RAX711-C (A) Configuration Guide (Rel - 01)

www.raisecom.
com
RAX711-C (A)
Configuration Guide
(Rel_01)
Raisecom Proprietary and Confidential

i
Copyright © Raisecom Technology Co., Ltd.
Raisecom Technology Co., Ltd. provides customers with comprehensive technical support and services. For any
assistance, please contact our local office or company headquarters.
Website: http://www.raisecom.com
Tel: 8610-82883305
Fax: 8610-82883056
Email: export@raisecom.com
Address: Raisecom Building, No. 11, East Area, No. 10 Block, East Xibeiwang Road, Haidian District, Beijing,
P.R.China
Postal code: 100094
-----------------------------------------------------------------------------------------------------------------------------------------
Notice
Copyright © 2017
Raisecom
All rights reserved.
No part of this publication may be excerpted, reproduced, translated or utilized in any form or by any means,
electronic or mechanical, including photocopying and microfilm, without permission in Writing from Raisecom
Technology Co., Ltd.
is the trademark of Raisecom Technology Co., Ltd.

All other trademarks and trade names mentioned in this document are the property of their respective holders.
The information in this document is subject to change without notice. Every effort has been made in the
preparation of this document to ensure accuracy of the contents, but all statements, information, and
recommendations in this document do not constitute the warranty of any kind, express or implied.
Raisecom
RAX711-C (A) Configuration Guide Preface
Preface
Objectives
This document introduces features and related configurations supported by the RAX711-C,
including basic principles and configuration procedures of basic configurations, zero-
configuration, interface management, Ethernet, IP services, routing, OAM, QoS, network
reliability, security, and system management and maintenance. In addition, this document
provides related configuration examples. The appendix of this document provides terms,
acronyms, and abbreviations involved in this document.
This document helps you master principles and configurations of the RAX711-C
systematically, and networking with the RAX711-C.
Versions
The following table lists the product versions related to this document.
Product name Product version Hardware version

RAX711-C P100R001C00 or later A.00 or later
Conventions
Symbol conventions
The symbols that may be found in this document are defined as follows.
Symbol Description
Indicate a hazard with a medium or low level of risk which, if
not avoided, could result in minor or moderate injury.
Indicate a potentially hazardous situation that, if not avoided,

could cause equipment damage, data loss, and performance
degradation, or unexpected results.

i
Raisecom
Symbol Description
Provide additional information to emphasize or supplement
important points of the main text.
Indicate a tip that may help you solve a problem or save time.
General conventions
Convention Description
Times New Roman Normal paragraphs are in Times New Roman.
Arial Paragraphs in Warning, Caution, Notes, and Tip are in Arial.
Boldface Names of files, directories, folders, and users are in boldface.
For example, log in as user root.
Italic Book titles are in italics.
Lucida Console Terminal display is in Lucida Console.
Book Antiqua Heading 1, Heading 2, Heading 3, and Block are in Book
Antiqua.
Command conventions
Convention Description
Boldface The keywords of a command line are in boldface.
Italic Command arguments are in italics.
[] Items (keywords or arguments) in square brackets [ ] are
optional.
{ x | y | ... } Alternative items are grouped in braces and separated by
vertical bars. Only one is selected.
[ x | y | ... ] Optional alternative items are grouped in square brackets and
separated by vertical bars. One or none is selected.
{ x | y | ... } * Alternative items are grouped in braces and separated by
vertical bars. A minimum of one or a maximum of all can be
selected.
[ x | y | ... ] * Optional alternative items are grouped in square brackets and
separated by vertical bars. A minimum of none or a maximum
of all can be selected.

ii
Raisecom
User level conventions

User level Description
0–4 Checking level: execute basic commands for performing
network diagnostic function, clearing system information, and
showing command history.
5–10 Monitoring level: execute commands for system maintenance.
11–14 Configuration level: execute commands for configuring
services, such as VLAN and IP routing.
15 Management level: execute commands for running systems.
Interface type and value range

Format Description
interface-type Interface type, including:
 client: physical interface at the user side
 line: physical interface at the line side
 snmp: SNMP interface
 vlan: VLAN interface
 port-channel: LAG interface and sub-interface
 loopback: loopback interface
interface-number Interface ID, varying with the device model and interface type,
ranging as below:
 client: 1–12
 line: 1–4
 snmp: 1
 vlan: 1–4094
 port-channel: 1–3
 loopback: 1
Change history
Updates between document versions are cumulative. Therefore, the latest document version
contains all updates made to previous versions.
Issue 01 (2017-07-10)
Initial commercial release

iii
Raisecom
Contents
1 Basic configurations ..................................................................................................................... 1

1.1 CLI ................................................................................................................................................................... 1
1.1.1 Introduction ............................................................................................................................................. 1
1.1.2 Levels ...................................................................................................................................................... 2
1.1.3 Modes...................................................................................................................................................... 2
1.1.4 Shortcut keys ........................................................................................................................................... 5
1.1.5 Viewing command history ...................................................................................................................... 6
1.1.6 Acquiring help ......................................................................................................................................... 6
1.2 Accessing device .............................................................................................................................................. 9
1.2.1 Accessing device through Console interface ........................................................................................... 9
1.2.2 Accessing device through Telnet ........................................................................................................... 10
1.2.3 Accessing device through SSHv2 ......................................................................................................... 11
1.2.4 Managing users ..................................................................................................................................... 12
1.2.5 Checking configurations ....................................................................................................................... 13
1.3 File management ............................................................................................................................................ 13
1.3.1 Introduction ........................................................................................................................................... 13
1.3.2 Managing configuration files ................................................................................................................ 14
1.4 Backup and upgrade ....................................................................................................................................... 15
1.4.1 Introduction ........................................................................................................................................... 15
1.4.2 Upgrading system software in BootROM mode ................................................................................... 15
1.4.3 Upgrading system software in system configuration mode .................................................................. 18
1.4.4 Backing up system software in system configuration mode ................................................................. 19
1.5 Time management .......................................................................................................................................... 19
1.5.1 Introduction ........................................................................................................................................... 19
1.5.2 Configuring time and time zone ............................................................................................................ 20
1.5.3 Configuring DST .................................................................................................................................. 21
1.5.4 Configuring NTP/SNTP ........................................................................................................................ 21
1.6 Configuring Banner ........................................................................................................................................ 22
1.6.1 Preparing for configurations ................................................................................................................. 22
1.6.2 Configuring Banner............................................................................................................................... 22

iv
Raisecom
1.6.3 Enabling Banner display ....................................................................................................................... 23

2 Interface management ................................................................................................................ 24

2.1 Introduction .................................................................................................................................................... 24
2.1.1 Ethernet interface .................................................................................................................................. 24
2.1.2 VLAN interface..................................................................................................................................... 24
2.1.3 Aggregation group interface .................................................................................................................. 24
2.1.4 Loopback interface ................................................................................................................................ 24
2.1.5 Interface configuration modes............................................................................................................... 24
2.2 Configuring basic information about interface ............................................................................................... 25
2.2.1 Configuring basic information about interface ..................................................................................... 25
2.2.2 Configuring Jumboframe on the interface ............................................................................................ 25
2.3 Configuring Ethernet interface ....................................................................................................................... 26
2.4 Configuring VLAN interface ......................................................................................................................... 26
2.5 Configuring loopback interface ...................................................................................................................... 26
2.6 Checking configurations ................................................................................................................................ 27
2.7 Maintenance ................................................................................................................................................... 27
3 Zero-configuration ...................................................................................................................... 28
3.1 Introduction .................................................................................................................................................... 28
3.1.1 Principles of zero-configuration ............................................................................................................ 28
3.1.2 CO zero-configuration .......................................................................................................................... 30
3.1.3 Zero-configuration of remote device..................................................................................................... 32
3.2 Configuring local zero-configuration ............................................................................................................. 33
3.2.2 Configuring zero-configuration server based on extended OAM ......................................................... 33
3.2.3 Configuring zero-configuration server based on DHCP ....................................................................... 35
3.3 Configuring remote zero-configuration .......................................................................................................... 38
3.3.2 (Optional) configuring remote zero-configuration ................................................................................ 39
3.3.3 (Optional) configuring zero-configuration polling ................................................................................ 40
3.4 Configuration examples ................................................................................................................................. 40
3.4.1 Example for configuring DHCP-based zero-configuration ................................................................... 40
3.4.2 Example for configuring zero-configuration based on extended OAM ................................................ 42
4 IP routing ...................................................................................................................................... 45
4.1 Introduction .................................................................................................................................................... 45
4.1.1 Routing.................................................................................................................................................. 45
4.1.2 Static route ............................................................................................................................................ 45
4.1.3 ARP ....................................................................................................................................................... 46
4.1.4 DHCP .................................................................................................................................................... 46
v
Raisecom
4.2 Configuring route management ...................................................................................................................... 51

4.2.2 Configuring routing management ......................................................................................................... 51
4.3 Configuring static route .................................................................................................................................. 52
4.3.2 Configuring static route ........................................................................................................................ 52
4.4 Configuring routing policy ............................................................................................................................. 53
4.4.1 Configuring IP prefix-list ...................................................................................................................... 53
4.4.2 Configuring route mapping table .......................................................................................................... 53
4.5 Configuring ARP ............................................................................................................................................ 54
4.5.2 .Configuring ARP ................................................................................................................................. 55
4.6 Configuring DHCPv4 Client .......................................................................................................................... 55
4.7 Configuring DHCPv4 Server ......................................................................................................................... 57
4.7.2 Creating and configuring IPv4 address pool ......................................................................................... 57
4.7.3 Configuring DHCPv4 Server of the interface ....................................................................................... 58
4.8 Maintenance ................................................................................................................................................... 58
4.9 Configuration examples ................................................................................................................................. 58
4.9.1 Example for configuring DHCPv4 Client ............................................................................................. 58
4.9.2 Example for configuring DHCPv4 Server ............................................................................................ 60
4.9.3 Example for configuring ARP ............................................................................................................... 61
5 Ethernet ......................................................................................................................................... 63
5.1 Introduction .................................................................................................................................................... 63
5.1.1 MAC address table ................................................................................................................................ 63
5.1.2 VLAN ................................................................................................................................................... 66
5.1.3 Super VLAN ......................................................................................................................................... 69
5.1.4 QinQ...................................................................................................................................................... 71
5.1.5 Loop detection ...................................................................................................................................... 72
5.1.6 Interface protection ............................................................................................................................... 72
5.1.7 Port mirroring........................................................................................................................................ 72
5.1.8 Storm control ........................................................................................................................................ 73
5.1.9 L2CP ..................................................................................................................................................... 74
5.2 Configuring MAC address table..................................................................................................................... 74
5.2.2 Configuring static MAC address table .................................................................................................. 75
5.2.3 Configuring dynamic MAC address table ............................................................................................. 75
5.2.4 Configuring blackhole MAC address .................................................................................................... 76

vi
Raisecom
5.2.5 Configuring suppression of MAC address flapping .............................................................................. 76

5.2.7 Maintenance .......................................................................................................................................... 76
5.3 Configuring VLAN ........................................................................................................................................ 77
5.3.2 Configuring VLAN properties .............................................................................................................. 77
5.3.3 Configuring VLANs based on Access interface .................................................................................... 78
5.3.4 Configuring VLANs based on Trunk interface ..................................................................................... 78
5.4 Configuring super VLAN ............................................................................................................................... 79
5.4.2 Configuring super VLAN ..................................................................................................................... 80
5.5 Configuring basic QinQ ................................................................................................................................. 81
5.5.2 Configuring basic QinQ ........................................................................................................................ 81
5.5.3 Configuring egress interface to Trunk mode ......................................................................................... 81
5.6 Configuring selective QinQ ........................................................................................................................... 82
5.6.2 Configuring selective QinQ .................................................................................................................. 82
5.7 Configuring VLAN mapping ......................................................................................................................... 84
5.7.2 Configuring 1:1 VLAN mapping .......................................................................................................... 84
5.7.3 Configuring N:1 VLAN mapping ......................................................................................................... 85
5.8 Configuring loop detection............................................................................................................................. 85
5.8.2 Configuring loop detection ................................................................................................................... 85
5.8.4 Maintenance .......................................................................................................................................... 86
5.9 Configuring interface protection .................................................................................................................... 86
5.9.2 Configuring interface protection ........................................................................................................... 87
5.10 Configuring port mirroring ........................................................................................................................... 87
5.10.1 Preparing for configurations ............................................................................................................... 87
5.10.2 Configure port mirroring of CPU packets ........................................................................................... 87
5.10.3 Configuring port mirroring ................................................................................................................. 88
5.10.4 Checking configurations ..................................................................................................................... 88
5.11 Configuring storm control ............................................................................................................................ 88
vii
Raisecom
5.11.1 Preparing for configurations ................................................................................................................ 88

5.11.2 Configuring storm control ................................................................................................................... 88
5.12 Configuring L2CP ........................................................................................................................................ 89
5.12.2 Configuring global L2CP .................................................................................................................... 89
5.12.3 Configuring L2CP profile ................................................................................................................... 90
5.12.4 Applying L2CP profile ........................................................................................................................ 91
5.13 Maintenance ................................................................................................................................................. 91
5.14 Configuration examples ............................................................................................................................... 92
5.14.1 Example for configuring MAC address table...................................................................................... 92
5.14.2 Example for configuring VLAN and interface protection ................................................................... 93
5.14.3 Example for configuring basic QinQ .................................................................................................. 97
5.14.4 Example for configuring port mirroring ............................................................................................ 100
5.14.5 Examples for configuring storm control ........................................................................................... 101
5.14.6 Example for configuring L2CP ......................................................................................................... 102
6 Clock synchronization ............................................................................................................. 106

6.1 Introduction .................................................................................................................................................. 106
6.1.1 SyncE .................................................................................................................................................. 107
6.1.2 IEEE 1588 v2 protocol (PTP) ............................................................................................................. 107
6.2 Configuring clock synchronization based on SyncE .................................................................................... 108
6.2.2 Configuring clock source properties of SyncE ................................................................................... 108
6.2.3 Choosing clock source for SyncE manually ....................................................................................... 109
6.3 Configuring PTP-based clock synchronization ............................................................................................ 109
6.3.2 Configuring PTP ................................................................................................................................. 110
7 Network reliability ................................................................................................................... 111

7.1 Introduction .................................................................................................................................................. 111
7.1.1 ELPS ................................................................................................................................................... 112
7.1.2 ERPS ................................................................................................................................................... 115
7.1.3 Link aggregation ................................................................................................................................. 120
7.1.4 Interface backup .................................................................................................................................. 123
7.1.5 Link-state tracking .............................................................................................................................. 125
7.2 Configuring ELPS ........................................................................................................................................ 126
7.2.2 Creating protection lines ..................................................................................................................... 126
7.2.3 Configuring ELPS fault detection modes............................................................................................ 127

viii
Raisecom
7.2.4 (Optional) configuring ELPS switching control ................................................................................. 128

7.3 Configuring ERPS ........................................................................................................................................ 129
7.3.2 Creating ERPS protection ring ............................................................................................................ 129
7.3.3 (Optional) creating ERPS protection tributary ring ............................................................................ 131
7.3.4 Configuring ERPS fault detection modes ........................................................................................... 132
7.3.5 (Optional) configuring ERPS switching control ................................................................................. 132
7.4 Configuring link aggregation ....................................................................................................................... 133
7.4.2 Configuring manual link aggregation ................................................................................................. 133
7.4.3 Configuring static LACP link aggregation .......................................................................................... 134
7.4.4 Configuring manual backup link aggregation ..................................................................................... 135
7.4.5 Configuring static LACP backup link aggregation ............................................................................. 136
7.5 Configuring interface backup ....................................................................................................................... 137
7.5.2 Configuring basic functions of interface backup ................................................................................ 138
7.5.3 (Optional) configuring interface FS .................................................................................................... 138
7.6 Configuring link-state tracking .................................................................................................................... 139
7.6.2 Configuring link-state tracking ........................................................................................................... 139
7.7.1 Example for configuring manual link aggregation .............................................................................. 140
7.7.2 Examples for configuring link-state tracking ...................................................................................... 142
7.7.3 Example for configuring static LACP link aggregation ...................................................................... 143
8 OAM ............................................................................................................................................ 146

8.1 Introduction .................................................................................................................................................. 146
8.1.1 EFM .................................................................................................................................................... 146
8.1.2 CFM .................................................................................................................................................... 149
8.1.3 SLA ..................................................................................................................................................... 151
8.1.4 Y.1564 ................................................................................................................................................. 152
8.2 Configuring EFM ......................................................................................................................................... 153
8.2.2 Configuring EFM basic functions ....................................................................................................... 154
8.2.3 Configuring EFM active functions ...................................................................................................... 154
8.2.4 Configuring EFM passive functions ................................................................................................... 155
8.2.5 Configuring link monitoring and fault indication ............................................................................... 156

ix
Raisecom

8.3 Configuring CFM ......................................................................................................................................... 158
8.3.2 Enabling CFM ..................................................................................................................................... 158
8.3.3 Configuring CFM basic functions ....................................................................................................... 159
8.3.4 Configuring fault detection ................................................................................................................. 160
8.3.5 Configuring fault acknowledgement ................................................................................................... 160
8.3.6 Configuring fault location ................................................................................................................... 161
8.3.7 Configuring AIS .................................................................................................................................. 162
8.3.8 Configuring LCK ................................................................................................................................ 163
8.3.9 Configuring CSF ................................................................................................................................. 164
8.3.10 Checking configurations ................................................................................................................... 164
8.4 Configuring SLA .......................................................................................................................................... 165
8.4.2 Configuring SLA operation ................................................................................................................. 166
8.4.3 Configuring SLA operation scheduling............................................................................................... 168
8.4.4 Configuring maintenance window ...................................................................................................... 169
8.5 Configuring Y.1564 ...................................................................................................................................... 169
8.5.2 Configuring test task ........................................................................................................................... 170
8.6 Maintenance ................................................................................................................................................. 171
9 QoS ............................................................................................................................................... 172

9.1 Introduction .................................................................................................................................................. 172
9.1.1 Priority trust ........................................................................................................................................ 173
9.1.2 Priority mapping ................................................................................................................................. 173
9.1.3 Traffic classification ............................................................................................................................ 174
9.1.4 Traffic policy ....................................................................................................................................... 175
9.1.5 Queue scheduling ................................................................................................................................ 175
9.1.6 Congestion avoidance ......................................................................................................................... 177
9.1.7 Queue shaping ..................................................................................................................................... 178
9.1.8 Rate limiting........................................................................................................................................ 178
9.2 Configuring priority trust and priority mapping ........................................................................................... 178
9.2.2 Configuring priority trust .................................................................................................................... 179
9.2.3 Configuring mapping between DSCP priority and local priority based on interface .......................... 179
9.2.4 Configuring mapping from CoS priority to local priority based on interface ..................................... 179
9.2.5 Configuring mapping from IP precedence to local priority based on interface ................................... 180
9.2.6 Configuring mapping from Exp to local priority ................................................................................ 180
9.2.7 Configuring DSCP priority remarking ................................................................................................ 181

x
Raisecom
9.2.8 Configuring CoS priority remarking ................................................................................................... 181

9.2.9 Configuring Exp remarking ................................................................................................................ 181
9.3 Configuring traffic classification and traffic policy ..................................................................................... 182
9.3.2 Creating and configuring traffic classification .................................................................................... 183
9.3.3 Creating and configuring traffic policing profile ................................................................................ 183
9.3.4 Creating and configuring traffic policy ............................................................................................... 184
9.3.6 Maintenance ........................................................................................................................................ 185
9.4 Configuring congestion avoidance ............................................................................................................... 185
9.4.2 Configuring WRED profile ................................................................................................................. 186
9.4.3 Configuring flow profile ..................................................................................................................... 186
9.5 Configuring queue shaping and queue scheduling ....................................................................................... 187
9.5.2 Configuring queue shaping ................................................................................................................. 187
9.5.3 Configuring queue scheduling ............................................................................................................ 187
9.5.5 Maintenance ........................................................................................................................................ 188
9.6 Configuring rate limiting .............................................................................................................................. 188
9.6.2 Configuring interface-based rate limiting ........................................................................................... 188
9.7.1 Example for configuring rate limiting based on traffic policy ............................................................ 189
9.7.2 Example for configuring queue scheduling and congestion avoidance............................................... 192
9.7.3 Example for configuring interface-based rate limiting ....................................................................... 195
10 RSOM ........................................................................................................................................ 198

10.1 Introduction ................................................................................................................................................ 198
10.1.2 Types of Ethernet services................................................................................................................. 199
10.2 Configuring RSOM .................................................................................................................................... 202
10.2.1 Preparing for configurations ............................................................................................................. 202
10.2.2 (Optional) configuring L2CP profile ................................................................................................. 202
10.2.3 Configure CoS profile ....................................................................................................................... 203
10.2.4 Configuring bandwidth profile .......................................................................................................... 204
10.2.5 Configuring interface ........................................................................................................................ 205
10.2.6 Configuring CFM .............................................................................................................................. 205
10.2.7 Configuring SLA .............................................................................................................................. 206
10.2.8 Configuring SLA test and measurement ........................................................................................... 206

xi
Raisecom
10.2.9 Configuring Y.1564 ........................................................................................................................... 207

10.2.10 Configuring loopback ..................................................................................................................... 208
10.2.11 Configuring services ....................................................................................................................... 209
10.2.12 Checking configurations ................................................................................................................. 210
10.3 Maintenance ............................................................................................................................................... 211
10.4 Configuration examples ............................................................................................................................. 211
10.4.1 Example for configuring RSOM ....................................................................................................... 211
11 Security...................................................................................................................................... 219
11.1 Introduction ................................................................................................................................................ 219
11.1.1 ACL ................................................................................................................................................... 219
11.1.2 CPU protection .................................................................................................................................. 219
11.1.3 RADIUS ............................................................................................................................................ 220
11.1.4 TACACS+ ......................................................................................................................................... 220
11.2 Configuring ACL ........................................................................................................................................ 221
11.2.1 Preparing for configurations .............................................................................................................. 221
11.2.2 Configuring ACL .............................................................................................................................. 221
11.2.3 Configuring filter .............................................................................................................................. 223
11.3 Configuring CPU protection....................................................................................................................... 223
11.3.2 Configuring global CPU protection .................................................................................................. 224
11.3.3 Configuring interface CPU preotection ............................................................................................. 224
11.4 Configuring RADIUS ................................................................................................................................. 224
11.4.2 Configuring RADIUS authentication ................................................................................................ 225
11.4.3 Configuring RADIUS accounting ..................................................................................................... 225
11.5 Configuring TACACS+ .............................................................................................................................. 226
11.5.2 Configuring TACACS+ authentication ............................................................................................. 226
11.6 Maintenance ............................................................................................................................................... 227
11.7 Configuration examples ............................................................................................................................. 227
11.7.1 Examples for configuring ACL ......................................................................................................... 227
11.7.2 Example for configuring RADIUS.................................................................................................... 228
11.7.3 Example for configuring TACACS+ ................................................................................................. 229
12 System management and maintenance............................................................................... 231

12.1 Introduction ................................................................................................................................................ 231
12.1.1 LLDP ................................................................................................................................................ 231
12.1.2 SNMP................................................................................................................................................ 233

xii
Raisecom
12.1.3 E1 NMS channel ............................................................................................................................... 235

12.1.4 Optical module DDM........................................................................................................................ 235
12.1.5 System log ......................................................................................................................................... 235
12.1.6 Alarm management ........................................................................................................................... 236
12.1.7 CPU monitoring ................................................................................................................................ 241
12.1.8 RMON .............................................................................................................................................. 241
12.1.9 Device monitoring............................................................................................................................. 241
12.1.10 Loopback......................................................................................................................................... 242
12.1.11 Fault detection ................................................................................................................................. 243
12.2 Configuring LLDP ..................................................................................................................................... 245
12.2.2 Enabling global LLDP ...................................................................................................................... 245
12.2.3 Enabling interface LLDP .................................................................................................................. 245
12.2.4 Configuring basic functions of LLDP ............................................................................................... 246
12.2.5 Configuring LLDP alarm .................................................................................................................. 246
12.3 Configuring SNMP .................................................................................................................................... 247
12.3.2 Configuring basic functions of SNMP .............................................................................................. 247
12.3.3 Configuring Trap ............................................................................................................................... 248
12.4 Configuring optical module DDM ............................................................................................................. 250
12.4.2 Enabling optical module DDM ......................................................................................................... 250
12.5 Configuring system log .............................................................................................................................. 251
12.5.2 Configuring basic information about system log .............................................................................. 251
12.5.3 Configuring output destination of system logs.................................................................................. 252
12.6 Configuring alarm management ................................................................................................................. 252
12.6.2 Configuring basic functions of alarm management .......................................................................... 253
12.6.3 Configuring Layer 3 power failure or fiber breakage alarms ............................................................ 254
12.7 Configuring memory monitoring ............................................................................................................... 254
12.7.2 Configuring memory monitoring ...................................................................................................... 254
12.8 Configuring CPU monitoring ..................................................................................................................... 255
12.8.2 Viewing CPU monitoring information .............................................................................................. 255
xiii
Raisecom
12.8.3 Configuring CPU monitoring alarm .................................................................................................. 255

12.8.4 Checking configruations ................................................................................................................... 256
12.9 Configuring RMON ................................................................................................................................... 256
12.9.2 Configuring RMON statistics ........................................................................................................... 256
12.9.3 Configuring RMON historical statistics ............................................................................................ 257
12.10 Configuring fan monitoring...................................................................................................................... 257
12.10.1 Configuring fan monitoring ............................................................................................................ 257
12.11 Configuring loopback ............................................................................................................................... 258
12.11.1 Preparing for configurations............................................................................................................ 258
12.11.2 Configuring interface loopback ....................................................................................................... 258
12.12 Configuring fault detection ...................................................................................................................... 259
12.12.1 Configuring task scheduling ........................................................................................................... 259
12.12.2 Ping ................................................................................................................................................. 260
12.12.3 Traceroute ....................................................................................................................................... 260
12.13 Maintenance ............................................................................................................................................. 261
12.14 Configuration examples ........................................................................................................................... 261
12.14.1 Examples for configuring LLDP basic functions ............................................................................ 261
12.14.2 Examples for outputting system logs to log host ............................................................................ 264
13 Appendix .................................................................................................................................. 266

13.1 Terms .......................................................................................................................................................... 266
13.2 Acronyms and abbreviations ...................................................................................................................... 268

xiv
Raisecom
Figures
Figure 3-1 Principles of CO/remote zero-configuration....................................................................................... 29

Figure 3-2 Zero-configuration on indirect connection between remote devices .................................................. 31
Figure 3-3 Zero-configuration on direct connection between remote devices ..................................................... 32

Figure 3-4 Configuring indirectly-connected remote zero-configuration ............................................................ 41
Figure 3-5 Configuring directly-connected remote zero-configuration ............................................................... 43
Figure 4-1 Typical DHCP application .................................................................................................................. 47
Figure 4-2 Structure of DHCP packet .................................................................................................................. 48
Figure 4-3 Configuring DHCPv4 relay ................................................................................................................ 59
Figure 4-4 Configuring DHCPv4 server .............................................................................................................. 60
Figure 4-5 Configuring ARP ................................................................................................................................ 62
Figure 5-1 Unicast forwarding mode of MAC address ........................................................................................ 65
Figure 5-2 Multicast forwarding mode of MAC address ..................................................................................... 66
Figure 5-3 Broadcast forwarding mode of MAC address .................................................................................... 66
Figure 5-4 VLAN partition .................................................................................................................................. 67
Figure 5-5 Formats of the standard Ethernet frame and 802.1Q frame ................................................................ 68
Figure 5-6 Sub-VLAN and super VLAN partition ............................................................................................... 70
Figure 5-7 Typical networking of basic QinQ ...................................................................................................... 71
Figure 5-8 Principles of port mirroring ................................................................................................................ 73
Figure 5-9 Configuring MAC address table ......................................................................................................... 92
Figure 5-10 Configuring VLAN........................................................................................................................... 94
Figure 5-11 Configuring basic QinQ .................................................................................................................... 98

Figure 5-12 Configuring port mirroring ............................................................................................................. 100
Figure 5-13 Configuring storm control .............................................................................................................. 102
Figure 5-14 L2CP networking ............................................................................................................................ 103
Figure 6-1 Principles of SyncE .......................................................................................................................... 107
Figure 7-1 Structure of an APS packet ............................................................................................................... 112

xv
Raisecom
Figure 7-2 ELPS 1+1 and 1:1 protection switching modes ................................................................................ 114
Figure 7-3 Unidirectional protection switching ................................................................................................. 114

Figure 7-4 Structure of a R-APS packet ............................................................................................................. 115
Figure 7-5 ERPS ring network ........................................................................................................................... 117
Figure 7-6 Idle status of Ethernet ring network .................................................................................................. 118

Figure 7-7 Protection state of Ethernet ring network ......................................................................................... 119
Figure 7-8 Tributary ring model ......................................................................................................................... 120
Figure 7-9 Link aggregation ............................................................................................................................... 120
Figure 7-10 Principles of interface backup ........................................................................................................ 124
Figure 7-11 Principles of VLAN-based interface backup .................................................................................. 125
Figure 7-12 Interface-to-interface link-state tracking ........................................................................................ 125

Figure 7-13 Configuring manual link aggregation ............................................................................................. 141
Figure 7-14 Link-state tracking networking ....................................................................................................... 142
Figure 7-15 Configuring static LACP link aggregation ..................................................................................... 144

Figure 8-1 OAM loopback ................................................................................................................................. 147
Figure 8-2 MDs at different levels ..................................................................................................................... 149
Figure 8-3 MEP and MIP ................................................................................................................................... 150
Figure 8-4 Roundtrip test scenario ..................................................................................................................... 153
Figure 9-1 Structure of IP packet header ............................................................................................................ 173
Figure 9-2 Structures of ToS priority and DSCP priority ................................................................................... 173
Figure 9-3 Structure of a VLAN packet ............................................................................................................. 174
Figure 9-4 Structure of CoS priority .................................................................................................................. 174
Figure 9-5 Traffic classification process ............................................................................................................ 175
Figure 9-6 SP scheduling ................................................................................................................................... 176
Figure 9-7 WRR scheduling ............................................................................................................................... 176
Figure 9-8 WDRR scheduling ............................................................................................................................ 177
Figure 9-9 Configuring rate limiting based on traffic policy ............................................................................. 190
Figure 9-10 Configuring queue scheduling and congestion avoidance .............................................................. 193
Figure 9-11 Configuring interface-based rate limiting ....................................................................................... 196
Figure 10-1 Ethernet service networking ........................................................................................................... 198
Figure 10-2 Location of UNIs and NNIs in a network topology ........................................................................ 200
Figure 10-3 RSOM networking.......................................................................................................................... 211
Figure 11-1 Configuring ACL ............................................................................................................................ 227

xvi
Raisecom
Figure 11-2 Configuring RADIUS ..................................................................................................................... 228
Figure 11-3 TACACS+ networking ................................................................................................................... 229

Figure 12-1 Structure of LLDPDU packet ......................................................................................................... 232
Figure 12-2 Structure of a TLV packet ............................................................................................................... 232
Figure 12-3 Interface loopback .......................................................................................................................... 242

Figure 12-4 Principles of Ping ........................................................................................................................... 244
Figure 12-5 Principle of Traceroute ................................................................................................................... 244
Figure 12-6 Configuring LLDP basic functions ................................................................................................. 262
Figure 12-7 Outputting system logs to log host ................................................................................................. 264

xvii
Raisecom
Tables
Table 4-1 Fields of DHCP packet ......................................................................................................................... 48

Table 4-2 Fields of DHCP Option ........................................................................................................................ 49
Table 5-1 Interfaces modes and modes for processing packets ............................................................................ 69
Table 7-1 Values of fields in APS specific information ...................................................................................... 112
Table 7-2 Fields in the R-APS specific information........................................................................................... 115
Table 9-1 Mapping between local priority and DSCP priority ........................................................................... 174
Table 9-2 Mapping between local priority and CoS priority .............................................................................. 174
Table 9-3 Mapping between local priority and IP precedence ........................................................................... 174
Table 10-1 Types of Ethernet services ................................................................................................................ 199
Table 12-1 TLV types ......................................................................................................................................... 232
Table 12-2 Alarm fields ...................................................................................................................................... 237
Table 12-3 Alarm levels ..................................................................................................................................... 237

xviii
Raisecom
1 Basic configurations
This chapter describes basic information and configuration procedures of the RAX711-C, and
provides related configuration examples, including the following sections:
 CLI
 Accessing device
 File management
 Backup and upgrade
 Time management
 Configuring Banner
1.1 CLI
1.1.1 Introduction
The Command Line Interface (CLI) is a medium for you to communicate with the RAX711-C.
You can configure, monitor, and manage the RAX711-C through the CLI.
You can log in to the RAX711-C through the terminal equipment or through a computer that
runs the terminal emulation program. Enter commands at the system prompt.
The CLI supports the following features:
 Configure the RAX711-C locally through the Console interface.
 Configure the RAX711-C locally or remotely through Telnet/Secure Shell v2 (SSHv2).
 Commands are classified into different levels. You can execute the commands that
correspond to your level only.
 The commands available to you depend on which mode you are currently in.
 Shortcut keys can be used to execute commands.
 Check or execute a historical command by checking command history. The last 20
historical commands can be saved on the RAX711-C.
 Enter a question mark (?) at the system prompt to obtain online help.
 The RAX711-C supports multiple intelligent analysis methods, such as fuzzy match and
context association.

