.
Chapter 24 Multicast Table 88 igmp-filtering Commands (continued) COMMAND DESCRIPTION igmp-filtering profile start-address end-address Sets the range of multicast address(es) in a profile. name: 1-32 alphanumeric characters no igmp-filtering profile Removes the specified IGMP filtering profile. You cannot delete an IGMP filtering profile that is assigned to any ports.
Chapter 24 Multicast 24.6.1 Types of MVR Ports In MVR, a source port is a port on the OLT that can send and receive multicast traffic in a multicast VLAN while a receiver port can only receive multicast traffic. Once configured, the OLT maintains a forwarding table that matches the multicast stream to the associated multicast group. 24.6.2 MVR Modes You can set your OLT to operate in either dynamic or compatible mode.
Chapter 24 Multicast Note: Your OLT automatically creates a static VLAN (with the same VID) when you create a multicast VLAN. OLT2406# show mvr Behavior: IGMP Snooping Multicast Vlan Registration Status MVLAN: 10 Active: Yes Mode: Dynamic 802.1p Priority: 0 Name Source Port Receiver Port ------------ ------------------------------- -----------------------------msc-2-1, msc-2-2 ge-5-1 The following table describes the MVR commands.
Chapter 24 Multicast Configure MVR IP multicast group address(es) by the group command under mvr . Note: A port can belong to more than one multicast VLAN. However, IP multicast group addresses in different multicast VLANs cannot overlap. OLT2406# show mvr 10 MVLAN: 10 Active: Yes Mode: Dynamic 802.
Chapter 24 Multicast To configure the MVR settings on the OLT, create a multicast group, set the receiver and source ports, and create MVR groups by MVR command.
Chapter 24 Multicast 176 OLT2406 User’s Guide
C HAPTER 25 IP Source Guard Use IP source guard to filter unauthorized DHCP and ARP packets in your network. 25.1 IP Source Guard Overview IP source guard uses a binding table to distinguish between authorized and unauthorized DHCP and ARP packets in your network. A binding contains these key attributes: • MAC address • VLAN ID • IP address • Port number When the OLT receives a DHCP or ARP packet, it looks up the appropriate MAC address, VLAN ID, IP address, and port number in the binding table.
Chapter 25 IP Source Guard Trusted ports are connected to DHCP servers or other switches. The OLT discards DHCP packets from trusted ports only if the rate at which DHCP packets arrive is too high. The OLT learns dynamic bindings from trusted ports. Note: The OLT will drop all DHCP requests if you enable DHCP snooping and there are no trusted ports. Untrusted ports are connected to subscribers.
Chapter 25 IP Source Guard • System name (up to 32 bytes) This information is stored in an Agent Information field in the option 82 field of the DHCP headers of client DHCP request frames. See Chapter 29 on page 213 for more information about DHCP relay option 82. When the DHCP server responds, the OLT removes the information in the Agent Information field before forwarding the response to the original source. You can configure this setting for each source VLAN.
Chapter 25 IP Source Guard 25.1.2.1 ARP Inspection and MAC Address Filters When the OLT identifies an unauthorized ARP packet, it automatically creates a MAC address filter to block traffic from the source MAC address and source VLAN ID of the unauthorized ARP packet. You can configure how long the MAC address filter remains in the OLT. These MAC address filters are different than regular MAC address filters (Chapter 12 on page 107). • They are stored only in volatile memory.
Chapter 25 IP Source Guard 25.2 IP Source Guard Binding Commands Use these commands to manage the bindings table for IP source guard. Table 91 IP Source Guard Binding Commands COMMAND DESCRIPTION show ip source binding [] [...] Displays the bindings configured on the OLT, optionally based on the specified parameters. show ip source binding help Provides more information about the specified command.
Chapter 25 IP Source Guard Note: You must set up a management IP address for each VLAN that you want to configure DHCP settings for on the OLT. Table 93 DHCP Snooping Commands COMMAND DESCRIPTION show dhcp snooping Displays DHCP snooping configuration on the OLT. show dhcp snooping binding Displays the DHCP binding table. show dhcp snooping database Displays DHCP snooping database update statistics and settings.
Chapter 25 IP Source Guard Table 93 DHCP Snooping Commands (continued) COMMAND DESCRIPTION interface port-channel Enables a port or a list of ports for configuration. aid: -- dhcp snooping trust Sets this port as a trusted DHCP snooping port. Trusted ports are connected to DHCP servers or other switches, and the OLT discards DHCP packets from trusted ports only if the rate at which DHCP packets arrive is too high.
Chapter 25 IP Source Guard • Displays DHCP snooping configuration details. OLT2406(config)# dhcp snooping OLT2406(config)# dhcp snooping database tftp://172.16.37.17/snoopdata.
Chapter 25 IP Source Guard Table 96 ARP Inspection Filter Commands COMMAND DESCRIPTION show arp inspection filter [] [vlan ] Displays the current list of MAC address filters that were created because the OLT identified an unauthorized ARP packet. Optionally, lists MAC address filters based on the MAC address or VLAN ID in the filter. clear arp inspection filter Delete all ARP inspection filters from the OLT.
Chapter 25 IP Source Guard Table 99 ARP Inspection VLAN Commands COMMAND DESCRIPTION show arp inspection vlan Displays ARP inspection settings for the specified VLAN(s). arp inspection vlan Enables ARP inspection on the specified VLAN(s). no arp inspection vlan Disables ARP inspection on the specified VLAN(s). arp inspection vlan logging [all|none|permit|deny] Enables logging of ARP inspection events on the specified VLAN(s).
Chapter 25 IP Source Guard This example looks at log messages that were generated by ARP packets and that have not been sent to the syslog server yet. OLT2406# show arp inspection log Total Log Buffer Size : 32 Syslog rate : 5 entries per 1 seconds Port Vlan Sender MAC Time ---- ---- ----------------Total number of logs: 0 Sender IP Pkts Reason --------------- ---- ---------- ------------------------- The following table describes the labels in this display.
Chapter 25 IP Source Guard The following table describes the labels in this display. Table 102 show arp inspection interface port-channel LABEL DESCRIPTION Interface This field displays the port number. If you configure the * port, the settings are applied to all of the ports. Trusted State This field displays whether this port is a trusted port (Trusted) or an untrusted port (Untrusted).
C HAPTER 26 VoIP 26.1 VoIP Overview Use the VoIP commands to configure VoIP on an ONT (such as the PMG5318) through OMCI. VoIP is the sending of voice signals over Internet Protocol. This allows you to make phone calls and send faxes over the Internet at a fraction of the cost of using the traditional circuit-switched telephone network. You can also use servers to run telephone service applications like PBX services and voice mail. Internet Telephony Service Provider (ITSP) companies provide VoIP service.
Chapter 26 VoIP 26.2 VoIP Common Profile Commands The following table lists the commands for configuring profiles of common VoIP settings. Table 103 VoIP Common Profile Commands COMMAND DESCRIPTION voip-common-profile Creates the specified profile of common VoIP settings (1 to 15 character name) and enters the sub-command mode for configuring it. Common VoIP settings can be shared by multiple subscribers. 1st-codec Specify the first audio codec to tell the remote ONT.
Chapter 26 VoIP Table 103 VoIP Common Profile Commands (continued) COMMAND DESCRIPTION 2nd-silence Turn the use of silence suppression with the second codec on or off. 3rd-codec Specify the third audio codec to tell the remote ONT. The remote ONT must use the same codec as the peer. The options are the same as described for the first codec. 3rd-packet-period <10-30> Specify the third packet period selection interval (in milliseconds).
Chapter 26 VoIP Table 103 VoIP Common Profile Commands (continued) COMMAND signalling-code DESCRIPTION Set the signaling code: loo-str: Loop start gro-str: Ground start loo-rev: Loop reverse battery coi-fir: Coin first dia-ton: Dial tone first mul-par: Multi-party tone Turn the handling of tones through RTP tone events according to RFC 4733 on or off. 26.
