История страницы

Оглавление

maxLevel	3

Scroll Pagebreak

VLAN Configuration

VLAN (Virtual Local Area Network) is a logical (virtual) local area network that represents a group of devices, which communicate on channel level regardless of their physical location. VLAN operation is based on the use of additional Ethernet header fields according to 802.1q standard. In fact, VLAN isolates the broadcast domain by limiting the switching of only those Ethernet frames which have the same VLAN-ID in the Ethernet header.

Configuration algorithm

Step	Description	Command	Keys
1	Create VLAN.	esr(config)# vlan <VID>	<VID> – VLAN identifier, set in the range of [2..4094]. It is also possible to create multiple vlan (comma separated), vlan range (hyphen separated) or combined entry containing commas and hyphens.
2	Specify vlan name (optional).	esr(config-vlan)# name <vlan-name>	<vlan-name> – up to 255 characters.
3	Disable monitoring of the status of interfaces on which processing of the given VLAN Ethernet frames is allowed (optional).	esr(config-vlan)# force-up
4	Disable the processing of incoming untagged Ethernet frames based on the default VLAN's switching table (VLAN-ID – 1) (optional).	esr(config-if-gi)# switchport forbidden default-vlan
5	Set L2 interface operation mode.	esr(config-if-gi)# mode switchport
6	Set the combined mode of the physical interface.	esr(config-if-gi)# mode hybrid	Only for ESR-1000/1200/1500/1511/1700.
7	Set L2 interface operation mode.	esr(config-if-gi)# switchport access	Only for ESR-10/12V(F)/14VF/15/20/21/30/100/200/3100/3200 and WLC. This mode is the default mode and is not displayed in the configuration.
		esr(config-if-gi)# switchport trunk	Only for ESR-10/12V(F)/14VF/20/21/100/200/3100 and WLC.
		esr(config-gi)# switchport general	Only for ESR-1000/1200/1500/1511/1700. This mode is the default mode and is not displayed in the configuration.
8	Configure VLAN list on the interface in tagged mode.	esr(config-if-gi)# switchport trunk allowed vlan add <VID>	Only for ESR-10/12V(F)/14VF/15/20/21/30/100/200/3100/3200 and WLC. <VID> – VLAN identifier, set in the range of [2..4094]. It is also possible to create multiple vlan (with a comma) or vlan range (with a hyphen).
8	Configure VLAN list on the interface in tagged mode.	esr(config-if-gi)# switchport general allowed vlan add <VID> tagged	For ESR-1000/1200/1500/1511/1700. <VID> – VLAN identifier, set in the range of [2..4094]. It is also possible to create multiple vlan (with a comma) or vlan range (with a hyphen).
9	Configure VLAN on the interface in tagged mode (optional).	esr(config-if-gi)# switchport trunk native-vlan <VID>	Only for ESR-10/12V(F)/14VF/15/20/21/30/100/200/3100/3200 and WLC. <VID> – VLAN identifier, set in the range of [2..4094].
9	Configure VLAN on the interface in tagged mode (optional).	esr(config-if-gi)# switchport general allowed vlan add <VID> untagged	For ESR-1000/1200/1500/1511/1700. <VID> – VLAN identifier, set in the range of [2..4094].
10	Enable the processing of Ethernet frames of all created VLANs on the interface (optional).	esr(config-if-gi)# switchport trunk allowed vlan auto-all	Only for ESR-10/12V(F)/14VF/15/20/21/30/100/200/3100/3200 and WLC.
10		esr(config-if-gi)# switchport general allowed vlan auto-all	Only for ESR-1000/1200/1500/1511/1700.
11	Set VLAN port identifier (PVID) for incoming untagged traffic (optional).	esr(config-if-gi)# switchport general pvid <PVID>	Only for ESR-1000/1200/1500/1511/1700.

Scroll Pagebreak

Configuration example 1. VLAN removal from the interface

...

Link Layer Discovery Protocol (LLDP) is a data link layer protocol allowing network equipment to notify the devices operating in a local network of its existence and to transmit parameters to it as well as to receive similar information.

Configuration algorithm

Step	Description	Command	Keys
1	Enable LLDP on the router/controller.	esr(config)# lldp enable
2	Enable the LLDPDU receiving and proceeding on the physical interface.	esr(config-if-gi)# lldp receive
3	Enable LLDPDU transmission on the physical interface.	esr(config-if-gi)# lldp transmit
8	Set the LLDPDU sending period (optional).	esr(config)# lldp timer <SEC>	<SEC> – time interval in seconds, takes values of [1..32768]. Default value: 30
4	Set the period during which the router keeps the information received via LLDP (optional)	esr(config)# lldp hold-multiplier <SEC>	<SEC> – time interval in seconds, takes values of [1..10]. Default value: 4
5	Set IP address which will be transmitted to LLDP TLV as the management-address (optional).	esr(config)# lldp management-address <ADDR>	<ADDR> – IP address, defined as AAA.BBB.CCC.DDD where each part takes values of [0..255]. One of the existent is set by default
6	Set the system-description field which will be transmitted to LLDP TLV as the system-description (optional).	esr(config)# lldp system-description <DESCRIPTION>	<DESCRIPTION> – system description, set by the string of up to 255 characters. By default contains the information of the router model and firmware version.
7	Set the system-name field which will be transmitted to LLDP TLV as the system-name (optional).	esr(config)# lldp system-name <NAME>	<NAME> – system name, set by the string of up to 255 characters. By default coincides with the specified hostname

Configuration example

Objective:

...

LLDP MED — LLDP standard enhancement which allows to transmit network policies: VLAN ID, DSCP, priority.