1
Raisecom
1.1.2 Levels
The RAX711-C classifies commands into 16 levels in a descending order:
 0–4: checking level. You can execute basic commands, such as ping, clear, and history,
for performing network diagnostic function, clearing system information, and showing
command history.
 5–10: monitoring level. You can execute commands, such as show, for system
maintenance.
 11–14: configuration level. You can execute commands for configuring services, such as
Virtual Local Area Network (VLAN) and Internet Protocol (IP) routing.
 15: management level. You can execute commands for running systems.
1.1.3 Modes
The command mode is an environment where a command is executed. A command can be
executed in one or multiple certain modes. The commands available to you depend on which
mode you are currently in.
After connecting the RAX711-C, enter the user name and password to enter privileged EXEC
mode.
Raisecom#
In privileged EXEC mode, use the config command to enter global configuration mode.
Raisecom#config
Raisecom(config)#
 The CLI prompt Raisecom is a default host name. You can modify it by using the
hostname string command in privileged EXEC mode.
 Some commands executed in global configuration mode can also be executed in
other modes. The functions vary on command modes.
 You can use the exit or quit command to return to the upper command mode.
However, in privileged EXEC mode, you need to use the exit or quit command to
exit.
 You can use the end command to return to privileged EXEC mode from any
modes but privileged EXEC mode.
Command modes supported by the RAX711-C are listed in the following table.
Mode Access mode Prompt

Privileged EXEC Enter the correct user name and Raisecom#
password.

2
Raisecom

Global configuration In privileged EXEC mode, use Raisecom(config)#
the config command.
SNMP interface In global configuration mode, Raisecom(config-snmp1)#
configuration use the interface snmp
interface-number command.
Physical layer In global configuration mode, Raisecom(config-
interface use the interface client clientif)#
configuration interface-number.
In global configuration mode, Raisecom(config-
use the interface line interface- lineif)#
number.
VLAN interface In global configuration mode, Raisecom(config-
configuration use the interface vlan vlan-id. vlanif)#
AP-Switchport In global configuration mode, Raisecom(ap-switchport-

configuration use the interface ap- mode)#
switchport-mode.
Batch interface In global configuration mode, Raisecom(config-range)#
configuration use the interface range { client
| line } interface-number.
Aggregation group In global configuration mode, Raisecom(config-port-
configuration use the interface port-channel channelif)#
channel-number.
Route mapping In global configuration mode, Raisecom(config-route-
configuration use the route-map map-name map)#
{ permit | deny } number
command.
VLAN configuration In global configuration mode, Raisecom(config-vlan)#
use the lan vlan-id command.
Basic IP ACL In global configuration mode, Raisecom(config-acl-ip-
configuration use the access-list acl-number -std)#
command. The acl-number
parameter ranges from 1000 to
1999.
Extended IP ACL In global configuration mode, Raisecom(config-acl-ip-
configuration use the access-list acl-number -ext)#
2999.
MAC ACL In global configuration mode, Raisecom(config-acl-
configuration use the access-list acl-number mac)#
3999.

3
Raisecom

User ACL In global configuration mode, Raisecom(config-acl-
configuration use the access-list acl-number duf)#
5999.
Basic IPv6 ACL In global configuration mode, Raisecom(config-acl-
configuration use the access-list acl-number ipv6)#
command. Wherein, acl-number
ranges from 6000 to 6999.
Extended IPv6 ACL In global configuration mode, Raisecom(config-acl-
configuration use the access-list acl-number advanced)#
command. Wherein, acl-number
ranges from 7000 to 7999.
cos-remark In global configuration mode, Raisecom(cos-remark)#
configuration use the mls qos mapping cos-
remark profile-id command.
cos-to-pri In global configuration mode, Raisecom(cos-to-pri)#
configuration use the mls qos mapping cos-
to-local-priority profile-id
command.
dscp-mutation In global configuration mode, Raisecom(dscp-
configuration use the mls qos mapping dscp- mutation)#
mutation profile-id command.
dscp-to-pri In global configuration mode, Raisecom(dscp-to-pri)#
configuration use the mls qos mapping dscp-
command.
ipp-to-pri In global configuration mode, Raisecom(ipp-to-pri)#
configuration use the mls qos mapping ipp-
command.
WRED profile In global configuration mode, Raisecom(wred)#
configuration use the mls qos wred profile
profile-id command.
CMAP configuration In global configuration mode, Raisecom(config-cmap)#
use the class-map class-map-
name command.
Traffic monitoring In global configuration mode, Raisecom(traffic-
profile configuration use the mls qos policer-profile policer)#
policer-name [ single ]
command.
PMAP configuration In global configuration mode, Raisecom(config-pmap)#
use the policy-map policy-map-
name command.

4
Raisecom

Traffic policy bound In PMAP configuration mode, Raisecom(config-pmap-
with traffic use the class-map class-map- c)#
classification name command.
configuration
Service instance In global configuration mode, Raisecom(config-
configuration use the service csi-id level md- service)#
level command.
1.1.4 Shortcut keys

The RAX711-C supports the following shortcut keys.
Shortcut key Description

Up Arrow (↑) Show the previous command if there is any command entered
earlier; the display has no change if the current command is the
earliest one in history records.
Down Arrow (↓) Show the next command if there is any newer command. The
display does not change if the current command is the newest
one in history records.
Left Arrow (←) Move the cursor leftward by one character. The display does not
change if the cursor is already at the beginning of the command.
Right Arrow (→) Move the cursor rightward by one character. The display does
not change if the cursor is already at the end of the command.
Backspace Delete the character before the cursor. The display does not
change if the cursor is already at the beginning of the command.
Tab Press Tab after entering a complete keyword, and the cursor
will automatically appear a space to the end. Press Tab again,
and the system will show the follow-up entering keywords.
Press Tab after entering an incomplete keyword, and the system
automatically executes partial helps:
 When only one keyword matches the entered incomplete
keyword, the system takes the complete keyword to replace
the entered incomplete keyword and leaves one space between
the cursor and end of the keyword.
 When no keyword or multiple keywords match the entered
incomplete keyword, the system displays the prefix, and you

can press Tab to check words circularly. In this case, there is
no space from the cursor to the end of the keyword. Press
Space bar to enter the next word.
 If you enter an incorrect keyword, pressing Tab will move the
cursor to the next line and the system will prompt an error. In
this case, the entered keyword does not change.
Ctrl+A Move the cursor to the beginning of the command.
Ctrl+C Interrupt the ongoing command, such as ping and traceroute.

5
Raisecom
Shortcut key Description

Ctrl+D or Delete Delete the character at the cursor.
Ctrl+E Move the cursor to the end of the command.
Ctrl+K Delete all characters from the cursor to the end of the command.
Ctrl+X Delete all characters before the cursor (except the cursor
location).
Ctrl+Z Return to privileged EXEC mode from the current mode (except
privileged EXEC mode).
Space bar or Y Scroll down one screen.
Enter Scroll down one line.
1.1.5 Viewing command history

The RAX711-C support viewing or executing a historical command through the history
command in any command mode. By default, the last 20 historical commands are saved.
The RAX711-C can save a maximum of 20 historical commands through the terminal
history command in privileged EXEC mode.
1.1.6 Acquiring help
Complete help
You can acquire complete help under following three conditions:
 You can enter a question mark (?) at the system prompt to display a list of commands
and brief descriptions available for each command mode.
Raisecom#?
The command output is as below:
clear Clear screen

enable Turn on privileged mode command
exit Exit current mode and down to previous mode
help Message about help
history Most recent history command
language Language of help message
list List command
quit Exit current mode and down to previous mode
terminal Configure terminal
test Test command .

6
Raisecom
 After you enter a keyword, press the Space bar and enter a question mark (?), all
correlated commands and their brief descriptions are displayed if the question mark (?)
matches another keyword.
Raisecom(config)#clock ?
display Display
mode Clock mode
set Set system time and date
summer-time Set summer time
timezone Set system timezone offset
 After you enter a parameter, press Space bar and enter a question mark (?), associated
parameters and descriptions of these parameters are displayed if the question mark (?)
matches a parameter.
Raisecom(config)#interface client ?
client 1
client 2
client 3
client 4
<1-4> Port number
Incomplete help
You can acquire incomplete help under following three conditions:
 After you enter part of a particular character string and a question mark (?), a list of
commands that begin with a particular character string is displayed.
Raisecom(config)#c?
channel-ring Channel ring config

class-map Set class map
7
Raisecom
clear Clear buffer content

clock Clock
command-log Log the command to the file
console console
cpu Configure cpu parameters
cpu-protect Config cpu protect information
create Create static VLAN
crossconnect Config crossconnect
 After you enter a command, press Space bar, and enter a particular character string and
a question mark (?), a list of commands that begin with a particular character string is
displayed.
Raisecom(config)#show li?
link-state-tracking Link state tracking
 After you enter a partial command name and press Tab, the full form of the keyword is
displayed if there is a unique match command.
Error messages
The following table lists some error messages that you might encounter while using the CLI
to configure the RAX711-C.
Error information Description

% Incomplete command. The entered command is incomplete.
Error input in the position market by The keyword marked with "^" is invalid or does
'^' not exist.
Ambiguous input in the position The keyword marked with "^" is unclear.
market by '^'
% " * "Unconfirmed command. The entered command is not unique.
% " * "Unknown command. The entered command does not exist.
% You Need higher priority! You need more authority to exist the command.

8
Raisecom
1.2 Accessing device

1.2.1 Accessing device through Console interface
The Console interface of the RAX711-C is a Universal Serial Bus (USB) A-shaped
female interface, which is translated into a Universal Asynchronous
Receiver/Transmitter (UART) in the device.
The Console interface is used to connect the RAX711-C to a PC that runs the terminal
emulation program. You can configure and manage the RAX711-C through this interface.
This management method does not involve network communication.
You must log in to the RAX711-C through the Console interface under the following 2
conditions:
 The RAX711-C is powered on for the first time.
 You cannot log in to the RAX711-C through Telnet.
Log in to the RAX711-C through the Console interface as below:
Before logging in to the RAX711-C through the USB interface, install the driver for
translating the USB interface into the UART interface to the PC. To download the
driver, visit http://www.raisecom.com.cn/support.php and then click USB Console
Driver.
Step 1 Use the configuration cable with dual USB male interfaces to connect the Console interface of
the RAX711-C with the USB interface of the PC, as shown in Figure 1-1.
Figure 1-1 Accessing the device through the Console interface
Step 2 Run the terminal emulation program on the PC, such as Hyper Terminal on Microsoft
Windows XP. Enter the connection name at the Connection Description dialog box and then
click OK.
Step 3 Select COM N (N refers to the COM interface ID into which the USB interface is translated)
at the Connect To dialog box and then click OK.
Step 4 Configure parameters as shown in Figure 1-2 and then click OK

9
Raisecom
Figure 1-2 Configuring parameters of Hyper Terminal
Step 5 Enter the configuration interface and then enter the user name and password to log in to the
RAX711-C. By default, both the user name and password are configured to raisecom.
Hyper Terminal is not available on Windows Vista or Windows 7 Operating System

(OS). If you use these OSs, you have to download Hyper Terminal package and
install it.
1.2.2 Accessing device through Telnet

Through Telnet, you can remotely log in to the RAX711-C through a PC, so you should
prepare a PC for each RAX711-C.
Working as the Telnet server, the RAX711-C provides the following Telnet services:
As shown in Figure 1-3, connect the PC and the RAX711-C and ensure that the route between
them is reachable. You can log in to and configure the RAX711-C by running Telnet Client
program on a PC.

10
Raisecom
Figure 1-3 Networking as the Telnet server
Before logging in to the RAX711-C through Telnet, you must log in to the RAX711-C
through the Console interface, configure the IP address of the SNMP interface, and
enable Telnet service.
Step Command Description
1 Raisecom#config Enter global configuration mode.
2 Raisecom(config)#interface snmp 1 Enter out-of-band network management interface
configuration mode.
3 Raisecom(config-snmp1)#ip address Configure the IP address of the out-of-band network
ip-address [ ip-mask ] management interface.
Raisecom(config-snmp1)#exit
4 Raisecom(config)#telnet-server close (Optional) close the specified Telnet session.
terminal-telnet session-number
5 Raisecom(config)#telnet-server max- (Optional) configure the maximum number of Telnet
session session-number sessions supported by the RAX711-C.
By default, it is 5.
1.2.3 Accessing device through SSHv2

Telnet is an authentication mode that is lack of security. In addition, it adopts Transmission
Control Protocol (TCP) to transmit the password and data in clear text. It will cause malicious
attack, such as Deny of Service (DoS), IP address spoofing, and route spoofing because only
Telnet service is provided. With more attention is put on network security, the traditional
modes (TCP and FTP) for transmitting the password and data in clear text are not accepted
gradually.
SSHv2 is a network security protocol, which can effectively prevent the disclosure of
information in remote management through data encryption, and provides greater security for
remote login and other network services in network environment.
SSHv2 builds up a secure channel over TCP. Besides, SSHv2 supports other service ports as
well as standard port 22, thus avoiding illegal attacks from network.
Before accessing the RAX711-C through SSHv2, you must log in to the RAX711-C through
the Console interface and enable SSH service.

11
Raisecom

2 Raisecom(config)#genera Generate local SSHv2 key pair and designate its length. By default,
te ssh-key length the length of the local SSHv2 key pair is configured to 512 bits.
3 Raisecom(config)#ssh2 Start SSHv2 server. By default, the RAX711-C does not start the
server SSHv2 server.
4 Raisecom(config)#ssh2 (Optional) configure SSHv2 authentication method. By default, the
server authentication RAX711-C adopts the password authentication mode.
{ password | rsa-key }
5 Raisecom(config)#ssh2 (Optional) when the rsa-key authentication method is adopted, type
server authentication the public key of clients to the RAX711-C.
pubkeyname public-key
pubkey
6 Raisecom(config)#ssh2 (Optional) configure SSHv2 authentication timeout. The RAX711-C
server authentication- refuses to authenticate and open the connection when client
timeout period authentication time exceeds the upper threshold. By default, the
SSHv2 authentication timeout is configured to 600s.
7 Raisecom(config)#ssh2 (Optional) configure the allowable times for SSHv2 authentication
server authentication- failure. The RAX711-C refuses to authenticate and open the
retries times connection when client authentication failure times exceed the upper
threshold. By default, the allowable times for SSHv2 authentication
failure are configured to 20.
8 Raisecom(config)#ssh2 (Optional) configure the SSHv2 listening port ID. By default, the
server port port-number SSHv2 listening port ID is configured to 22.
When configuring the SSHv2 listening port ID, the input

parameter cannot take effect immediately without rebooting
the SSHv2 service.
9 Raisecom(config)#ssh2 Configure the SSH key renegotiation time.
server rekey-interval
interval By default, it is 0; namely, SSH key renegotiation is not conducted.
1.2.4 Managing users

When you start the RAX711-C for the first time, connect the PC to the Console interface on
the RAX711-C, enter the default user name and password to log in to and configure the
RAX711-C.
By default, both the user name and password are raisecom

If there is no privilege restriction, any remote user can log in to the RAX711-C through Telnet
when the Simple Network Management Protocol (SNMP) interface or other service interfaces
on the RAX711-C are configured with IP addresses. This is unsafe to the RAX711-C and
network. Creating the user name and configuring the password and privilege help manage
login users and ensure network and device security.
12
Raisecom

1 Raisecom#user name user-name Create or modify the user name and password.
password [ cipher | simple ]
password
2 Raisecom#user name user-name Configure the level and privilege of the user.
privilege privilege-level
3 Raisecom#user user-name service-type Configure the login mode of the user.
{ all | console | lan-access | ssh |
telnet | web }
4 Raisecom#console login line Configure the mode for login from the Console
interface to serial line password.
5 Raisecom#line { password | encrypt- Configure the serial line password.
password } password
6 Raisecom#password check { simple | Configure the complexity of the administrator
complex } password.
7 Raisecom#login-trap enable Configure user logout to trigger a Trap.
8 Raisecom#delete user-file Delete the user file.
1.2.5 Checking configurations

No. Command Description
1 Raisecom#show user { active | table Show information about logged users or the user
[ detail ] } information table.
2 Raisecom#show interface snmp 1 Show the IP address of the out-of-band network
management interface.
3 Raisecom#show ssh2 public-key Show the public key for SSHv2 authentication.
[ authentication | rsa ]
4 Raisecom#show ssh2 session Show configurations of SSHv2 sessions.
5 Raisecom#show ssh2 server Show configurations of the SSHv2 server.
1.3 File management

1.3.1 Introduction
System files
System files are the software/files required for running the device, including the system
Bootrom file, system configuration file, system startup file, and FPGA file. In general, these
files are saved to the memory of the device.
File management refers to backing up, upgrading, loading, and deleting system files.

13
Raisecom
System Bootrom file

The system Bootrom file (BootROM software) is used to initialize the RAX711-C. After the
device is powered on, the BootROM software is running to initialize the device.
You can upgrade the BootROM software if a new version is available. For details, see section
1.4 Backup and upgrade.
System startup file

The system startup file (with the ".z" suffix) is used to start and operate the device. It supports
the normal operating and realizes functions of the device. You can upgrade the system startup
file if a new version is available. In addition, to avoid a system fault, you can back up the
system startup file. For details, see section 1.4 Backup and upgrade.
The RAX711-C supports 2 sets of system startup software simultaneously, providing master-
to-slave switching of dual systems.
System configuration file

The system configuration file (with the ".cfg" suffix) is the configuration item to be loaded
when the device is booted at this time or next time.
After being powered on, the device reads the configuration file from the memory for
initialization. If there is no configuration file in the memory, the device will use the default
configuration file.
Configuration parameters in the configuration file are divided into the following 2 types:
 Configuration parameters used for initialization are startup configurations.
 Configuration parameters used when a device is running properly are running
configurations.
You can modify running configurations through CLI. To make these modified running
configurations as startup configurations when the device is powered on next time, you should
save running configurations to the memory (by using the write command) to form a
configuration file.
Operations on the system configuration file include loading, upgrading, backing up, and
deleting the system configuration file. For details about load, backup, and upgrade, see
section 1.4 Backup and upgrade.
1.3.2 Managing configuration files

1 Raisecom#auto-write enable Enable automatic saving of configurations.
Raisecom#auto-write interval interval Configure the auto-saving period.
By default, it is 5min.
2 Raisecom#erase [ file-name | backup- Delete files from the memory.
config | startup-config slot slot-id |
all ]
3 Raisecom#show auto-write info Show auto-saving configurations.

14
Raisecom

4 Raisecom#show startup-config [ slot slot- Show configuration loaded for device startup.
id ]
5 Raisecom#show running-config Show current configurations of the device.
5 Raisecom#show backup-config Show backup configurations of the device.
7 Raisecom#show startup Show information about files for system
startup.
8 Raisecom#copy { backup-config startup- Load the configuration file.
config | startup-config backup-config |
startup-config running-config }
9 Raisecom#switch startup-config backup- Switch the startup configuration file to the
config backup configuration file
1.4 Backup and upgrade

1.4.1 Introduction
Backup
Backup refers to copying the saved system file from the device memory to the server memory
for recovering the backup file when the device fails. This ensures that the device works
properly. You need to recover the old system file in the following cases:
 The system file is lost or damaged because the device fails.
 The device works improperly because of upgrade failure.
The RAX711-C supports backing up the system configuration file, system startup file, and
system log file.
Upgrade
To resolve the following problems, you can upgrade the device:
 Adding new features to the device
 Releasing the new software after fixing Bugs of the current software
The RAX711-C supports being upgraded through the following 2 modes:
 FTP upgrade in BootROM mode
 FTP/TFTP upgrade in system configuration mode
The RAX711-C supports IPv4-based FTP/TFTP.
1.4.2 Upgrading system software in BootROM mode

In the following cases, you need to upgrade system software in BootROM mode:
 The RAX711-C is booted for the first time.
15
Raisecom
 The system files are damaged.

 The RAX711-C cannot be booted properly.
Before upgrading the system software through BootROM, you should build a FTP
environment, taking a PC as the FTP server and the RAX711-C as the client. Basic
requirements are as below.
 The RAX711-C is connected to the FTP server through SNMP interface.
 Configure the FTP server and ensure the FTP server is available.
 Configure the IP address of the FTP server to be in the same network segment as that of
the RAX711-C which is configured through the t command.
Step Operation
1 Log in to the RAX711-C through serial interface as the administrator and enter privileged EXEC
mode and then use the reboot command to reboot the RAX711-C.
Raisecom#reboot
Please input 'yes' to confirm:yes
Rebooting ...
begin...
ram size:128M testing...done
Init flash ...Done
RAX711-C_BOOTSTRAP_5.1.5_20131224, Raisecom Compiled Jul 24 2016,18:05:41

Base Ethernet MAC address: 00:0e:5e:45:45:45
Press SPACE to enter bootrom menu......

0

16
Raisecom
Step Operation
2 Press Space bar to enter the raisecom interface when "Press space into bootrom menu..." appears on
the screen, then input "?" to display the command list:
[Raisecom]:?
? print this list
? - alias for 'help'
b - booting system
ce - erase flash expect BOOT
cf - check flash crc
help - print online help
i - modify ip address
if - download flash
m - download fpga
mdmac - modify MAC address
of - upload flash
old - switch to U-Boot console
pie - input manufacturer information
r - reset CPU or switch console
u - updating system
ub - updating uboot
The entered letters are case sensitive.

17
Raisecom
Step Operation
3 Type "u" to download the system boot file through TFTP and replace the original one, the information
displayed is shown as below:
Index Partition Free Size(byte)

--------------------------------------------------
1 core/ 36143104
Please select a partition: 1
choose mode for updating core file.
-----------------------------------
- 1. | serial -
-----------------------------------
- 2. | network -
-----------------------------------
please input your choice:2
configure network information ...
host ip address: 1.1.1.1
user: raisecom
password: raisecom
filename: system.bin
Loading... Done
Saving file to flash...
Ensure the input file name is correct. In addition, the file name should not be longer than
80 characters.
4 Type "r" to execute the bootstrap file quickly. The RAX711-C will be rebooted and upload the
downloaded system boot file.
1.4.3 Upgrading system software in system configuration mode

Before upgrading the system software, you should build a FTP/TFTP environment, taking a
PC as the TFTP server and the RAX711-C as the client. Basic requirements are as below.
 The RAX711-C is connected to the TFTP server through the Client/Line interface.
 Configure the IP address of the PC and ensure that the route between the PC and the
RAX711-C is reachable.
1 Raisecom#download { backup-config | Download the system software through
bootstrap | dhcpLease | fpga | mcu | FTP/TFTP.
startup-config | system-boot } { ftp ip-
address username password filename | tftp
ip-address filename }
2 Raisecom#reboot [now | in minute ] Restart the device. The device will load the
newly-downloaded system startup file
automatically.

18
Raisecom
1.4.4 Backing up system software in system configuration mode

Before backing up the system software, you should build a FTP/TFTP environment, taking a
PC as the TFTP server and the RAX711-C as the client. Basic requirements are as below.
 The RAX711-C is connected to the TFTP server through the Client/Line interface.
 Configure the IP address of the PC and ensure that the route between the PC and the
RAX711-C is reachable.
1 Raisecom#upload { accident-logfile | alarm-logfile | all- Upload the system
logfile | backup-config | command-log | dhcpLease | fpga | Bootstrap file and
paf | running-config | running-logfile | startup-config | configuration file to
system-boot } { ftp ip-address user-name password file-name | the backup server.
tftp ip-address file-name }

1 Raisecom#show version Show the version of the system.
2 Raisecom#show startup Show the file used for starting the system.
3 Raisecom#show startup-config Show configurations for starting the system.
1.5 Time management

1.5.1 Introduction
Device time
To ensure that the RAX711-C can cooperate with other devices, you need to configure system
time and time zone precisely for the RAX711-C.
DST
Daylight Saving Time (DST) is configured locally to save energy. About 110 countries around
the world apply DST in summer, but vary in details. Thus, you need to consider detailed DST
rules locally before configuration.
The RAX711-C supports configuring DST.
Time protocols
With development and extension of Internet in all aspects, multiple applications involved in
time need accurate and reliable time, such as online realtime transaction, distributed network
calculation and processing, transport and flight management, and data management. A

19
Raisecom
network requires time protocols to distribute precise time. At present, there are two common
time protocols: Network Time Protocol (NTP) and Simple Network Time Protocol (SNTP).
NTP is a standard protocol for time synchronization in telecommunication network. It is
defined by RFC1305. It is used to perform time synchronization between the distributed time
server and clients. NTP transmits data based on UDP, using UDP port 123.
NTP is used to perform time synchronization on all hosts and switches in the network.
Therefore, these devices can provide various applications based on the uniformed time. In
addition, NTP can ensure a very high accuracy with an error about 10ms.
Devices which support NTP can both be synchronized by other clock sources and can
synchronize other devices as the clock source. In addition, these devices can be synchronized
mutually through the NTP packet.
NTP supports performing time synchronization through multiple NTP working modes:
 Server/Client mode
In this mode, the client and server are relative. The device used for providing the time
standard is a server while the device used for receiving time services is a client. The client
sends clock synchronization message to different servers. The servers work in server mode
automatically after receiving the synchronization message and send response messages. The
client receives response messages, performs clock filtering and selection, and is synchronized
to the preferred server.
In this mode, the client can be synchronized to the server but the server cannot be
synchronized to the client.
 Symmetric peer mode
In this mode, there are the symmetric active peer and symmetric passive peer. The device,
which sends the NTP synchronization packet actively, is the symmetric active peer. The
device working in the symmetric active mode sends clock synchronization messages to the
device working in the symmetric passive mode. The device that receives this message
automatically enters the symmetric passive mode and sends a reply. By exchanging messages,
the symmetric peer mode is established between the two devices. Then, the two devices can
synchronize, or be synchronized by each other.
The RAX711-C supports working as the NTP v1/v2/v3 client to be synchronized by the
server.
RFC1361 simplifies NTP and provides Simple Network Time Protocol (SNTP). Compared
with NTP, SNTP supports the server/client mode only.
The RAX711-C supports working as the SNTP client to be synchronized by the server.
1.5.2 Configuring time and time zone

1 Raisecom#clock set hour minute Configure the system time.
second year month day
By default, it is 8:00:00, Jan 1, 2000.
2 Raisecom#clock timezone { + | - Configuring the system time zone.
} hour minute timezone-name
By default, it is GMT +8:00.