Chapter 26 VoIP Table 104 VoIP SIP Profile Commands (continued) COMMAND DESCRIPTION call-wait Configure the list of supported call waiting features. You can select multiple options separated by commas without spaces; for example: cal-wai,cid-ann. cal-wai: Call waiting cid-ann: Caller ID announcement cid Configure the list of supported caller ID (CID) features. You can select multiple options separated by commas without spaces; for example: cal-nam,cid-num.
Chapter 26 VoIP 26.4 VoIP Dial Plan Profile Commands The following table lists the commands for configuring VoIP dial plan profiles. Table 105 VoIP Dial Plan Profile Commands COMMAND DESCRIPTION voip-dial-plan Creates the VoIP dial plan profile (1 to 15 character name) and enters the sub-command mode for configuring it. common-set max-size <1 ~ 256> critical-dial-timeout <0 ~ 8000> partial-dialtimeout <0 ~ 32000> format Set the dial plan table’s common configuration settings.
Chapter 26 VoIP Without a dial plan, users have to manually enter the callee’s whole number and wait for the specified dialing interval to time out or press a terminator key (usually the pound key on the phone keypad) before the VoIP device makes the call. The VoIP device initializes a call when the dialed number matches any one of the rules in the dial plan. Dial plan rules follow these conventions: • Rules are separated by the | (bar) symbol. • “x” stands for a wildcard and can be any digit from 0 to 9.
Chapter 26 VoIP 26.5 UNI Port VoIP Service Settings The following table lists the commands for configuring VoIP service settings for a subscriber port on the remote ONT. The remote ONT must also support the VoIP services you configure for it. Table 106 UNI Port VoIP Service Commands COMMAND DESCRIPTION remote uniport Configure UNI port settings.
Chapter 26 VoIP Table 107 VoIP Show Commands (continued) COMMAND DESCRIPTION show remote ontpots Displays the status of the remote ONT POTS interfaces. show remote ontcard status card- Displays the specified remote ONT card’s status. aid: uniport----- show remote uniport uniport vlan Displays the specified remote ONT UNI port’s VLAN status. show remote uniport uniport voip Displays the specified remote ONT UNI port’s VoIP status.
Chapter 26 VoIP Table 108 VoIP Configuration Supported on the PMG5318 (continued) COMMAND content-table <1 ~ 4> DESCRIPTION Configure a dialing token (rule) in the dial plan table. Identify a dial plan table entry number (from 1 to 4) and dial plan rule (from 1 to 28 characters). Dial plan rules: Symbols, and Descriptions: Multiple Rule: |, Use "|" to separate multiple rules.
Chapter 26 VoIP Figure 58 PMG5318 VoIP Example Overview SIP Server IP: 192.168.21.10 OLT msc-1-1 ONT ge-5-1 VLAN: 20 VLAN: 20 Phone 1 account: 810201 PMG5318 SIP 1 SIP 2 Phone 2 account: 810202 This example uses VLAN 20 for VoIP traffic and configures ge-5-1 to link to a PMG5318 and msc-11 as an uplink port that links to a SIP server at IP address 192.168.21.10.
Chapter 26 VoIP OLT2406# config OLT2406(config)# voip-sip-profile sip OLT2406(config-voip-sip-prof)# registrar 192.168.21.10 OLT2406(config-voip-sip-prof)# exit OLT2406(config)# voip-common-profile common OLT2406(config-com-prof)# exit OLT2406(config)# voip-dial-plan dial OLT2406(config-dial-plan-prof)# content 1 X*.X.#|#X.*.X.##|#X.*.X. OLT2406(config-dial-plan-prof)# exit OLT2406(config)# exit 4 Set the slot containing the GPON card (slot 5) to use a GPON card and enable the slot.
Chapter 26 VoIP • cardtype: This example uses VEIP (for a virtual Ethernet card on a router mode ONT) and POTS (for a virtual VoIP card on a router mode ONT). • data-port: the number of subscriber ports on the ONT card expected to send traffic (1 in this example). • Use remote ontvenet to create, configure, and enable a virtual Ethernet interface on a VEIP card (a virtual Ethernet card on a router mode ONT).
Chapter 26 VoIP OLT2406# config OLT2406(config)# remote uniport uniport-5-1-1-2-1 OLT2406(config-uniport)# queue tc 1 priority 2 weight 2 usbwprofname 100m dsbwprofname 100m bwsharegroupid 1 OLT2406(config-uniport)# vlan 20 ingprof alltc1 OLT2406(config-uniport)# exit OLT2406(config)# remote uniport uniport-5-1-1-4-1 OLT2406(config-uniport)# voip-service mode sip vlan 20 common-profile common sip-profile sip username 810201 password 810201 OLT2406(config-uniport)# exit OLT2406(config)# remote uniport unipo
Chapter 26 VoIP OLT2406# show voip-common-profile Profile Name : [common] +--------------------------------------------------+ |configured | enable | |min local port | 65535 | |max local port | 65535 | |dscp mark | 0 | |piggyback | disable | |tone | disable | |dtmf | disable | |cas | disable | |jitter target | 60 | |max jitter buffer | 135 | |pstn protocol | 0 | |announce type | fas-bus | |echo cancel | enable | |fax mode | passthru | |1st codec | PCMU | |2nd codec | PCMU | |3rd codec | PCMU | |4th codec |
Chapter 26 VoIP OLT2406# show remote uniport uniport-5-1-1-2-1 vlan |AID |UNI-VID Status NNI-VID Tag PBit_Prof DSCP_to_PBIT Ing_Prof TC GemP AES_Ept --------------------+--------------------------------------------------------------------v|uniport-5-1-1-2-1 |20 Provisioned 20 untag inactive Pbit4ToTc4 4 260 disable ----------------------+------------------------------------------------------------------OLT2406# show remote uniport uniport-5-1-1-4-1 voip +----------------------------------------------------
Chapter 26 VoIP 2 Click Network > WAN and configure a WAN interface with Type set to IPoE, Service Type set to VoIP, and Vlan ID 20. 3 Click VoIP > SIP and check the SIP server address settings.
Chapter 26 VoIP 206 4 Click VoIP > SIP > SIP Account and check that the SIP account is active. Check that the SIP account number, user name and password are configured (these depend on the SIP server’s configuration). 5 Click Status and check the account status. It displays Registered if the PMG5318 can register the SIP account with the SIP server.
C HAPTER 27 Loop Guard This chapter shows you how to configure the OLT to guard against loops on the edge of your network. 27.1 Loop Guard Overview Loop guard allows you to configure the OLT to shut down a port if it detects that packets sent out on that port loop back to the OLT. While you can use Spanning Tree Protocol (STP) to prevent loops in the core of your network. STP cannot prevent loops that occur on the edge of your network.
Chapter 27 Loop Guard Figure 60 Switch in Loop State A B N The loop guard feature checks to see if a loop guard enabled port is connected to a switch in loop state. This is accomplished by periodically sending a probe packet and seeing if the packet returns on the same port. If this is the case, the OLT will shut down the port connected to the switch in loop state. The following figure shows a loop guard enabled port N on switch A sending a probe packet P to switch B.
Chapter 27 Loop Guard Note: After resolving the loop problem on your network you can re-activate the disabled port (see Section 7.6 on page 72). 27.2 Loopguard Commands Use these commands to configure the OLT to guard against loops on the edge of your network. The OLT shuts down a port if the OLT detects that packets sent out on the port loop back to the OLT. Table 109 Loopguard Commands COMMAND DESCRIPTION show loopguard Displays which ports have loopguard enabled as well as their status.
Chapter 27 Loop Guard Table 110 show loopguard (continued) LABEL 210 DESCRIPTION Port Status This field displays whether or not the port is active. LoopGuard Status This field displays whether or not loopguard is enabled on the port. Total TxPkts This field displays the number of packets that have been sent on this port since loopguard was enabled on the port. Total RxPkts This field displays the number of packets that have been received on this port since loopguard was enabled on the port.