Configuration algorithm

Step	Description	Command	Keys
1	Enable LLDP on the router	esr(config)# lldp enable
2	Enable LLDPDU transmission on the physical interface.	esr(config-if-gi)# lldp transmit
3	Enable MED LLDP enhancement on the router	esr(config)# lldp med fast-start enable
4	Create network policy.	esr(config)# network-policy <NAME>	<NAME> – network-policy name, set by the string of up to 31 characters.
5	Specify the application type.	esr(config-net-policy)# application <APP_TYPE>	<APP-TYPE> – type of the application for which network-policy will be enabled. Takes the following values: voice; voice-signaling; guest-voice; guest-voice-signaling; softphone-voice; video-conferencing; streaming-video; video-signaling.
6	Set the DSCP value (optional).	esr(config-net-policy)# dscp <DSCP>	<DSCP> – DSCP code value, takes values in the range of [0..63].
7	Set the CoS value (optional).	esr(config-net-policy)# priority <PRIORITY>	<COS> – priority value, takes the following values: best-effort – COS0; background – COS1; excellent-effort – COS2; critical-applications – COS3; video – COS4; voice – COS5; internetwork-control – COS6; network-control – COS7.
8	Set VLAN ID value.	esr(config-net-policy)# vlan <VID> [tagged]	<VID> – VLAN ID, takes values of [1..4094]; tagged – key, during the installation of which, the subscriber device will send Ethernet frames of the specified application in a tagged form.
9	Set a network policy on the interface.	esr(config-if-gi)# lldp network-policy <NAME>	<NAME> – network-policy name, set by the string of up to 31 characters.

Voice VLAN configuration example

...

To terminate Ethernet frames of a certain VLAN on a specific physical interface, create a sub-interface with the number of VLAN, frames of which will be terminated. When creating two sub-interfaces having the same VLAN but located on different physical/aggregated interfaces, switching of Ethernet frames between these sub-interfaces will not be possible as external segments will be separate broadcast domains. For data exchange between subscribers of different sub-interfaces (even with the same VLAN-ID) routing will be used, i.e. data exchange will occur at the third level of the OSI model.

Configuration algorithm

Step	Description	Command	Keys
1	Create a sub-interface of a physical interface (possible if the physical interface is in routeport or hybrid mode).	esr(config)# interface gigabitethernet <PORT>.<S-VLAN> or interface tengigabitethernet <PORT>.<S-VLAN> or interface port-channel <CH>.<S-VLAN>	<PORT> – physical interface number. <CH> – aggregated interface number. <S-VLAN> – identifier of created S-VLAN. If a physical interface is included in bridge-group, it will be impossible to create sub-interface.
2	Specify sub-interface description (optional).	esr(config-subif)# description <DESCRIPTION>	<DESCRIPTION> – interface description, set by the string of up to 255 characters.
3	Specify VRF instance, in which the given sub-interface will operate (optional).	esr(config-subif)# ip vrf forwarding <VRF>	<VRF> – VRF name, set by the string of up to 31 characters.
4	Specify the IPv4/IPv6 address and subnet mask for the interface to be configured or enable IP address obtain dynamically.	esr(config-subif)# ip address <ADDR/LEN>	<ADDR/LEN> – IP address and subnet mask length, defined as AAA.BBB.CCC.DDD/EE where each part AAA-DDD takes values of [0..255] and EE takes values of [1..32].

For advanced IPv4 addressing features see section IP addressing configuration.

esr(config-subif)# ipv6 address <IPV6-ADDR/LEN>

<IPV6-ADDR/LEN> – IP address and prefix of a subnet, defined as X:X:X:X::X/EE where each X part takes values in hexadecimal format [0..FFFF] and EE takes values of [1..128].

For advanced IPv6 addressing features see section IPv6 addressing configuration.

Several IPv4/IPv6 addresses can be specified separated by commas. Up to 8 IPv4/IPv6 addresses can be assigned to the interface.

esr(config-subif)# ip address dhcp

For advanced DHCP client operation features, see section DHCP Client management.


5	Disable the Firewall features on the interface or enable the interface in the security zone (see Firewall configuration).	esr(config-subif)# ip firewall disable
5		esr(config-subif)# security-zone <NAME>	<NAME> – security zone name, set by the string of up to 31 characters.
6	Set the time interval during which statistics on the sub-interface load is collected. (optional).	esr(config-subif)# load-average <TIME>	<TIME> – interval in seconds, takes values of [5..150].
7	Set the lifetime of IPv4/IPv6 entries in the ARP table studied on the given interface (optional).	esr(config-subif)# ip arp reachable-time <TIME> or esr(config-subif)# ipv6 nd reachable-time <TIME>	<TIME> – lifetime of dynamic MAC addresses, in milliseconds. Allowed values are from 5000 to 100000000 milliseconds. Real time of the entry update varies from [0,5;1,5]*<TIME>.
8	Change MTU (MaximumTransmitionUnit) size. MTU above 1500 will be active only when using the 'system jumbo-frames' command (optional).	esr(config-subif)# mtu <MTU>	<MTU> – MTU value in bytes. Default value: 1500.
9	Enable recording of the current interface usage statistics (optional).	esr(config-subif)# history statistics
10	Override the MSS (Maximum segment size) field in incoming TCP packets (optional).	esr(config-subif)# ip tcp adjust-mss <MSS> esr(config-subif)# ipv6 tcp adjust-mss <MSS>	<MSS> – MSS value, takes values in the range of [500..1460]. Default value: 1460
It is also possible to configure the sub-interface: QoS in basic or advanced mode (see section QoS management); proxy (see section HTTP/HTTPS traffic proxying); traffic monitoring (see sections Netflow configuration and sFlow configuration); routing protocols functionality (see section Routing management); VRRF protocol (see section Redundancy management); BRAS functionality (see section BRAS (Broadband Remote Access Server) management); IDS/IPS functionality (see section IPS/IDS configuration).

Sub-interface configuration example

...

Q-in-Q is a technology of packet transmission with two 802.1q tags. The technology is used for extending quantity of VLANs in data networks. 802.1q header, which is closer to payload, is an Inner Tag. also known as C-VLAN (Customer VLAN). 802.1q header, which is comes before C-VLAN, is an Outer Tag also known as S-VLAN (Service VLAN). Using of double tags in Ethernet frames is describing by 802.1ad protocol.