20
Raisecom
1.5.3 Configuring DST

Daylight Saving Time (DST) is set locally to save energy, but vary in details. Thus, you need
to consider detailed DST rules locally before configurations.

1 Raisecom#clock summer-time enable Enable DST on the RAX711-C.
By default, DST is disabled.
2 Raisecom#clock summer-time recurring Configure the begin time and end time of DST.
{ start-week | last } { sun | mon |
tue | wed | thu | fri | sat } start-
By default, the time offset is 60 minutes.
month hour minute { end-week | last }
{ sun | mon | tue | wed | thu | fri |
sat } end-month- hour minute offset
 When you configure the system time manually, if the system uses DST, such as
DST from 2 a.m. on the second Sunday, April to 2 a.m. on the second Sunday,
September every year, you have to advance the clock one hour faster during this
period, that is, set the time offset as 60min. So the period from 2 a.m. to 3 a.m. on
the second Sunday, April each year is inexistent. Configuring time manually in this
period will fail.
 The DST in southern hemisphere is opposite to the northern hemisphere, which is
from September to April next year. If the start time is later than end time, the
system will suppose that it is in the southern hemisphere. That is to say, the DST
is the period from the start time this year to the end time next year.
1.5.4 Configuring NTP/SNTP

2 Raisecom(config)#ntp server ip- (Optional) configure the IP address of the NTP server
address [ version version-number ] for the client that works in server/client mode.
3 Raisecom(config)#ntp peer ip- (Optional) configure the IP address of the NTP server
address [ version version-number ] for the RAX711-C that works in symmetric peer
mode.
4 Raisecom(config)#sntp server ip- (Optional) configure the IP address of the SNTP server
address for the RAX711-C that works in SNTP client mode.
5 Raisecom(config)#ntp reclock-master
ip-address [ stratum ] Configure the NTP reference clock source in
server/client mode.

21
Raisecom
 If the RAX711-C is configured as the NTP reference clock source, it cannot be

configured as neither the NTP server nor NTP symmetric peer, or cannot be
synchronized by other devices; vice versa.
 SNTP and NTP are mutually exclusive. If you have configured the IP address of
the NTP server on the RAX711-C, you cannot configure SNTP on the RAX711-C;
vice versa.

1 Raisecom#show clock [ summer-time Show configurations on the system time, time
recurring ] zone, and DST.
2 Raisecom#show sntp Show SNTP configurations.
3 Raisecom#show ntp status Show NTP configurations.
4 Raisecom#show ntp associations [ detail ] Show configurations of NTP association.
5 Raisecom#show clock interface Show information about clock interfaces.
1.6 Configuring Banner

1.6.1 Preparing for configurations
Scenario
Banner is a message to be displayed when you log in to or exit the RAX711-C, such as the
precautions or disclaimer.
You can configure Banner of the RAX711-C as required. In addition, the RAX711-C provides
the Banner switch. After Banner display is enabled, the configured Banner information
appears when you log in to or exit the RAX711-C.
After configuring Banner, you should use the write command to save configurations.
Otherwise, Banner information is lost when the RAX711-C is restarted.
Prerequisite
N/A
1.6.2 Configuring Banner


22
Raisecom

2 Raisecom(config)#banner Configure Banner contents. Enter the banner login and word,
login word press Enter, enter Banner contents, and then end with the word
Enter text message followed character.
by the character ’word’ to
finish.User can stop
configuration by inputing’
Ctrl+c’
The word parameter is a 1-byte character. It is the
message word
beginning and end marker of the Banner contents.
These 2 marks must be the identical character. We
recommend selecting the specified character that will
not occur at the message.
The message parameter is the Banner contents. Up to
2560 characters are supported.
3 Raisecom(config)#clear (Optional) clear Banner contents.
banner login
1.6.3 Enabling Banner display

2 Raisecom(config)#banner Enable Banner display.
enable
By default, Banner display is disabled.

1 Raisecom#show banner login Show Banner status and contents of the configured Banner.

23
Raisecom
2 Interface management
This chapter describes configurations of interface management, including the following

sections:
 Introduction
 Configuring basic information about interface
 Configuring Ethernet interface
 Configuring VLAN interface
 Configuring loopback interface
 Checking configurations
 Maintenance
2.1 Introduction
2.1.1 Ethernet interface
The Ethernet physical interface works at the data link layer and forwards Layer 2 packets.
2.1.2 VLAN interface

The VLAN interface is a logical interface, which is used to implement inter-VLAN Layer 3
interworking. Each VLAN corresponds to one VLAN interface. After being configured with
an IP address, the VLAN interface can be a gateway of network devices in this VLAN, thus
implementing forwarding of cross-segment packets based on IP address at Layer 3.
2.1.3 Aggregation group interface

The aggregation group interface is a logical interface. It binds multiple physical interfaces
logically and aggregates these physical interfaces to be a Link Aggregation Group (LAG),
thus implementing load balancing on each member interface.
2.1.4 Loopback interface

The loopback interface is a logical interface. Because its physical layer status and link layer
protocol are always Up and are with high stability, the IP address can be configured on the
loopback interface and as an ID of a device.
2.1.5 Interface configuration modes

The RAX711-C supports the following interface configuration modes:
 Physical layer interface configuration mode

24
Raisecom
 Aggregation group interface configuration mode

 VLAN interface configuration mode
 Loopback interface configuration mode
The interface configuration mode mentioned in this document refers to multiple

interface configuration modes if not otherwise stated.
2.2 Configuring basic information about interface

2.2.1 Configuring basic information about interface
2 Raisecom(config)#interface interface- Enter physical layer interface configuration
type interface-number mode.
3 Raisecom(config-port)#description Configure descriptions of the interface.
string
4 Raisecom(config-port)#shutdown (Optional) shut down the interface.
2.2.2 Configuring Jumboframe on the interface

The Ethernet interface may receive Jumboframe, which is greater than the standard frame size,
when transmitting high-throughput data. The system will discard these Jumboframes directly.
After you configure allowing Jumboframes to pass, the system will continue to process them
when the Ethernet interface receives Jumboframes, whose size is greater than the standard
size but within the specified size range.

2 Raisecom(config)#interface Enter interface configuration mode.
interface-type interface-number
3 Raisecom(config-port)#jumboframe Configure the Jumboframe that is allowed to pass
frame-size through the interface.
By default, it is 9600 bytes.

25
Raisecom
2.3 Configuring Ethernet interface

By default, the interface is in physical layer interface
configuration mode.
3 Raisecom(config-port)#duplex Configure the duplex mode of the interface.
{ full | half | auto }
4 Raisecom(config-port)#speed Configure the rate of the interface.
{ auto | 10 | 100 | 1000 | 10G }
5 Raisecom(config-port)#tpid Configure the TPID of the interface.
{ 8100 | 9100 | 88a8 }
By default, it is 0x8100.
2.4 Configuring VLAN interface

2 Raisecom(config)#interface vlan vlan-id Enter VLAN interface configuration mode.
3 Raisecom(config-vlanif)#ip address ip- Configure primary and slave IP addresses and
address [ ip-mask ] subnet masks of the VLAN interface.
4 Raisecom(config-port)#mtu size Configure the MTU of the interface.
By default, it is 1500 bytes.
5 Raisecom(config-port)#mac mac-address Configure the MAC address of the interface.
2.5 Configuring loopback interface

2 Raisecom(config)#interface loopback Enter loopback interface configuration mode.
interface-number
3 Raisecom(config-port)#ip address ip- Configure primary and secondary IP addresses
address [ ip-mask ] and subnet mask of the loopback interface.

26
Raisecom
2.6 Checking configurations

1 Raisecom#show interface interface-type interface-number Show interface status.
2.7 Maintenance
Command Description
Raisecom(config-port)#clear interface statistics (Optional) clear interface statistics.

27
Raisecom
RAX711-C (A)Configuration Guide 3 Zero-configuration
3 Zero-configuration
This chapter describes principles and configuration procedures of zero-configuration,

including the following sections:
 Introduction
 Configuring local zero-configuration
 Configuring remote zero-configuration
 Configuration examples
3.1 Introduction
When the carrier brings more and more requirements for manageability and maintenance of
the network, overall management of the entire network becomes the objective of the carrier.
In this case, remote Packet Switching (PS) devices should be able to be managed.
Though traditional remote PS devices support Operation, Administration, and Management
(OAM), protection switching, rate limiting, and service sending, and also can be managed,
but they must be carefully configured before being managed. These configurations are
complex in large-scale construction, and have high requirements on construction personnel
who must take tools like laptops and be familiar with CLI. As a result, low efficiency in
service activation becomes a bottleneck for large-scale application of remote PS devices.
To solve the previous problem, Raisecom has developed zero-configuration through which
remote devices support plug and management. This simplifies implementation, facilitates
wide-scale deployment, and accelerates network management.
3.1.1 Principles of zero-configuration

Figure 3-1 shows the zero-configuration network topology of the RAX711-C. The network
topology is composed of CO zero-configuration servers, remote zero-configuration devices,
and the NView NNM system.
After being powered on and connected to the network, the remote devices can detect the zero-
configuration server automatically. After finding the zero-configuration server, the devices
can obtain NMS parameters, such as the management VLAN, management IP address, and
default route from the zero-configuration server. Then, the devices will be discovered and
managed by the NView NNM system.

28
Raisecom
The CO devices, as zero-configuration servers, respond detection requests of remote devices

and configure correct NMS parameters for them.
The RAX711-C can work as the zero-configuration server to assign IP addresses for remote
iTN devices and can work as remote devices to obtain management IP addresses from the
zero-configuration server.
Figure 3-1 Principles of CO/remote zero-configuration
Raisecom zero-configuration is implemented through DHCP or extended OAM:

 Zero-configuration based on DHCP
Figure 3-1 shows the zero-configuration networking topology based on DHCP. CO RAX711-
C A is a zero-configuration server, and the remote RAX711-C C and RAX711-L A are remote
zero-configuration devices. The CO and remote devices can be connected indirectly, and also
can communicate indirectly through Raisecom devices or network devices of other vendors.
The remote device obtains NMS parameters by sending DHCP packets, and CO device
receives packets and sends Offer packets.
 Zero-configuration based on extended OAM
Figure 3-1 shows the zero-configuration networking topology based on extended OAM.
RAX711-C B is directly connected to RAX711-L B. NMS parameters are assigned between
CO device and remote device through extended OAM; wherein, the CO device is in OAM
active mode, and the remote device is in passive mode. By default, the IP RAN remote device
is in OAM passive mode.

29
Raisecom
3.1.2 CO zero-configuration
As a CO zero-configuration server, the RAX711-C supports two zero-configuration schemes:
zero-configuration based on DHCP or extended OAM. The RAX711-C responds requests
from the remote devices, assigns or reuses management IP addresses, and maintains the
address pool.
Zero-configuration based on DHCP

As shown in Figure 3-2, DHCP is running between the RAX711-C and RAX711-L; wherein,
the CO device is configured as the DHCP server while the remote device is configured as the
DHCP client. The remote device applies for NMS parameters from the CO device as below:
Step 1 The uplink physical interface on the remote device triggers the automatical application for the
IP address, traverses DHCP Discovery packets sent from VLANs 1–4094. Packets carry the
Option 60 field, which contains vendor information and VLAN.
Step 2 Receiving the Discover packet, the CO device selects the corresponding address pool
according to information carried on the Option 60 field and the IP address of the gateway to
assign the idle IP address for the remote device, and forms Offer packet to send to the remote
device.
Step 3 After the remote device receives the Offer packet, it will stop sending the Discovery packet
and configure polling. It then analyses the Offer packet and obtain the management VLAN.
Step 4 The remote device configures the management interface to Trunk mode according to the
management VLAN, and allows packets of the management VLAN to pass. It sends the
Request packet, which carries CO information and assigned IP address, through the
management VLAN.
Step 5 After receiving the request packet, the CO device verifies whether the information is correct;
if it is correct, the CO device sends the ACK packet to the remote device; otherwise sends the
NAK packet.
Step 6 After receiving the ACK packet, the remote device creates a management interface,
configures the IP address, and reconfigures other applied NMS parameters.

30
Raisecom
Figure 3-2 Zero-configuration on indirect connection between remote devices
Zero-configuration based on DHCP is applicable to directly-connected or indirectly-

connected remote devices.
Zero-configuration based on extended OAM

As shown in Figure 3-3, the extended OAM protocol, which is used to assign NMS
parameters, is running between the CO RAX711-C and the remote RAX711-L. The CO
device is configured to work in OAM active mode while the remote device is configured to
work in OAM passive mode. The powered-on remote device automatically triggers
automatical application for the IP address, and applies parameters of IP address and VLAN of
the NMS by sending extended OAM packets.
Zero-configuration based on extended OAM protocol is applicable to directly-connected
remote devices.

31
Raisecom
Figure 3-3 Zero-configuration on direct connection between remote devices
When the CO device is manually configured to OAM active mode and enabled with
extended OAM, it automatically discovers the remote device after being powered on.
3.1.3 Zero-configuration of remote device

The RAX711-C, as the zero-configuration remote device, supports obtaining NMS parameters
from the zero-configuration server.
After the remote device is properly connected to the network, power on it. Then, it sends
DHCP Discovery packets to obtain NMS parameters. The remote device triggers zero-
configuration in the following modes:
 Powering it on
 Configuring it through CLI
 Automatically triggered a period after it fails to obtain the IP address
 Triggered when its interface becomes Up/Down after it fails to obtain the IP address

32
Raisecom
3.2 Configuring local zero-configuration

Scenario
 When a local RAX711-C is connected with remote devices, it can discover these remote
devices by using the extended OAM protocol and configure the management IP address,
management VLAN, and default route for them. Therefore, the NView NNM system can
quickly manage remote devices through the public IP address and global interface ID of
the RAX711-C without being configured manually.
 When the local RAX711-C and remote devices are connected directly/indirectly, both the
local and remote devices can provide zero-configuration through Dynamic Host
Configuration Protocol (DHCP).
Prerequisite
 The RAX711-C is a local device.
 The local zero-configuration server is connected to the NView NNM system and remote
devices properly.
 Perform the following operations on the local device based on the extended OAM
protocol:
– Create and activate the management VLAN.
– The interface of the remote device used for direct connection is configured to work in
Trunk mode and allows the management VLAN to pass.
– Manually enable the OAM active mode on the interface.
 Based on DHCP, the remote device is connected to the network and configured as the
zero-configuration client. It has created and activated the management VLAN.
3.2.2 Configuring zero-configuration server based on extended

OAM
Configuring management VLAN

2 Raisecom(config)#create vlan vlan- Create and activate a VLAN.
id active

33
Raisecom

3 Raisecom(config)#oam mng-vlan vlan- Configure the remote management VLAN for zero-
id configuration.
By default, it is VLAN 0.
After configuring the remote management

VLAN through this command, do not manually
modify switching attributes of the downlink
interface on the CO device; otherwise, the NMS
channel will be disconnected.
5 Raisecom(config-port)#oam enable Enable OAM.
6 Raisecom(config-port)#oam active Configure the OAM active mode of the interface.
Configuring address pool and gateway

2 Raisecom(config)#ip oam server Configure the address pool of the OAM property and
pool pool-name enter address pool configuration mode.
By default, there is an OAM-based address pool

named oam-def-pool. Its address range is from
172.221.218.2 to 172.221.218.201, its subnet
mask is 255.255.252.0, and its gateway is
172.221.216.1.
3 Raisecom(config-pool)#address Configure the IP address range and subnet mask of the
start-ip-address end-ip-address address pool.
mask { mask-address | mask-
length }
4 Raisecom(config-pool)#gateway ip- Configure the gateway of the address pool.
address
Raisecom(config-pool)#exit Exit address pool configuration mode.
5 Raisecom(config)#interface vlan Enter VLAN interface configuration mode. The VLAN
vlan-id is the preconfigured management VLAN.
6 Raisecom(config-vlanif)#ip address Configure the IP address of the VLAN interface, which
ip-address should be the gateway address of the address pool.

34
Raisecom
Configuring NAT
Network Address Translation (NAT) is used to convert the private management IP address of
the remote device to the public IP address. Through zero-configuration, the remote device
obtains a private IP address from the local device. NAT can be used to translate the private IP
address into the public IP address of the management network and distinguish different
remote devices in a form of public IP address+global interface ID. Network management
information transmitted between remote devices and the NView NNM system is forwarded
through the public IP address. Therefore, you should configure the public IP address and
related management VLAN of the local device.

2 Raisecom(config)#access-list Create an ACL and enter ACL configuration mode.
acl-number
3 Raisecom(config-acl-ipv4- Configure an ACL filtering rule.
advanced)#rule [ rule-id ]
permit ip source-ip-address
Sent the packet, whose source IP address complies with the
source-ip-mask any ACL filtering rule, to the CPU.
Raisecom(config-acl-ipv4- Exit ACL configuration mode.
advanced)#exit
4 Raisecom(config)#interface Enter physical layer interface configuration mode.
The interface is used to connect the public network.
5 Raisecom(config-port)#ip Configure the IP address of the public network, which is
address ip-address ip-mask used to communicate with the NView NNM system.
6 Raisecom(config-port)#nat Configure NAT.
outbound acl-number
The ACL ID is identical to the one created at step 2.
7 Raisecom(config-port)#exit Enter global configuration mode.
8 Raisecom(config)#nat server Configure the mapping between the private network and
{ tcp | udp } private-ip- public network.
address private-port public-ip-
address public-port
9 Raisecom(config)#nat static Configure static address mapping of basic NAT.
[ outband ] private-ip-address
public-ip-address
3.2.3 Configuring zero-configuration server based on DHCP
Configuring zero-configuration Server based on VLAN interface

2 Raisecom(config)#create vlan vlan- Create a VLAN, and activate it.
id active
3 Raisecom(config)#interface vlan Enter VLAN interface configuration mode. The VLAN
vlan-id ID is the ID of the created VLAN.

35
Raisecom

4 Raisecom(config-vlanif)#ip address Configure the IP address on the interface, which is
ip-address consistent with the gateway of the address pool.
5 Raisecom(config-vlanif)#ip dhcp Enable DHCP Server on the interface.
server
By default, it is disabled.
Raisecom(config-vlanif)#exit Exit interface configuration mode.
6 Raisecom(config)#ip dhcp server Create an address pool of the DHCP property, and enter
pool pool-name address pool configuration mode.
By default, there is an OAM-based address pool

named oam-def-pool. Its address range is from
172.221.216.2 to 172.221.218.1, its subnet
mask is 255.255.252.0, and its gateway is
172.221.216.1.
7 Raisecom(config-pool)#address Configure the IP address range and subnet mask of the
start-ip-address end-ip-address address pool.
mask { mask-address | mask-
length }
8 Raisecom(config-pool)#gateway ip- Configure the default gateway of the address pool.
address
The gateway is identical to the private IP address of the
management IP address assigned to the remote device
by the local device.
9 Raisecom(config-pool)#lease Configure the lease period of the address pool.
expired { minute | infinite }
By default, it is infinite.
10 Raisecom(config-pool)#option 60 Configure information carried by Option60.
vendor-string
11 Raisecom(config-pool)#trap server- Configure the IP address of the SNMP server (NView
ip ip-address NNM system) to which the Trap is sent.
12 Raisecom(config-pool)#tftp-server- Configure the TFTP server related to the address pool.
ip ip-address
13 Raisecom(config-pool)#exit Exit address pool configuration mode.
If the zero-configuration server assigns management IP addresses to remote devices

based on VLAN interface, network management information exchanged between
local and remote devices is tagged packets with the management VLAN ID.
Configuring NAT
NAT is used to convert the private management IP address of the remote device to the public
IP address. Through zero-configuration, the remote device obtains a private IP address from
the local device. NAT can be used to translate the private IP address into the public IP address
of the management network and distinguish different remote devices in a form of public IP
36
Raisecom
address+global interface ID. Network management information transmitted between remote

devices and the NView NNM system is forwarded through the public IP address. Therefore,
you should configure the public IP address and related management VLAN of the local device.

2 Raisecom(config)#access- Create an ACL and enter ACL configuration mode.
list acl-number
3 Raisecom(config-acl-ip- Configure an ACL filtering rule.
ext)#rule [ rule-id ]
permit ip source-ip- Sent the packet, whose source IP address complies with the ACL
address source-ip-mask any filtering rule, to the CPU.
4 Raisecom(config-acl-ip- Exit ACL configuration mode.
ext)#exit
5 Raisecom(config)#interface Enter VLAN interface configuration mode.
vlan vlan-id
The interface is used to connect the public network.
6 Raisecom(config-vlanif)#ip Configure the IP address of the public network, which is used to
address ip-address ip-mask communicate with the NView NNM system.
7 Raisecom(config- Configure NAT.
vlanif)#nat outbound acl-
number The ACL ID is identical to the one created at step 2.
(Optional) releasing IP address

When changing a remote device, which has applied for a management IP address, to prevent
the IP address from being occupied for a long time, you should manually release the IP
address at the local server.

2 Raisecom(config)#ip Release the specified IP address.
dhcp address ip-
address release This command is used to release the lease table and NAT table of the
local device only without influencing the IP address of the remote device.
(Optional) configuring lease file management
The RAX711-C supports saving and synchronizing the lease file automatically, as
well as deleting the lease file.
When changing the local zero-configuration server, you can upload assigned IP addresses in a
form of lease to the TFTP/FTP/SFTP server (such as a PC) for backup. After changing the
local device, you can download the backup lease file to the local device to confirm that these
assigned IP addresses are not lost.

37
Raisecom

2 Raisecom(config)#ip dhcp lease save Save the lease file.
3 Raisecom(config)#ip dhcp lease erase (Optional) delete the lease file from the
DHCP server.
4 Raisecom(config)#exit Exit global configuration mode.
5 Raisecom#upload dhcpLease { { ftp | sftp } Upload the lease file to the PC through
ip-address username password filename | TFTP/FTP/SFTP.
tftp ip-address } filename
6 Raisecom#download dhcpLease { { ftp | Download the lease file from the PC
sftp } ip-address username password through TFTP/FTP/SFTP.
filename | tftp ip-address } filename

1 Raisecom(config)#show ip dhcp Show configurations of interfaces of the DHCP server.
server
2 Raisecom(config)#show ip dhcp Show assigned IP addresses and information about
server lease remote devices.
3 Raisecom(config)#show ip server Show configurations of the DHCP or OAM address pool.
pool [ pool-name ]
4 Raisecom(config)#show ip dhcp Show statistics on the DHCP server.
server statistics
5 Raisecom(config)#show ip dhcp Show static binding information about IP addresses in the
static-bind address pool and the MAC address.
6 Raisecom(config)#show oam zero Show configurations of directly-connected zero-
config configurations.
7 Raisecom(config)#show remote Show configurations of remote devices in directly-
config-info all connected zero-configuration server mode.
3.3 Configuring remote zero-configuration

Scenario
The remote devices are scattered at the user side of the network, so configuring them takes a
lot of time and efforts. Remote zero-configuration supports applying for NMS parameters,
such as the management IP address, management VLAN, and default gateway, after the

38
Raisecom
devices are powered on. Therefore, devices can be managed quickly. This improves the
efficiency for configuring devices.
In general, remote devices can automatically apply for IP addresses when they are properly
connected to the local device and zero-configuration server of the local device is configured
properly. To change parameters about remote zero-configuration, see this section.
This section is applicable to the remote RAX711-C indirectly-connected to the zero-
configuration server.
Prerequisite
 Both the local and remote devices are configured with zero-configuration mode.
 No interface of the remote device is configured with the management VLAN.
 The uplink interface is UP.
3.3.2 (Optional) configuring remote zero-configuration

IP addresses obtained through zero-configuration are permanently valid without lease limit.

2 Raisecom(config)#ip dhcp (Optional) configure the RAX711-C to work as the zero-
client mode { zeroconfig | configuration remote device or common DHCP client.
normal }
By default, the RAX711-C works as the zero-configuration remote
device.
After the RAX711-C obtains NMS parameters and

configurations are complete in remote zero-configuration
mode, it cannot be changed to the common DHCP client
in principle.
vlan vlan-id
4 Raisecom(config-vlanif)#ip Enable remote zero-configuration, meanwhile, you can specify the
address dhcp [ server-ip IP address of the local DHCP server. If you specify the IP address
ip-address ] of the DHCP server, the remote device receives IP addresses
assigned by the specified DHCP server.
5 Raisecom(config-vlanif)#ip Configure information about the DHCP client, including the host
dhcp client { class-id name, class ID, and client ID. The information is added to the
class-id | client-id DHCP packet sent by the DHCP client.
client-id | hostname host-
name }
 If the remote device has obtained an IP address through DHCP, it is believed that
the remote device has obtained an IP address successfully regardless of whether
the default gateway is configured successfully or not.

39
Raisecom
 IP addresses, which are obtained in extended OAM mode, can be overridden by

the manually-configured ones on the same VLAN interface.
 IP addresses, which are obtained in DHCP mode, can be overridden by the
manually-configured ones on the same VLAN interface.
 You can configure the IP address manually based on VLAN interface.
3.3.3 (Optional) configuring zero-configuration polling

2 Raisecom(config)#ip dhcp Configure the zero-configuration polling period. Its unit is hour.
client zeroconfig polling
period hour By default, it is 2 hours.

1 Raisecom(config)#show ip dhcp client Show configurations and automatically-obtained
information about the DHCP client.
3.4 Configuration examples

3.4.1 Example for configuring DHCP-based zero-configuration
Networking requirements
As shown in Figure 3-4, the RAX711-C works as the local zero-configuration server and is
enabled with DHCP Server. The RAX711-L is enabled with remote zero-configuration. The
RAX711-C assigns the IP address, default gateway, and management VLAN to the RAX711-
L through the VLAN interface (the IP address is 173.31.1.150, and the associated
management VLAN is VLAN 10) of the RAX711-C. The route between the RAX711-C and
the NView NNM system is reachable.
The IP address and management VLAN of Client interface 1 are configured to 173.31.1.150
and VLAN 10 respectively.
Configure the following items on the RAX711-C:
 Address pool name: pool1
 IP address range: 172.31.1.100/16-172.31.1.149/16
 Default gateway of the address pool: 172.31.1.150/16
 Private IP address and VLAN interface of the device: 172.31.1.150/16 and VLAN 10
 Public IP address and VLAN interface of the device: 128.10.10.10/16 and VLAN 100

40
Raisecom
Configure local zero-configuration on the RAX711-C to ensure that the RAX711-L can
automatically obtain NMS parameters and can be managed.
By default, the RAX711-L is enabled with Trap.
Figure 3-4 Configuring indirectly-connected remote zero-configuration
Configuration steps
Configure local zero-configuration on the RAX711-C.
Step 1 Configure DHCP Server.
Raisecom#config
Raisecom(config)#interface vlan 10
Raisecom(config-vlan10)#ip dhcp server
Raisecom(config-vlan10)#ip address 172.31.1.150 255.255.0.0
Raisecom(config-vlan10)#exit
Step 2 Create and configure the address pool.
Raisecom(config)#ip dhcp server pool pool1

Raisecom(config-pool)#address 172.31.1.100 172.31.1.149 mask 16
Raisecom(config-pool)#gateway 172.31.1.150
Raisecom(config-pool)#lease expired infinite
Raisecom(config-pool)#option 60 raisecom010
Raisecom(config-pool)#exit
Step 3 Configure NAT.