C HAPTER 28 Static Route This chapter shows you how to configure static routes. Static routes tell the OLT how to forward IP traffic when you configure the TCP/ IP parameters manually. 28.1 Static Route Commands The following table lists the static route commands. Table 111 Static Route Commands COMMAND DESCRIPTION show ip route Displays the IP routing table. show ip route static Displays the static routes.
Chapter 28 Static Route You can however, create this static route if it is inactive. OLT2406# config OLT2406(config)# ip route 192.168.10.1 255.255.255.0 172.23.44.51 inactive You can create an active static route that routes traffic for 192.168.10.1/24 to 192.168.1.1. OLT2406# config OLT2406(config)# ip route 192.168.10.1 255.255.255.0 192.168.1.1. This example shows the current routing table. OLT2406# show ip route static Idx Active Name Dest. Addr. 01 N static 192.168.10.1 02 Y static 192.168.10.
C HAPTER 29 DHCP This chapter shows you how to configure the DHCP feature. 29.1 DHCP Overview DHCP (Dynamic Host Configuration Protocol RFC 2131 and RFC 2132) allows individual computers to obtain TCP/IP configuration at start-up from a server. You can configure the OLT as a DHCP server or a DHCP relay agent. When configured as a server, the OLT provides the TCP/IP configuration for the clients. If you configure the OLT as a relay agent, then the OLT forwards DHCP requests to DHCP server on your network.
Chapter 29 DHCP (such as the IP address and subnet mask) between a DHCP client and a DHCP server. Once the DHCP client obtains an IP address and can connect to the network, network information renewal is done between the DHCP client and the DHCP server without the help of the OLT. The OLT can be configured as a global DHCP relay. This means that the OLT forwards all DHCP requests from all domains to the same DHCP server.
Chapter 29 DHCP Table 114 Global DHCP Relay Commands COMMAND DESCRIPTION show dhcp smart-relay Displays global DHCP relay settings. dhcp smart-relay Enables DHCP relay for all broadcast domains on the OLT. Note: You have to disable dhcp relay before you can enable dhcp smart-relay. no dhcp smart-relay Disables global DHCP relay settings. dhcp smart-relay helper-address [] [] Sets the IP addresses of up to 3 DHCP servers.
Chapter 29 DHCP Figure 63 Example: Global DHCP Relay DHCP Server: 192.168.1.100 Internet VLAN1 VLAN2 This example shows how to configure the OLT for this configuration. DHCP relay agent information option 82 is also enabled. OLT2406# configure OLT2406(config)# dhcp smart-relay OLT2406(config)# dhcp smart-relay helper-address 192.168.1.100 OLT2406(config)# dhcp smart-relay option OLT2406(config)# exit OLT2406# show dhcp smart-relay DHCP Relay Agent Configuration Active: Yes Remote DHCP Server 1:192.
Chapter 29 DHCP Figure 64 Example: DHCP Relay for Two VLANs DHCP: 192.168.1.100 DHCP: 172.16.10.100 VLAN 1 VLAN 2 This example shows how to configure these DHCP servers. The VLANs are already configured. OLT2406# configure OLT2406(config)# dhcp relay 1 helper-address 192.168.1.100 OLT2406(config)# dhcp relay 2 helper-address 172.16.10.100 OLT2406(config)# exit 29.5 Configuring DHCP VLAN See Section 25.4 on page 181 for how to configure your DHCP settings based on the VLAN domain of the DHCP clients.
Chapter 29 DHCP 218 OLT2406 User’s Guide
C HAPTER 30 VRRP This chapter shows you how to configure and monitor the Virtual Router Redundancy Protocol (VRRP) on the OLT. 30.1 VRRP Overview Each host on a network is configured to send packets to a statically configured default gateway (this OLT). The default gateway can become a single point of failure. Virtual Router Redundancy Protocol (VRRP), defined in RFC 2338, allows you to create redundant backup gateways to ensure that the default gateway of a host is always available.
Chapter 30 VRRP 30.1.1 VRRP Parameters This section describes the VRRP parameters. 30.1.1.1 Advertisement Interval The master router sends out Hello messages to let the other backup routers know that it is still up and running. The time interval between sending the Hello messages is the advertisement interval. By default, a Hello message is sent out every second.
Chapter 30 VRRP 30.3 VRRP Configuration The following sections describe how to configure VRRP. Table 117 VRRP Configuration COMMAND DESCRIPTION router vrrp network / vr-id <1-7> uplink-gateway Adds a new VRRP network and enters the VRRP configuration mode. inactive Deactivates this VRRP configuration. no inactive Activates this VRRP configuration. interval <1-255> Sets the time interval (in seconds) between Hello message transmissions.
Chapter 30 VRRP Enable preempt mode for a VRRP. OLT2406# config OLT2406(config)# router vrrp network 192.168.1.1/24 vr-id 1 uplink-gateway 10.0.100.100 OLT2406(config-vrrp)# preempt Set the primary virtual IP for a VRRP. OLT2406# config OLT2406(config)# router vrrp network 192.168.1.1/24 vr-id 1 uplink-gateway 10.0.100.100 OLT2406(config-vrrp)# primary-virtual-ip 192.168.1.10 Set the secondary virtual IP for a VRRP. OLT2406# config OLT2406(config)# router vrrp network 192.168.1.
C HAPTER 31 File Management This chapter explains how to maintain the firmware and configuration files. 31.1 FTP Command Line This section shows some examples of uploading to or downloading files from the OLT using FTP commands. First, understand the filename conventions. 31.1.1 Filename Conventions The configuration file (also known as the romfile or ROM) contains the factory default settings.
Chapter 31 File Management If your (T)FTP client does not allow you to have a destination filename different than the source, you will need to rename them as the OLT only recognizes “config” and “ras”. Be sure you keep unaltered copies of both files for later use. Be sure to upload the correct model firmware as uploading the wrong model firmware may damage your device. 31.1.2 FTP Command Line Procedure 1 Launch the FTP client on your computer.
Chapter 31 File Management 31.2.1 FTP Restrictions FTP will not work when: • FTP service is disabled in the service access control configuration. • The IP addresses in the remote management configuration do not match the client IP address. If it does not match, the OLT will disconnect the FTP session immediately.
Chapter 31 File Management 226 OLT2406 User’s Guide
C HAPTER 32 Access Control This chapter describes how to control access to the OLT. 32.1 Access Control Overview A console port and FTP are allowed one session each, Telnet and SSH share nine sessions, and/or limitless SNMP access control sessions are allowed.
Chapter 32 Access Control An agent is a management software module that resides in a managed OLT (the OLT). An agent translates the local management information from the managed OLT into a form compatible with SNMP. The manager is the console through which network administrators perform network management functions. It executes applications that control and monitor managed devices.
Chapter 32 Access Control 32.2.3 SNMP Traps The OLT sends traps to an SNMP manager when an event occurs. The following tables outline the SNMP traps by category. An OID (Object ID) that begins with “1.3.6.1.4.1.890.1.5.17” is defined in private MIBs. Otherwise, it is a standard MIB OID. The OIDs beginning with “1.3.6.1.4.1.890.1.5.17.4” are specific to the OLT2406. Table 122 SNMP System Traps OPTION OBJECT LABEL OBJECT ID DESCRIPTION coldstart coldStart 1.3.6.1.6.3.1.1.5.
Chapter 32 Access Control Table 123 SNMP Interface Traps OPTION OBJECT LABEL OBJECT ID DESCRIPTION linkup linkUp 1.3.6.1.6.3.1.1.5.4 This trap is sent when the Ethernet link is up. LinkDownEventClear 1.3.6.1.4.1.890.1.5.17.4.31.2.2 This trap is sent when the Ethernet link is up. linkDown 1.3.6.1.6.3.1.1.5.3 This trap is sent when the Ethernet link is down. LinkDownEventOn 1.3.6.1.4.1.890.1.5.17.4.31.2.1 This trap is sent when the Ethernet link is down. AutonegotiationFailedEventOn 1.3.6.