Configuration algorithm

Step	Description	Command	Keys
1	Create a sub-interface of a physical interface (possible if the physical interface is in routeport or hybrid mode).	esr(config)# interface gigabitethernet <PORT>.<S-VLAN> or interface tengigabitethernet <PORT>.<S-VLAN> or interface port-channel <CH>.<S-VLAN>	<PORT> – physical interface number. <CH> – aggregated interface number. <S-VLAN> – identifier of created S-VLAN. If a physical interface is included in bridge-group, it will be impossible to create sub-interface.
2	Create Q-in-Q interface.	esr(config)# interface gigabitethernet <PORT>.<S-VLAN>.<C-VLAN> or esr(config)# interface tengigabitethernet <PORT>.<S-VLAN>.<C-VLAN> or esr(config)# interface port-channel <CH>.<S-VLAN>.<C-VLAN>	<PORT> – physical interface number. <CH> – aggregated interface number. <S-VLAN> – identifier of created S-VLAN. <C-VLAN> – identifier of created C-VLAN. If a physical interface or a sub-interface is included in bridge-group, it will be impossible to create sub-interface.
3	Specify Q-in-Q interface description (optional).	esr(config-qinq-if)# description <DESCRIPTION>	<DESCRIPTION> – interface description, set by the string of up to 255 characters.
4	Specify VRF instance, in which the given Q-in-Q interface will operate (optional).	esr(config-qinq-if) # ip vrf forwarding <VRF>	<VRF> – VRF name, set by the string of up to 31 characters.
5	Specify the IPv4/IPv6 address and subnet mask for the interface to be configured or enable IP address obtain dynamically.	esr(config-qinq-if)# ip address <ADDR/LEN>	<ADDR/LEN> – IP address and subnet mask length, defined as AAA.BBB.CCC.DDD/EE where each part AAA-DDD takes values of [0..255] and EE takes values of [1..32].

For advanced IPv4 addressing features see section IP addressing configuration.

esr(config-qinq-if)# ipv6 address <IPV6-ADDR/LEN>

<IPV6-ADDR/LEN> – IP address and prefix of a subnet, defined as X:X:X:X::X/EE where each X part takes values in hexadecimal format [0..FFFF] and EE takes values of [1..128].

For advanced IPv6 addressing features see section IPv6 addressing configuration.

Several IPv4/IPv6 addresses can be specified separated by commas. Up to 8 IPv4/IPv6 addresses can be assigned to the interface.

esr(config-qinq-if)# ip address dhcp

For advanced DHCP client operation features, see section DHCP Client management.


6	Disable the Firewall features on the interface or enable the interface in the security zone (see Firewall configuration).	esr(config-qinq-if)# ip firewall disable
6		esr(config-qinq-if)# security-zone <NAME>	<NAME> – security zone name, set by the string of up to 31 characters.
7	Set the time interval during which statistics on the sub-interface load is collected. (optional).	esr(config-subif)# load-average <TIME>	<TIME> – interval in seconds, takes values of [5..150].
8	Set the lifetime of IPv4/IPv6 entries in the ARP table studied on the given interface (optional).	esr(config-subif)# ip arp reachable-time <TIME> or esr(config-subif)# ipv6 nd reachable-time <TIME>	<TIME> – lifetime of dynamic MAC addresses, in milliseconds. Allowed values are from 5000 to 100000000 milliseconds. Real time of the entry update varies from [0,5;1,5]*<TIME>.
9	Change MTU (MaximumTransmitionUnit) size. MTU above 1500 will be active only when using the 'system jumbo-frames' command (optional).	esr(config-subif)# mtu <MTU>	<MTU> – MTU value in bytes. Default value: 1500.
10	Enable recording of the current interface usage statistics (optional).	esr(config-subif)# history statistics
11	Override the MSS (Maximum segment size) field in incoming TCP packets (optional).	esr(config-subif)# ip tcp adjust-mss <MSS> esr(config-subif)# ipv6 tcp adjust-mss <MSS>	<MSS> – MSS value, takes values in the range of [500..1460]. Default value: 1460
It is also possible to configure the Q-in-Q interface: QoS in basic or advanced mode (see section QoS management); proxy (see section HTTP/HTTPS traffic proxying); traffic monitoring (see sections Netflow configuration and sFlow configuration); routing protocols functionality (see section Routing management); VRRF protocol (see section Redundancy management); BRAS functionality (see section BRAS (Broadband Remote Access Server) management); IDS/IPS functionality (see section IPS/IDS configuration).

Q-in-Q configuration example

...