41
Raisecom
Raisecom(config)#access-list 2001
Raisecom(config-acl-ipv4-advanced)#rule 10 permit ip 172.31.0.0
255.255.0.0 any
Raisecom(config-acl-ipv4-advanced)#exit
Raisecom(config-vlan100)#nat outbound 2001
Checking results
Use the show ip dhcp server command to show configurations of DHCP Server on the
RAX711-C.
Raisecom(config)#show ip dhcp server

Interface Status
------------------------------------
vlan10 Enable
Use the show ip server pool command to show address pool configurations of the DHCP
server on the RAX711-C.
Raisecom(config)#show ip server pool

Pool Name: : pool1
pool type : DHCP
Address Range : 172.31.1.1~172.31.1.149
Address Mask : 255.255.0.0
Gateway : 172.31.1.150
DNS Server: : 0.0.0.0
Secondary DNS : 0.0.0.0
Tftp Server : 0.0.0.0
Lease time : infinite
Trap Server: : 0.0.0.0
option60 : raisecom010
3.4.2 Example for configuring zero-configuration based on

extended OAM
As shown in Figure 3-5, as the local zero-configuration server, the RAX711-C is enabled with
OAM active functions. The RAX711-C is connected to the PTN through Client interface 1
and then accesses the NView NNM system. The RAX711-L is connected to the RAX711-C
through Client interface 2. The RAX711-L is enabled with OAM passive functions and is
connected upstream to the RAX711-C through Line interface 1.
Configure the following items on the RAX711-C:

42
Raisecom
 Management VLAN of the device: VLAN 20

 Address pool name: pool2
 IP address range: 172.31.8.1/16-172.31.8.149/16
 Default gateway of the address pool: 172.31.8.1
 Private IP address and VLAN interface of the device: 172.31.8.1 and VLAN 20
 Public IP address and VLAN interface of the device: 128.10.10.10 and VLAN 100
 IP address of NAT public network: 128.10.10.10
 Interface mode and allowed VLAN of Client interface 2 on the RAX711-C: Trunk mode
and VLAN 20
Configure local zero-configuration on the RAX711-C to ensure that the RAX711-L can
automatically obtain NMS parameters and can be managed.
By default, the RAX711-L is enabled with OAM and works in passive mode.
Figure 3-5 Configuring directly-connected remote zero-configuration
Configuration steps
Step 1 Configure the management VLAN, and activate it.
Raisecom(config)#create vlan 1-4094 active

Raisecom(config)#oam mng-vlan 20
Step 2 Enable OAM on Client interface 2 on the RAX711-C and configure the RAX711-C to work
in active mode.
Raisecom(config)#interface client 2
Raisecom(config-port)#oam enable
Raisecom(config-port)#oam active
Raisecom(config-port)#exit
43
Raisecom
Step 3 Configure the address pool.
Raisecom(config)#ip oam server pool pool2

Raisecom(config-pool)#address 172.31.8.1 172.31.8.149 mask 255.255.0.0
Raisecom(config-pool)#gateway 172.31.8.1
Step 4 Configure NAT.
Raisecom(config-acl-ipv4-advanced)#rule 20 permit ip 172.31.8.0
255.255.0.0 any
Raisecom(config-acl-ipv4-advanced)#exit
Raisecom(config-vlan10)#nat outbound 2002
Checking results
Use the show remote config-info all command to show assigned IP addresses on the
RAX711-C.
Raisecom(config)#show remote config-info all

Local port:client1
Local port:client2
MAC Address: 000e.5e01.0001
IP Address/mask: 172.31.8.2/255.255.0.0
IP Interface Vlan: 20
IP Default-gateway: N/A
Local port:client3
Local port:client4
Local port:client5
Local port:client6
Local port:client7
Local port:client8
Local port:client9
Local port:client10
Local port:client11
Local port:client12
Local port:line1
Local port:line2
Local port:line3
Local port:line4

44
Raisecom
RAX711-C (A)Configuration Guide 4 IP routing
4 IP routing
This chapter describes principles and configuration procedures of IP routing, and provides
related configuration examples, including the following sections:
 Introduction
 Configuring route management
 Configuring static route
 Configuring routing policy
 Configuring ARP
 Configuring DHCPv4 Client
 Configuring DHCPv4 Server
 Maintenance
4.1 Introduction
4.1.1 Routing
Routing refers to transmitting information from the source to the destination network. A route
works by selecting the route in turn to transmit information to the destination network.
The router selects a route according to the routing table of the local system. Selecting an
optimal route is the key for optimizing the router or routing protocol. A routing table contains
the following types of routes: the static route, default route, and dynamic route.
4.1.2 Static route

The static route provides the following usage:
 In the small-scale network, the administrator adds the static route to the routing table.
Generally, the static route is pre-configured during installing the device.
 A static route can reach either the edge of the network or the external network from the
edge of the network.
 A static route can be used as the default route. If the route entry meeting requirements
cannot be discovered from the routing table in the network, the device uses the default
route.
45
Raisecom
The static route has the following advantages:

 Occupying less CPU processing time
 Convenient for the administrator to know route
 Simple configuration
However, its disadvantage is that you need to consider the entire network situation when
configuring it. When the network structure changes, you need to manually configure it.
Therefore, when the network is expanded, you need more time to configure and maintain the
static route. Besides, making mistakes is easy in configuring the static route.
The default route, a special static route, is used when the matched route cannot be discovered
in the routing table.
4.1.3 ARP
Address Resolution Protocol (ARP) is used to resolve IP addresses of the network layer into
hardware addresses of data link layer. On the TCP/IP network, each host is assigned with an
IP address, which is called a logical address used to identify the host in the network. To
transmit packets through physical links, you must learn the physical address of the destination
host. This needs to establish a mapping between the IP address and the physical address.
A physical address on the Ethernet is a 48-bit MAC address. To transmit packets to the
destination host, a protocol must resolve the IP address of the host into a 48-bit MAC address,
which is the ARP. It not only resolves IP addresses into MAC addresses, but also establishes
mappings between them.
4.1.4 DHCP
With continuous extension of network scale and improvement of network complexity, the
number of PCs always exceeds the one of available IP addresses. In addition, with wide
application of laptops and wireless network, positions of PCs are changed frequently.
Therefore, IP addresses must be updated frequently, which may lead to more complex
network configurations. Dynamic Host Configuration Protocol (DHCP) is developed to solve
these problems.
DHCP works in client/server mode. A client sends an IP address configuration request to the
server and the server returns IP address configurations to the client to dynamically configure
the IP address.
Generally, there is one DHCP server and multiple clients (PCs/Laptops) in the typical DHCP
application, as shown in Figure 4-1.

46
Raisecom
Figure 4-1 Typical DHCP application
The RAX711-C supports DHCPv4, which is related to IPv4.
DHCP packets
DHCP packets are grouped into 8 types. The DHCP server and DHCP clients communicate
with each other through these 8 packets.
 DHCP DISCOVER: the first packet for DHCP clients performing the DHCP process
when they access the network initially. It is used to discover the DHCP server.
 DHCP OFFER: the packet used by the DHCP server to respond the DHCP DISCOVER
packet. This packet carries various configurations.
 DHCP REQUEST: this packet is used for these purposes:
– After clients are initiated, they send the broadcast DHCP REQUEST packet to reply
the DHCP OFFER packet sent by the DHCP server.
– After clients are rebooted, they send the broadcast DHCP REQUEST packet to
confirm the previously-assigned IP addresses.
– After a client is bound to an IP address, it sends the unicast DHCP REQUEST packet
to extend the IP address lease time.
 DHCP ACK: a packet used by the DHCP server to acknowledge the DHCP REQUEST
packet sent by the client. The IP address and related configurations take effect after the
client receiving the DHCP ACK packet.
 DHCP NAK: a packet used by the DHCP server to refuse the DHCP REQUEST packet
sent by the client. For example, the DHCP server will refuse the DHCP REQUEST
packet when the lease time of the IP address assigned to the client expires, or when the
client is moved to a new network.
 DHCP DECLINE: the packet used by clients to inform the DHCP server when clients
discover that assigned IP addresses conflicts. In addition, clients will re-apply to the
DHCP server for IP addresses.
 DHCP RELEASE: a packet used by the client to actively release the IP address assigned
by the DHCP server. After receiving the packet, the SHCP server will assign the IP
address to another client.
 DHCP INFORM: a packet used by the client to get other configurations (such as the
gateway address and DNS server address) from the DHCP server after the client gets an
IP address from the DHCP server,
Figure 4-2 shows the structure of the DHCP packet.
47
Raisecom
Figure 4-2 Structure of DHCP packet
Table 4-1 describes fields of the DHCP packet.
Table 4-1 Fields of DHCP packet

Name Length (B) Description
op 1 Packet type
 1: request packet
 2: response packet
htype 1 Hardware address type of a DHCP client
hlen 1 Hardware address length of a DHCP client
hops 1 Number of DHCP relays that DHCP request packet pass
The value is added by 1 once the DHCP request packet passes
through a DHCP relay.
xid 4 Transaction ID, a random number chosen by the DHCP client.
It is used to identify an address request process.
secs 2 Time elapsed since the DHCP client initiates a DHCP request.
At present, it is not used and is configured to 0.
flags 2 The first bit is a broadcast response identifier, which is used to
identify that the DHCP server sends the response packet in the
unicast/broadcast mode
 0: unicast
 1: broadcast
Other bits are configured to 0.
ciaddr 4 IP address of the DHCP client, which is padded when the
DHCP client is being bound, updated, or rebounded. In
addition, this IP address can be used to respond the ARP
request.
yiaddr 4 IP address of the DHCP client allocated by the DHCP server
siaddr 4 IP address of the DHCP server

48
Raisecom
Name Length (B) Description

giaddr 4 IP address of the first DHCP relay where the DHCP request
packet pass
chaddr 16 Hardware address of the DHCP client
sname 64 Name of the DHCP server
file 128 Startup configuration file name and route information about
the DHCP client specified by the DHCP server
options Variable Optional variable length fields, including the packet type,
length valid lease, IP address of the Domain Name System (DNS)
server, and IP address of the Windows Internet Name Server
(WINs)
DHCP Option
DHCP uses Option fields of the packet to transmit control information and network
configuration parameters for dynamically assigning IP addresses and providing richer
network configurations for clients. There are 255 Option fields defined by DHCP, where the
end Option filed is 255. Table 4-2 lists some common DHCP Option fields.
Table 4-2 Fields of DHCP Option

Code Description
3 Router option, used to specify the gateway address of DHCP clients
6 DNS server option, used to specify the DNS server address assigned for DHCP
clients
18 IPv6-based DHCP client identifier option, used to specify interface information
about DHCP clients
51 IP address lease option
53 DHCP packet type option, used to identify the DHCP packet type
55 Request parameter list option, used for DHCP clients to specify network
configuration parameters to be received from the DHCP server. The contents of
the option are values of parameters requested by DHCP clients.
61 DHCP client identifier option, used to specify device information about DHCP
clients
66 TFTP server name option, used to specify the domain name of TFTP server
assigned to DHCP clients
67 Startup file name option, used to specify the startup file name assigned to
DHCP clients
82 DHCP client identifier option. It can be customized and is mainly used to
identify positions of DHCP clients.

49
Raisecom
Code Description
150 TFTP server address option, used to specify the address of TFTP server
assigned to DHCP clients
184 DHCP reserved option. At present, Option184 is mainly used to carry
information required for voice call. With Option184, the DHCP server can
assign IP address to DHCP clients that support the voice feature. In addition, the
DHCP server can provide information related to voice call.
255 End option
DHCP Option fields 18, 61, and 82 represents relay information in the DHCP packet. When
DHCP clients send the request packet to the DHCP server, DHCP relay/DHCP Snooping will
add Option fields to the request packet, if the packet needs to pass through the DHCP
relay/DHCP Snooping.
DHCP Option fields 18, 61, and 82 can be used to record DHCP client information on the
DHCP server. Together with other software, DHCP Option fields 18, 61, and 82 can control
and account IP address assignment. For example, cooperating with IP Source Guard, DHCP
Option fields 18, 61, and 82 can resist effectively fraud of IP address+MAC address.
The Option82 field contains up to 255 sub-options. If the Option82 field is defined, at least
one sub-options needs to be defined. At present, the RAX711-C supports 2 sub-options: Sub-
Option 1 (Circuit ID) and Sub-Option 2 (Remote ID).
 Sub-Option 1: the VLAN ID and interface ID of the interface that receives the DHCP
request packet
 Sub-Option 2: MAC address (DHCP relay) of interface that receives the DHCP request
packet or the bridge MAC address (DHCP Snooping) of the device
DHCP Client
The RAX711-C can be taken as a DHCP client to get an IP address from the DHCP server for
the DHCP server managing the device.
DHCP Server
In the following scenarios, you need to use the DHCP server to assign IP addresses:
 In a large network scale, it is a heavy workload to manually configure IP addresses. In
addition, it is difficult to perform centralized management on the whole network.
 When the number of hosts in the network exceeds the one of IP addresses supported by
the network, you cannot assign a fixed IP address for each host. For example, the IPS
limits the number of users accessing the network. Therefore, a great number of users
need to get their IP address dynamically.
 In a network, only a few hosts need fixed IP addresses and most hosts do not need fixed
IP addresses.
The RAX711-C supports acting as the DHCP server.
For occupation time of IP addresses, hosts have different requirements. Servers may use a
fixed IP address for a long time. Some hosts may use a dynamically-assigned IP address for a
long time. Some PCs may need an IP address assigned temporarily.

50
Raisecom
For these different requirements, the DHCP server provides 3 IP address assignment policies:
 Assign IP addresses manually: the network administrator assigns fixed IP addresses for a
few specified hosts (such as WWW server). The MAC address of the client is bound to
an IP address. When the client applies for an IP address, the DHCP server finds the fixed
IP address based on the MAC address of the client and then assigns the IP address to the
client.
 Assign IP addresses automatically: assign fixed IP addresses for some hosts that access
the network initially. These IP addresses are used by hosts for a long time.
Assign IP addresses dynamically: assign an IP address to a client in a "lease" form. After the
lease time expires, the client needs to re-apply for an IP address. Most clients obtain a
dynamically-assigned IP address.
4.2 Configuring route management

Scenario
Dynamic routing protocols require the Router ID. If no Router ID is specified when these
dynamic routing protocols are enabled, the Router ID of routing management will be used.
The RAX711-C has the capability to establish and refresh the routing table. In addition, it can
forward data packets based on the routing table. By viewing the routing table, you can learn
network topology structure and locate faults.
Prerequisite
N/A
4.2.2 Configuring routing management

2 Raisecom(config)#router id router-id Configure the router ID.

1 Raisecom#show router id Show the Router ID.
2 Raisecom#show ip route [ protocol { static | Show the routing table.
connected | rip } ] [ detail ]
3 Raisecom#show ip route ip-address [ mask- Show the route to the destination
address ] [ longer-prefixes ] [ detail ] address.

51
Raisecom

4 Raisecom#show ip route ip-address1 [ mask- Show the route between 2 IP
address1 ] ip-address2 [ mask-address2 ] addresses.
[ detail ]
5 Raisecom#show ip route summary Show route summary.
4.3 Configuring static route

Scenario
The static route has the following advantages:
 Consume less time for the CPU to process them.
 Facilitate the administrator to learn the route.
 Be configured easily.
However, when configuring the static route, you need to consider the whole network. If the
network structure is changed, you need to modify the routing table manually. Once the
network scale is enlarged, it will consume lots of time to configure and maintain the network.
In addition, it may cause more errors.
The default route is a specific static route. It will be used when no matched route is found in
the routing table.
Prerequisite
N/A
4.3.2 Configuring static route

2 Raisecom(config)#ip route { ip-address mask- Configure the static route.
address | ip-address/mask } next-hop
[ distance distance ] [ description string ]
[ tag tag ]
3 Raisecom(config)#ip route static distance (Optional) configure the default
distance administrative distance of the static route.

52
Raisecom
4.4 Configuring routing policy

4.4.1 Configuring IP prefix-list
2 Raisecom(config)#ip prefix-list prefix- Create an IP prefix-list.
name [ seq seq-number ] { deny |
permit } any
If no prefix-list ID (seq-number) is configured,
Raisecom(config)#ip prefix-list prefix-
the system will generate a prefix-list ID
name [ seq seq-number ] { deny |
automatically. The generated pre-fix list ID has
permit } ip-address/mask [ ge min-
5 digits.
length ] [ le max-length ]
3 Raisecom(config)#ip prefix-list prefix- Configure descriptions of the IP prefix-list.
name description string
If the length of descriptions exceeds 80
characters, the first 80 characters are available.
 If one record is in permit type, all mismatched routes are in deny type by default.
Only matched routes can pass filtering of the IP prefix-list.
 If one record is in deny type, all mismatched routes are in deny type by default.
Even matched routes cannot pass filtering of the IP prefix-list. Therefore, you
need to add a permit record after multiple deny records to allow other routes to
pass.
 If there are multiple records in the IP prefix-list, there must be a record in permit
type.
4.4.2 Configuring route mapping table

2 Raisecom(config)#route-map Create the route mapping table and enter route mapping
map-name { permit | deny } configuration mode.
number
3 Raisecom(config-route- (Optional) configure descriptions of the route mapping table.
map)#description string
If there is any space in descriptions, descriptions should be
within quotes.
4 Raisecom(config-route-map)#on- (Optional) configure the on-match sub-clause to continuing
match next to match at the next node.
By default, the process is finished after matching.
5 Raisecom(config-route-map)#on- (Optional) configure the on-match sub-clause to continuing
match goto number to match at some node.

53
Raisecom

6 Raisecom(config-route- (Optional) continue to match routes by scheduling other
map)#call map-name routing table after matching the route.
7 Raisecom(config-route- (Optional) configure the match sub-clause to matching the
map)#match ip next-hop acl- next hop based on the extended IP ACL.
number
map)#match ip next-hop prefix- next hop based on the IP prefix-list.
list prefix-name
9 Raisecom(config-route- (Optional) configure the match sub-clause to matching the IP
map)#match ip address acl- address based on the extended IP ACL.
number
10 Raisecom(config-route- (Optional) configure the match sub-clause to matching the IP
map)#match ip address prefix- address based on the IP prefix-list.
list prefix-name
map)#match interface name interface name.
12 Raisecom(config-route- (Optional) configure the match sub-clause to the matching
map)#match metric metric rule that is based on the route metric value.
13 Raisecom(config-route- (Optional) configure the match sub-clause to the matching
map)#match tag tag rule that is based on the Tag field of the route tagging.
14 Raisecom(config-route-map)#set (Optional) configure the set sub-clause to modifying the
metric [ + | - ] metric route metric value after matching.
metric-type { type-1 | type- route metric type after matching.
2 }
src ip-address source IP address after matching.
ip next-hop ip-address next-hop IP address of the route after matching.
tag tag routing information tag after matching.
4.5 Configuring ARP

Scenario
ARP is a protocol used to resolve IP addresses into Ethernet MAC addresses (physical
addresses).

54
Raisecom
Prerequisite
Configure the IP address of the interface.
4.5.2 .Configuring ARP

2 Raisecom(config)#arp mode Configure ARP mode.
{ learn-all | learn-reply-
only } By default, learn MAC addresses of all hosts.
3 Raisecom(config)#arp aging- (Optional) configure the aging time of dynamic ARP entries.
time time
By default, the aging time is configured to 1200s.
4 Raisecom(config)#arp ip- (Optional) configure the static ARP entry.
address mac-address
interface-type interface-
number
6 Raisecom(config-port)#arp Enable dynamic ARP learning on the interface.
learning enable
By default, dynamic ARP learning is enabled on the
interface.
7 Raisecom(config-port)#arp max- Configure the maximum number of dynamically-learned
learning-num number ARP entries.

1 Raisecom#show arp [ ip-address | [ local-proxy ] Show ARP information.
interface vlan vlan-id | static ]
4.6 Configuring DHCPv4 Client

Scenario
When working as the DHCPv4 client, the RAX711-C can obtain an IP address from the
DHCPv4 server. You can use the IP address to manage the RAX711-C.
When IP addresses are assigned in a dynamic mode, the IP address assigned to the DHCPv4
client has a lease period. When the lease period expires, the DHCPv4 server will withdraw the
IP address. If the DHCPv4 client wishes to continue to use the IP address, it needs to renew
the IP address. If the lease period does not expire and the DHCPv4 client does not need to use
the IP address, it can release the IP address.
55
Raisecom
The RAX711-C supports configuring DHCP Client on the VLAN interface only.
Prerequisite
The RAX711-C is not enabled with DHCPv4 Server and works in common DHCP Client
mode.
4.6.2 (Optional) configuring DHCPv4 Client
Before enabling the DHCPv4 client on the VLAN interface to apply for the IP address,
configure DHCPv4 client information.
2 Raisecom(config)#interface vlan Enter VLAN interface configuration mode.
vlan-id
3 Raisecom(config-vlanif)#ip dhcp Configure DHCPv4 client information, including the
client { class-id class-id | client- class ID, client ID, and host name.
id client-id | hostname hostname }
4.6.3 Configuring DHCPv4 Client on VLAN interface

vlan-id
3 Raisecom(config-vlanif)#ip address Configure DHCPv4 Client and specify the IP address
dhcp [ server-ip ip-address ] of the DHCPv4 server. It means enabling the DHCPv4
client to apply for the IP address.
4.6.4 (Optional) renewing/releasing IPv4 address

vlan-id
3 Raisecom(config-vlanif)#ip dhcp Renew the IPv4 address.
client renew
4 Raisecom(config-port)#no ip address (Optional) release the IPv4 address.
dhcp

56
Raisecom

1 Raisecom#show ip dhcp client [ interface- Show configurations of DHCPv4 Client.
type interface-number ]
4.7 Configuring DHCPv4 Server

Scenario
When the RAX711-C works as the DHCPv4 server, the DHCPv4 client can obtain the IP
address from the RAX711-C.
Prerequisite
The RAX711-C is not enabled with DHCPv4 Client. In addition, the DHCPv4 server works in
common DHCPv4 server mode.
4.7.2 Creating and configuring IPv4 address pool

2 Raisecom(config)#ip dhcp server pool Create the IPv4 address pool and enter address
pool-name pool configuration mode.
3 Raisecom(config-pool)#address start-ip- Configure the range of the IPv4 address pool.
address end-ip-address mask { mask |
mask-length }
4 Raisecom(config-pool)#lease expired Configure the lease period of the IPv4 address
{ minute | infinite } pool.
5 Raisecom(config-pool)#dns-server ip- Configure the DNS server of the IPv4 address
address [ secondary ] pool.
6 Raisecom(config-pool)#gateway ip-address Configure the default gateway of the IPv4
address pool.
7 Raisecom(config-pool)#option 60 vendor- Configure information carried by Option 60.
string
8 Raisecom(config-pool)#tftp-server ip- Configure the TFTP server of the IPv4 address
address pool.
9 Raisecom(config-pool)#trap server-ip ip- Configure the Trap server of the IPv4 address
address pool.

57
Raisecom
4.7.3 Configuring DHCPv4 Server of the interface

2 Raisecom(config)#interface vlan vlan-id Enter interface configuration mode.
3 Raisecom(config-vlanif)#ip dhcp server Enable DHCPv4 Server.

1 Raisecom#show ip dhcp server Show DHCP server configurations.
2 Raisecom#show ip dhcp server Show assigned IPv4 addresses and client information.
lease
3 Raisecom#show ip dhcp server Show packet statistics on the DHCPv4 server.
statistics
4 Raisecom#show ip dhcp static- Show DHCPv4 static lease information.
bind
4.8 Maintenance
Command Description
Raisecom#show arp [ ip-address | [ local-proxy ] Show ARP information.
interface vlan vlan-id | static ]

4.9.1 Example for configuring DHCPv4 Client
As shown inFigure 4-3, the RAX711-C works as the DHCPv4 client with the host name being
set to raisecom. The RAX711-C accesses to the DHCPv4 server and the NView NNM system
through the service interface. The DHCPv4 server assigns an IP address to the RAX711-C.
Therefore, the NView NNM system can discover and manage the RAX711-C.

58
Raisecom
Figure 4-3 Configuring DHCPv4 relay
Configuration steps
Step 1 Configure DHCPv4 relay.
Raisecom#config
Raisecom(config-vlan1)#ip dhcp client hostname raisecom
Step 2 Apply for an IP address through the DHCP mode.
Raisecom(config-vlan1)#ip address dhcp server-ip 192.168.1.1
Checking configurations
Use the show ip dhcp client command to show DHCPv4 relay configurations.
Raisecom#show ip dhcp client

dhcp client mode: zeroconfig
Hostname: raisecom
Class-ID: Raisecom-RITP_5.1.2
Client-ID: Raisecom-000e5e454545-IF0
DHCP Client is requesting for a lease.
Assigned IP Addr: 0.0.0.0
Subnet mask: 0.0.0.0
Default Gateway: --
Client lease Starts: Jan-01-1970 08:00:00
Client lease Ends: Jan-01-1970 08:00:00
Client lease duration: 0(sec)
DHCP Server: 0.0.0.0
Tftp server name: --

59
Raisecom
Tftp server IP Addr: --

Startup_config filename: --
NTP server IP Addr: --
Root path: --
4.9.2 Example for configuring DHCPv4 Server
As shown inFigure 4-4, the RAX711-C works as the DHCPv4 server for assigning IP address
to DHCPv4 clients. Parameters are configured as below:
 Lease time: 8 hours
 Name of IP address pool: pool1
 IP address range: 172.31.1.2–172.31.1.100
 IP address of the DNS server: 172.31.100.1
Figure 4-4 Configuring DHCPv4 server
Configuration steps
Step 1 Create and configure the IP address pool.
Raisecom#config
Raisecom(config)#ip dhcp server pool pool1
Raisecom(config-pool)#address 172.31.1.2 172.31.1.100 mask 24
Raisecom(config-pool)#lease expired 4320
Raisecom(config-pool)#dns-server 172.31.100.1
Step 2 Configure DHCP Server on the interface.

60
Raisecom
Raisecom(config-client1)#ip dhcp server
Checking configurations
Use the show ip dhcp server command to show configurations of DHCPv4 Server.
Raisecom#show ip dhcp server

Interface Status
------------------------------
client1 Enable
Use the show ip server pool command to show IP address pool configurations of the
DHCPv4 server.
Raisecom#show ip server pool

Pool name Pool type
----------------------------------------
Pool1 dhcp
Pools count: 1
4.9.3 Example for configuring ARP
As shown inFigure 4-5, the RAX711-C is connected to hosts. In addition, it connects to the
Router through Client interface 1. The IP address and MAC address of the Router are
configured to 192.168.27.1/24 and 000e.5e12.1234 respectively.
Configure the aging time of dynamic ARP entries to 600s. To enhance security of
communication between the RAX711-C and the Router, you need to configure static ARP
entries on the RAX711-C.

61
Raisecom
Figure 4-5 Configuring ARP
Configuration steps
Step 1 Add a static ARP entry.
Raisecom(config)#arp 192.168.27.1 000e.5e12.1234
Step 2 Configure the aging time of dynamic ARP entries to 600s.
Raisecom(config)#arp aging-time 600
Checking results
Use the show arp command to show information about all ARP entries in the ARP table.
Raisecom#show arp
ARP aging-time: 600 seconds(default: 1200s)
ARP mode: Learn all
ARP table:
Total: 4 Static: 1 Dynamic: 3
IP Address Mac Address Interface Vlan Type Age(s) status
-----------------------------------------------
172.16.70.1 000E.5E12.1234 vlan1 1 static -- PERMANENT
172.16.70.9 14FE.B5EE.F22C vlan1 1 dynamic 135 REACHABLE
172.16.70.15 D4BE.D9E4.F8EE vlan1 1 dynamic 292 REACHABLE
172.16.70.16 000C.29C6.03AD vlan1 1 dynamic 412 REACHABLE

62
Raisecom
RAX711-C (A) Configuration Guide 5 Ethernet
5 Ethernet
This chapter describes principles and configuration procedures of Ethernet, and provides
 Introduction
 Configuring MAC address table
 Configuring VLAN
 Configuring super VLAN
 Configuring selective QinQ
 Configuring VLAN mapping
 Configuring loop detection
 Configuring interface protection
 Configuring port mirroring
 Configuring storm control
 Configuring L2CP
 Maintenance
5.1 Introduction
5.1.1 MAC address table
MAC address entries

Layer 2 devices forward Ethernet packets through MAC address forwarding rules. Each
device has a forwarding table, the MAC address table, where a MAC address is corresponding
to one interface. The MAC address table is a Layer 2 forwarding table including relation
between the MAC address and forwarding interface. All packets in the ingress direction of the
interface are forwarded according to MAC address table. It is the basis for Ethernet devices to
forward Layer 2 packets quickly.
MAC address entries include the following information:
 The source MAC address

63
Raisecom
 Interface ID corresponding to the source MAC address

 VLAN ID of the interface
 The type of MAC address
Classification of MAC address table

MAC address entries include static MAC address entries and dynamic MAC address entries.
 Static MAC address entries: called permanent address, can be added/deleted manually
and is not aged. For a network with relatively fixed devices, you can reduce the
broadcast traffic by adding static MAC address entries manually to improve interface
security. The static MAC address table is reserved after the device is reset, hot swapping
of the interface card, or interface card is reset.
 Dynamic MAC address entries: the dynamic MAC address table is created by
automatically learning the source MAC addresses of received packets. It can be aged
based on the configured aging time. MAC address table is cached in the RAX711-C, and
the capacity of MAC address table saved in the RAX711-C depends on the cache
capacity. Generally, the dynamic MAC address table is not reserved after the device is
reset, hot swapping of the interface card, or interface card is reset.
 Blackhole MAC address entries: used to discard packets with the specified destination
MAC address, manually configured, not aged
MAC address aging time

The MAC address aging mechanism is suitable for the dynamic MAC address entry only. The
capacity of the MAC address on the RAX711-C is limited. To fully use resources of MAC
address forwarding table, the RAX711-C updates MAC address table through the aging
mechanism. And the system creates dynamic MAC address entry, at the same time, enables
the aging timer. If the RAX711-C fails to receive packets from the dynamic MAC address
entry once more within the aging time, the MAC address entry will be deleted.
MAC address learning

Most MAC address entries are created and maintained through MAC address learning. When
a packet is sent to a device, the device will look up the MAC address table for the interface ID
that is related to the destination MAC address of the packet. If successful, the device will
forward the packets to the received interface. Meanwhile, the device will add the relevant
source MAC address, interface ID, and VLAN ID to the MAC address table.
When a packet is sent to the learned MAC address through other interfaces, the packet will be
directly forwarded to the received interface according to the MAC address table. If the
destination MAC address is not listed in the MAC address, the device floods the packets to all
interfaces except for the interface that receives this packet. In addition, the source MAC
address of the packet will be added to the MAC address table on the device.
MAC address limit

The RAX711-C obtains MAC address of each network device in the network segment
connected with certain interface through MAC address learning. For these packets transmitted
to the MAC address, the RAX711-C conducts hardware forwarding by directly looking up
MAC address, thus improving forwarding rate of the chip.
This feature is used to limit MAC address entries. If the MAC address table is over great, it
may cost more time to search for a MAC address entry. Therefore, the forwarding
64
Raisecom
performance of Ethernet switches will decrease. However, MAC address limit can
troubleshoot this problem. MAC address limit is an effective method to manage the MAC
address table.
When MAC address entries learned by the interface or VLAN reach the configured maximum,
the interface does not learn MAC address any more.
Forwarding modes of MAC address

When forwarding packets based on MAC address entries, the RAX711-C adopts following
modes:
 Unicast: when a MAC address entry, which is related to the destination MAC address of
a packet, is listed in the MAC address table, the RAX711-C will directly forward the
packet to the received interface through the egress interface of the MAC address entry.
Otherwise, the RAX711-C broadcasts the packet, as shown in Figure 5-1.
Figure 5-1 Unicast forwarding mode of MAC address
 Multicast: when the destination address of packets received on the RAX711-C is a

multicast MAC address, if a MAC address entry, which is related to the destination
MAC address of a packet, is listed in the MAC address table, the RAX711-C will
directly forward the packet to the received interface through the egress interface of the
MAC address entry. Otherwise, the RAX711-C broadcasts the packet, as shown in
Figure 5-2.