Chapter 32 Access Control Table 124 SNMP IP Traps (continued) OPTION OBJECT LABEL OBJECT ID DESCRIPTION traceroute traceRouteTestFailed 1.3.6.1.2.1.81.0.2 This trap is sent when a traceroute test fails. traceRouteTestCompleted 1.3.6.1.2.1.81.0.3 This trap is sent when a traceroute test is completed. Table 125 SNMP Switch Traps OPTION OBJECT LABEL OBJECT ID DESCRIPTION stp STPNewRoot 1.3.6.1.2.1.17.0.1 This trap is sent when the STP root switch changes. MSTPNewRoot 1.3.6.1.4.1.890.1.5.
Chapter 32 Access Control The following section lists the commands for this feature. Table 127 SNMP Server Commands COMMAND DESCRIPTION show snmp-server Displays SNMP settings. snmp-server <[contact ] [location ]> Sets the geographic location and the name of the person in charge of this OLT. system-contact: 1-32 English keyboard characters; spaces are allowed. system-location: 1-32 English keyboard characters; spaces are allowed.
Chapter 32 Access Control Table 127 SNMP Server Commands (continued) COMMAND DESCRIPTION snmp-server username seclevel [auth auth-password ] | [priv priv-password ] group Sets the authentication level for SNMP v3 user authentication. Optionally, specifies the authentication and encryption methods for communication with the SNMP manager. name: Enter the SNMP username.
Chapter 32 Access Control Table 128 snmp-server trap-destination enable traps Commands (continued) 234 COMMAND DESCRIPTION no snmp-server trap-destination enable traps interface Prevents the OLT from sending any interface traps to the specified manager. snmp-server trap-destination enable traps interface Sends the specified interface traps to the specified manager.
Chapter 32 Access Control 32.4 SNMP Command Examples This example shows you how to display the SNMP information on the OLT. OLT2406# show snmp-server [General Setting] SNMP Version : Get Community : Set Community : Trap Community : v2c public public public [ Trap Destination ] Index Version IP ---------------------1 v2c 0.0.0.0 2 v2c 0.0.0.0 3 v2c 0.0.0.0 4 v2c 0.0.0.0 Port ---162 162 162 162 Username -------- This example shows you how to display all SNMP user information on the OLT.
Chapter 32 Access Control 32.6 Login Account Commands Use these commands to configure login accounts on the OLT. Table 129 Login Account Commands COMMAND DESCRIPTION show logins Displays login account information. logins username password privilege <0-14> Creates account with the specified user name and sets the password and privilege. The privilege level is applied the next time the user logs in. name: 1-32 alphanumeric characters. password: 1-32 alphanumeric characters.
Chapter 32 Access Control 32.9 Password Commands Use these commands to configure passwords for specific privilege levels on the OLT. Table 130 Password Commands COMMAND DESCRIPTION admin-password Changes the administrator password. pw-string: 1-32 alphanumeric characters confirm-string: 1-32 alphanumeric characters admin-password Changes the administrator password.
Chapter 32 Access Control 32.11 How SSH works The following table summarizes how a secure connection is established between two remote hosts. Figure 68 How SSH Works 1 Host Identification The SSH client sends a connection request to the SSH server. The server identifies itself with a host key. The client encrypts a randomly generated session key with the host key and server key and sends the result back to the server. The client automatically saves any new server public keys.
Chapter 32 Access Control 32.12 SSH Implementation on the OLT Your OLT supports SSH version 2 using RSA authentication and three encryption methods (DES, 3DES and Blowfish). The SSH server is implemented on the OLT for remote management and file transfer on port 22. Only one SSH connection is allowed at a time. 32.12.1 Requirements for Using SSH You must install an SSH client program on a client computer (Windows or Linux operating system) that is used to connect to the OLT over SSH. 32.
Chapter 32 Access Control Table 131 Service Access Control Commands (continued) COMMAND DESCRIPTION service-control telnet Specifies the service port for the Telnet service. no service-control telnet Disables Telnet access to the OLT. 32.14 Service Access Control Command Example This example disables all SNMP and ICMP access to the OLT. OLT2406# configure OLT2406(config)# no service-control snmp OLT2406(config)# no service-control icmp OLT2406(config)# exit 32.
Chapter 32 Access Control 32.16 Remote Management Command Example This example allows computers in subnet 172.16.37.0/24 to access the OLT through any service except SNMP, allows the computer at 192.168.10.1 to access the OLT only through SNMP, and prevents other computers from accessing the OLT at all. OLT2406# configure OLT2406(config)# remote-management 1 start-addr 172.16.37.0 end-addr --> 172.16.37.255 service telnet ftp http icmp ssh https OLT2406(config)# remote-management 2 start-addr 192.168.10.
Chapter 32 Access Control 242 OLT2406 User’s Guide
C HAPTER 33 Diagnostics 33.1 Diagnostics Commands Use these commands to check system logs, ping IP addresses or perform port tests. Table 133 Diagnostic Commands COMMAND DESCRIPTION ping [inband|out-of-band] [size <01472>] [-t] Sends Ping packets to the specified Ethernet device. size <0-1472>: Specifies the size of the Ping packet. -t: Sends Ping packets to the Ethernet device indefinitely. Press [CTRL]+C to terminate the Ping process.
Chapter 33 Diagnostics 33.2 Diagnostics Commands Examples This example sends Ping requests to an Ethernet device with IP address 172.16.37.254. OLT2406# ping 172.16.37.254 Resolving 172.16.37.254... 172.16.37.254 sent rcvd rate rtt avg mdev 1 1 100 0 0 0 2 2 100 0 0 0 3 3 100 10 1 3 max 0 0 10 min 0 0 0 reply from 172.16.37.254 172.16.37.254 172.16.37.254 The following table describes the labels in this display.
Chapter 33 Diagnostics The following table describes the labels in this display. Table 135 show cpu-utilization LABEL DESCRIPTION baseline This field displays the number of CPU clock cycles per second. sec This field displays the historical interval. Interval 0 is the time starting one second ago to the current instant. Interval 1 is the time starting two seconds ago to one second ago. Interval 2 is the time starting three seconds ago to two seconds ago.
Chapter 33 Diagnostics 246 OLT2406 User’s Guide
C HAPTER 34 Syslog Use the syslog feature to send logs to an external syslog server. 34.1 Syslog Overview The syslog protocol allows devices to send event notification messages across an IP network to syslog servers that collect the event messages. A syslog-enabled device can generate a syslog message and send it to a syslog server. Syslog is defined in RFC 3164. The RFC defines the packet format, content and system log related information of syslog messages.
Chapter 34 Syslog Table 138 Syslog Type Commands COMMAND DESCRIPTION syslog type Enables syslog logging for the specified log type. type: system, interface, switch, aaa, ip 248 syslog type facility <0-7> Sets the file location for the specified log type. no syslog type Disables syslog logging for the specified log type.
C HAPTER 35 MAC Table This chapter introduces the MAC address commands. 35.1 MAC Table Overview The MAC table (a MAC table is also known as a filtering database) shows how frames are forwarded or filtered across the OLT’s ports. When a device (which may belong to a VLAN group) sends a packet which is forwarded to a port on the OLT, the MAC address of the device is shown on the OLT’s MAC table.
Chapter 35 MAC Table 35.2 MAC Address Commands Use these commands to look at the MAC address table and to configure MAC address learning. The OLT uses the MAC address table to determine how to forward frames. Table 139 MAC Address Commands COMMAND DESCRIPTION show mac-aging-time Displays MAC learning aging time. mac-aging-time <10-1000000> Sets learned MAC aging time in seconds. show mac address-table all [] Displays MAC address table. You can sort by MAC address, VID or port.
Chapter 35 MAC Table Table 140 show mac address-table (continued) LABEL DESCRIPTION Uniport-AID If the MAC address is learnt via a remote ONT and PON link, the MAC address table shows its UNI port Access ID here. GemFlow If the MAC address is learnt via a remote ONT and PON link on the OLT, the MAC address table shows its GEM (GPON Encapsulation Mode) flow ID here.