USB modems configuration algorithm

Step	Description	Command	Keys
1	After USB modem connection, wail until the system detects the connected device.
2	Define which number of the device is allocated to the connected USB modem.	esr# show cellulars status modem	The connected device identifier will be specified in 'USB port' field
3	Create parameter profile for USB modem and switch to the profile configuration mode.	esr(config)# cellular profile <ID>	<ID> – identifier of USB modem parameter profile, set in the range of [1..10].
4	Specify parameter profile description (optional).	esr(config-cellular-profile)# description <DESCRIPTION>	<DESCRIPTION> – profile description, set by the string of up to 255 characters.
5	Set mobile network access point	esr(config-cellular-profile)# apn <NAME>	<NAME> – mobile network access point, set by the string of up to 31 characters.
6	Set the name of mobile network user (if authentication by login/password required by cellular carrier).	esr(config-cellular-profile)# user <NAME>	<NAME> – user name, set by the string of up to 31 characters.
7	Set the password of mobile network user (if authentication by login/password required by cellular carrier).	esr(config-user)# password ascii-text { <CLEAR-TEXT> \| encrypted <ENCRYPTED-TEXT> }	<CLEAR-TEXT> – unencrypted password, set by the string of [1..64] characters, may include [0-9a-fA-F] characters. <ENCRYPTED-TEXT> – unencrypted password, set by the string of [2..128] characters.
8	Activate user (if authentication by login/password required by cellular carrier).	esr(config-user)# enable
9	Set the dial-up number for connection to the mobile network.	esr(config-cellular-profile)# number <WORD>	<WORD> – dial-up number for connection to a mobile network, set by the string of up to 15 characters.
10	Set the method of user authentication in the mobile network (optional).	esr(config-cellular-profile)# allowed-auth <TYPE>	<TYPE> – method of user authentication in a mobile network [none, PAP, CHAP, MSCHAP, MSCHAPv2, EAP]. Default value: PAP
11	Limit the possibility of the use of IP addresses in mobile network.	esr(config-cellular-profile)# ip-version { ipv4 \| ipv6 }	ipv4 – IPv4 family; ipv6 – IPv6 family;
12	Create USB modem in the router configuration and switch to the modem configuration mode.	esr(config)# cellular modem <ID>	<ID> – USB modem identifier, set in the range of [1..10].
13	Specify modem description (optional).	esr(config-cellular-modem)# description <DESCRIPTION>	<DESCRIPTION> – modem description, set by the string of up to 255 characters.
14	Specify VRF instance, in which the given modem will operate (optional).	esr(config-cellular-modem)# ip vrf forwarding <VRF>	<VRF> – VRF name, set by the string of up to 31 characters.
15	Set USB modem identifier allocated by the system (specified in item 2).	esr(config-cellular-modem)# device <WORD>	<WORD> – identifier of connected modem’s USB port, set in the range of [1..12].
16	Set the previously established parameter profile to the USB modem.	esr(config-cellular-modem)# profile <ID>	<ID> – identifier of USB modem parameter profile, set in the range of [1..10].
17	Set SIM card unlock code (if necessary).	esr(config-cellular-modem)# pin <WORD>	<WORD> – SIM card unblock code [4..8]. Only digits are allowed.
18	Allow the use of any USB modem operation mode (optional).	esr(config-cellular-modem)# allowed-mode <MODE>	<MODE> – acceptable USB modem operation mode [2g, 3g, 4g]. By default: all modes supported by the modem are allowed.
19	Set the size of the largest received packet (optional).	esr(config-cellular-modem)# mru { <MRU> }	<MRU> – MRU value, takes values in the range of [128..16383]. Default value: 1500.
20	Change the maximum size of processed MTU (MaximumTransmissionUnit) packets. MTU above 1500 will be active only when using the «system jumbo-frames» command (optional).	esr(config-cellular-modem)# mtu <MTU>	<MTU> – MTU value in bytes. Default value: 1500.
21	Set the preferable USB modem operation mode in the mobile network (optional).	esr(config-cellular-modem)# preferred-mode { <MODE> }	<MODE> – preferable USB modem operation mode [2g, 3g, 4g].
22	Disable the Firewall features on the interface or enable the interface in the security zone (see Firewall configuration).	esr(config-subif)# ip firewall disable
22		esr(config-subif)# security-zone <NAME>	<NAME> – security zone name, set by the string of up to 31 characters.
23	Activate USB modem.	esr(config-cellular-modem)# enable
It is also possible to configure a cellular network modem: QoS in basic or advanced mode (see section QoS management); proxy (see section HTTP/HTTPS traffic proxying); traffic monitoring (see sections Netflow configuration and sFlow configuration); routing protocol functionality (see sections Policy-based routing and MultiWAN).

Примечание
For the full modem mobile network functionality, additionally configure the routing and NAT functionality.

...

Spanning Tree configuration algorithm

Step	Description	Command	Keys
1	Enable spanning-tree in the vlan-aware mode.	esr(config)# spanning-tree
2	Set the amount of time to spend listening and learning states before switching to transmit state.	esr(config)# spanning-tree forward-time <TIME>	<TIME> – time in seconds, takes values [4..30]. Default value: 15 seconds.
3	Set the time interval between sending BPDU packets.	esr(config)# spanning-tree hello-time <TIME>	<TIME> – time in seconds, takes values [1..10]. Default value: 2 seconds.
4	Set STP lifetime.	esr(config)# spanning-tree max-age <TIME>	<TIME> – time in seconds, takes values [6..40]. Default value: 20 seconds.
5	Select a supported protocol from the STP family.	esr(config)# spanning-tree mode <MODE>	<MODE> – STP family protocol: STP – IEEE 802.1D Spanning Tree Protocol; RSTP – IEEE 802.1W Rapid Spanning Tree Protocol; MSTP – IEEE 802.1s Multiple Spanning Trees. Default value: RSTP.
6	Set the path value determination method.	esr(config)# spanning-tree pathcost method <short \| long>	long – value in the range of [1..200000000]; short – value in the range of [1..65535]. Default value: short.
7	Set STP priority.	esr(config)# spanning-tree priority <PRIORITY>	<PRIORITY> – priority, specified in the range with increments of 4096 [0..61440]. Default value: 32768.
8	Switch to interface/tunnel/network bridge configuration mode.	esr(config)# interface <IF-TYPE><IF-NUM>	<IF-TYPE> – interface type; <IF-NUM> – F/S/P – F frame (1), S – slot (0), P – port.
		esr(config)# tunnel <TUN-TYPE><TUN-NUM>	<TUN-TYPE> – tunnel type; <TUN-NUM> – tunnel number.
		esr(config)# bridge <BR-NUM>	<BR-NUM> – bridge number.
9	Enable spanning-tree.	esr(config-bridge)# spanning-tree
10	Set the amount of time to spend listening and learning states before switching to transmit state.	esr(config-bridge)# spanning-tree forward-time <TIME>	<TIME> – time in seconds, takes values [4..30]. Default value: 15 seconds.
11	Set the time interval between sending BPDU packets.	esr(config-bridge)# spanning-tree hello-time <TIME>	<TIME> – time in seconds, takes values [1..10]. Default value: 2 seconds.
12	Set STP lifetime.	esr(config-bridge)# spanning-tree max-age <TIME>	<TIME> – time in seconds, takes values [6..40]. Default value: 20 seconds.
13	Select a supported protocol from the STP family.	esr(config-bridge)# spanning-tree mode <MODE>	<MODE> – STP family protocol: STP – IEEE 802.1D Spanning Tree Protocol; RSTP – IEEE 802.1W Rapid Spanning Tree Protocol. Default value: RSTP.
14	Set STP priority.	esr(config-bridge)# spanning-tree priority <PRIORITY>	<PRIORITY> – priority, specified in the range with increments of 4096 [0..61440]. Default value: 32768.
15	Disable STP on the configured interface.	esr(config-if-gi)# spanning-tree disable
16	Set the path value determination method.	esr(config-if-gi)# spanning-tree cost	<COST> – path cost in the range [1..20000000]. Default value: 4.
17	Allow this port to be set as root.	esr(config-if-gi)# spanning-tree guard root
18	Set the RSTP protocol to the transmitting state and determine the type of connection for the selected port – 'point-to-point', 'branched'.	esr(config-if-gi)# spanning-tree link-type {point-to-point\|shared}	point-to-point – the command defines the interface as 'point-to-point'; shared – the command defines the interface as 'shared'. Default value: point-to-point.
19	Set interface priority in STP spanning tree.	esr(config-if-gi)# spanning-tree port-priority <PRIORITY>	<PRIORITY> – priority, specified in the range with increments of 16 [0..240].
20	The mode is activated, in which the port, when the link is up, immediately switches to the transmitting state, without waiting for the timer to expire.	esr(config-if-gi)# spanning-tree portfast

Примечание
The commands for configuring MSTP are only available on the ESR-1000 as the MSTP protocol is currently supported solely on this device.