65
Raisecom
Figure 5-2 Multicast forwarding mode of MAC address
 Broadcast: if the destination address of packets received on the RAX711-C is all F's, or a
MAC address entry, which is related to the destination MAC address of a packet, is listed
in the MAC address table, the RAX711-C will forward the packet to all interfaces,
except the receiving interface, through broadcast forwarding mode of MAC address, as
shown in Figure 5-3.
Figure 5-3 Broadcast forwarding mode of MAC address
5.1.2 VLAN
Introduction
By maintaining MAC address table, the Layer 2 switch forwards packets according to MAC
address table. This effectively uses network bandwidth and improves network performance.
The Layer 2 switch can effectively isolate collision domains but cannot effectively partition
broadcast domains. If the number of PCs is over great, this will generates excessive broadcast
traffic, thus causing network performance to decline sharply and even the network to crash.

66
Raisecom
To ensure fast running of the network, broadcast domains must be partitioned to reduce
broadcast traffic. Therefore, the VLAN technology is introduced.
Virtual Local Area Network (VLAN) is a Layer 2 isolation technology that partitions devices
in a LAN logically to different parts. These parts are independent and cannot communicate
with each other. However, they can communicate through the router or Layer 3 switch. By
partitioning VLANs, you can isolate broadcast domains and reduce broadcast storms. Figure
5-4 shows how to partition a VLAN.
VLAN and LAN have the same features, but the difference is that devices in the same VLAN
can communicate regardless of physical locations.
Figure 5-4 VLAN partition
As shown in Figure 5-4, Shanghai and Beijing belong to two LANs, but no services are
transmitted between hosts belonging to the same LAN. When broadcast storm occurs, host in
a same LAN will receive broadcast packets, causing occupancy and waste of bandwidth. By
partitioning VLAN, the hosts which do not need to communicate are isolated, thus enhancing
network security and reducing broadcast traffic and broadcast storm.
Advantages
Advantages of VLAN partition are as below:
 Partitioning broadcast domains reduces broadcast storm. One VLAN is a logic subnet
and a broadcast domain.
 The network security is enhanced. Devices in a same VLAN can receive data frame each
other, but cannot receive data frame sent from other devices in the different VLAN.
Devices in different VLANs cannot communicate directly, but they can communicate
through routers or Layer 3 devices.
 Network management is simplified. Different from physical subnets partitioned by the
router, PCs included in the VLAN can be in different locations. Any PC can be added to
the same VLAN.
Working principles
After VLAN is partitioned, the RAX711-C will be virtually divided to multiple logic devices.
MAC address learning and data switching of these devices are based on VLAN. Each VLAN
is corresponding to an independent MAC address table.

67
Raisecom
When receiving a data frame on the interface, the RAX711-C will check the VLAN of the
interface, and then check the MAC address table related to the VLAN. If the destination
address of the data frame is in the MAC address table, related to the VLAN, the RAX711-C
will forward this data frame. Otherwise, it will discard this data frame.
802.1Q and VLAN Tag

After VLAN is configured on the RAX711-C, to identify data frame of different VLANs, you
need to add VLAN Tag, namely, the VLAN tag, to the data frame. This performance is
implemented through 802.1Q.
802.1Q stipulates a new Ethernet frame field. Compared with standard Ethernet frame, VLAN
packets add a four-byte 802.1Q tag to the source address. Figure 5-5 shows formats of the
standard Ethernet frame and 802.1Q frame.
Figure 5-5 Formats of the standard Ethernet frame and 802.1Q frame
 Tag Protocol Identifier (TPID): it is a new frame type defined by the IEEE. It means the
packet is added 802.1Q tag. Its identification value is 0x8100.
 VLAN Identifier (VID): a 12-bit field specifying the VLAN to which the frame belongs.
The value ranges from 1 to 4094. A Port VLAN ID (PVID) is a default VLAN ID. In an
interface-based VLAN, each interface has a PVID. When an Untagged packet is sent to
the interface, the RAX711-C will forward this packet according to the PVID Tag.
VLANs supported by the RAX711-C meet the IEEE 802.1Q standard. The RAX711-C
supports 4094 concurrent VLANs.
 Canonical Format Indicator (CFI): It is used to distinguish the format of frames when the
bus Ethernet and Fiber Distributed Digital Interface (FDDI)/Token Ring network
exchange data.
 Priority: a 3-bit field which indicates the frame priority level. Values are from 0 (best
effort) to 7 (highest). The bigger the number is, the higher the priority is. When the
network is congested, the device sends packets with higher priorities first.
Interfaces modes and modes for processing packets

The iTN28800 interface modes are divided into Access mode and Trunk mode. Table 5-1 lists
comparison on interface modes and modes for processing packets.

68
Raisecom
Table 5-1 Interfaces modes and modes for processing packets

Interface Processing modes for ingress packet Processing modes for egress
type packet
Untagged Tagged packet
packet
 If the VLAN ID of a  If the VLAN ID of a packet is
Access Add the
Access packet is identical to identical to the Access VLAN
VLAN Tag the Access VLAN ID, ID, send the packet after
to packets. receive the packet. without its Tag.
packet is in the Access in the Access egress-allowed

egress-allowed list, list, send the untagged packet
receive the packet. after removing its Tag.
Otherwise, discard the Otherwise, discard the packet.
packet.
Trunk Add the
Native packet is in the Trunk in the Trunk allowed list, and
VLAN Tag allowed list, receive not in the Trunk untagged list,
to packets. the packet. Otherwise, send the packet without its
discard the packet. original Tag.
 If the configured  If the VLAN ID of a packet is
Native VLAN is the in the Trunk untagged list, send

default VLAN, the packet without its original
received the packet. Tag.
VLAN partition
Generally, VLAN partition modes are as below:
 Interface-based VLAN partition: it is the simplest and most effective partition mode. It
defines VLAN members based on interface. After interfaces are assigned to the specified
VLAN, they can forward packets of the specified VLAN.
 Subnet-based VLAN partition: it is based on IP address of each host. When the host is
relocated, you need not reconfigure VLAN. However, each device must check network
address of each data packet, thus consuming time and reducing forwarding efficiency of
chip.
 MAC-based VLAN partition: it is suitable for configuring a VLAN for each host with
MAC address. When the host is relocated, you need not reconfigure VLAN. When the
number of hosts is tens of thousands, lots of configurations are needed, thus badly
reducing the forwarding rate of data packets.
 Protocol-based VLAN partition: it is based on protocol supported by each host. When
the host is moved, you need not reconfigure VLAN and add frame tag to identify VLAN,
which reduces network communication. However, each device must check the Ethernet
frame header of each data packet, thus consuming much time and reducing forwarding
efficiency of chip.
The RAX711-C supports interface-based VLAN partition.
5.1.3 Super VLAN

The traditional ISP network assigns each customer an IP subnet. In this case, three IP
addresses are wasted because they cannot be used by hosts. They are the network ID,
69
Raisecom
directional broadcasting address, and gateway of the subnet. If some unassigned IP addresses
exist in the subnet of some customers, the network scalability becomes worse and IP
addresses are wasted.
Super VLAN involve the super VLAN and sub-VLAN as below:
 Super VLAN: contain Layer 3 logic interfaces but physical interfaces. It is a set of
multiple sub-VLANs.
 Sub-VLAN: contain physical interfaces but Layer 3 logic interfaces, use the IP address
of the Layer 3 logic interface of the super VLAN as the default gateway to communicate
with the external Layer 3 switch through ARP proxy. Sub-VLANs are isolated from each
other like common VLANs on the Layer 2.
ARP proxy refers to the process that a source host in a subnet of a physical network sends the
ARP request to the destination host of a subnet of another physical network and the gateway
connected to the source host sends ARP Reply message through the MAC address of its
interface in replacement of the destination host.
As shown in Figure 5-6, a host in sub-VLAN 100 communicates with that in sub-VLAN 200.
When super VLAN 10 is enabled with ARP proxy, its Layer 3 interface implements ARP
learning, processing received and sent ARP packets, and ARP proxy.
Figure 5-6 Sub-VLAN and super VLAN partition
If host A in VLAN 100 wishes to communicate with host B in VLAN 200, it sends an ARP
request packet with the destination IP address of 10.10.10.200 and MAC address of the
broadcast address. The packet carries VLAN 100 Tag and is firstly received by the CPU. The
switch configures the Rx interface to VLAN 10 according to mapping between the super
VLAN and sub-VLAN so that ARP learning, processing received and sent ARP packets, and
ARP proxy can be later implemented in VLAN 10.

70
Raisecom
Host B is not in the broadcast domain of VLAN 100, so it fails to receive the ARP request
packet. After ARP proxy is enabled, the interface of VLAN 10 replies host A with its MAC
address as the MAC address of host B when the ARP request packet sent from host A on
Layer 2 reaches the switch. However, the ARP entry of host B does not exist on the switch, so
the interface of super VLAN 10 send the ARP request packet to each sub-VLAN (excluding
the VLAN sending the ARP request packet) to request the MAC address of host B. After host
B replies, packets to be sent from host A to host B are sent to the switch which forward these
packets normally on Layer 3.
The process for host B to send host B the packet is similar as above.
5.1.4 QinQ
QinQ (also called Stacked VLAN or Double VLAN) is a Layer 3 tunnel technology based on
IEEE 802.1Q. It is defined in 802.1ad standard.
Basic QinQ
QinQ is a simple Layer 2 VPN tunnel technology. QinQ encapsulates an outer VLAN Tag for
a private packet, so that the packet traverses the backbone network of the Internet service
provider (ISP) carrying double VLAN tags. In the ISP, the packet is transmitted according to
the outer VLAN Tag (public VLAN Tag). And the private VLAN Tag is transmitted as the
data in the packet.
Figure 5-7 Typical networking of basic QinQ
Figure 5-7 shows the typical networking of basic QinQ. As the Provider Edge (PE), the uplink
interfaces of the RAX711-C access the PE network, and the downlink interfaces access the
user devices.
When the packet is transmitted from user device to PE, the VLAN tag carried on the packets
is VLAN 100. After traversing the PE, the packet is added outer tag, VLAN 200, and then
enters the PE network through uplink interface of the PE.
After the packet with outer tag, VLAN 200, is transmitted from the PE to the other PE, the
other PE sends the packet to the user device after removing the outer tag, VLAN 200. At this
time, the packet carries a VLAN Tag again, VLAN 100.
Selective QinQ
Selective QinQ is an enhanced application for basic QinQ. Based on some features, selective
QinQ can perform traffic classification on users' data and encapsulate different data flows
with different outer VLAN Tags. With selective QinQ, you can encapsulate different Tags for
packets with different inner Tags based on the mapping rule. In addition to all functions
realized by basic QinQ, selective QinQ can also perform different operations on packets
received by the same interface based on different VLAN Tags.
Selective QinQ can provide more flexible networking capabilities. With selective QinQ,
devices can classify customer devices on the interface that is connected to the access layer,
71
Raisecom
encapsulating different outer Tags for various customer devices. In addition, selective QinQ
adopts the outer Tag to configure the QoS policy on the public network, flexibly configure the
data transmission priority, and provide related services for users.
5.1.5 Loop detection

Loop detection is used to eliminate impact on the network and improve network error-
detection, error tolerance, and stability.
Loop detection is applied to the edge interface. Loop detection based on interface works
based on interface. When a loop is found on an interface, the RAX711-C will block the
interface. After the automatical restoration time expires, the RAX711-C releases the interface.
Loop detection works as below:
Step 1 The interface periodically sends a Loopback-detection packet (interval is configurable. By
default, it is 1s).
Step 2 The RAX711-C checks whether the interface enabled with loop detection receives Loopback-
detection packet.
Step 3 If yes, and one of the following conditions is met, the RAX711-C will block the interface and
send a Trap by default, or take different actions as configured.
 The Loopback-detection packet is sent from the local device, and the ID of the interface
sending the packet is smaller than the ID of the receiving interface.
 The Loopback-detection packet is sent from other devices, and the MAC address of the
local device is greater than the source MAC address of the packet.
Step 4 After detecting a loop in configured non-shutdown mode, the RAX711-C automatically starts
the automatic restoration and releases the block interface after the loop is eliminated.
5.1.6 Interface protection

When you need to isolate Layer 2 data among different interfaces, you can add these
interfaces to different VLANs. Sometimes when you need to isolate Layer 2 data among
different interfaces in the same VLAN, you can apply interface protection.
You can enable interface protection on interfaces that need to be controlled, thus isolating
Layer 2 data among different interfaces like physical isolation. This enhances network
security, and provide flexible networking scheme for users.
After being configured with interface protection, interfaces cannot transmit packets to each
other. However, they can still communicate with interfaces that are not enabled with interface
protection.
5.1.7 Port mirroring

Port mirroring refers to mirroring packets of the source ports to the monitor port without
affecting packets forwarding. After port mirroring takes effect, packets in the ingress and
egress directions of a port will be copied to the monitor port. The mirroring port and monitor
port cannot be the same port. You can use this function to monitor the receiving and sending
status of a port and analyze the network situation.

72
Raisecom
Figure 5-8 Principles of port mirroring
PC 1 accesses the network through Client port 1 on the RAX711-C. PC 3 is the monitor PC
and is connected to Client port 2 on the RAX711-C.
To monitor packets sent by PC 1, you need to configure Client port 1 as the mirroring port
and enable port mirroring for packets on the ingress port. Configure Client port 2 as the
monitor port, namely, the mirroring destination port.
When forwarding a packet sent by PC 1, the RAX711-C mirrors the packet to Client port 2.
PC 3 connected to the monitor port receives and analyzes these mirrored packets.
5.1.8 Storm control

The Layer 2 network is a broadcast domain. When an interface receives excessive broadcast,
unknown multicast, and unknown unicast packets, broadcast storm occurs. If you do not
control broadcast packets, broadcast storm may occur and occupies much network bandwidth.
Broadcast storm can degrade network performance and impact forwarding of unicast packets
or even lead to communication halt.
Restricting broadcast flow generated from network on Layer 2 device can suppress broadcast
storm and ensure common unicast forwarding normally.
Occurrence of broadcast storm

The following flows may cause broadcast flow:
 Unknown unicast packets: unicast packets of which the destination MAC is not in the
MAC address table, namely, the Destination Lookup Failure (DLF) packets. If these
packets are excessive in a period, the system floods them and broadcast storm may occur.
 Unknown multicast packets: multicast packets of which the destination MAC is not in
the MAC address table. If these packets are excessive in a period, the system floods them
and broadcast storm may occur.
 Broadcast packets: packets of which the destination MAC is multicast. If these packets
are excessive in a period, broadcast storm may occur.

73
Raisecom
Principles of storm control

Storm control filters broadcast, unknown multicast, unknown unicast packets that may
generate broadcast storm on the network. After storm control is enabled, the RAX711-C will
automatically discard broadcast packets. If storm control is disabled or broadcast packets have
not reached the preconfigured threshold, the RAX711-C will normally forward packets to
other interfaces of the device.
5.1.9 L2CP
Metro Ethernet Forum (MEF) introduces service concepts, such as EPL, EVPL, EP-LAN, and
EVP-LAN. Different service types have different processing modes for Layer 2 Control
Protocol (L2CP) packets.
The RAX711-C supports the following L2CP packets:
 CDP
 802.1x
 LACP
 LLDP
 802.3ah
 PVST
 STP
 VTP
MEF6.1 defines processing modes for L2CP as below.
 Discard: discard the packet, by applying the configured L2CP profile on the ingress
interface of the RAX711-C.
 Peer: send packets to the CPU in the same way as the discard action.
 Tunnel: transparently transmit packets. It is more complex than discard and peer mode,
requiring cooperating profile at network side interface and carrier side interface tunnel
terminal to allow packets to pass through the carrier network.
5.2 Configuring MAC address table

Scenario
When configuring the MAC address table, you can configure static MAC addresses for fixed
and important devices to prevent illegal users from accessing the network from other
locations.
To avoid saving excessive dynamic MAC addresses to the MAC address table and exhausting
resources of the MAC address table, you need to configure the aging time of dynamic MAC
addresses to ensure upgrading dynamic MAC addresses effectively.

74
Raisecom
Prerequisite
N/A
5.2.2 Configuring static MAC address table

2 Raisecom(config)#mac-address Add a static unicast MAC address to the MAC address table.
static unicast mac-address
vlan vlan-id interface-type
interface-number
It must be a unicast MAC address. The local MAC
address, multicast address, all-F, and all-0 MAC
addresses cannot be configured as the static MAC
address.
5.2.3 Configuring dynamic MAC address table

Commands for steps 2 to 4 are used to configure dynamic MAC address limit in interface
configuration mode. Commands for steps 5–9 are used to configure dynamic MAC address
limit in VLAN configuration mode and VSI configuration mode respectively.

3 Raisecom(config-port)#mac-address Enable MAC address learning.
learning enable
By default, MAC address learning is enabled.
4 Raisecom(config-port)#mac-address (Optional) configure dynamic MAC address limit.
threshold threshold-value [ action
{ discard | forward } ]
By default, no dynamic MAC address limit is
configured.
5 Raisecom(config)#vlan vlan-id Enter VLAN configuration mode.
6 Raisecom(config-vlan)#mac-address Enable MAC address learning.
learning enable
By default, MAC address learning is enabled.
7 Raisecom(config)#mac-address aging- (Optional) configure the aging time of MAC address.
time second By default, the aging time is 300s.
8 Raisecom(config)#vlan vlan-id (Optional) enter VLAN configuration mode.
9 Raisecom(config-vlan)#mac-address (Optional) configure dynamic MAC address limit.
threshold threshold-value
By default, no dynamic MAC address limit is
configured.

75
Raisecom
5.2.4 Configuring blackhole MAC address

2 Raisecom(config)#mac-address blackhole Create the blackhole MAC address. By default,
mac-address vlan vlan-id no blackhole MAC address is configured.
5.2.5 Configuring suppression of MAC address flapping

2 Raisecom(config)#mac- Enable global suppression of MAC address flapping.
address move-restrain
enable
3 Raisecom(config)#mac- Enable Trap sending for global suppression of MAC address
address mac-move trap flapping.
enable
By default, it is enabled.

1 Raisecom#show mac-address count [ vlan vlan-id ] Show the number of MAC
[ interface-type interface-number ] addresses.
2 Raisecom#show mac-address { all | static | Show MAC addresses.
dynamic } [ vlan vlan-id ] [ interface-type
interface-number ]
3 Raisecom#show mac-address learning [ vlan | Show enabling information about
interface-type interface-number ] the automatic learning of MAC
address table.
4 Raisecom#show mac-address mac-move Show status of MAC address
flapping.
5 Raisecom#show mac-address threshold [ interface- Show configurations of MAC
type interface-number | vlan vlan-list ] address limit.
5.2.7 Maintenance
1 Raisecom(config)#clear mac-address { all | Clear MAC addresses of a
blackhole | dynamic | static | mac-address } [ vlan specified type.
vlan-id ] [ interface-type interface-number ]

76
Raisecom

2 Raisecom(config)#search mac-address mac-address Query a MAC address.
{ all | dynamic | static } [ interface-type
interface-number ] [ vlan vlan-id ]
5.3 Configuring VLAN

Scenario
The main function of VLAN is to partition logic network segments. There are 2 typical
application modes:
 Small LAN: on one Layer 2 device, the LAN is carved up to several VLANs. Hosts that
connect to the device are carved up by VLANs. So hosts in the same VLAN can
communicate, but hosts between different VLANs cannot communicate. For example,
the financial department needs to be separated from other departments and they cannot
access each other. In general, the port connected to the host is in Access mode.
 Big LAN or enterprise network: multiple Layer 2 devices connect to multiple hosts and
these devices are concatenated. Packets take VLAN Tag for forwarding. Ports of
multiple devices, which have identical VLAN, can communicate, but hosts between
different VLANs cannot communicate. This mode is used for enterprises that have many
people and need a lot of hosts, and the people and hosts are in the same department but
different positions. Hosts in one department can access each other, so you have to carve
up VLAN on multiple devices. Layer-3 devices like a router are required if you want to
communicate among different VLANs. The concatenated ports among devices are in
Trunk mode.
Prerequisite
N/A
5.3.2 Configuring VLAN properties

2 Raisecom(config)#create vlan vlan-list Create a VLAN.
active
By default, there is no VLAN and the interface is
not added to any VLAN.
4 Raisecom(config-vlan)#name vlan-name (Optional) configure the VLAN name.
Raisecom(config-vlan)#exit
5 Raisecom(config)#interface interface- Enter physical layer interface configuration mode.
type interface-number

77
Raisecom

6 Raisecom(config-port)#switchport mode Configure the current interface to be an
{ access | trunk } Access/Trunk interface.
By default, all interfaces are Access interfaces.
7 Raisecom(config-port)#switchport Configure the type of packets that are disallowed
reject-frame { tagged | untagged } to pass on the interface.
 VLANs that are created through the vlan vlan-id command are in active status.
 All configurations of a VLAN cannot take effect until the VLAN is activated.
5.3.3 Configuring VLANs based on Access interface

2 Raisecom(config)#interface interface-type Enter physical layer interface
interface-number configuration mode.
3 Raisecom(config-port)#switchport mode access Configure the interface mode to
Access.
4 Raisecom(config-port)#switchport access vlan Configure the interface Access VLAN.
vlan-id
5 Raisecom(config-port)#switchport access egress- Configure the VLAN list allowed by

allowed vlan { all | vlan-list } [ confirm ] the Access interface.
Raisecom(config-port)#switchport access egress-
allowed vlan { add | remove } vlan-list
5.3.4 Configuring VLANs based on Trunk interface

3 Raisecom(config-port)#switchport mode Configure the interface mode to Trunk.
trunk
4 Raisecom(config-port)#switchport trunk Configure the interface Native VLAN.

native vlan vlan-id
5 Raisecom(config-port)# switchport trunk (Optional) configure the VLAN list allowed by

allowed vlan { all | vlan-list } the Trunk interface.
[ confirm ]

78
Raisecom

6 Raisecom(config-port)#switchport trunk (Optional) configure the Untagged VLAN list
untagged vlan { all | vlan-list } allowed by the Trunk interface.
[ confirm ]
7 Raisecom(config-port)#switchport trunk (Optional) configure the action taken by the
native vlan { tagged | untagged } Trunk interface when a packet with the Native
VLAN Tag comes out of the interface.
 The Trunk interface permits Native VLAN packets passing regardless of

configurations for Trunk Allowed VLAN list and Trunk Untagged VLAN list on the
interface. And forwarded packets do not carry VLAN TAG.
 When configuring a Native VLAN, the system will automatically create and
activate a VLAN if you do not create the VLAN in advance.
 The interface permits Trunk Allowed VLAN packets passing. If the VLAN is a
Trunk Untagged VLAN, the VLAN TAG of the packet is removed on the egress
interface. Otherwise, the packet is not modified.
 If the configured Native VLAN is not the default VLAN and there is no default
VLAN in the VLAN list on the Trunk interface, the interface will not allow packets
in the default VLAN to pass.
 When configuring a Trunk Untag VLAN list, the system automatically adds all
Untagged VLAN to the Trunk allowed VLAN.
 Trunk allowed VLAN list and Trunk Untagged VLAN list are valid for the static
VLAN only.

1 Raisecom#show vlan [ vlan-list | static Show configurations and status of all VLANs or
| dynamic ] [ detail ] a specified VLAN.
2 Raisecom#show switchport interface Show switching configurations on the interface
5.4 Configuring super VLAN

Scenario
With super VLAN, hosts that are connected to the same switch but belong to different VLANs
can communicate on Layer 3 by using the IP address of Layer 3 interface of the super VLAN
as the default gateway.

79
Raisecom
Prerequisite
 After being configured, the super VLAN cannot contain any member interfaces. If a
VLAN has member interfaces, it cannot be configured with attributes of super VLAN.
 Create a VLAN to be added to the super VLAN, and activate it.
5.4.2 Configuring super VLAN

2 Raisecom(config)#create vlan vlan-id Create a VLAN.
active
4 Raisecom(config-vlan)#supervlan Configure the VLAN as a super VLAN.
5 Raisecom(config-vlan)#subvlan [ add | Configure sub-VLANs of the super VLAN.
remove ] subvlan-id
6 Raisecom(config-vlan)#exit Exit VLAN configuration mode.
7 Raisecom(config)#interface vlan vlan-id Enter VLAN interface configuration mode.
8 Raisecom(config-vlanif)#ip address ip- Configure the IP address of the super VLAN.
address
9 Raisecom(config-vlanif)#arp local-proxy Enable local ARP proxy of the super VLAN.
enable
After being configured as a super VLAN, a VLAN cannot be configured with the
VLAN interface and IP address.

1 Raisecom#show supervlan [ vlan-id ] Show configurations of super VLAN and sub-
Raisecom#show vlan VLANs.
2 Raisecom#show ip interface brief Show configurations of the IP address of the super

VLAN.

80
Raisecom
5.5 Configuring basic QinQ

Scenario
With basic QinQ, you can add outer VLAN Tag and freely plan your own private VLAN ID.
Therefore, the data between devices on both ends of the Internet Service Provider (ISP)
network can be transparently transmitted, without conflicting with the VLAN ID in the ISP
network.
Prerequisite
 Connect interfaces and configure physical parameters of interfaces. Make the physical
layer Up.
 Create a VLAN.
5.5.2 Configuring basic QinQ

2 Raisecom(config)#mls double-tagging (Optional) configure the TPID of global inner
inner-tpid tpid Tags.
3 Raisecom(config)#interface interface- Enter interface configuration mode.
4 Raisecom(config-port)#tpid tpid Configure the interface TPID.
5 Raisecom(config-port)#dot1q-tunnel Enable basic QinQ on the interface.
6 Raisecom(config-port)#dot1q-tunnel cos (Optional) enable the inner CoS Tag to override
override the outer CoS Tag.
By default, this function is disabled.
7 Raisecom(config-port)#switchport access (Optional) add the Access interface to the VLAN.
vlan vlan-id
Raisecom(config-port)#switchport trunk (Optional) add the Trunk interface to the VLAN.
native vlan vlan-id
5.5.3 Configuring egress interface to Trunk mode

3 Raisecom(config-port)#switchport Configure the interface to Trunk mode.
mode trunk

81
Raisecom

1 Raisecom#show dot1q-tunnel Show configurations of basic QinQ.
5.6 Configuring selective QinQ

Scenario
Different from basic QinQ, selective QinQ features different outer VLAN Tags for services on
the network, such as voice, video, and data services. It can group services when services are
forwarded, implementing the VLAN mapping between inner and outer VLAN tags.
Prerequisite
 Connect interfaces and configure physical parameters of interfaces. Make the physical
layer Up.
 Create a VLAN.
5.6.2 Configuring selective QinQ

2 Raisecom(config)#mls double-tagging inner- (Optional) configure the TPID value of the
tpid tpid inner Tag.
3 Raisecom(config)#interface interface-type Enter interface configuration mode.
interface-number
4 Raisecom(config-port)#tpid tpid Configure the interface TPID.
5 Raisecom(config-port)#switchport vlan- Configure selective QinQ rules on the
mapping cvlan vlan-list [ cos cos-value ] interface in ingress direction.
add-outer vlan-id [ cos cos-value ]
6 Raisecom(config-port)#switchport vlan- Add double VLAN Tags to untagged
mapping both cvlan vlan-id add-outer vlan- packets received by the interface.
id [ cos cos-value ] { translate vlan-id |
remove }
Raisecom(config-port)#switchport vlan- Add the outer VLAN Tag to packets with
mapping both cvlan vlan-id cos cos-value1 CVLAN and CoS received by the interface.
add-outer vlan-id [ cos cos-value2 ]
{ translate vlan-id | remove }

82
Raisecom

Raisecom(config-port)#switchport vlan- Configure VLAN mapping rules for packets
mapping both outer vlan-id [ inner vlan- with the outer VLAN Tag or double VLAN
id ] translate vlan-id1 vlan-id2 [ cos cos- Tags received by the interface.
value ]
mapping both priority-tagged cos cos-value1 priority Tag and CoS received on the
add-outer vlan-id [ cos cos-value2 ] interface.
mapping both { untag | priority-tagged } priority Tag and untagged packets received
add-outer vlan-id [ cos cos-value ] on the interface.
[ translate vlan-id | remove ]
mapping both inner vlan-id add-outer vlan- VLAN Tag received on the interface, and
id [ cos cos-value ] specify the outer CoS.
7 Raisecom(config-port)#switchport vlan- (Optional) configure the interface to discard
mapping-miss discard packets that mismatch VLAN mapping
rules.
 If you have configured selective QinQ based on VLAN+CoS, or specified the CoS
value of the added outer Tag, you need to use the no dotlq-tunnel command on
the interface to disable basic QinQ.
 The switchport interface cannot be configured with selective QinQ in aggregation
group configuration mode.

1 Raisecom#show dot1q-tunnel Show configurations of basic QinQ.
2 Raisecom#show vlan-mapping interface Show configurations of selective QinQ.
interface-type interface-number add-outer
3 Raisecom#show vlan-mapping both interface Show VLAN mapping rules in both
interface-type interface-number directions of the interface.