Chapter 35 MAC Table 252 OLT2406 User’s Guide
C HAPTER 36 ARP Table This chapter introduces ARP Table. 36.1 ARP Table Overview Address Resolution Protocol (ARP) is a protocol for mapping an Internet Protocol address (IP address) to a physical machine address, also known as a Media Access Control or MAC address, on the local area network. An IP (version 4) address is 32 bits long. In an Ethernet LAN, MAC addresses are 48 bits long. The ARP Table maintains an association between each MAC address and its corresponding IP address. 36.1.
Chapter 36 ARP Table 36.3 ARP Command Examples This example shows the ARP table. OLT2406# show ip arp Index IP 1 192.168.1.1 MAC VLAN Port 00:19:cb:00:00:02 1 Age(s) CPU 0 Type static The following table describes the labels in this display. Table 142 show ip arp LABEL DESCRIPTION Index This field displays the index number. IP This field displays the learned IP address of the device. MAC This field displays the MAC address of the device.
C HAPTER 37 Routing Table This chapter introduces the routing table. 37.1 Overview The routing table contains the route information to the network(s) that the OLT can reach. The OLT automatically updates the routing table with the RIP information received from other Ethernet devices. 37.2 Routing Table Commands The following section lists the commands for this feature. Table 143 Routing Table Commands COMMAND DESCRIPTION show ip route Displays the IP routing table.
Chapter 37 Routing Table 37.3 Routing Table Command Examples This example shows the current routing table. OLT2406# show ip route Terminology: L - this route is local interface R - this route is reported by RIP B - this route is reported by BGP O - this route is reported by OSPF S - this route is reported by Static Route Route table in VPS00 Destination/Maskbits Interface Gateway Metric ---------------------------------192.168.0.0/24 192.168.0.1 192.168.0.1 1 127.0.1.0/24 127.0.1.253 127.0.1.
C HAPTER 38 Running Configuration Use these commands to manage the running configuration file. You can also copy settings between ports. 38.1 OLT Configuration File When you configure the OLT, the settings are saved as a series of commands in a configuration file on the OLT called running-config. You can perform the following with a configuration file: • Back up OLT configuration once the OLT is set up to work in your network. • Restore a previously-saved OLT configuration.
Chapter 38 Running Configuration The following section lists the commands for this feature. Table 146 Running Configuration Commands COMMAND DESCRIPTION show running-config Displays the current configuration file. This file contains the commands that change the OLT's configuration from the default settings to the current configuration. show running-config interface port-channel [ [<...>]]] Displays the current configuration that applies to the specified port.
C HAPTER 39 Remote ONT This chapter gives details on configuring remote ONTs. See Chapter 6 on page 59 for basic examples of provisioning subscriber interfaces on an ONT or MDU. 39.
Chapter 39 Remote ONT The following table introduces commands for configuring remote ONTs. Refer to the OLT’s help for information about the command sub-options. Table 147 Remote ONT Commands COMMAND DESCRIPTION remote ont Configure Remote ONT settings. aid: ont--- alarm-profile Create an ONT alarm profile to monitor the DDMI status of the ONT transceiver under configure mode. name: ONT alarm profile name.
Chapter 39 Remote ONT Table 147 Remote ONT Commands (continued) COMMAND cfm-ma md-index format name ccminterval <0-7> DESCRIPTION Create an IEEE 802.1ag CFM Maintenance Association (MA). The OLT creates the MA on the remote ONT via OMCI request message. ma-index: Maintenance association index. md-index: Maintenance domain index. vid|string|integer: Maintenance association name format. ma-name: Maintenance association name. <0-7>: CCM interval.
Chapter 39 Remote ONT Table 147 Remote ONT Commands (continued) COMMAND model <0-7> DESCRIPTION Set the model name for different kinds of ONT products. A value of <0-7> is allowed. 0: Default value (ZyXEL’s IES4005 uses this) 1: PMG1006 ONT 2: PMG5318 ONT 3: PMG3000 SFP Type ONT 4: PMG5318-B20B ONT 5: GPT-2542GNAU ONT 6: O-00XX0V-PQ MDU 7: PMG5320-B20A ONT no inactive Activate on the ONT.
Chapter 39 Remote ONT Table 147 Remote ONT Commands (continued) COMMAND DESCRIPTION show remote ont filter < slot- | pon-- | is | oos-nr .. > Displays the status of ONTs matching the filter you specify. slot-: Show ONT information by slot. pon--: Show ONT information by PON port. is: Show ONTs with an IS (In Service) status. oos: Show ONTs with an OOS (Out Of Service) status. oos-lo: Show ONTs with a Line Card Out Of Service status.
Chapter 39 Remote ONT Table 148 Remote ONT Card Commands (continued) COMMAND no inactive DESCRIPTION Enable on the ONT card. show remote ontcard config-all Displays all ONT card configuration. show remote ontcard Displays the specified ONT card configuration. ontcard-aid: ontcard---- Here is an example of the status.
Chapter 39 Remote ONT Table 150 Remote ONT Ethernet Port Commands (continued) COMMAND DESCRIPTION port-speed Sets the auto detection configuration attribute in the physical path termination point Ethernet UNI ME as defined in G984.4. Use auto ora specific rate and duplex mode. exit Exit from the Ethernet subscriber interface configuration sub-commands. no inactive Turns on the Ethernet subscriber interface. no pmenable Disables performance monitoring.
Chapter 39 Remote ONT 39.6 ONT VENET Port Settings Use the remote ontvenet command to create and configure a virtual Ethernet interface on a VEIP card (a virtual Ethernet card on a router mode ONT). You can enable performance monitoring and enable or disable the port. The following table describes the related commands. Table 152 ONT VENET Commands LABEL DESCRIPTION remote ontvenet Creates and enters an instance of a virtual Ethernet interface on the dualmanaged ONU.
Chapter 39 Remote ONT 39.8 ONT Video Port Settings Use the remote ontvideo command to create and configure a video interface on a video card on an ONT such as ZyXEL’s PMG5323-B20A. The following table describes the related commands. Table 154 ONT Video Commands LABEL DESCRIPTION remote ontvideo Creates a subscriber video interface if it does not already exist and enters the sub-commands for configuring it. It must be created under a video card.
Chapter 39 Remote ONT 39.9.1 UNI Port Queue Settings Use the queue command to configure a UNI port QoS queue. Table 155 UNI Port QoS Queue Command Parameters LABEL DESCRIPTION remote uniport Configure UNI port settings. aid: uniport----- queue tc priority weight usbwprofname dsbwprofname dsoption bwsharegroupid Configure a UNI port QoS queue. tc: The IEEE 802.
Chapter 39 Remote ONT • Tc4 limits upstream and downstream rates to 40 Mbps. OLT2406 (config)# remote uniport uniport-5-1-3-1-1 OLT2406 (config-remote-uniport)# queue tc 3 priority 3 weight 0 USbwprofname 20m DSBwprofname 20m dsoption olt bwsharegroupid 1 OLT2406 (config-remote-uniport)# queue tc 4 priority 4 weight 0 USbwprofname 40m DSBwprofname 40m dsoption olt bwsharegroupid 1 This example removes traffic class “3”.
Chapter 39 Remote ONT 39.9.2 UNI Port VLAN Settings Use the vlan command to configure VLAN flow settings for the subscriber port on the remote ONT. See Figure 52 on page 165 for where the VLAN IDs in the UNI port VLAN command fit in the reference configuration defined in ITU-T G.984.1. Table 156 UNI Port VLAN Command Parameters LABEL DESCRIPTION remote uniport Configure UNI port settings.