...

Якорь
Алгоритм настройки PPP через E1
Алгоритм настройки PPP через E1
Configuration algorithm

Step	Description	Command	Keys
Preconfiguration:
1	Enable support for Jumbo frames. To apply changes, the device restart is required.	esr(config)# system jumbo-frames
Physical interface configuration:
2	Select the interface where TOPGATE-WAN-E1 is installed.	esr(config)# interface gigabitethernet 1/0/3
3	Put physical interface in switch mode.	esr(config-if-gi)# mode switchport
4	Set the operation mode of the E1 interface.	esr(config-if-gi)# switchport mode e1
5	Set the synchronization source (optional).	esr(config-if-gi)# switchport e1 clock source <SOURCE>	<SOURCE> – synchronization source: Internal (default) – synchronize with an internal source; line – synchronize with a linear signal.
6	Specify MTU (Maximum Transmission Unit) size for physical interfaces.	esr(config-if-gi)# mtu <MTU>	<MTU> – MTU value, for E1 and Multilink interfaces may take values in the range of [1510..9600].
7	Specify frame check hash algorithm (optional).	esr(config-if-gi)# switchport e1 crc <FCS>	<FCS> – frame check sequence: 16 (default) – FCS16; 32 – FCS32.
8	Set check for transmission errors (optional).	esr(config-if-gi)# switchport e1 framing <CRC>	<CRC> – cyclic redundancy check: crc-4 – use CRC-4 algorithm; no-crc4 (default) – do not use check.
9	Set transmitting bits inversion (optional).	esr(config-if-gi)# switchport e1 invert data
10	Set linear encoding type (optional).	esr(config-if-gi)# switchport e1 linecode <CODE>	<CODE> – linear encoding type; ami – alternate mark inversion; hdb3 (default) – high density bipolar of order 3.
11	Set amount of timeslots.	esr(config-if-gi)# switchport e1 timeslots <RANGE>	<RANGE> – amount of timeslots.
12	Use E1 as a single entity, without time slots (optional).	esr(config-if-gi)# switchport e1 unframed
E1 interface configuration:
13	Select E1 interface.	esr(config)# interface e1 1/<SLOT>/1	<SLOT> – slot number.
14	Specify IPv4 and network mask for the configured interface.	esr(config-e1)# ip address <ADDR/LEN>	<ADDR/LEN> – IP address network mask length specified as AAA.BBB.CCC.DDD/EE, where each AAA – DDD part takes values [0..255] and EE takes values [1..32].
15	Disable Firewall functions on the interface or include the interface in the security zone (see the Firewall configuration section).	esr(config-e1)# ip firewall disable
15		esr(config-e1)# security-zone <NAME>	<NAME> – name of the security zone, specified as a string of up to 31 characters.
Additional PPP settings for E1:
16	Enable CHAP authentication for PPP (optional).	esr(config-e1)# ppp authentication chap
17	Specify router name that is sent to a remote party for CHAP authentication (optional).	esr(config-e1)# ppp chap hostname <NAME>	<NAME> – router name.
18	Set authentication password (optional).	esr(config-e1)# ppp chap password ascii-text <CLEAR-TEXT>	<CLEAR-TEXT> – unencrypted password, set by the string of [1..64] characters, may include [0-9a-fA-F] characters.
19	Enable authentication override (optional).	esr(config-e1)# ppp chap refuse
20	Set authentication username (optional).	esr(config-e1)# ppp chap username <NAME>	<NAME> – user name.
21	Allow any non-null IP address to be accepted as a local IP address from the neighbour (optional).	esr(config-e1)# ppp ipcp accept-address
22	Set IP address that is sent to a remote party for the further allocation (optional).	esr(config-e1)# ppp ipcp remote-address <ADDR>	<ADDR> – IP address of a remote gateway.
23	Set the amount of attempts to send Configure-Request packets before the remote peer is found to be unable to respond (optional).	esr(config-e1)# ppp max-configure <VALUE>	<VALUE> – number of retries.
24	Set the amount of attempts to send Configure-NAK packets before all options are confirmed (optional).	esr(config-e1)# ppp max-failure <VALUE>	<VALUE> – number of retries.
25	Set the amount of attempts to send Terminate-Request packets before the session is aborted (optional).	esr(config-e1)# ppp max-terminate <VALUE>	<VALUE> – number of retries.
26	Set MRU (Maximum Receive Unit) size for the interface (optional).	esr(config-e1)# ppp mru <MRU>	<MRU> – MRU value.
27	Specify the time interval in seconds after which the router sends a keepalive message (optional).	esr(config-e1)# ppp timeout keepalive <TIME>	<TIME> – time in seconds.
28	Specify the interval after which the router sends a keepalive message (optional).	esr(config-e1)# ppp timeout retry <TIME>	<TIME> – time in seconds.
Enable E1 interface in Multilink PPP:
29	Add to MLPPP group (optional).	esr(config-e1)# ppp multilink-group <GROUP-ID>	<GROUP-ID> – group number.
30	Enable MLPPP mode (optional).	esr(config-e1)# ppp multilink

Configuration example

Objective:

...

Multilink PPP (MLPPP) is an aggregated channel that encompasses methods of traffic transition via multiple physical channels while having a single logical connection. This option allows enhancing bandwidth and enables load balancing.