83
Raisecom
5.7 Configuring VLAN mapping

Scenario
Differentiated from QinQ, VLAN mapping only changes the VLAN tag but does not
encapsulate additional multilayer VLAN Tag. You just need to change VLAN Tag to make
packets transmitted according to carrier's VLAN mapping rules, without increasing frame
length of the original packet. VLAN mapping is used in the following situations:
 Map user services into one carrier VLAN ID.
 Map multi-user services into one carrier VLAN ID.
Prerequisite
 Connect the interface, configure its physical parameters, and make it Up at the physical
layer.
 Create and activate a VLAN.
5.7.2 Configuring 1:1 VLAN mapping

2 Raisecom(config)#interface interface-type Enter physical layer interface configuration
interface-number mode.
3 Raisecom(config-port)#switchport vlan- Configure 1:1 VLAN mapping rules on the
mapping { egress | ingress } vlan-id ingress/egress interface.
translate vlan-id
You can configure 1:1 VLAN mapping
based on outer VLAN ID, outer CoS, inner
VLAN ID, and inner CoS.
4 Raisecom(config-port)#switchport vlan- Configure VLAN+CoS VLAN mapping
mapping egress outer vlan-list [ cos cos- rules on the egress interface.
value ] [ inner vlan-list ] [ cos cos-
value ] translate [ outer-vid vlan-id ]
[ outer-cos cos-value ] [ inner-vid vlan-
id ] [ inner-cos cos-value ]
5 Raisecom(config-port)#switchport vlan- (Optional) configure the interface to discard
mapping-miss discard mismatched packets on the interface in
ingress direction.
For packets complying with VLAN mapping rules, forward them after VLAN mapping.
Namely, the forwarded VLAN is the mapped VLAN and the MAC address of the
packet is learnt from the mapped VLAN.

84
Raisecom
5.7.3 Configuring N:1 VLAN mapping

3 Raisecom(config-port)#switchport Configure N:1 VLAN mapping rules on the
vlan-mapping both vlan-list ingress/egress interface.
translate vlan-id
By default, VLAN mapping is disabled.

1 Raisecom#show vlan-mapping interface interface-type Show configurations of
interface-number { both | egress | ingress } translate VLAN mapping.
5.8 Configuring loop detection

Scenario
On the network, hosts or Layer 2 devices connected to access devices may form a loop
intentionally or involuntarily. Enable loop detection on downlink interfaces on all access
devices to avoid the network congestion generated by unlimited copies of data traffic. When a
loop is detected on an interface, the interface will be blocked.
Prerequisite
Configure physical parameters of the interface and make it Up at the physical layer.
5.8.2 Configuring loop detection
For directly-connected devices, you cannot enable loop detection on both ends
simultaneously.

85
Raisecom

3 Raisecom(config-port)#loopback- Enable loop detection on an interface.
detection [ pkt-vlan { untag | vlan-
id } ] [ hello-time second ] [ restore- (Optional) configure the VLAN for sending
time second ] [ action { block | trap- packets, the period for sending Hello packets,
only | shutdown } ] [ log-interval restoration period, action taken for loops, and
minute ] logging interval.
Raisecom(config-port)#loopback- Enable loop detection on an interface.
detection detect-vlanlist vlan-list
[ hello-time second ] [ restore-time (Optional) configure the VLAN list for loop
second ] [ action { discard-vlan | detection, the period for sending Hello packets,
trap-only | shutdown } ] [ log-interval restoration period, action taken for loops, and
minute ] logging interval.
4 Raisecom(config-port)#loopback- (Optional) configure the interval for outputting
detection manual restore log for the loop detection.
By default, it is 0 minute.

1 Raisecom#show loopback-detection [ interface- Show configurations of loop detection on
type interface-number ] [ detail ] the interface.
5.8.4 Maintenance
1 Raisecom(config)#clear loopback-detection Clear statistics on loop detection on the
statistic [ interface-type interface-number ] interface.
5.9 Configuring interface protection

Scenario
To isolate Layer 2 data among interfaces in a VLAN and implement isolation similar to
physical isolation, you need to configure interface protection.
By configuring interface protection, you can isolate data among interfaces in a VLAN,
enhance network security, and provide flexible networking scheme for users.

86
Raisecom
Prerequisite
N/A
5.9.2 Configuring interface protection

3 Raisecom(config-port)#switchport Enable interface protection.
protect

1 Raisecom#show switchport protect Show configurations of interface protection.
5.10 Configuring port mirroring

Scenario
Port mirroring refers to mirroring packets of the specified mirroring port to the specified
monitor port or LAG without affecting packet forwarding. You can use this function to
monitor the receiving and sending status of one or more ports and analyze the network
situation.
Prerequisite
N/A
5.10.2 Configure port mirroring of CPU packets

2 Raisecom(config)#mirror- Configure port mirroring of CPU packets, and configure port
group group-id source-cpu mirroring rules.
[ ingress | egress ]
You can configure port mirroring in both the ingress and egress
directions.

87
Raisecom
5.10.3 Configuring port mirroring

2 Raisecom(config)#mirror-group Create a port mirroring group.
group-id
4 Raisecom(config-port)#mirror- Configure the monitor port of port mirroring.
group group-id monitor-port
5 Raisecom(config-port)#mirror- Configure the mirroring port and the mirroring rules.
group group-id source-port
{ ingress | egress }
You can configure port mirroring in both the ingress and
egress directions.

1 Raisecom#show mirror-group [ group-id ] Show configurations of port mirroring.
5.11 Configuring storm control

Scenario
Configuring storm control on Layer 2 devices can prevent broadcast storm when broadcast
packets increase sharply on the network. Therefore, this helps ensure that the unicast packets
can be properly forwarded. In addition, you can configure storm control to filter packets to
forward or discard packets.
Prerequisite
Connect interfaces and configure physical parameters of interfaces. Make the physical layer
Up.
5.11.2 Configuring storm control


88
Raisecom

3 Raisecom(config-port)#storm-control Configure the storm control threshold.
{ broadcast | unknown-multicast | dlf
| all } bps bps By default, it is 0, namely, no rate limiting.
4 Raisecom(config-port)#storm-filter Enable storm filtering.
{ broadcast | unknown-multicast | dlf
| all } enable
When storm control is enabled, you can configure rate limiting but rate limiting will not
take effect. After storm control is disabled, rate limiting will take effect.

1 Raisecom#show storm-control interface Show configurations of storm control.
[ interface-type interface-number ]
5.12 Configuring L2CP

Scenario
On the access device of MAN, you can configure a L2CP profile on user network interface
according to services from the carrier to configure L2CP of the user network so that L2CP
packets from the user network are processed in different ways.
Prerequisite
N/A
5.12.2 Configuring global L2CP

2 Raisecom(config)#l2cp-process Configure the multicast destination MAC address of
tunnel destination-address transparently transmitted packets.
mac-address
By default, it is 010E.5E00.0003.

89
Raisecom
The multicast destination MAC address cannot begin with 0180.C2 or 010E.5E
(except 010E.5E00.0003).
5.12.3 Configuring L2CP profile
Configuring basic information about L2CP profile

2 Raisecom(config)#l2cp- Create a L2CP profile for processing packets.
process profile
profile-id Enter L2CP profile configuration mode.
3 Raisecom(config-l2cp- (Optional) configure the name of the L2CP profile.
profile)#name string
4 Raisecom(config-l2cp- Configure the action for processing L2CP packets of the specified
profile)#l2cp-process type.
protocol { oam | stp |
dot1x | lacp | lldp |
By default:
cdp | vtp | pvst | elmi  L2CP profile 1 sends OAM, Dot1x, LACP, and LLDP packets to
| udld | pagp | all } the CPU, discards VTP, PVST, CDP, UDLD, and PAGP packets,
action { tunnel | drop and transparently transmit STP packets.
| peer }  L2CP profile 2 transparently transmits STP, Dot1x, LACP, CDP,
VTP, PVST, ELMI, UDLD, and PAGP packets, and sends OAM
and LLDP packets to the CPU.
 A new L2CP profile transparently transmits STP, Dot1x, LACP,
CDP, VTP, PVST, LLDP, ELMI, UDLD, and PAGP packets, and
sends OAM packets to the CPU.
Configuring transparently transmitted packets

2 Raisecom(config)#l2cp- Create a L2CP profile for processing packets.
process profile profile-id
Enter L2CP profile configuration mode.
3 Raisecom(config-l2cp- Configure the egress interface for transparently transmitting
profile)#tunnel interface- L2CP packets, namely, the carrier-side interface.
4 Raisecom(config-l2cp- Configure the type of the tunnel for transparently transmitting
profile)#tunnel tunnel-type L2CP packets to MAC.
{ mac }

90
Raisecom

5 Raisecom(config-l2cp- When the type of the tunnel for transparent transmission is
profile)#tunnel vlan vlan-id MAC, configure the VLAN ID for transparently transmitting
L2CP packets.
In addition, you must configure the carrier-side

interface to allow packets of this VLAN to pass.
5.12.4 Applying L2CP profile

3 Raisecom(config-port)#l2cp-process Apply the L2CP profile on the interface.
profile profile-id

1 Raisecom#show l2cp-process profile [ profile- Show information about the created
id ] L2CP profile.
2 Raisecom#show l2cp-process [ interface-type Show configurations of L2CP on the
interface-number ] interface.
3 Raisecom#show l2cp-process tunnel statistics Show statistics on L2CP packets on
[ interface-type interface-number ] the interface.
5.13 Maintenance
Command Description
Raisecom(config)#clear mac-address { all | blackhole | Clear MAC addresses.
dynamic | static | mac-address } [ vlan vlan-id ]
Raisecom(config)#search mac-address mac-address { all Query MAC addresses.
| dynamic | static } [ interace-type interface-
number ] [ vlan vlan-id ]
Raisecom(config)#clear arp Clear the ARP address table.
Raisecom(config-port)#clear loopback-detection Clear statistics on loop detection.
statistic
91
Raisecom
Command Description
Raisecom(config)#clear l2cp-process tunnel statistics Clear statistics on L2CP packets on
interface-type interface-number the interface.

5.14.1 Example for configuring MAC address table
As shown in Figure 5-9, the switch is connected upstream to the IP network through Client
interface 1 on the RAX711-C to make PC 2 and PC 3 access the IP network. Configure a
static unicast MAC address on Client interface 2 for forwarding packets from the switch to
the IP network. Meanwhile, enable dynamic MAC address learning on the RAX711-C.
Configuration parameters are as below:
 MAC address of the switch : 000E.5E03.0405
 VLAN and type of Client interface 1: VLAN 10 and Access
 Aging time of dynamic MAC addresses: 500s
Figure 5-9 Configuring MAC address table
Configuration steps
Step 1 Create and activate VLAN 10. Add Client interface 1 to VLAN 10.

92
Raisecom
Raisecom#config
Raisecom(config)#create vlan 10 active
Raisecom(config-client1)#switchport access vlan 10
Raisecom(config-client1)#exit
Step 2 Configure a static MAC address, which is in VLAN 10.
Raisecom(config)#mac-address static unicast 000e.5e03.0405 vlan 10 client

1
Step 3 Configure the aging time of the MAC address to 500s.
Raisecom(config)#mac-address aging-time 500

Raisecom(config)#exit
Checking results
Use the show mac-address static command to show configurations of MAC addresses.
Raisecom#show mac-address static

Mac Address Port Vlan Flags
------------------------------------------------------------------
000E.5E03.0406 client 1 10 static
5.14.2 Example for configuring VLAN and interface protection
As shown in Figure 5-10, PC 1, PC 2, and PC 5 are in VLAN 10; PC 3 and PC 4 are in VLAN
20. RAX711-C A and RAX711-C B are connected through a Trunk interface and disallow
packets of VLAN 20 to pass. Therefore, PC 3 and PC 4 cannot communicate with each other.
Enable interface protection on PC 1 and PC 2 to make them fail to communicate. However,
PC 1 and PC 2 can communicate with PC 5 respectively.

93
Raisecom
Figure 5-10 Configuring VLAN
Configuration steps
Step 1 Create and activate VLAN 10 and VLAN 20 on RAX711-C A and RAX711-C B respectively.
 Configure RAX711-C A.
RAX711-CA#config
RAX711-CA(config)#create vlan 10,20 active
 Configure RAX711-C B.
RAX711-CB#config
RAX711-CB(config)#create vlan 10,20 active
Step 2 Add Client interface 1 (Access) and Client interface 2 (Access) on RAX711-C B to VLAN 10.
Add Client interface 3 (Access) to VLAN 20. Line 1 is in Trunk mode and allows packets of
VLAN 10 to pass.
RAX711-CB(config)#interface client 1
RAX711-CB(config-client1)#switchport mode access
RAX711-CB(config-client1)#switchport access vlan 10
RAX711-CB(config-client1)#exit

94
Raisecom
RAX711-CB(config)#interface line 1
RAX711-CB(config-line1)#switchport mode trunk
RAX711-CB(config-line1)#switchport trunk allow vlan 10
RAX711-CB(config-line1)#exit
Step 3 Add Client interface 2 (Access) on RAX711-C A to VLAN 10 and Client interface 1 (Trunk)
to VLAN 20. Client interface 1 works in Trunk mode and allows packets of VLAN 10 to pass.
RAX711-CA(config)#interface client 2
RAX711-CA(config-client2)#switchport mode access
RAX711-CA(config-client2)#switchport access vlan 10
RAX711-CA(config-client2)#exit
RAX711-CA(config-client1)#switchport mode trunk
RAX711-CA(config-client1)#switchport trunk native vlan 20
RAX711-CA(config-port)#exit
RAX711-CA(config)#interface line 1
RAX711-CA(config-line1)#switchport mode trunk
RAX711-CA(config-line1)#switchport trunk allow vlan 10
RAX711-CA(config-line1)#exit
Step 4 Enable interface protection on Client interface 1 and Client interface 2 on RAX711-C B.
RAX711-CB(config-client1)#switchport protect
RAX711-CB(config-client2)#switchport protect
Checking results
Use the show vlan command to show VLAN configurations.
Take RAX711-C B for example.
RAX711-CB#show vlan
Switch Mode: --
VLAN Name State Status Priority Member-Ports
-------------------------------------------------------------------------
1 VLAN0001 active static --

95
Raisecom

10 VLAN0010 active static -- client 1 client 2
client 2
20 VLAN0020 active static --client 3
Use the show switchport interface command to show VLAN configurations on the interface.
Take RAX711-C B for example.
RAX711-CB#show switchport interface client 1

Interface: client1
Switch Mode: switch
Reject frame type: none
Administrative Mode: access
Operational Mode: access
Access Mode VLAN: 10
Administrative Access Egress VLANs:
Operational Access Egress VLANs: 10
Trunk Native Mode VLAN: 0
Administrative Trunk Allowed VLANs:
Operational Trunk Allowed VLANs:
Administrative Trunk Untagged VLANs:
Operational Trunk Untagged VLANs:
Administrative private-vlan host-association:
Administrative private-vlan mapping:
Operational private-vlan: --
Use the show switchport protect command to show configurations of interface protection.
RAX711-CB#show switchport protect

Port Protected State
Port Protected State
--------------------------
line1 disable
line2 disable
line3 disable
line4 disable
client1 enable
client2 enable
client3 enable
client4 enable
client5 disable
client6 disable
client7 disable
client8 disable

96
Raisecom
client9 disable
client10 disable
client11 disable
client12 disable
Use the ping command to learn allowable VLANs for the Trunk interface.
 If PC1 can ping through PC 5, VLAN 10 communicates properly.
 If PC 2 can ping through PC 5, VLAN 10 communicates properly.
 If PC 3 fails to ping through PC 4, VLAN 20 communicates improperly.
By executing the ping command between PC 1 and PC 2, check configurations of interface
protection.
If PC1 fails to ping through PC 2, interface protection takes effect.
5.14.3 Example for configuring basic QinQ
As shown in Figure 5-11, RAX711-C A and RAX711-C B are connected to VLAN 100 and
VLAN 200 respectively. To communicate through the ISP, Department A and Department C,
Department B and Department D should set the outer Tag to VLAN 1000. Configure Client
interface1 and Client interface 2 on RAX711-C A and RAX711-C B working in dot1q-tunnel
mode and being connected to VLAN 100 and VLAN 200. Client interface 1 is used to connect
the ISP network, which works in Trunk mode and allows double-tagged packets to pass. The
TPID is configured to 9100.

97
Raisecom
Figure 5-11 Configuring basic QinQ
Configuration steps
Step 1 Create and activate VLAN 100, VLAN 200, and VLAN 1000.
RAX711-CA#config
RAX711-CA(config)#create vlan 100,200,1000 active
RAX711-CB#config
RAX711-CB(config)#create vlan 100,200,1000 active
Step 2 Configure Client interface 1 and Client interface 2 to work in dot1q-tunnel mode. Configure
the outer TPID to 9100.

98
Raisecom
RAX711-CA(config-client1)#tpid 9100
RAX711-CA(config-client1)#switchport mode access
RAX711-CA(config-client1)#switchport access vlan 1000
RAX711-CA(config-client1)#dot1q-tunnel
RAX711-CA(config-client2)#tpid 9100
RAX711-CA(config-client2)#switchport mode trunk
RAX711-CA(config-client2)#switchport trunk native vlan 1000
RAX711-CA(config-client2)#dot1q-tunnel
RAX711-CB(config-client1)#tpid 9100
RAX711-CB(config-client1)#dot1q-tunnel
RAX711-CB(config-client2)#tpid 9100
RAX711-CB(config-client2)#switchport mode trunk
RAX711-CB(config-client2)#switchport trunk native vlan 1000
RAX711-CB(config-client2)#dot1q-tunnel
Step 3 Configure Line interface 1 to allow double-tagged packets to pass.

RAX711-CA(config)#interface line 1
RAX711-CA(config-line1)#switchport mode trunk
RAX711-CA(config-line1)#switchport trunk allowed vlan 1000
RAX711-CA(config-line1)#exit
RAX711-CB(config)#interface line 1
RAX711-CB(config-line1)#switchport mode trunk
RAX711-CB(config-line1)#switchport trunk allowed vlan 1000
RAX711-CB(config-line1)#exit

99
Raisecom
Checking results
Use the show dot1q-tunnel command to show QinQ configurations.
Take RAX711-C A for example.
RAX711-CA(config-port)#show dot1q-tunnel
Inner TPID: 0x8100
Interface QinQ Status Outer TPID on port Cos override Vlan-map-miss
drop
-------------------------------------------------------------------------
---
client1 -- 0x8100 disable disable
line1 -- 0x8100 disable disable
line2 -- 0x8100 disable disable
vsap1 -- 0x8100 disable disable
5.14.4 Example for configuring port mirroring
As shown in Figure 5-12, user network 1 is connected to the RAX711-C through Client
interface 1 and user network 2 is connected to the RAX711-C through Client interface 2. The
network administrator needs to monitor packets transmitted to and sent by user network 1
through the monitor PC, obtain anomalous data traffic, and analyze and address problems.
The monitor PC is connected to the RAX711-C through Client interface 3.
Figure 5-12 Configuring port mirroring
Configuration steps
Step 1 Create port mirroring group 1.

100
Raisecom
Raisecom#config
Raisecom(config)#mirror group 1
Step 2 Configure Client interface 3 to the monitor port.
Raisecom(config-client3)#mirror-group 1 monitor-port
Step 3 Configure Client interface 1 to the mirroring port and configure the mirroring rule to ingress.
Raisecom(config-client1)#mirror-group 1 source-port ingress
Checking results
Use the show mirror-group command to show port mirroring configurations.
Raisecom#show mirror-group
Mirror Group 1 :
Monitor Port :
client3
Source Port :
client1 : ingress
5.14.5 Examples for configuring storm control
As shown in Figure 5-13, to control the influence of the broadcast storm on RAX711-C A,
you need to deploy storm control on RAX711-C A to control broadcast packets. The storm
control threshold is configured to 2000 pps.

101
Raisecom
Figure 5-13 Configuring storm control
Configuration steps
Configure storm control on RAX711-C A.
Raisecom#config
Raisecom(config)#interface line 1
Raisecom(config-line1)#storm-filter broadcast enable
Raisecom(config-line1)#storm-control broadcast pps 2000
Raisecom(config-line2)#storm-filter broadcast enable
Raisecom(config-line2)#storm-control broadcast pps 2000
Checking results
Use the show storm-control command to show configurations of storm control.
Raisecom(config)#show storm-control interface line 1

Interface Packet-Type Filter-Status Bps(Kbps) RealBps
-------------------------------------------------------------------------
---
line1 Broadcast Enable 2000 1984
Multicast Disable 2000 1984
Dlf Disable 2000 1984
5.14.6 Example for configuring L2CP
As shown in Figure 5-14, configure L2CP on RAX711-C A and RAX711-C B to transparently
transmit L2CP packets of Customer A and Customer B through the MAN as below.
102
Raisecom
 Specify the multicast destination MAC address of them to 0100.1234.1234.

 Configure the STP packets of Customer A to pass the MAN, and discard other packets.
The type of the tunnel is MAC, with the multicast MAC address of 0100.1234.1234 and
VLAN of VLAN 1000.
 Configure the STP and LLDP packets of Customer B to pass the MAN, and discard other
packets. The type of the tunnel is MAC, with the multicast MAC address of
0100.1234.5678 and VLAN of VLAN 2000.
Figure 5-14 L2CP networking
Configuration steps
Configure RAX711-C A and RAX711-C B.
Configurations of RAX711-C A are the same as those of RAX711-C B. Take RAX711-C A
for example.
Step 1 Configure the VLAN of the carrier-side interface.
Raisecom#config
Raisecom(config)#create vlan 1000,2000 active
Raisecom(config-port)#switchport mode trunk
Raisecom(config-port)#switchport trunk allowed vlan 1000,2000
Step 2 Configure L2CP profile 1.
Raisecom(config)#l2cp-process tunnel destination-address 0100.1234.1234

Raisecom(config)#l2cp-process profile 1
Raisecom(config-l2cpproflie)#name CustomerA
Raisecom(config-l2cpproflie)#l2cp-process protocol all action drop
Raisecom(config-l2cpproflie)#l2cp-process protocol stp action tunnel
Raisecom(config-l2cpproflie)#tunnel line 1
Raisecom(config-l2cpproflie)#tunnel tunnel-type mac
Raisecom(config-l2cpproflie)#tunnel vlan 1000
Raisecom(config-l2cpproflie)#exit
Step 3 Configure L2CP profile 2.

103
Raisecom
Raisecom(config)#l2cp-process profile 2
Raisecom(config-l2cpproflie)#name CustomerB
Raisecom(config-l2cpproflie)#l2cp-process protocol all action drop
Raisecom(config-l2cpproflie)#l2cp-process protocol stp action tunnel
Raisecom(config-l2cpproflie)#l2cp-process protocol lldp action tunnel
Raisecom(config-l2cpproflie)#tunnel line 1
Raisecom(config-l2cpproflie)#tunnel tunnel-type mac
Raisecom(config-l2cpproflie)#tunnel vlan 2000
Raisecom(config-l2cpproflie)#exit
Step 4 Apply L2CP profiles.
Raisecom(config-port)#l2cp-process profile 1
Raisecom(config-port)#interface client 2
Raisecom(config-port)#l2cp-process profile 2
Checking results
Use the show l2cp-process profile command to show L2CP configurations.
Raisecom#show l2cp-process profile

Destination MAC Address for Encapsulated Packets: 0100.1234.1234
ProfileId: 1
Name: CustomerA
BpduType Mac-address l2cp-process Mac-vlan EgressPort tunneltype
-------------------------------------------------------------------------
-------------
stp 0180.C200.0000 tunnel 1000 line1 mac
dot1x 0180.C200.0003 drop 1000 line1 mac
lacp 0180.C200.0002 drop 1000 line1 mac
oam 0180.C200.0002 drop 1000 line1 mac
cdp 0100.0CCC.CCCC drop 1000 line1 mac
vtp 0100.0CCC.CCCC drop 1000 line1 mac
pvst 0100.0CCC.CCCD drop 1000 line1 mac
lldp 0180.C200.000E drop 1000 line1 mac
elmi 0180.C200.0007 drop 1000 line1 mac
udld 0100.0CCC.CCCC drop 1000 line1 mac
pagp 0100.0CCC.CCCC drop 1000 line1 mac
ProfileId: 2
Name: CustomerB
-------------------------------------------------------------------------
-------------
stp 0180.C200.0000 tunnel 2000 line1 mac
dot1x 0180.C200.0003 drop 2000 line1 mac
lacp 0180.C200.0002 drop 2000 line1 mac
oam 0180.C200.0002 drop 2000 line1 mac

104
Raisecom
cdp 0100.0CCC.CCCC drop 2000 line1 mac

vtp 0100.0CCC.CCCC drop 2000 line1 mac
pvst 0100.0CCC.CCCD drop 2000 line1 mac
lldp 0180.C200.000E tunnel 2000 line1 mac
elmi 0180.C200.0007 drop 2000 line1 mac
udld 0100.0CCC.CCCC drop 2000 line1 mac
pagp 0100.0CCC.CCCC drop 2000 line1 mac
ProfileId: 3
Name:
-------------------------------------------------------------------------
-------------
stp 0180.C200.0000 tunnel -- client1 mac
dot1x 0180.C200.0003 tunnel -- client1 mac
lacp 0180.C200.0002 tunnel -- client1 mac
oam 0180.C200.0002 peer -- client1 mac
cdp 0100.0CCC.CCCC tunnel -- client1 mac
vtp 0100.0CCC.CCCC tunnel -- client1 mac
pvst 0100.0CCC.CCCD tunnel -- client1 mac
lldp 0180.C200.000E tunnel -- client1 mac
elmi 0180.C200.0007 tunnel -- client1 mac
udld 0100.0CCC.CCCC tunnel -- client1 mac
pagp 0100.0CCC.CCCC tunnel -- client1 mac

105
Raisecom
RAX711-C (A) Configuration Guide 6 Clock synchronization
6 Clock synchronization
This chapter describes principles and configuration procedures of clock synchronization, and
 Introduction
 Configuring clock synchronization based on SyncE
 Configuring PTP-based clock synchronization
6.1 Introduction
IP-based network is the development trend of network and services. At present, there are a lot
of difficulties to be encountered for changing the traditional Time Division Multiplex (TDM)
network to IP-based PTN. One significant problem is how to traverse traditional TDM
services in IP-based Packet Transport Network (PTN).
When services (such as E1/T1) are transmitted through the traditional TDM network, clock
signals can be transmitted accurately. In addition, the receiver can recover TDM services
based on the extracted clock signals. Meanwhile, the TDM line can provide the
synchronization reference clock for some networks. Therefore, how to perform clock
synchronization is a significant for deploying the PTN.
Clock synchronization is divided into 2 modes:
 Frequency synchronization: has identical time interval.
 Phase synchronization: has identical time interval and begin time.
The harshest requirement for clock synchronization introduced by the communication
network lies in the application of clock synchronization in the wireless scenarios. Frequencies
of signals in various base stations must be in a certain precision. Otherwise, base stations fail
when signals are being switched. Some wireless mechanisms adopt synchronous base station
technologies, such as Time Division-Synchronous Code Division Multiple Access (TD-
SCDMA) or Code Division Multiple Access 2000 (CDMA2000). These wireless mechanisms
have higher requirements on phase synchronization.
At present, Synchronous Ethernet (SyncE) is used to synchronize frequency of devices at the
physical layer. Synchronous Ethernet synchronize phases of devices in the network through
the clock synchronization technology based on Institute of Electrical and Electronics
Engineers (IEEE) 1588v2 protocol.