Chapter 39 Remote ONT To map the IEEE 802.1p priority bit from a VLAN to a traffic class , we need to create an ingress profile to use when we create the UNI port VLAN. qos ingprof Pbit3ToTc3 dot1p3tc 3 qos ingprof Pbit4ToTc4 dot1p4tc 4 This example creates VLAN 103 on the ONT with the following actions: • The ONT sends downstream VLAN 103 traffic out untagged. • The ONT assigns VLAN 103 traffic to gemport 256.
Chapter 39 Remote ONT 39.9.3 UNI Port Protocol-based VLAN Settings Use the protocol-based command to configure UNI port protocol-based VLAN. Table 157 UNI Port Protocol-based VLAN Command Parameters LABEL DESCRIPTION remote uniport Configure UNI port settings. aid: uniport----- protocol-based [vlan ] [def-pbit ] [active ] Configure protocol-based VLAN flow settings for the UNI port.
Chapter 39 Remote ONT This example shows protocol-based VLAN rules on ONT-5-1-3 uniport-1-1. OLT2406# show remote uniport uniport-5-1-3-1-1 protocol-based Uniport Ether type Vlan Priority ----------------- ---------- ---- -------uniport-5-1-3-1-1 ipoe 103 4 uniport-5-1-3-1-1 pppoe 203 0 uniport-5-1-3-1-1 arp 103 4 39.9.4 UNI Port PVID Settings Use the pvid command to configure UNI port default VLAN settings.
Chapter 39 Remote ONT 39.9.5 UNI Port IGMP Channel Settings Use the igmpchannel command to configure a UNI port with multicast subscriber information. Table 159 UNI Port IGMP Channel Commands LABEL DESCRIPTION remote uniport Configure UNI port settings.
Chapter 39 Remote ONT 39.9.6 UNI Port MAC Limit Settings Use the mac-limit command to limit the number of MAC addresses a UNI port can learn. Table 160 UNI Port MAC Limit Commands LABEL DESCRIPTION remote uniport Configure UNI port settings. aid: uniport----- mac-limit no mac-limit show remote uniport mac-limit Limit the number of MAC addresses the UNI port can learn (0-32000). Disable the MAC limit function on the UNI port.
Chapter 39 Remote ONT Table 161 UNI Port CFM MEP Commands (continued) LABEL no cfm-mep show remote uniport cfm-mep 276 DESCRIPTION Delete the UNI port’s CFM MEP configuration. Display the specified UNI port’s CFM MEP configuration.
C HAPTER 40 Management Switching Card Control This chapter describes management switching card redundancy status and control commands. 40.1 Management Switching Card Control Overview The OLT can use two management switching cards. If one management switching card fails, the other one becomes active and takes over. 40.2 Management Switching Card Control Commands The following section lists the commands for this feature.
Chapter 40 Management Switching Card Control This example displays management switching card state and firmware version information from configuration mode. OLT2406# configure OLT2406(config)# msc Slot State Update F/W Ver. ------------------------------------*1 active v V4.00(AAOP.1)C0 | 2015-02-03 2 v next boot: 1 Update target: All This example copies the active management switching card’s running firmware to the standby management switching card’s running firmware.
Chapter 40 Management Switching Card Control This example enables port-level protection and saves the configuration to the stand-by MSC. OLT2406# configure OLT2406(config)# protect-switch msc port-level enable OLT2406(config)# exit OLT2406# writ memory ................................................................ Prepare to sync config to Standby-MSC. OLT2406# Get running-config size:537, spend time:0.77seconds. Transfer file:config-run, size:537 to Standby-MSC > finish.
Chapter 40 Management Switching Card Control 280 OLT2406 User’s Guide
C HAPTER 41 Port Protection Switching Port protection switching creates a protection path for traffic in case the working path fails. 41.1 Uplink Port Protection Switching The MSC uplink port protection switching feature creates a working path (active port) and backup path (backup port) for uplink traffic. Use MSC protection groups to have active and backup uplink ports. You put 2 MSC uplink ports into a protection group. There are 3 groups for the MSC’s 6 uplink ports.
Chapter 41 Port Protection Switching Table 164 Uplink Port Protection Switching Commands (continued) COMMAND DESCRIPTION protect-switch msc group <1|2|3> activeport msc- Changes the current active port in the specified MSC protection group. Meaning it sets through which of the protection group’s uplink ports the MSC forwards uplink traffic. Note the “show protect-switch msc” command only shows configuration, not current status.
Chapter 41 Port Protection Switching 41.2 Downlink Port Protection Switching The downlink port protection switching feature creates a working path (active port) and backup path (backup port) for downlink traffic. Put downlink PON (GPON) ports into active and backup pairs. Normally, the downlink traffic uses the working path (traffic is sent out the active port). When the active port is down, the OLT sends out packets using the backup path (traffic is sent out the backup port).
Chapter 41 Port Protection Switching 284 OLT2406 User’s Guide
C HAPTER 42 PPPoE IA This chapter describes how the OLT gives a PPPoE termination server additional information that the server can use to identify and authenticate a PPPoE client. 42.1 PPPoE Intermediate Agent Overview • PPPoE allows ISPs to manage accounts access from dial-up Internet (such as ADSL). • A PPPoE Intermediate Agent (PPPoE IA) is deployed between a PPPoE server and PPPoE clients.
Chapter 42 PPPoE IA 42.2 PPPoE Intermediate Agent Commands Summary This table describes the commands. Table 166 PPPoE Intermediate Agent Commands COMMAND DESCRIPTION interface port-channel Enters the sub-commands for configuring settings for the specified port. aid: -- pppoe intermediate-agent trust Sets the specified ports as PPPoE IA trusted ports.
Chapter 42 PPPoE IA Table 166 PPPoE Intermediate Agent Commands (continued) COMMAND DESCRIPTION pppoe intermediate-agent format-type help Displays details about the pppoe intermediate-agent format-type commands. pppoe intermediate-agent vlan formattype circuit-id string Configures and enables a PPPoE IA circuit ID string for the specified VLAN on the specified port.
Chapter 42 PPPoE IA Table 166 PPPoE Intermediate Agent Commands (continued) COMMAND DESCRIPTION no pppoe intermediate-agent format-type access-nodeidentifier Removes the PPPoE IA string for identifying the access node. no pppoe intermediate-agent format-type identifierstring Removes the PPPoE IA identification string. no pppoe intermediate-agent vlan Removes the PPPoE IA on the specified VLAN.
Chapter 42 PPPoE IA Note: You must activate PPPoE IA for the circuit ID or remote ID of the corresponding VLAN to insert the given access loop identification information 42.3.2 PPPoE IA Access Loop Identification Settings These commands assign access loop identification information for the circuit ID string and remote ID strings for the specified VLAN on the specified port.
Chapter 42 PPPoE IA • The OLT forwards a PADI or PADR packet received from a trusted port to all trusted ports. • In other cases besides those described above, the OLT forwards PPPoE discovery-stage packets. Here are the PPPoE IA show commands.
C HAPTER 43 IP and MAC Anti-spoofing 43.1 IP and MAC Anti-spoofing Overview IP and MAC anti-spoofing protection lets you set inclusive or exclusive mode for specified source IP addresses or MAC addresses. This lets you allow or block packets from specific IP addresses or MAC addresses on specific ports. Here are some details about setting anti-spoofing entries: • A port’s anti-spoofing entries must all be exclusive or inclusive (not both). • Set up to four entries per port.
Chapter 43 IP and MAC Anti-spoofing The OLT drops packets from source IP addresses or MAC addresses listed in the exclusive entries and forwards others. 43.2 IP and MAC Anti-spoofing Configuration 43.2.1 Activating IP and MAC Anti-spoofing These commands activate and de-activate anti-spoofing on the OLT. OLT2406# config OLT2406(config)# anti-spoofing OLT2406(config)# no anti-spoofing These commands activate and de-activate anti-spoofing on the specified port.
Chapter 43 IP and MAC Anti-spoofing These commands display the anti-spoofing entries for all ports or a specified port.