Configuration algorithm

Step	Description	Command	Keys
1	Configure aggregation group.	esr(config)# interface multilink <IF>	<IF> – interface name.
2	Specify the description of configured aggregation group (optional).	esr(config-multilink)# description <DESCRIPTION>	<DESCRIPTION> – aggregation group description, set by the string of up to 255 characters.
3	Specify the time interval during which the statistics on the aggregation group load is averaged (optional).	esr(config-multilink)# load-average <TIME>	<TIME> – interval in seconds, takes values of [5..150]. Default value: 5.
4	Specify MTU (Maximum Transmission Unit) size for the aggregation group (optional). MTU above 1500 will be active only when using the 'system jumbo-frames' command.	esr(config-multilink)# mtu <MTU>	<MTU> – MTU value, takes values in the range of [1280..1500]. Default value: 1500.
5	Enable CHAP authentication.	esr(config-multilink)# ppp authentication chap
6	Enable authentication override (optional).	esr(config-multilink)# ppp chap refuse
7	Specify the router/controller name that is sent to a remote party for CHAP authentication.	esr(config-multilink)# ppp chap hostname <NAME>	<NAME> – router name, set by the string of up to 31 characters
8	Specify the password that is sent with the router/controller name to a remote party for CHAP authentication.	esr(config-multilink)# ppp chap password ascii-text { <CLEAR-TEXT> \| encrypted <ENCRYPTED-TEXT> }	<CLEAR-TEXT> – unencrypted password, set by the string of [8..64] characters, may include [0-9a-fA-F] characters. <ENCRYPTED-TEXT> – unencrypted password, set by the string of [16..128] characters.
9	Allow any non-null IP address to be accepted as a local IP address from the neighbour (optional).	esr(config-multilink)# ppp ipcp accept-address
10	Set IP address that is sent to a remote party for the further allocation.	esr(config-multilink)# ppp iccp remote-address <ADDR>	<ADDR> – IP address of a remote gateway.
11	Specify a user for remote party authentication and switch to the specified user configuration mode.	esr(config-multilink)# chap username <NAME>	<NAME> – user name, set by the string of up to 31 characters.
12	Set encrypted or unencrypted password for a specific user to authenticate the remote party.	esr(config-ppp-user)# password ascii-text { <CLEAR-TEXT> \| encrypted <ENCRYPTED-TEXT> }	<CLEAR-TEXT> – unencrypted password, set by the string of [8..64] characters, may include [0-9a-fA-F] characters. <ENCRYPTED-TEXT> – unencrypted password, set by the string of [16..128] characters.
13	Set the amount of attempts to send Configure-Request packets before the remote peer is found to be unable to respond (optional).	esr(config-multilink)# ppp max-configure <VALUE>	<VALUE> – time in seconds, takes values of [1..255]. Default value: 10.
14	Set the amount of attempts to send Configure-NAK packets before all options are confirmed (optional).	esr(config-multilink)# ppp max-failure <VALUE>	<VALUE> – time in seconds, takes values of [1..255].
15	Set the amount of attempts to send Terminate-Request packets before the session is aborted (optional).	esr(config-multilink)# ppp max-terminate <VALUE>	<VALUE> – time in seconds, takes values of [1..255]. Default value: 2.
16	Set MRU (Maximum Receive Unit) size for the interface.	esr(config-multilink)# ppp mru <MRU>	<MRU> – MRU value, takes values in the range of [128..1485]. Default value: 1500.
17	Specify the time interval in seconds after which the router/controller sends a keepalive message (optional).	esr(config-multilink)# ppp timeout keepalive <TIME>	<TIME> – time in seconds, takes values of [1..32767]. Default value: 10.
18	Specify the time interval in seconds after which the router/controller sends a keepalive message (optional).	esr(config-multilink)# ppp timeout retry <TIME>	<TIME> – time in seconds, takes values of [1..255]. Default value: 3.
19	Specify the maximum packet size for MLPP interface.	esr(config-multilink)# mrru <MRRU>	<MRRU> – maximum size of a received packet for MLPP interface, takes value in the range of [1500..10000].
20	Bind e1 port to the physical interface.	esr(config-if-gi)# switchport e1 <SLOT>	<SLOT> – slot identifier, takes values in the range of [0..3].
21	Put the physical port into SFPe1 module operation mode.	esr(config-if-gi)# switchport mode e1
22	Enable MLPPP mode on E1 interface.	esr(config-e1)# ppp multilink
23	Include E1 interface in the aggregation group.	esr(config-e1)# ppp multilink-group <GROUP-ID>	<GROUP-ID> – group identifier, takes values in the range of [1..4].

Configuration example

Objective:

...

Bridge is a method of connection for two Ethernet segments on data-link level without any higher level protocols, such as IP. Packet transmission is based on Ethernet addresses, not on IP addresses. Given that the transmission is performed on data-link level (Level 2 of the OSI model), higher level protocol traffic passes through the bridge transparently.

Configuration algorithm

Step	Description	Command	Keys
1	Add a network bridge to the system and switch to its configuration mode.	esr(config)# bridge <BRIDGE-ID>	<BRIDGE-ID> – bridge identification number, takes values in the range of: for ESR-10/12V(F)/14VF/15 and WLC-15 – [1..50]; for ESR-20/21/30/100/200 and WLC-30– [1..250]; for ESR-1000/1200/1500/1511/1700/3100/3200 and WLC-3200 – [1..500].
2	Enable network bridge.	esr(config-bridge)# enable
3	Specify VRF instance, in which the given modem will operate (optional).	esr(config-bridge)# ip vrf forwarding <VRF>	<VRF> – VRF name, set by the string of up to 31 characters.
4	Specify the configured network bridge description (optional).	esr(config-bridge)# description <DESCRIPTION>	<DESCRIPTION> – network bridge description, set by the string of up to 255 characters.
5	Connect sub interface, qinq interface, L2GRE tunnel or L2TPv3 tunnel with the network bridge. Connected interfaces/tunnels and network bridges automatically become participants of the shared L2 domain (optional).	esr(config-if-gi)# bridge-group <BRIDGE-ID> esr(config-if-l2tpv3)# bridge-group <BRIDGE-ID>	<BRIDGE-ID> – bridge identification number, takes values in the range of: for ESR-10/12V(F)/14VF/15 and WLC-15 – [1..50]; for ESR-20/21/30/100/200 and WLC-30 – [1..250]; for ESR-1000/1200/1500/1511/1700/3100/3200 and WLC-3200 – [1..500].
6	Connect the current network bridge with VLAN. All interfaces and L2 tunnels that are members of the assigned VLAN are automatically included in the network bridge and become members of the shared L2 domain (optional)	esr(config-bridge)# vlan <VID>	<VID> – VLAN identifier, set in the range of [1..4094].
7	Specify the size of MTU packets that can be passed by the bridge (optional; possible if only VLAN is included in the bridge). MTU above 1500 will be active only when using the 'system jumbo-frames' command.	esr(config-bridge)# mtu <MTU>	<MTU> – MTU value, takes values in the range of: for ESR-10/12V(F)/14VF/15 and WLC-15 – [552..9600]; for ESR-20/21/30 and WLC-30 – [552..9500]; for ESR-100/200/1000/1200/1500/1511/1700 – [552..10000] for ESR-1500/1511/1700/3100/3200 – [552..9190]. Default value: 1500
8	Specify the IPv4/IPv6 address and subnet mask for the interface to be configured or enable IP address obtain dynamically.	esr(config-bridge)# ip address <ADDR/LEN>	<ADDR/LEN> – IP address and subnet mask length, defined as AAA.BBB.CCC.DDD/EE where each part AAA-DDD takes values of [0..255] and EE takes values of [1..32].