106
Raisecom
6.1.1 SyncE
Physical-layer synchronization technologies are widely used in the traditional TDM network.
Each node can extract clock signals from the physical link or the external synchronization
interface. It selects the clock source with best quality from multiple clock sources, takes it as
the local clock, and transmits it to the downstream devices. Therefore, it synchronizes clocks
of all devices to the master reference clock by locking the host.
SyncE adopted by the PTN has similar principles, as shown in Figure 6-1. iTN B selects the
clock signal with highest quality level as the clock source (the TDM device in Figure 6-1)
based on Synchronization Status Message (SSM). And then iTN B sends the received highly-
accurate clock signals through the physical-layer chip. Based on the clock data recovery
technology integrated in the physical-layer chip, iTN A recovers the clock signals from the
serial data flow and then transmits the clock signals to the clock subcard. After being
processed by the clock subcard, these clock signals are sent to other clocks through interfaces.
Therefore, upstream clocks and downstream clocks are cascaded and clock synchronization is
realized on the PTN.
Figure 6-1 Principles of SyncE
The clock synchronization mechanism of SyncE is mature and reliable. It can meet timing
interface metrics defined by International Telecommunications Union - Telecommunication
Standardization Sector (ITU-T) G.832. In addition, it cannot be influenced by network load
changes.
However, because clock signals are transmitted along the clock link, SyncE requires all paths
of the clock link to have the synchronous Ethernet feature.
6.1.2 IEEE 1588 v2 protocol (PTP)

SyncE supports frequency synchronization only. However, the IEEE 1588v2 protocol
supports both frequency synchronization and phase synchronization. Therefore, the IEEE
1588v2 protocol is widely used in the PTN and it is a development trend of clock
synchronization technology.
The IEEE 1588v2 protocol, also known as Precision Time Protocol (PTP), is used to
synchronize clocks of all nodes throughout the precision synchronous distributed network.
With the hardware and software, PTP can synchronize system clocks of network devices to
the master clock of the network. It achieves clock accuracy in the nanosecond range.
Compared with 10ms delay of PTN without being enabled with PTP, the one enabled with
PTP improves clock synchronization indexes greatly.
The RAX711-C supports working as the Transparent Clock (TC) device.
107
Raisecom
6.2 Configuring clock synchronization based on SyncE

Scenario
In the PTN, to communicate properly, the sender must put the pulse in the specified timeslot
when sending the digital pulse signal and the receiver can extract the pulse from the specified
timeslot. To realize this, you must resolve the synchronization problem.
SyncE can perform clock synchronization in the PTN. Because it does not support phase
synchronization but frequency synchronization only, SyncE is applied for the base station,
fixed network TDM relay, leased clock network relay, and wireless base stations which have
no requirement on phase synchronization, such as Global System for Mobile Communications
(GSM) and Wideband Code Division Multiple Access (WCDMA).
The RAX711-C supports selecting the optimum clock source automatically. You just need to
configure clock source properties of SyncE. In addition, the RAX711-C supports selecting the
specified clock source manually.
Prerequisite
N/A
6.2.2 Configuring clock source properties of SyncE

2 Raisecom(config)#synce enable Enable SyncE.
By default, SyncE is disabled.
3 Raisecom(config)#synce operation- Configure the working status of the SyncE.
type { auto-select | forced-freerun
| forced-holdover }
By default, it is forced freerun.
4 Raisecom(config)#synce source (Optional) configure the SSM quality level of the
{ internal | interface { clock0 | SyncE clock source.
interface-type interface-number }
priority priority [ scr-id id ]
[ quality-level level ] [ ring-
outside ]
5 Raisecom(config)#synce ssm (Optional) enable SyncE SSM quality level to
{ standard | extend | disable } participate in selection of the clock source and
[ transmit-threshold threshold ] configure the sending threshold.
6 Raisecom(config)#synce switch-mode Enable auto reverse mode of the SyncE clock source,
{ revertive [ wtr-time time ] | and configure the WTR time.
non-revertive }
By default, auto reverse mode is enabled.
7 Raisecom(config)#clock interface Configure the 2M clock mode.
clock0 mode { digital [ sa sa ] |
digital-crc [ sa sa ] | anolog }
[ shutdown-threshold quality-level
level ]
108
Raisecom
6.2.3 Choosing clock source for SyncE manually

1 Raisecom#config Enter global configuration
mode.
2 Raisecom(config)#synce manual-source { internal | Switch the clock source
interface { clock0 | interface-type interface- manually.
number } }
3 Raisecom(config)#synce forced-source { internal | Switch the clock source
interface { clock0 | interface-type interface- forcibly.
number } }
4 Raisecom(config)# synce source { internal | interface Lock out the clock source.
{ clock0 | interface-type interface-number } priority
priority lockout

1 Raisecom#show synce Show global configurations of SyncE.
2 Raisecom#show synce source Show configurations of the SyncE clock source.
3 Raisecom#show synce ssm Show information about SyncE SSM.
6.3 Configuring PTP-based clock synchronization

Scenario
SyncE supports frequency synchronization only. PTP supports both frequency
synchronization and phase synchronization. Therefore, PTP is suitable for scenarios which
have requirements on frequency synchronization and phase synchronization, such as clock
synchronization of TD-SCDMA/CDMA200 base stations.
Generally, the RAX711-C, as the TC device, can perform PTP clock synchronization with
upstream and downstream devices when PTP clock synchronization is configured globally or
on interfaces of the RAX711-C.
Prerequisite
N/A

109
Raisecom
6.3.2 Configuring PTP

2 Raisecom(config)#ptp enable Enable global PTP.
By default, global PTP is disabled.
4 Raisecom(config-port)#ptp Enable PTP on an interface.
enable
By default, PTP is disabled on all interfaces.

1 Raisecom#show ptp Show global/interface PTP configurations.

110
Raisecom
RAX711-C (A) Configuration Guide 7 Network reliability
7 Network reliability
This chapter describes principles and configuration procedures of network reliability, and
 Introduction
 Configuring ELPS
 Configuring ERPS
 Configuring link aggregation
 Configuring interface backup
 Configuring link-state tracking
7.1 Introduction
Ethernet is widely used because of its simplicity, high-efficiency and low-cost features. For a
long time, the reliability is one major factor that restricts the development of traditional
Ethernet in Telecom network. The poor reliability is related to the packet feature of carried
services and the mechanism of Ethernet.
Traffics of packet services are transmitted in burst mode, which is difficult for maintain stable
service traffic. As two significant features of Ethernet, the Statistical Time Division
Multiplexing (STDM) technology and MAC address learning mechanism improve the
utilization rate of channels and devices. However, they also bring uncertainty to service
bandwidth and service paths.
To enhance the reliability of Ethernet and to meet the requirements on the Telecom network,
you can deploy specified reliability technology in the Ethernet. Network reliability
technologies supported by the RAX711-C include link aggregation, interface backup,
Ethernet Linear Protection Switching (ELPS), Ethernet Ring Protection Switching (ERPS),
and link-state tracking.

111
Raisecom
7.1.1 ELPS
Introduction
Ethernet Linear Protection Switching (ELPS) is an end-to-end protection technology based on
Automatic Protection Switching (APS) protocol of the ITU-TG.8031 recommendation. It is
used to protect an Ethernet connection. It can be applied to various network structures, such
as the ring network.
APS packet is a kind of Connectivity Fault Management (CFM) packet. It is an APS packet
when the OpCode value in the CFM packet is configured to 0x39. The outer structure of the
APS packet is defined by the ITU-T Y.1731. Based on this, the G.8031 defines APS specific
information by using 4 bytes. Figure 7-1 shows the structure of the APS packet.
Figure 7-1 Structure of an APS packet
As shown in Figure 7-1, the MEL field is inserted with the Maintenance Entity Group (MEG)
level of the APS packet. For descriptions about the Version, OpCode, Flags, and END TLV,
see ITU-T Y.1731 and their values are listed in Figure 7-1. Table 7-1 describes fields in the
APS specific information.
Table 7-1 Values of fields in APS specific information

Field Value Description
Request/State 1111 Lockout of protection (LO) with highest The request
priority type,
indicating the
1110 Signal fail for protection (SF-P) condition
1101 Forced switch (FS) signal,
command
1011 Signal fail for working (SF-W) signal, and
status signal
1001 Signal degradation (SD) of the
protection
0111 Manual switch (MS)
line. Priorities
0110 Depreciated of these 3
signals are
0101 Wait to restore (WTR) descending.
0100 Exercise (EXER)
0010 Reverse request (RR)
0001 Do not revert (DNR)

112
Raisecom

0000 No request (NR)
Others Reserved
Protection A 0 No APS channel Four
Type protection
1 APS channel types
B 0 1+1 protection switching (with fixed identified by
bridge) value 1 or 0
1 1:1 protection switching (with fixed

bridge)
D 0 Unidirectional protection switching
1 Bidirectional protection switching
R 0 Non-revertive mode
1 Revertive mode
Requested signal 0 No signal The local
request
1 Normal service signals signals carried
2–255 Reserved by the
protection line
Bridged signal 0 No signal Signals of
bridge
1 Normal service signals connection in
2–255 Reserved the protection
line
Reserved All 0 Reserved field. This filed should be ignored when being
received.
The G.8031 defines 1+1 protection switching and 1:1 protection switching. ELPS technology
takes a simple, fast, and predictable mode to realize network resource switching, easier for
Carrier to plan network more efficiently and learn network active status.
ELPS protection switching modes

As shown in Figure 7-2, ELPS supports 1+1 and 1:1 protection switching modes.

113
Raisecom
Figure 7-2 ELPS 1+1 and 1:1 protection switching modes
1+1 protection switching: each working line is assigned with a protection line. Generally, in
the protection domain, the source end sends traffic through the working and protection lines
while the destination end receives the traffic from one line. The destination end selects the
working/protection line based on some pre-configured standard, such as the server failure
indication. Services are switched to the protection line directly when the working line fails.
 1:1 protection switching: each working line is assigned with a protection line. The source
end sends traffic through the working/protection line. Generally, the source sends traffic
through the working line. The protection line is a backup line. When the working line
fails, the source end and destination end communicate through APS protocol to switch
traffic to the protection line simultaneously. Based on whether the source end and
destination end switch traffic simultaneously, ELPS is divided into unidirectional
switching and bidirectional switching:
 Unidirectional switching: as shown in Figure 7-3, when one direction of a line fails, one
end can receive the traffic while the other end fails to receive the traffic. The end failing
to receive the traffic detects a fault and switches the traffic. And the other end does not
detect the fault and switch traffic. Therefore, both ends may receive the traffic through
different lines.
Figure 7-3 Unidirectional protection switching
 Bidirectional switching: when a line fails, even in one direction, both ends communicate
through APS protocol to switch traffic to the protection line. Therefore, both ends
receive and send the traffic through the same line.
1+1 protection switching is divided into unidirectional switching and bidirectional

switching. 1:1 protection switching supports bidirectional switching only.
ELPS provides 3 modes to detect a fault.
114
Raisecom
 Detect faults based on the physical interface status: learning link fault quickly and
switching services immediately, suitable for detecting the fault between neighbor devices
 Detect faults based on CFM: suitable for multi-device crossing detection
 Detect faults based on the physical interface and CFM: sending Trap when detecting a
fault on the physical link/CFM
The RAX711-C supports 1:1 bidirectional protection switching, 1+1 bidirectional protection
switching, and 1+1 unidirectional protection switching, and these 3 fault detection modes.
7.1.2 ERPS
Introduction
Ethernet Ring Protection Switching (ERPS) is a protection switching technology based on the
Ring Automatic Protection Switching (R-APS) protocol of the ITU-TG.8032 recommendation.
It is used in Ethernet rings. Generally, ERPS can avoid broadcast storm caused by data
loopback in Ethernet rings. When a link/device on the Ethernet ring fails, traffic can be
quickly switched to the backup link to ensure restoring services quickly.
Similar to the ELPS APS packet, R-APS packet is a CFM packet, which is defined by the
Y.1731 and G.8032. Figure 7-4 shows the structure of the R-APS packet.
Figure 7-4 Structure of a R-APS packet
Table 7-2 describes items in the R-APS specific information.
Table 7-2 Fields in the R-APS specific information

Request/State 1011 Signal fail. It is a R-APS packet which is sent by the node
that detects the link fault. It is used to identify the local SF
event.
0000 No request (NR), which is sent by the node that detects the
link fault. It is used to identify that the generated SF event
is cleared.

115
Raisecom

Others Reserved
Status RB 0 The RPL is blocked. For all non RPL Owner nodes, the
value is configured to 0.
1 The blocked RPL is released.
DNF 0 FDB refresh by be triggered.
1 The FDB refresh is not trigged.
Node ID – The MAC address of the node, which is unique.
Reserved All 0 Reserved field. This filed should be ignored when being
received.
Filtering DataBase (FDB) clearing refers to removing MAC addresses of learned

FDBs of the node.
ERPS adopts advantages of multiple ring network technologies, such as Ethernet Automatic
Protection Switching (EAPS), Resilient Packet Ring (RPR), Synchronous Digital Hierarchy
(SDH), and STP. It is the newest mature standard of the Ethernet ring protection switching
technology, providing the following functions:
 Optimizing the detection mechanism
 Detecting bidirectional faults
 Support multi-network and multi-domain structures
 Realizing 50ms protection switching performance
 Supporting multiple working modes, such as primary-to-backup and load balancing
modes
ERPS uses the control VLAN in the ring network to transmit ring network control
information. Meanwhile, combining with the topology feature of the ring network, it
discovers link fault quickly and enable the backup link to restore service fast.

116
Raisecom
Related concepts
Figure 7-5 ERPS ring network
Related concepts of ERPS are shown as below:

 Ring Protection Link (RPL): it is a link between RPL nodes. In normal status, the
interface of the link is blocked to avoid a loopback. One Ethernet ring has a RPL only.
 RPL Owner: it is a node connected to the RPL. It is specified by the user, used to
block/release the RPL interface. In normal status, it blocks the RPL interface to avoid a
loopback.
 RPL Neighbor: it is the other node connected to the RPL. It cooperates with the RPL
Owner to provide protection switching.
 Control VLAN: it is an independent VLAN channel used by ERPS to carry R-APS
packets. It is identical to the VLAN monitored in the CFM domain. In addition, the
control VLAN ID can be identical to the service VLAN ID.
Properties (level, domain name, MA name, and VLAN ID) of all CFM domains must
be identical. Otherwise, ERPS ring fails to be established.
During ERPS protection switching process, 3 timers are used.
 Guard Timer: it is used to filter outdated R-APS packets to avoid error protection
switching actions on the node. When the Guard Timer is running, received R-APS
packets will be discarded.
 WTR Timer: the WTR Timer on the RPL Owner begins to time when the working line
recovers from a fault. In addition, a WTR running signal is output during the WTR
Timer running process. Services are switched back to the working line when the WTR
Timer times out. The WTR Timer is used to avoid frequent switching caused by
unstable working line.
 Holdoff Timer: it is used to coordinate other protection switching coexisting with the
link protection. When one or more new faults are detected, the Holdoff Timer is
triggered. During the Holdoff Timer running process, the system will detect the link
status regardless of whether the fault that triggers the Holdoff Timer exists. The system
will report the fault to ERPS if it exists.

117
Raisecom
Basic protection mechanism

The G.8032 defines 5 states of the node on the Ethernet ring.
 Idle state: the normal working state without no fault
 Protection state: the state to which services are switched after a fault is detected. The
APS process is triggered by the fault detected by the Continuity Check Message (CCM)
of Ethernet Operation, Administration and OAM (OAM).
 Pending state: the state before a fault is resolved
 FS state: the state when a FS command is being applied
 MS state: the state when a FS command is being applied
To ensure the protection switching stability, the G.8032 defines a WTR timer. After the RPL
Owner receives a fault recovery signal, services cannot be switched back to the working line
after the WTR timer times out. Figure 7-6 and Figure 7-7 show the basic protection
mechanism of ERPS.
Figure 7-6 Idle status of Ethernet ring network
As shown in Figure 7-6, when the Ethernet ring network is in idle state, links have the
following features:
 All nodes are connected to form a ring.
 The ERPS protocol sends NR/RB signals continuously through the RPL Owner. The
NR/RB signal indicates that no fault is generated. The RPL is blocked to avoid a
loopback.
 Connected nodes use the OAM CCM packet to monitor links.
 When a fault is generated during on the Ethernet ring, the ERPS protocol uses the
Y.1731 SF type to trigger protection switching.

118
Raisecom
Figure 7-7 Protection state of Ethernet ring network
As shown in Figure 7-7, when a fault is detected, the system enables APS to enter the
protection state.
 After the Holdoff Timer times out, the node connected to the failed link blocks the link
and sends the SF signal to notify other nodes of the fault. As shown in Figure 7-7,
when the link between Nodes D and E fails, the Nodes D and E send the SF signal to
other nodes respectively.
 The SF signal triggers the RPL Owner to open the RPL interface and triggers all nodes
to clear the FDB. And then the link enters the protection state.
When a fault is recovered, the links performs fault recovery switching:
 Nodes connected to the failed link are stilled blocked. After the Guard Timer times out.
Nodes D and E send R-APS NR signals, which indicates no local fault request.
 When receiving the first NR signal, the RPL Owner enables the WTR timer
immediately.
 After the WTR Timer times out. The RPL Owner blocks the RPL and sends the R-APS
signal (NR/RB), which indicates no local fault request. The RPL link is blocked.
 After receiving the R-APS signal (NR/RB), other nodes refresh the FDB. The Node
sending the NR signal will stop sending the packet periodically and release the blocked
interface.
 All nodes on the link return to the idle state.
Tributary ring
The revision of the G.8032 provides the protection mechanism of Ethernet multi-ring. The
tributary ring is an attached ring of the existing ring. It is connected with other rings/network
through an interconnected node (node connecting multiple rings). The tributary ring is not
closed. And interconnected node does not belong to the tributary ring.

119
Raisecom
Figure 7-8 Tributary ring model
As shown in Figure 7-8, nodes B and C are interconnected nodes. The channel connecting the
2 interconnected nodes is called the R-APS virtual channel. The R-APS virtual channel is
used for the intersecting node on the intersecting ring.
If an intersection ring has a R-APS virtual channel, the main ring provides a virtual channel
for APS packets of the tributary ring. It means that APS packets of the tributary ring will be
transmitted to the main ring. Otherwise, the main ring does not provide a virtual channel for
ARP packets of the tributary ring and APS packets of the tributary ring are terminated at the
intersecting node.
The main ring and tributary ring are taken as 2 rings. Each ring is configured with a RPL
Owner. Protection switching of the multi-ring is similar to the one of the single ring. Each
ring processes its own fault. When a shared link fails, the main ring is switched to the
protection state while no action is performed on the tributary ring.
7.1.3 Link aggregation
Introduction
Link aggregation is a load balancing technology. With link aggregation, multiple physical
Ethernet interfaces are combined to form a logical aggregation group. Multiple physical links
in one aggregation group are taken as a logical link. Link aggregation helps share traffic
among member interfaces in an aggregation group. These aggregated links can back up data
for each other dynamically. In addition to effectively improving the reliability on links
between devices, link aggregation can help gain greater bandwidth without upgrading
hardware. For related protocols, see IEEE 802.3ad.
Among Ethernet reliability technologies, link aggregation is the most widely-used and
simplest one.
Figure 7-9 Link aggregation
As shown in Figure 7-9, RAX711-C A and RAX711-C B are connected through 2 Ethernet
physical links. You can bind these 2 links to form a logical link Aggregation 1. This logical
link has the following advantages:

120
Raisecom
 Improving link reliability: members in the link aggregation group can back up data for
each other dynamically. When a link fails, the other links can replace it to improve link
reliability effectively.
 Increasing link capacity: by binding multiple physical links, you can get greater
bandwidth without upgrading the existing device. The capacity of a physical link equals
to the sum capacity of all physical links.
 Balancing load: traffic is distributed to different members based on some algorithm, to
implement link-level load balancing.
 Optimizing network management: member interfaces in a LAG are managed as a logical
interface.
 Saving IP addresses: only one IP address is required for a LAG without configuring IP
addresses for member interfaces in the LAG.
In link aggregation, multiple Ethernet interfaces are bound to a LAG. These Ethernet
interfaces are called member interfaces and the logical interface is named as the Trunk
interface. The number of LAGs supported by devices is different. In addition, the number of
member interfaces supported by the LAG varies on the device.
The RAX711-C supports up to 11 LAGs and each LAG supports up to 8 member interfaces. A
LAG should contain 1–8 active interfaces.
LACP
Link Aggregation Control Protocol (LACP) is a protocol based on the IEEE 802.3ad. LACP
communicates with the peer through Link Aggregation Control Protocol Data Unit
(LACPDU). After being enabled with LACP, an interface notifies the peer of its system LACP
priority, system MAC address, interface LACP priority, interface ID, and operation key by
sending LACPDU to the peer.
After receiving the LACPDU, the peer compares its information with the ones received by
other interfaces to select an active interface. Therefore, both interfaces work in active mode.
Member interfaces in a LAG are in 2 states: active and standby. Active interfaces can
participate into forwarding user data while standby interfaces fails to do so. Each member
interface in a LAG has an operation key, which indicates the aggregation capability of the
member interface. The operation key is a configuration combination automatically generated
by the LAG based on configurations of the interface (including the speed, duplex mode,
Up/Down status, and basic configurations). The operation key will be re-calculated when any
item in the configuration combination changes. Member interfaces in a LAG must have the
identical operation key.
Interface status
Member interfaces in a LAG have two kinds of statuses:
 Active status: send/receive LACP packets and forward user data. This kind of interfaces
is called the LAG active interface.
 Standby status: send/receive LACP packets, but does not forward user data. This kind of
interfaces is called the LAG backup interface.
The RAX711-C supports 11 LAGs. Each LAG supports up to 8 member interfaces.
Link aggregation modes

 Manual aggregation mode

121
Raisecom
In this mode, multiple physical interfaces are added to a LAG to form a logical interface.
Links connected to the logical interface share the traffic.
 Static LACP aggregation mode
It is a mode of the LACP. In this mode, you must enable LACP in advance. The
Selection Logic of the LACP decides how to select the Trunk interface,
 Dynamic LACP aggregation mode
In this mode, you must enable LACP in advance. The system creates and deletes the
LAG and member interfaces automatically. Interfaces cannot be aggregated dynamically
unless the following requirements are met:
– Basic configurations of interfaces are identical.
– Speed and duplex configurations of interfaces are identical.
– Interfaces are connected to the same device.
– The peer interfaces meet these requirements.
The RAX711-C supports manual aggregation and static LACP aggregation modes.
Load balancing
Load balancing is a cluster technology used to enhance the capability for processing services
and ensure service reliability by sharing traffic among multiple devices/links. If an interface
meets all requirements for an active interface, the interface will be the active interface of a
LAG. Therefore, the interface can share traffic with other active ones based on the link
aggregation load balancing mode or load balancing algorithm,
The load balancing algorithm is realized by directly mapping or mapping based on the CRC
Hash value of the MAC address.
With different load balancing modes and their combination, interfaces can share traffic in a
LAG. There are 6 load balancing modes:
 Load balancing based on source MAC address
 Load balancing based on destination MAC address
 Load balancing based on XOR result of the source and destination MAC addresses
 Load balancing based on source IP address
 Load balancing based on destination IP address
 Load balancing based on XOR result of the source and destination IP addresses
Primary/Slave link aggregation

The primary/slave link aggregation refers to a LAG consisting of two member interfaces
which back up each other. One is in Active status while the other is in Standby status.
Primary/Slave link aggregation is divided into manual primary/slave link aggregation and
static LACP primary/slave link aggregation.
The RAX711-C supports manual primary/slave link aggregation and static LACP
primary/slave link aggregation.

122
Raisecom
7.1.4 Interface backup
Introduction
Interface backup refers to that two interfaces on a device work in primary/backup mode.
Under normal conditions, the primary interface transmits services while the backup interface
works as backup. When the primary interface or link fails and thus service transmission fails,
the backup interface will work. In this way, network reliability is enhanced.
In dual uplink networking, Spanning Tree Protocol (STP) is used to block the redundancy link
and implement backup. Though STP can meet users' backup requirements, it fails to meet
performance requirements. Though Rapid Spanning Tree Protocol (RSTP) is used, the
convergence is second level only. This is poor performance for the high-end Ethernet device
as the core of the carrier-grade network.
Interface backup, targeted for dual uplink networking, implements backup and fast
convergence. It is designed for the dual uplink networking application to ensure the
performance and simplify configurations.
You can achieve link redundancy by manually configuring interface backup when
STP is disabled. Interface backup and STP cannot be concurrently enabled.
Interface backup works based on an interface backup group which contains a primary
interface and a backup interface, wherein:
 The link with the primary interface is the primary link.
 The link with the backup interface is the backup link. Under normal conditions, the
primary link is in Standby status, and serves as backup.
The primary or backup interface in the interface backup group can be a physical interface or a
LAG interface.
In the interface backup group, one interface is Up while the other is Standby. At any time,
only one interface can be in forwarding status. When the forwarding interface is faulty, the
backup interface can be transit to the forwarding status to resume the link.

123
Raisecom
Principles
Figure 7-10 Principles of interface backup
As shown in Figure 7-10, Line 1 and Line 2 on iTN A are connected to their uplink devices
respectively. The interface forwarding status is as below:
 Under normal conditions, Line 1 is the primary interface while Line 2 is the backup
interface. Line 1 and its uplink device forward packets while Line 2 and its uplink device
do not forward packets.
 When Line 1 fails or the link between Line 1 and its uplink device fails, Line 2 and its
uplink device forward packets.
 When Line 1 restores normally and keeps Up for a period (restore-delay), Line 1 restores
to forwarding packets and Line 2 restores to standby status.
When a switching between the primary interface and backup interface occurs, the iTN A
sends a Trap to the NView NNM system.
By applying interface backup to different VLANs, you can make 2 interfaces forward packets
simultaneously in different VLANs. As shown in Figure 7-11, by configuring a VLAN and
adding interfaces to the VLAN, you can realize VLAN-based interface backup.

124
Raisecom
Figure 7-11 Principles of VLAN-based interface backup
In different VLANs, interface forwarding status is shown as below:

 Under normal conditions, in VLANs 1000–1500, Line 1 is the primary interface and
Line 2 is the backup interface. In VLANs 1501–2000, Line 2 is the primary interface and
Line 1 is the backup interface. Therefore, Line 1 forwards traffic of VLANs 1000–1500,
and Line 2 forwards traffics of VLANs 1501–2000.
 When Line 1 fails or the link between Line 1 and its uplink device fails, Line 2 forwards
traffic of VLANs 1000–2000.
 When Line 1 restores normally and keeps Up for a period (restore-delay), Line 1
forwards traffic of VLANs 1000–1500, and Line 2 forwards traffics of VLANs 1501–
2000.
VLAN-based interface backup can be used for load balancing. In addition, it does not depend
on configurations of the uplink device, thus facilitating operations.
7.1.5 Link-state tracking

Link-state tracking provide an interface linkage scheme to expand the range of link backup.
By monitoring the uplinks and synchronizing downlinks, the fault generated on the uplink
device can be transmitted to downlink devices to trigger switching. This helps avoid traffic
loss when downlink devices cannot sense faults of uplinks.
As shown in Figure 7-12, Line 1 of iTN A is the primary interface and Line 2 is the backup
interface. The upstream interfaces (Line 1 and Line 2) and downstream interface (Client 1)
are added to a link-state group. When upstream interfaces fail, the downstream interface is in
Down status. The downlink interface returns to Up status once one or both uplink interfaces
recover. Therefore, the uplink link status is notified to the downstream devices immediately.
Uplink interfaces work properly when the downlink interface fails.
Figure 7-12 Interface-to-interface link-state tracking

125
Raisecom
7.2 Configuring ELPS

Scenario
To make the Ethernet reliability reach telecom-grade (network self-healing time less than
50ms), you can deploy ELPS at Ethernet. ELPS is used to protect the Ethernet connection. It
is an end-to-end protection technology.
ELPS provides 3 modes to detect a fault.
switching services immediately, suitable for detecting the fault between neighbor devices.
 Detect faults based on CFM: suitable for multi-device crossing detection.
fault on the physical link/CFM.
Prerequisite
 Connect interfaces and configure physical parameters for them. Make the physical layer
Up.
 Create the management VLAN and VLANs of the working and protection interfaces.
 Configure CFM detection between devices (preparing for CFM detection mode).
7.2.2 Creating protection lines

2 Raisecom(config)#ethernet Create the ELPS protection line and configure the protection mode.
line-protection line-id
working { interface-type
The protection group is in non-revertive mode if you configure the
interface-number vlan-id non-revertive parameter.
protection interface-type  In revertive mode, when the working line recovers from a fault,
interface-number vlan-id traffic is switched from the protection line to the working line.
{ one-to-one } [ non-  In non-revertive mode, when the working line recovers from a
revertive ] protocol-vlan fault, traffic is not switched from the protection line to the
vlan-id working line.
3 Raisecom(config)#ethernet (Optional) configure a name for the ELPS protection line.
line-protection line-id
name string
4 Raisecom(config)#ethernet (Optional) configure the WTR timer. In revertive mode, when the
line-protection line-id working line recovers from a fault, traffic is not switched to the
wtr-timer wtr-timer working line unless the WTR timer times out.
By default the WTR time value is configured to 5min.
We recommend that WTR timer configurations on both

ends keep consistent. Otherwise, we cannot ensure 50ms
quick switching.
126
Raisecom

5 Raisecom(config)#ethernet (Optional) configure the HOLDOFF timer. Hold-off timer
line-protection line-id configurations on both ends should be consistent.
hold-off-timer holdoff-
timer By default, the HOLDOFF timer value is configured to 0.
If the HOLDOFF timer value is over great, it may influence

50ms switching performance. Therefore, we recommend
setting the HOLDOFF timer value to 0.
6 Raisecom(config)#ethernet (Optional) enable ELPS Trap.
line-protection trap
enable
By default, ELPS Trap is disabled.
7.2.3 Configuring ELPS fault detection modes
 Fault detection modes of the working line and protection line can be different.
However, we recommend that fault detection mode configurations of the working
line and protection line keep consistent.
 When configuring end-to-end fault detection mode for the working/protection line,
we do not recommend using the physical link detection mode if there are other
devices along the link. We recommend using the CC fault detection mode.
2 Raisecom(config)#ethernet line- Configure the fault detection mode of the working
protection line-id { working | line/protection line to failure-detect physical-link.
protection } failure-detect
physical-link By default, the fault detection mode is configured to failure-
detect physical-link.
Raisecom(config)#ethernet line- Configure the fault detection mode of the working
protection line-id { working | line/protection line to failure-detect cc.
protection } failure-detect cc
[ md md-name ] ma ma-name level This fault detection mode cannot take effect unless you
level mep local-mep-id remote- finish related configurations on CFM.
mep-id
Raisecom(config)#ethernet line- Configure the fault detection mode of the working
protection line-id { working | line/protection line to failure-detect physical-link-or-cc.
protection } failure-detect
physical-link-or-cc [ md md- In this mode, it believes that the link fails when a fault is
name ] ma ma-name level level detected on the physical link/CC.
mep local-mep-id remote-mep-id This fault detection mode cannot take effect unless you
finish related configurations on CFM.

127
Raisecom
7.2.4 (Optional) configuring ELPS switching control
By default, traffic is automatically switched to the protection line when the working
line fails. Therefore, you need to configure ELPS switching control in some special
cases.
2 Raisecom(config)#ethernet line- Lock protection switching. After this
protection line-id lockout configuration, the traffic is not switched to the
protection line even the working line fails.
3 Raisecom(config)#ethernet line- Switch the traffic from the working line to the
protection line-id force-switch protection line forcedly.
4 Raisecom(config)#ethernet line- Switch the traffic from the working line to the
protection line-id manual-switch protection line manually. Its priority is lower
than the one of forced switch and APS.
5 Raisecom(config)#ethernet line- In non-revertive mode, switch the traffic from
protection line-id manual-switch-to-work the protection line to the working line.
After you perform the MS-W operation (Traffic is switched from the protection line
back to the working line.), if a fault/recovery event occurs or if other protection group
commands, such as lockout, force-switch, or manual-switch, are executed, both ends
of the protection group may select different lines. In this case, you should use the
clear ethernet line-protection line-id end-to-end command command to delete
configured protection group command to make both ends of the protection group
select the identical line.