Chapter 43 IP and MAC Anti-spoofing 294 OLT2406 User’s Guide
C HAPTER 44 DDoS 44.1 DDoS Overview A distributed denial-of-service attack (DDoS attack) is an attempt to make a machine or network resource unavailable to its intended users. One common method of attack involves saturating the target machine with external communications requests, so much so that it cannot respond to legitimate traffic or responds so slowly as to be rendered essentially unavailable. Such attacks usually lead to a server overload.
Chapter 44 DDoS 296 OLT2406 User’s Guide
P ART III Troubleshooting, Specifications, Appendices, and Index 297
C HAPTER 45 Troubleshooting This section describes how to troubleshoot problems occurring on this OLT, the ONTs/ONUs, the ODN, or the other devices involved in the GPON network. General Checking on the OLT. Check if all the LEDs on the MSC cards, fan module, uplink cards, and GPON cards are behaving normally. Use the show lc stats command to make sure each installed card is active. You may need to reinstall the card or re-configure the slot if it is not. Check if ONTs/ONUs are up.
Chapter 45 Troubleshooting The PWR light blinks if the input power for the fans is not stable and is off if there is no input power. The PWR light stays on if the input for the fans is normal. Table 170 PWR LED Troubleshooting STEP CORRECTIVE ACTION 1 Make sure the power wires are properly connected to the power supply and the power supply is operating normally. Make sure you are using the correct power source (refer to Chapter 46 on page 315). Make sure the power supply modules are turned ON.
Chapter 45 Troubleshooting Check if the GPON port on the OLT is disabled by using the show interface olt pon- status command. Activate it if it is disabled. Make sure the distance between the OLT and each ONT/ONU does not exceed 20 km or 30 km depending on whether you use a class B or a class C transceiver. Check if the transmitting optical power of the GPON ports on the OLT is in the normal range (+7~+2 dbm). You may need to change the PON port optical modules if they are too low or too high.
Chapter 45 Troubleshooting connected to the same PON port to fail to transmit traffic. You can use the test interface olt rogue pon-- command to discover rogue ONTs, especially when you receive reports from multiple ONTs/ONUs not being able to transmit traffic. This example performs a rogue ONT discovery up to 1000 milliseconds (around 16.67 seconds). The OLT adds two normal ONTs/ONUs back with serial numbers 414C434C25004992 and 5A59584500000011. They were disconnected due to a rogue ONT.
Chapter 45 Troubleshooting ONT list. But if any ONT still transmits traffic at the wrong time, the OLT will block all the PON port’s ONT traffic again. OLT2406(config-rogue)# stop Stop Rogue Detection Process........ OLT2406(config-rogue)# After you have resolved the issues on the rogue ONT, you can use the no O7-state command to have the OLT reaccept the ONT’s traffic. OLT2406(config)# interface olt pon-5-1 OLT2406(config-rogue)# no O7-state 414C434C00050017 45.
Chapter 45 Troubleshooting Table 172 Log Severity Levels CODE SEVERITY 6 IN: Informational, the syslog contains an informational message. 7 DE: Debug, the message is intended for debug-level purposes. This table lists all log types. Table 173 Log Types SYSTEM INTERFACE SWITCH IP This table lists all log messages and their corresponding categories, types, and severities.
Chapter 45 Troubleshooting Table 174 Log Messages (continued) Category Log Message Type Severity omci-alarm 45MRdi (MEId) alarm SYSTEM WARNING omci-alarm 6MBerr (MEId) alarm SYSTEM WARNING omci-alarm 6MErr (MEId) alarm SYSTEM WARNING omci-alarm 6MRec (MEId) alarm SYSTEM WARNING omci-alarm 6MSend (MEId) alarm SYSTEM WARNING omci-alarm AisCi (MEId) alarm SYSTEM WARNING omci-alarm BatteryFailure (MEId) alarm SYSTEM WARNING omci-alarm BatteryLow (MEId) alarm SYSTEM WARNING om
Chapter 45 Troubleshooting Table 174 Log Messages (continued) Category Log Message 306 Type Severity omci-alarm Lof (MEId) alarm SYSTEM WARNING omci-alarm Los (MEId) alarm SYSTEM WARNING omci-alarm LostMcastGroup (MEId) alarm SYSTEM WARNING omci-alarm LowLaserBiasCur (MEId) alarm SYSTEM WARNING omci-alarm LowPowerFeedVoltage (MEId) alarm SYSTEM WARNING omci-alarm LowRxOpticalPower (MEId) alarm SYSTEM WARNING omci-alarm LowTemperature (MEId) alarm SYSTEM WARNING omci-alarm L
Chapter 45 Troubleshooting Table 174 Log Messages (continued) Category Log Message Type Severity omci-alarm TcaAissP (MEId) alarm SYSTEM WARNING omci-alarm TcaAlignErrorCount (MEId) alarm SYSTEM WARNING omci-alarm TcaBes (MEId) alarm SYSTEM WARNING omci-alarm TcaBridgeLearningEntryDiscard (MEId) alarm SYSTEM WARNING omci-alarm TcaBufOverflows (MEId) alarm SYSTEM WARNING omci-alarm TcaBufOverflowsRx (MEId) alarm SYSTEM WARNING omci-alarm TcaBufOverflowsTx (MEId) alarm SYSTEM WA
Chapter 45 Troubleshooting Table 174 Log Messages (continued) Category Log Message 308 Type Severity omci-alarm TcaIpnpmIcmpError (MEId) alarm SYSTEM WARNING omci-alarm TcaJabbers (MEId) alarm SYSTEM WARNING omci-alarm TcaLateCollision (MEId) alarm SYSTEM WARNING omci-alarm TcaLossL (MEId) alarm SYSTEM WARNING omci-alarm TcaMtuExceededDiscard (MEId) alarm SYSTEM WARNING omci-alarm TcaMultiCollisions (MEId) alarm SYSTEM WARNING omci-alarm TcaPppoeFilteredFrameCount (MEId) alarm
Chapter 45 Troubleshooting Table 174 Log Messages (continued) Category Log Message Type Severity omci-alarm TcaUncorrectibleCodeWords (MEId) alarm SYSTEM WARNING omci-alarm TcaUndersizePackets (MEId) alarm SYSTEM WARNING omci-alarm TcaUsa (MEId) alarm SYSTEM WARNING omci-alarm TemperatureRed (MEId) alarm SYSTEM WARNING omci-alarm TemperatureYellow (MEId) alarm SYSTEM WARNING omci-alarm Tf (MEId) alarm SYSTEM WARNING omci-alarm VcdConfigFileError (MEId) alarm SYSTEM WARNING om
Chapter 45 Troubleshooting Table 174 Log Messages (continued) Category Log Message 310 Type Severity omci-alarm XturEsTca (MEId) alarm SYSTEM WARNING omci-alarm XturFecSecondsTca (MEId) alarm SYSTEM WARNING omci-alarm XturLossOfFrameSecondsTca (MEId) alarm SYSTEM WARNING omci-alarm XturLossOfPowerSecondsTca (MEId) alarm SYSTEM WARNING omci-alarm XturLossOfSignalSecondsTca (MEId) alarm SYSTEM WARNING omci-alarm XturSesTca (MEId) alarm SYSTEM WARNING omci-alarm XturUasTca (MEId)
Chapter 45 Troubleshooting Table 174 Log Messages (continued) Category Log Message Type Severity remote-ont ONU RX ME Result(MORE) INTERFACE WARNING remote-ont ONU RX ME Result(N/A) INTERFACE WARNING remote-ont ONU RX ME Result(PARAM_ERROR) INTERFACE WARNING remote-ont ONU RX ME Result(UNRECOVERABLE_ERROR) INTERFACE WARNING remote-ont ONU RX ME Result(VERIFY_ERROR) INTERFACE WARNING remote-ont Onu software download init: error SYSTEM WARNING remote-ont onuswdl task can't find it
Chapter 45 Troubleshooting Table 174 Log Messages (continued) Category Log Message 312 Type Severity system Linecard Restore config timeout SYSTEM INFO system Linecard Unplugged SYSTEM INFO system Load factory default configuration failed SYSTEM ERR system Load factory default configuration successfully SYSTEM INFO system pon/ge card restore config failed SYSTEM INFO system pon/ge card restore config failed in 12 seconds SYSTEM INFO system pon/ge card Restore config ready SYST
Chapter 45 Troubleshooting Table 174 Log Messages (continued) Category Log Message Type Severity trace_route Trace path to completed IP INFO trace_route Trace path to failed IP INFO OLT2406 User’s Guide 313
Chapter 45 Troubleshooting 314 OLT2406 User’s Guide
C HAPTER 46 Product Specifications 46.1 System Specifications The following tables list the OLT’s system specifications. See Section 46.3 on page 316 for power consumption specifications. Table 175 System Specifications Chassis dimensions 440 mm (width) x 248.5 mm (depth) x 88.9 mm (height); 2 U Weight 10.