For advanced IPv4 addressing features see section IP addressing configuration.

esr(config-bridge)# ipv6 address <IPV6-ADDR/LEN>

<IPV6-ADDR/LEN> – IP address and prefix of a subnet, defined as X:X:X:X::X/EE where each X part takes values in hexadecimal format [0..FFFF] and EE takes values of [1..128].

For advanced IPv6 addressing features see section IPv6 addressing configuration.

Several IPv4/IPv6 addresses can be specified separated by commas. Up to 8 IPv4/IPv6 addresses can be assigned to the interface.

esr(config-bridge)# ip address dhcp

For advanced DHCP client operation features, see section DHCP Client management.


9	Disable the Firewall features on the interface or enable the interface in the security zone (see Firewall configuration).	esr(config-bridge)# ip firewall disable
9		esr(config-bridge)# security-zone <NAME>	<NAME> – security zone name, set by the string of up to 31 characters.
10	Enable recording of the current interface usage statistics (optional).	esr(config-bridge)# history statistics
11	Specify the time interval during which the statistics on the bridge load is averaged (optional).	esr(config-bridge)# load-average <TIME>	<TIME> – interval in seconds, takes values of [5..150]. Default value: 5
12	Specify the network bridge MAC address different from a system one (optional).	esr(config-bridge)# mac-address <ADDR>	<ADDR> – network bridge MAC address, defined as XX:XX:XX:XX:XX:XX where each part takes the values of [00..FF].
13	Enable interface isolation mode on the bridge. In this mode, the traffic exchange between members of the network bridge is prohibited. (Optional; relevant only for ESR-1000/1200/1500/1511/1700/3100)	esr(config-bridge)# protected-ports [ exclude vlan ]	exclude vlan – when specifying the given key, VLAN (connected with bridge) is excluded from the isolated interfaces list.
14	Prohibit unknown-unicast traffic switching (when a destination MAC address is not included in the switching table) in the given bridge. (Optional; relevant only for ESR-1000/1200/1500/1511/1700/3100)	esr(config-bridge)# unknown-unicast-forwarding disable
15	Set the lifetime of IPv4/IPv6 entries in the ARP table studied on the given bridge (optional).	esr(config-bridge)# ip arp reachable-time <TIME> or esr(config-bridge)# ipv6 nd reachable-time <TIME>	<TIME> – lifetime of dynamic MAC addresses, in milliseconds. Allowed values are from 5000 to 100000000 milliseconds. Real time of the entry update varies from [0,5;1,5]*<TIME>.
It is also possible to configure for the bridge interface: QoS in basic or advanced mode (see section QoS management); proxy (see section HTTP/HTTPS traffic proxying); traffic monitoring (see sections Netflow configuration and sFlow configuration); routing protocols functionality (see section Routing management); VRRF protocol (see section Redundancy management); BRAS functionality (see section BRAS (Broadband Remote Access Server) management); IDS/IPS functionality (see section IPS/IDS configuration).

Якорь

	Пример настройки bridge для VLAN и L2TPv3-туннеля
	Пример настройки bridge для VLAN и L2TPv3-туннеля

...

Specify the affiliation of L2TPv3 tunnel to bridge mapped to LAN (for L2TPv3 tunnel configuration, see Section section L2TPv3 tunnel configuration). In general, bridge and tunnel identifiers should not match the VID, unlike this example.

...

LACP is a link aggregation protocol that allows multiple physical links to be combined into a single logical link. This process allows to increase the communication link bandwidth and robustness.

Configuration algorithm

Step	Description	Command	Keys
1	Set the system priority for LACP.	esr(config)# lacp system-priority <PRIORITY>	<PRIORITY> – priority, set in the range of [1..65535]. Default value: 1.
2	Set the load balancing mechanism for channel aggregation groups.	esr(config)# port-channel load-balance { src-dst-mac-ip \| src-dst-mac \| src-dst-ip \| src-dst-mac-ip-port }	src-dst-mac-ip – balancing mechanism is based on source and destination MAC addresses and IP addresses; src-dst-mac – balancing mechanism is based on the MAC address of a sender and receiver; src-dst-ip – balancing mechanism is based on the IP address of a sender and receiver; src - dst - mac - ip - port – balancing mechanism is based on source and destination MAC address, IP address and port.
3	Set LACP administration timeout.	esr(config)# lacp timeout {short \| long }	long – long timeout; short – short timeout. Default value: long.
4	Create and switch to the aggregated interface configuration mode.	esr(config)# interface port-channel <ID>	<ID> – sequence number of a channel aggregation group, takes values of [1..12].
5	Configure the required parameters of aggregated channel.
6	Switch to the physical interface configuration mode.	esr(config)# interface <IF-TYPE><IF-NUM>	<IF-TYPE> interface type (gigabitethernet or tengigabitethernet). <IF-NUM> – F/S/P – F frame (1), S – slot (0), P – port.
7	Include a physical interface in the channel aggregation group specifying the mode of the channel aggregation group formation.	esr(config-if-gi)# channel-group <ID> mode <MODE>	<ID> – sequence number of a channel aggregation group, takes values of [1..12]. <MODE> – mode of the channel aggregation group formation: auto – add interface to the dynamic aggregation group with the support of LACP; on – add interface to the static aggregation group.
8	Set the Ethernet interface LACP priority.	esr(config-if-gi)# lacp port-priority <PRIORITY>	<PRIORITY> – priority, set in the range of [1..65535]. Default value: 1
9	Set the time interval during which statistics on the sub-interface load is collected (optional).	esr(config-subif)# load-average <TIME>	<TIME> – interval in seconds, takes values of [5..150].
10	Set the lifetime of IPv4/IPv6 entries in the ARP table studied on the given interface (optional).	esr(config-subif)# ip arp reachable-time <TIME> or esr(config-subif)# ipv6 nd reachable-time <TIME>	<TIME> – lifetime of dynamic MAC addresses, in milliseconds. Allowed values are from 5000 to 100000000 milliseconds. Real time of the entry update varies from [0,5;1,5]*<TIME>.
11	Change MTU (MaximumTransmitionUnit) size. MTU above 1500 will be active only when using the 'system jumbo-frames' command (optional).	esr(config-subif)# mtu <MTU>	<MTU> – MTU value in bytes. Default value: 1500.
12	Enable recording of the current interface usage statistics (optional).	esr(config-subif)# history statistics
13	Override the MSS (Maximum segment size) field in incoming TCP packets (optional).	esr(config-subif)# ip tcp adjust-mss <MSS> esr(config-subif)# ipv6 tcp adjust-mss <MSS>	<MSS> – MSS value, takes values in the range of [500..1460]. Default value: 1460
It is also possible to configure the aggregated interface: · IPv4/IPv6 addressing

(see sections IP addressing configuration, IPv6 addressing configuration and DHCP client management)

;

· Firewall (see section Firewall configuration);

· QoS in basic or advanced mode (see section QoS management);

· proxy (see section HTTP/HTTPS traffic proxying);

· traffic monitoring (see sections Netflow configuration and sFlow configuration);

· routing protocols functionality (see section Routing management);

· VRRF protocol (see section Redundancy management)

· BRAS functionality (see section BRAS (Broadband Remote Access Server) management);

· IDS/IPS functionality (see section IPS/IDS configuration).

Configuration example

Objective:

...

AUX configuration is used to specify parameters for interacting with external devices connected via serial interfaces to the ESR.

Configuration algorithm

Step	Description	Command	Keys
1	Switch to the serial interface configuration mode.	esr(config)# line aux <NUM>	<NUM> – a number of a serial interface from the range [1..3].
2	Set the necessary serial interface parameters to communicate with the connected device (optional). These parameters are usually specified in the operation manual of the device to be connected. By default, the standard values will be used.	esr(config-line-aux) databits <BITS> esr(config-line-aux) flowcontrol <FMODE> esr(config-line-aux) parity <PMODE> esr(config-line-aux) speed <SPEED> esr(config-line-aux) stopbits <STOP-BITS>	<BITS> – a number of data bits sent [7..8]. Default is '8'. <FMODE> – data flow control mode. Takes the following values: software – software flow control; hardware – hardware flow control; disabled – flow control disabled; Default is 'disabled'. <PMODE> – parity bit setting mode. Takes the following values: odd – a check for oddness; even – a check for evenness; none – parity bit is not set; Default is 'none'. <SPEED> – a speed of a serial interface in bps. Takes the following values: 300; 1200; 2400; 4800; 9600; 19200; 38400; 57600; 115200; Default is '115200'. <STOP-BITS> – the number of stop bits transmitted[ 1..2]; Default is '1'.
3	Specify serial interface description (optional).	esr(config-line-aux)# description <DESCRIPTION>	<DESCRIPTION> – interface description, set by the string of up to 255 characters.
4	When using the device to be connected as a modem, set the serial interface to modem mode (optional). Note: cannot be used in conjunction with the «transport telnet port» command.	esr(config-line-aux)# modem inout
5	When using the ESR as a terminal server to control a connected device on the serial interface, set the TCP port number to be used as the TCP port number to connect to the ESR via telnet (optional). Note: cannot be used in conjunction with the 'modem inout' command.	esr(config-line-aux)# transport telnet port <PORT>	<PORT> – TCP port number for console server mode. Takes values in the range of [1..65535].

Configuration examples

Objective 1:

...

RJ-45 <--> RJ-45 pinout (rolled over cable)

Scroll Pagebreak

Дерево страниц

Сравнение версий

Старая версия 5

Новая версия Текущий

Ключ

VLAN Configuration

Configuration algorithm

Configuration example 1. VLAN removal from the interface

Configuration algorithm

Configuration example

Objective:

Configuration algorithm

Voice VLAN configuration example

Configuration algorithm

Sub-interface configuration example

Configuration algorithm

Q-in-Q configuration example

USB modems configuration algorithm

Spanning Tree configuration algorithm

Якорь
Алгоритм настройки PPP через E1
Алгоритм настройки PPP через E1
Configuration algorithm

Configuration example

Objective:

Configuration algorithm

Configuration example

Objective:

Configuration algorithm

Configuration algorithm

Configuration example

Objective:

Configuration algorithm

Configuration examples

RJ-45 <--> RJ-45 pinout (rolled over cable)

Дерево страниц

История страницы

Сравнение версий

Старая версия 5

Новая версия Текущий

Ключ

VLAN Configuration

Configuration algorithm

Configuration example 1. VLAN removal from the interface

Configuration algorithm

Configuration example

Objective:

Configuration algorithm

Voice VLAN configuration example

Configuration algorithm

Sub-interface configuration example

Configuration algorithm

Q-in-Q configuration example

USB modems configuration algorithm

Spanning Tree configuration algorithm

ЯкорьАлгоритм настройки PPP через E1Алгоритм настройки PPP через E1Configuration algorithm

Configuration example

Objective:

Configuration algorithm

Configuration example

Objective:

Configuration algorithm

Configuration algorithm

Configuration example

Objective:

Configuration algorithm

Configuration examples

RJ-45 <--> RJ-45 pinout (rolled over cable)

Якорь
Алгоритм настройки PPP через E1
Алгоритм настройки PPP через E1
Configuration algorithm