Chapter 46 Product Specifications Table 175 System Specifications (continued) Power module Dimensions: 50.75 mm (width) x 262 mm (depth) x 35.7 mm (height) DC Input Voltage range:-36 to -72 V DC, normal -48 V input. There is no tolerance for the DC input voltage Max. Input DC Current: 185 Watts; 5.
Chapter 46 Product Specifications 46.4 Firmware Naming Conventions A firmware version includes the model code and release number as shown in the following example. Firmware Version: V4.00(AAVA.1) "AAVA" is the model code. "1" is this firmware's release number. This varies as new firmware is released. Your firmware's release number may not match what is displayed in this User's Guide.
Chapter 46 Product Specifications 318 OLT2406 User’s Guide
A PPENDIX A Customer Support In the event of problems that cannot be solved by using this manual, you should contact your vendor. If you cannot contact your vendor, then contact a ZyXEL office for the region in which you bought the device. Regional websites are listed below (see also http://www.zyxel.com/ about_zyxel/zyxel_worldwide.shtml). Please have the following information ready when you contact an office. Required Information • Product model and serial number. • Warranty Information.
Appendix A Customer Support Korea • ZyXEL Korea Corp. • http://www.zyxel.kr Malaysia • ZyXEL Malaysia Sdn Bhd. • http://www.zyxel.com.my Pakistan • ZyXEL Pakistan (Pvt.) Ltd. • http://www.zyxel.com.pk Philippines • ZyXEL Philippines • http://www.zyxel.com.ph Singapore • ZyXEL Singapore Pte Ltd. • http://www.zyxel.com.sg Taiwan • ZyXEL Communications Corporation • http://www.zyxel.com Thailand • ZyXEL Thailand Co., Ltd • http://www.zyxel.co.
Appendix A Customer Support Belgium • ZyXEL Communications B.V. • http://www.zyxel.com/be/nl/ Bulgaria • ZyXEL България • http://www.zyxel.com/bg/bg/ Czech • ZyXEL Communications Czech s.r.o • http://www.zyxel.cz Denmark • ZyXEL Communications A/S • http://www.zyxel.dk Estonia • ZyXEL Estonia • http://www.zyxel.com/ee/et/ Finland • ZyXEL Communications • http://www.zyxel.fi France • ZyXEL France • http://www.zyxel.fr Germany • ZyXEL Deutschland GmbH • http://www.zyxel.
Appendix A Customer Support Lithuania • ZyXEL Lithuania • http://www.zyxel.com/lt/lt/homepage.shtml Netherlands • ZyXEL Benelux • http://www.zyxel.nl Norway • ZyXEL Communications • http://www.zyxel.no Poland • ZyXEL Communications Poland • http://www.zyxel.pl Romania • ZyXEL Romania • http://www.zyxel.com/ro/ro Russia • ZyXEL Russia • http://www.zyxel.ru Slovakia • ZyXEL Communications Czech s.r.o. organizacna zlozka • http://www.zyxel.sk Spain • ZyXEL Spain • http://www.zyxel.
Appendix A Customer Support Turkey • ZyXEL Turkey A.S. • http://www.zyxel.com.tr UK • ZyXEL Communications UK Ltd. • http://www.zyxel.co.uk Ukraine • ZyXEL Ukraine • http://www.ua.zyxel.com Latin America Argentina • ZyXEL Communication Corporation • http://www.zyxel.com/ec/es/ Ecuador • ZyXEL Communication Corporation • http://www.zyxel.com/ec/es/ Middle East Egypt • ZyXEL Communication Corporation • http://www.zyxel.com/homepage.shtml Middle East • ZyXEL Communication Corporation • http://www.zyxel.
Appendix A Customer Support Oceania Australia • ZyXEL Communications Corporation • http://www.zyxel.com/au/en/ Africa South Africa • Nology (Pty) Ltd. • http://www.zyxel.co.
A PPENDIX B Legal Information Copyright Copyright © 2015 by ZyXEL Communications Corporation. The contents of this publication may not be reproduced in any part or as a whole, transcribed, stored in a retrieval system, translated into any language, or transmitted in any form or by any means, electronic, mechanical, magnetic, optical, chemical, photocopying, manual, or otherwise, without the prior written permission of ZyXEL Communications Corporation. Published by ZyXEL Communications Corporation.
Appendix B Legal Information Registration Register your product online to receive e-mail notices of firmware upgrades and information at www.zyxel.com for global products, or at www.us.zyxel.com for North American products. Safety Warnings CLASS 1 LASER PRODUCT APPAREIL À LASER DE CLASS 1 PRODUCT COMPLIES WITH 21 CFR 1040.10 AND 1040.11. PRODUIT CONFORME SELON 21 CFR 1040.10 ET 1040.11. • Fuse Warning! Replace a fuse only with a fuse of the same type and rating.
Index Index A access control limitations 227 login account 235 service port 239 SNMP 227 CFI (Canonical Format Indicator) 89 chassis installation 29 CIST 113 CIST (Common and Internal Spanning Tree) 111 accessing the CLI 47 classifier 143 and QoS 143 overview 143 ACT LED 21 Common and Internal Spanning Tree (CIST) 111 Address Resolution Protocol (ARP) 253 Common and Internal Spanning Tree, See CIST 113 alarm input pins 24 console port (accessing the CLI) 47 ALM LED 300 contact information 319 A
Index E H Ethernet broadcast address 253 help (in the CLI) 48 F I fan module installation 41 removing 41 IEEE 802.
Index login 48 login account Administrator 235 non-administrator 235 login accounts 235 configuring via telnet 235 multiple 235 number of 235 loop guard 207 how it works 208 port shut down 209 probe packet 208 loop guard, vs STP 207 MSTP 109, 110 MST region 112 network example 111 MSTP (Multiple Spanning Tree Protocol) 109 MTU (Multi-Tenant Unit) 89 multicast 167 and IGMP 167 IP addresses 167 overview 167 multicast group 170 multicast VLAN 173 multimedia 189 Multiple Spanning Tree Instance, See MSTI 111 M
Index power module changing 42 S PPPoE IA trusted ports 285 untrusted ports 285 saving configuration 52 product registration 326 protocol based VLAN 98 and IEEE 802.
Index Hello BPDU 110 how it works 110 path cost 109 port state 110 root port 110 terminology 109 vs loop guard 207 subnet based VLANs 96 and priority 97 subtending ports 22 switch setup 69 syslog 180 protocol 247 severity levels 247 V VID 89, 159 number of possible VIDs 89 priority frame 89 VID (VLAN Identifier) 89 Virtual Router (VR) 219 Virtual Router Redundancy Protocol (VRRP) 219 VLAN 89 automatic registration 93 ID 89 introduction 89 tagged 89 trunking 95 VLAN (Virtual Local Area Network) 89 T tagge
Index W warranty 325 note 325 weight, queuing 154 Weighted Round Robin Scheduling (WRR) 154 WFQ (Weighted Fair Queuing) 153 WRR (Weighted Round Robin Scheduling 153 Z ZyNOS (ZyXEL Network Operating System) 223 332 OLT2406 User’s Guide