1 Raisecom#show ethernet line-protection Show configurations of the protection line.
[ line-id ]
2 Raisecom#show ethernet line-protection Show protection line statistics.
[ line-id ] statistics
3 Raisecom#show ethernet line-protection Show APS information.
[ line-id ] aps

128
Raisecom
7.3 Configuring ERPS

Scenario
With development of Ethernet to Telecom-grade network, voice and video multicast services
bring higher requirements on Ethernet redundant protection and fault-recovery time. The
fault-recovery time of current STP system is in second level that cannot meet requirements.
By defining different roles for nodes on a ring, ERPS can block a loopback to avoid broadcast
storm in normal condition. Therefore, the traffic can be quickly switched to the protection line
when working lines or nodes on the ring fail. This helps eliminate the loopback, perform
protection switching, and automatically recover from faults. In addition, the switching time is
shorter than 50ms.
The RAX711-C supports the single ring, intersecting ring, and tangent ring.
ERPS provides 2 modes to detect a fault:
switching services immediately, suitable for detecting the fault between neighbor devices.
 Detect faults based on CFM: suitable for unidirectional detection or multi-device
crossing detection.
fault on the physical link/CFM.
Prerequisite
 Connect interfaces and configure physical parameters for them. Make the physical layer
Up.
 Create the management VLAN and VLANs of the working and protection interfaces.
 Configure CFM detection between devices (preparing for CFM detection mode).
7.3.2 Creating ERPS protection ring
 Only one device on the protection ring can be set to the Ring Protection Link (RPL)
Owner and one device is configured to RPL Neighbor. Other devices are
configured to ring forwarding nodes.
 In actual, the tangent ring consists of 2 independent single rings. Configurations
on the tangent ring are identical to the ones on the common single ring. The
intersecting ring consists of a main ring and a tributary ring. Configurations on the
main ring are identical to the ones on the common single ring. For details about
configurations on the tributary ring, see section 7.3.3 (Optional) creating ERPS
protection tributary ring.

129
Raisecom

2 Raisecom(config)#ethernet ring-protection Create a protection ring and set the node to
ring-id east interface-type interface- the RPL Owner.
number west interface-type interface-
number node-type rpl-owner rpl { east | By default, there is no ERPS protection ring.
west } ] [ not-revertive ] [ protocol-vlan
vlan-id ] [ block-vlanlist vlan-list ]
The east and west interfaces cannot be

the same one.
Raisecom(config)#ethernet ring-protection Create a protection ring and set the node to
ring-id east interface-type interface- the RPL Neighbour.
number node-type rpl-neighbour rpl { east
| west } ] [ not-revertive ] [ protocol-
vlan vlan-id ] [ block-vlanlist vlan-
list ]
Raisecom(config)#ethernet ring-protection Create a protection line and set the node to
ring-id east interface-type interface- the protection forwarding node.
number [ not-revertive ] [ protocol-vlan
vlan-id ] [ block-vlanlist vlan-list ]
3 Raisecom(config)#ethernet ring-protection (Optional) configure a name for the
ring-id name string protection ring.
4 Raisecom(config)#ethernet ring-protection (Optional) configure the G.8032 protocol
ring-id version { 1 | 2 } version. By default, version 1 is available.
5 Raisecom(config)#ethernet ring-protection (Optional) after the ring Guard timer is
ring-id guard-time guard-timer configured, the failed node does not process
APS packets during a period. By default, the
ring Guard timer is configured to 500ms.
6 Raisecom(config)#ethernet ring-protection (Optional) configure the ring WTR timer. In
ring-id wtr-time minute revertive mode, when the working line
recovers from a fault, traffic is not switched
to the working line unless the WTR timer
times out.
By default, the ring WTR time value is
configured to 5min.
7 Raisecom(config)#ethernet ring-protection (Optional) configure the ring HOLDOFF
ring-id holdoff-time holdoff-timer timer. Hold-off timer configurations on both
ends should be consistent.
By default, the ring HOLDOFF timer value
is configured to 0.
If the ring HOLDOFF timer value is

over great, it may influence 50ms
switching performance. Therefore, we
recommend setting the ring HOLDOFF
timer value to 0.

130
Raisecom
7.3.3 (Optional) creating ERPS protection tributary ring
 Only the intersecting ring consists of a main ring and a tributary ring.
 Configurations on the main ring are identical to the ones on the single ring/tangent
ring. For details, see section 7.3.2 Creating ERPS protection ring.
 Configurations of non-intersecting nodes of the intersecting ring are identical to
the ones on the single ring/tangent ring. For details, see section 7.3.2 Creating
ERPS protection ring.
2 Raisecom(config)#ethernet ring- Create the tributary ring on the intersecting node
protection ring-id east interface-type and set the intersecting node to the RPL Owner.
interface-number west interface-type
interface-number node-type rpl-owner By default, the protocol VLAN is configured to 1.
rpl { east | west } ] [ not- Blocked VLANs range from 1 to 4094.
revertive ] [ protocol-vlan vlan-id ]
[ block-vlanlist vlan-list ]
The links between 2 intersecting nodes

belong to the main ring. Therefore, when
you configure the tributary ring on the
intersecting node, you can only configure the
west or east interface.
Raisecom(config)#ethernet ring- Create the tributary ring on the intersecting node
protection ring-id east interface-type and set the intersecting node to the RPL
interface-number west interface-type Neighbour.
interface-number node-type rpl-
neighbour rpl { east | west } ] [ not-
revertive ] [ protocol-vlan vlan-id ]
[ block-vlanlist vlan-list ]
Raisecom(config)#ethernet ring- Create the tributary ring on the intersecting node
protection ring-id east interface-type and set the intersecting node to the protection
interface-number west interface-type forwarding node.
interface-number [ not-revertive ]
[ protocol-vlan vlan-id ] [ block-
vlanlist vlan-list ]
3 Raisecom(config)#ethernet ring- (Optional) configure the tributary ring virtual
protection ring-id raps-vc { with | channel mode on the intersecting node.
without }
By default, the tributary ring virtual channel adopts
the with mode.
Transmission modes on 2 intersecting nodes

must be identical.
4 Raisecom(config)#ethernet ring- Enable the ring Propagate switch on the
protection ring-id propagate enable intersecting node.
By default, the ring Propagate switch is disabled.

131
Raisecom
7.3.4 Configuring ERPS fault detection modes

2 Raisecom(config)#ethernet Configure the ERPS fault detection mode to failure-detect
ring-protection ring-id physical-link.
{ east | west } failure-
detect physical-link By default, the ERPS fault detection mode is configured to
failure-detect physical-link.
Raisecom(config)#ethernet Configure the ERPS fault detection mode to failure-detect cc.
ring-protection ring-id
{ east | west } failure-
This ERPL fault detection mode cannot take effect unless you
detect cc [ md md-name ] ma finish related configurations on CFM.
ma-name level level mep If you configure the MD, the MA should be below the
local-mep-id remote-mep-id configured md-level.
Raisecom(config)#ethernet Configure the ERPS fault detection mode to failure-detect
ring-protection ring-id physical-link-or-cc.
{ east| west } failure-
detect physical-link-or-cc In this mode, it believes that the link fails when a fault is
[ md md-name ] ma ma-name detected on the physical link/CC.
level level mep local-mep- This ERPL fault detection mode cannot take effect unless you
id remote-mep-id finish related configurations on CFM.
If you configure the MD, the MA should be below the
configured md-level.
7.3.5 (Optional) configuring ERPS switching control
By default, traffic is automatically switched to the protection line when the working
line fails. Therefore, you need to configure ERPS switching control in some special
cases.
2 Raisecom(config)#ethernet Switch the traffic on the protection ring to the west/east
ring-protection ring-id force- interface forcedly.
switch { east | west }
 east: block the east interface.
 west: block the west interface.
3 Raisecom(config)#ethernet Switch the traffic on the protection ring to the west/east
ring-protection ring-id interface manually. Its priority is lower than the one of
manual-switch { east | west } forced switch and APS.

132
Raisecom

1 Raisecom)#show ethernet ring-protection Show ERPS protection ring configurations.
[ ring-id ]
2 Raisecom)#show ethernet ring-protection Show ERPS protection ring status.
[ ring-id ] status
3 Raisecom)#show ethernet ring-protection Show ERPS protection ring statistics.
[ ring-id ] statistics
7.4 Configuring link aggregation

Scenario
When needing to provide greater bandwidth and reliability for a link between two devices,
you can configure manual or static LACP link aggregation.
Prerequisite
 Configure physical parameters of the interface and make the physical layer Up.
 In a LAG, member interfaces that share loads must be identically configured. Otherwise,
data cannot be forwarded properly. These configurations include QoS, QinQ, VLAN,
interface properties, and MAC address learning.
– QoS: traffic policing, traffic shaping, congestion avoidance, rate limiting, SP queue,
WRR queue scheduling, WFQ queue, interface priority, and interface trust mode.
– QinQ: QinQ status on the interface, added outer VLAN tag, policies for adding outer
VLAN Tags for different inner VLAN IDs.
– VLAN: the allowed VLAN, default VLAN, and the link type (Trunk, Hybrid, and
Access) on the interface, and whether VLAN packets carry Tag.
– Interface properties: speed, duplex mode, and link Up/Down status.
– MAC address learning: MAC address learning status and MAC address limit.
7.4.2 Configuring manual link aggregation

2 Raisecom(config)#interface port-channel Enter aggregation group configuration mode.
channel-number
3 Raisecom(config-port-channelif)#mode Configure the working mode of the aggregation
manual group to manual link aggregation.

133
Raisecom

4 Raisecom(config-port-channelif)#{ max- (Optional) configure the maximum/minimum
active | min-active } links value number of active links of the LACP LAG.
threshold
By default, the maximum and minimum numbers
of active links are configured to 4 and 1
respectively.
5 Raisecom(config-port-channelif)#load- (Optional) configuring the load balancing mode
sharing mode { dst-ip | dst-mac | label of the LAG. By default, load sharing mode is
| src-dst-ip | src-dst-mac | src-ip | configured to src-dst-mac, which means
src-mac } selecting the forwarding interface according to
the OR operation result of source MAC address
and destination MAC address.
6 Raisecom(config-port-channelif)#exit Return to global configuration mode.
8 Raisecom(config-port)#port-channel Add the interface to the aggregation group.
channel-number
7.4.3 Configuring static LACP link aggregation

2 Raisecom(config)#lacp system- (Optional) configure the system LACP priority.
priority system-priority
The smaller the value is, the higher the system LACP
priority is. The end with a higher system LACP priority
is the active end. LACP selects the active interface and
standby interface based on configurations on the active
end. If the system LACP priorities are identical, select
the one with a smaller MAC address as the active end.
By default, the system LACP priority is configured to
32768.
3 Raisecom(config)#lacp timeout (Optional) configure the LACP timeout mode.
{ fast | slow }
By default, it is slow.
4 Raisecom(config)#interface port- Enter aggregation group configuration mode.
channel channel-number
5 Raisecom(config-port- Configure the working mode of the aggregation group
channelif)#mode lacp to static LACP link aggregation.
6 Raisecom(config-port- (Optional) configure the maximum/minimum number
channelif)#{ max-active | min- of active links of the LACP LAG.
active } links value threshold
By default, the maximum and minimum numbers of
active links are configured to 4 and 1 respectively.
7 Raisecom(config-port- Return to global configuration mode.
channelif)#exit

134
Raisecom

9 Raisecom(config-port)#port-channel Add the physical interface to the aggregation group.
channel-number
10 Raisecom(config-port)#lacp mode (Optional) configure the LACP mode of member
{ active | passive } interfaces. By default, the LACP mode is configured to
active. LACP connection fails if both ends of a link are
in passive mode.
11 Raisecom(config-port)#lacp port- (Optional) configure the interface LACP priority. The
priority port-priority interface LACP priority affects the selection of LACP
default interface. The smaller the number is, the higher
the priority is.
By default, the system LACP priority is configured to
32768.
12 Raisecom(config-port)#exit Return to global configuration mode.
 In a static LACP LAG, a member interface can be an active/standby one. Both the
active interface and standby interface can receive and send LACPDU. However,
the standby interface cannot forward user packets.
 The system selects a default interface based on the following conditions in order:
whether the neighbor is discovered, maximum interface rate, highest interface
LACP priority, smallest interface ID. The default interface is in active status.
Interfaces, which have the same rate, peer device, and operation key of the
operation key with the default interface, are in active status. Other interfaces are
in standby status.
7.4.4 Configuring manual backup link aggregation

channel-number
manual backup group to manual backup link aggregation.
4 Raisecom(config-port-channelif)#master- Configure the master interface of link
port interface-type interface-number aggregation.
5 Raisecom(config-port- Configure the revertive mode and delay recovery
channelif)#restore-mode { non-revertive time of the LAG.
| revertive [ restore-delay second ] }
By default, the revertive mode is configured to
non-revertive.

135
Raisecom

8 Raisecom(config-port)#port-channel Add interfaces to the LAG.
channel-number
7.4.5 Configuring static LACP backup link aggregation

2 Raisecom(config)#lacp system-priority (Optional) configure the system LACP priority.
system-priority
The smaller the value is, the higher the system
LACP priority is. The end with a higher system
LACP priority is the active end. LACP selects the
active interface and standby interface based on
configurations on the active end. If the system
LACP priorities are identical, select the one with
a smaller MAC address as the active end.
By default, the system LACP priority is
configured to 32768.
3 Raisecom(config)#lacp timeout { fast | (Optional) configure the LACP timeout mode.
slow }
channel-number
lacp [ backup ] group to static LACP backup link aggregation.
6 Raisecom(config-port-channelif)#master- Configure the master interface of link
port interface-type interface-number aggregation.
7 Raisecom(config-port- Configure the revertive mode and delay recovery
channelif)#restore-mode { non-revertive time of the LAG.
| revertive [ restore-delay second ] }
By default, the revertive mode is configured to
non-revertive.
10 Raisecom(config-port)#port-channel Add physical interfaces to the LAG.
channel-number
11 Raisecom(config-port)#lacp mode (Optional) configure the LACP mode of member
{ active | passive } interfaces. By default, the LACP mode is
configured to active. LACP connection fails if
both ends of a link are in passive mode.

136
Raisecom

12 Raisecom(config-port)#lacp port- (Optional) configure the interface LACP priority.
priority port-priority The interface LACP priority affects the selection
of LACP default interface. The smaller the
number is, the higher the priority is.
By default, the system LACP priority is
configured to 32768.

1 Raisecom#show lacp Show local system LACP interface status, identifier, interface priority,
internal management key, operation key, and interface status machine.
2 Raisecom#show lacp Show neighbor LACP information, including identifier, interface priority,
neighbor device ID, Age, operation key ID, interface ID, and interface status
machine.
3 Raisecom#show lacp Show interface LACP statistics, including total number of received LACP
statistics packets, number of received and transmitted Marker packets, number of
received and transmitted Marker Response packets, and number of error
packets.
4 Raisecom#show lacp Show local system LACP global enabling status, device ID, LACP priority,
sys-id and MAC address.
5 Raisecom#show Show whether the current system is enabled with link aggregation, link
port-channel aggregation load-sharing mode, member interfaces and currently-active
member interfaces in all current aggregation groups.
Currently active member interfaces refers to interfaces in UP status

in the aggregation group.
7.5 Configuring interface backup

Scenario
Interface backup can realize redundancy backup and fast switching of primary and backup
links, VLAN-based interface backup can realize load balancing among different interfaces.
Interface backup ensures millisecond level switching and simplifies configurations.

137
Raisecom
Prerequisite
 Create a VLAN.
 Add interfaces to the VLAN.
7.5.2 Configuring basic functions of interface backup

3 Raisecom(config-port)#port backup Configure the interface backup group.
[ vlanlist vlan-list ]
4 Raisecom(config-port)#port backup (Optional) configure the fault restoration mode
restore-mode { non-revertive | and restore-delay.
revertive [ restore-delay second ] }
By default, the fault restoration mode is
revertive, and the restore-delay is configured to
15s.
 In an interface backup group, an interface cannot concurrently be the primary

interface and backup interface.
 In a VLAN, an interface/LAG is a member of only one interface backup group.
 If you configure a LAG as a member of the interface backup group, you need to
configure the interface with the smallest interface ID in the LAG as the member of
the interface backup interface. When the member interface is in Up status, all
interfaces in the aggregation group are in Up status. When the member interface
is in Down status, all interfaces in the aggregation group are in Down status.
7.5.3 (Optional) configuring interface FS
 After FS is successfully configured, the primary and backup links will be switched.
The working link is switched to the protection link. For example, when both the
primary and backup interfaces are in Up status, if the data is being transmitted
through the primary link, data will be switched from the primary link to the backup
link after forced switch is performed.
 In the CLI, the backup interface ID is an optional parameter. If the primary
interface is configured with multiple interface backup pairs, you should input the
backup interface ID.

138
Raisecom

interface-number
3 Raisecom(config-port)#port backup interface-type Configure FS to the backup link.
backup-interface-number force-switch [ vlan
vlan-id ]

1 Raisecom#show port backup [ group ] Show status of interface backup.
7.6 Configuring link-state tracking

Scenario
When the uplink of the middle device fails and the middle device fails to inform the downlink
devices of the fault, the traffic cannot be switched to the backup line. This may cause traffic
break.
Link-state tracking is used to add the uplink interfaces and downlink interfaces of the middle
device to a link-state group. In addition, it is used to monitor the uplink interfaces.
When all uplink interfaces fail, downlink interfaces are in Down status. When one failed
uplink interface recovers from the fault, all downlink interfaces are in Up status. Therefore,
faults of the uplinks can be notified to the downlink devices in time. If downlink interfaces
fail, uplink interfaces still work properly.
Prerequisite
Connect interfaces, configure physical parameters of the interfaces, and make the physical
layer Up.
7.6.2 Configuring link-state tracking

2 Raisecom(config)#link-state-tracking Create an interface-based link-state group.
group group-number
Raisecom(config)#link-state-tracking Create an MEP-based link-state group.
group group-number upstream ma-name
ma-name cfm-mepid mep-id level level

139
Raisecom

Raisecom(config)#link-state-tracking Create an ELPS-based link-state group.
group group-number upstream elps-
8031-link line-id
type primary-interface-number
4 Raisecom(config-port)#link-state- Configure the link-state group for the interface and
tracking group group-number the interface type.
{ upstream | downstream }
5 Raisecom(config-port)#exit Enable Trap sending for the link-state group.
Raisecom(config)#link-state-tracking
group group-number trap enable
6 Raisecom(config)#link-state-tracking Configure the action taken for link-state tracking.
group group-number action { delete-
vlan vlan-id | flush-erps ring-id |
suspend-vlan vlan-id }
The action can be configured only when the
fault source is MEP or ELPS.
Raisecom(config)#interface interface- Configure the action taken for link-state tracking.
type primary-interface-number
Raisecom(config-port)#link-state-
tracking group group-number action
{ block-vlanlist vlan-list | modify-
The action can be configured only when the
pvid vlan-id }
fault source is an interface.

1 Raisecom#show link-state-tracking group Show configurations of a link-state group.
[ group-number ]

7.7.1 Example for configuring manual link aggregation
As shown in Figure 7-13, to improve the reliability of the link between RAX711-C A and
RAX711-C B, you can configure manual link aggregation on RAX711-C A and RAX711-C B.
Add Client interface 1 and Client interface 2 to a LAG to form a single logical interface. The
LAG performs load balancing according to the source MAC address.

140
Raisecom
Figure 7-13 Configuring manual link aggregation
Configuration steps
Configuration procedures for RAX711-C A and RAX711-C B are identical. In this section,
take configurations on RAX711-C A for example.
Step 1 Create a manual LAG.
Raisecom#hostname RAXA
RAXA#config
RAXA(config)#interface port-channel 1
RAXA(config-port-channel1)#mode manual
RAXA(config-port-channel1)#exit
Step 2 Add interfaces to the LAG.
RAXA(config)#interface client 1
RAXA(config-client1)#port-channel 1
RAXA(config-port)#exit
RAXA(config-client2)#exit
Step 3 Configure the load-sharing mode of the LAG.
RAXA(config-port-channel1)#load-sharing mode scr-mac
Checking results
Use the show port-channel command to show global configurations on manual link
aggregation.
RAXA#show port-channel

141
Raisecom
Group 1 information:
Mode : Manual Load-sharing mode : src-dst-mac
MinLinks: 1 Max-links : 4
UpLinks : 0 Priority-Preemptive: Disable
Member Port: client1 client2
7.7.2 Examples for configuring link-state tracking
As shown in Figure 7-14, to enhance network reliability, RAX711-C B is connected to
RAX711-C A and RAX711-C C through Link 1 and Link 2 respectively. Link 1 is the primary
line and Link 2 is the backup line. Link 2 does not forward data unless Link 1 fails.
RAX711-C A is connected upstream to the IP network in link aggregation mode. When all
uplinks of RAX711-C A fail, RAX711-C A should inform RAX711-C B of the fault to switch
the traffic to the backup line in time. Therefore, you need to deploy link-state tracking on
RAX711-C A.
Configure interface-based link-state tracking on Line interface 1 on RAX711-C A so that the
RAX711-C A will block VLAN 10 upon uplink faults.
Figure 7-14 Link-state tracking networking
Configuration steps
Step 1 Create a link-state group.
Raisecom(config)#link-state-tracking group 1

142
Raisecom
Step 2 Add uplink interfaces to the link-state group.
Raisecom(config-port)#link-state-tracking group 1 upstream
Step 3 Add the downlink interface to the link-state group.
Raisecom(config-port)#link-state-tracking group 1 downstream
Step 4 Configure the action taken for link-state tracking to blocking VLAN 10 of Line interface 1.
Raisecom(config)#link-state-tracking group 1 action block-vlan 10 line 1
Checking results
Use the show link-state-tracking group command to show configurations of the link-state
group.
Raisecom(config)#show link-state-tracking group 1

Link-state-tracking Group: 1
Trap State: disable
UpStream Type: port
UpStream PortList: line 1
Action Mode: block-vlan
Action PortList: client 1
Action Vlan List: 10
Link-state-tracking State: normal
Fault-type: port-shutdown
7.7.3 Example for configuring static LACP link aggregation
As shown in Figure 7-15, to improve the reliability of the link between RAX711-C A and
RAX711-C B, you can configure static LACP link aggregation on RAX711-C A and
RAX711-C B. Add Client 1 and Client 2 to a LAG to form a logical interface.

143
Raisecom
Figure 7-15 Configuring static LACP link aggregation
Configuration steps
Step 1 Configure the static LACP LAG on RAX711-C A, and configure RAX711-C A to the active
end.
Raisecom#hostname RAXA
RAXA#config
RAXA(config)#lacp system-priority 1000
RAXA(config-port-channel1)#mode lacp
RAXA(config-port-channel1)#exit
RAXA(config-client1)#lacp port-priority 1000
RAXA(config-client1)#lacp mode active
RAXA(config-client2)#lacp mode active
Step 2 Configure the static LACP LAG on RAX711-C B.
Raisecom#hostname RAXB
RAXB#config
RAXB(config)#interface port-channel 1
RAXB(config-port-channel1)#mode lacp
RAXB(config-port-channel1)#exit
RAXB(config)#interface client 1
RAXB(config-client1)#port-channel 1
RAXB(config-client1)#exit
RAXB(config)#interface client 2
RAXB(config-client2)#port-channel 1
RAXB(config-client2)#exit

144
Raisecom
Checking results
Use the show port-channel command on RAX711-C A to show global configurations on
static LACP link aggregation.
RAXA#show port-channel 1
Group 1 information:
Mode : Lacp Load-sharing mode : src-dst-mac
MinLinks: 1 Max-links : 8
UpLinks : 0 Priority-Preemptive: Disable
Member Port: client1 client2
Efficient Port:

145
Raisecom
RAX711-C (A) Configuration Guide 8 OAM
8 OAM
This chapter describes principles and configuration procedures of OAM, and provides related
configuration examples, including the following sections:
 Introduction
 Configuring EFM
 Configuring CFM
 Configuring SLA
 Configuring Y.1564
 Maintenance
8.1 Introduction
Initially, Ethernet is designed for LAN. Operation, Administration, and Maintenance (OAM)
is weak because of its small size and a NE-level administrative system. With continuous
development of Ethernet technology, the application scale of Ethernet in Telecom network
becomes wider and wider. Compared with LAN, the link length and network size of Telecom
network is bigger and bigger. The lack of effective management and maintenance mechanism
has seriously obstructed Ethernet technology applying to the Telecom network.
To confirm connectivity of Ethernet virtual connection, effectively detect, confirm, and locate
faults on network, measure network utilization and network performance, and provide service
according Service Level Agreement (SLA), implementing OAM on Ethernet has becoming an
inevitable developing trend.
8.1.1 EFM
Complying with IEEE 802.3ah protocol, Ethernet in the First Mile (EFM) is a link-level
Ethernet OAM technology. It provides link connectivity detection, link fault monitoring,
remote fault notification, and so on, for a link between two directly connected devices. EFM
is mainly used for Ethernet links on edges of the network accessed by users.
OAM mode and OAM discovery

The Ethernet OAM connection process is the OAM discovery phase, where an OAM entity
discovers a remote OAM entity and establishes a session with it.

146
Raisecom
In the discovery phase, a connected Ethernet OAM entity (interface enabled with OAM)
informs others of its Ethernet OAM configurations and Ethernet OAM capabilities supported
by the local node by exchanging information OAM PDU. After the OAM entity receives
parameters of the peer, it decides whether to establish OAM connection. If both ends agree on
establishment of the OAM connection, Ethernet OAM protocol will work on the link layer.
The RAX711-C can choose one of the following 2 modes to establish Ethernet OAM
connection:
 Active mode
 Passive mode
Only the OAM entity in active mode can initiate OAM connection while the OAM entity in
passive mode just waits for connection request of the active OAM entity.
After the OAM connection is established, both ends keep connected by exchanging
information OAM PDU. If an OAM entity does not receive information OAM PDU within 5s,
it believes that connection expires and connection re-establishment is required.
OAM loopback
OAM loopback occurs only after the Ethernet OAM connection is established. When
connected, the active OAM entity initiates the OAM loopback command, and the peer OAM
entity responds to the command.
When the remote OAM entity is in loopback mode, all packets but OAM PDU packets are
sent back. By observing the returned PAMPDU packets, the network administrator can judge
the link performance (including packet loss ratio, delay, and jitter).
Figure 8-1 OAM loopback
As shown in Figure 8-1, Line interface 1 on RAX711-C A works in active mode. After the
802.3ah OAM connection between RAX711-C A and RAX711-C B is established, enable
remote loopback on Client 1.
The process for OAM loopback is as below:
Step 1 RAX711-C A sends a Loopback Control OAM PDU packet with the Enable information to
RAX711-C B, and waits for response.
Step 2 After receiving the Loopback Control OAM PDU packet with the Enable information,
RAX711-C B replies the Information OAM PDU packet to RAX711-C A, and enters the
loopback state.

147
Raisecom
Step 3 After receiving the response, RAX711-C A sends a non-OAM PDU test packet to RAX711-C
B.
Step 4 After receiving a non-OAM PDU test packet, RAX711-C B sends it back to RAX711-C A.
Stop OAM loopback as below:
Step 1 If RAX711-C A needs to stop remote loopback, it sends a Loopback Control OAM PDU
packet with the Disable information to RAX711-C B.
Step 2 After receiving the Loopback Control OAM PDU packet with the Disable information,
RAX711-C B exits from loopback state and sends an Information OAM PDU packet to
RAX711-C A.
You can troubleshoot the RAX711-C through loop detection in different phases.
OAM events
Detecting Ethernet failures is difficult, especially when the physical communication works
properly while the network performance deteriorates slowly. A flag is defined in OAM PDU
packet to allow an OAM entity to transmit fault information to the peer. The flag may stand
for the following threshold events:
 Link fault: signals from the peer are lost.
 Dying gasp: an unpredictable event occurs, such as power failure.
 Critical event: an uncertain critical event occurs.
The RAX711-C does not support dying gasp and critical event detection.
In the OAM connection, an OAM entity keeps sending Information OAM PDUs. The local
OAM entity can inform the peer OAM entity of threshold events through Information OAM
PDUs. In this way, the network administrator can learn the link state and take actions
accordingly.
The network administrator monitors Ethernet OAM through the Event Notification OAM
PDU. When a link fails, the local OAM entity detects the failure, and actively sends Event
Notification OAM PDU to the peer active OAM entity to inform the following threshold
events. Therefore, the network administrator can dynamically master the network status
through the link monitoring process.
 Error frame event: the number of error frames exceeds the threshold in a time unit.
 Error frame period event: the number of error frames exceeds the threshold in a period
(specified N frames).
 Error frame second event: the number of error frames in M seconds exceeds the
threshold. The second when an errored frame is generated is called the erroed frame
second.
 Error symbol period event: the number of error symbols received in a period (monitor
window) exceeds the threshold.
If an error frame occurs in a second, the second is an error frame second.

148
Raisecom
Acquiring OAM MIB

The RAX711-C learns the status and parameters of the peer link by acquiring link
configurations/statistics on the peer through OAM.
8.1.2 CFM
To extend the Ethernet technology application in the telecom-class network, the Ethernet
needs to reach the same service level with the carrier-class transmission network.
Connectivity Fault Management (CFM) solves this problem by providing the comprehensive
OAM tools for the telecom-class Ethernet.
CFM, a network-level Ethernet OAM technology, implements end-to-end connectivity fault
detection, fault reporting, fault judgement, and fault positioning. It is used to diagnose fault
actively for Ethernet Virtual Connection (EVC), provide cost-effective network maintenance
solutions, and improve network maintenance through the fault management function.
The RAX711-C provides CFM compatible with both ITU-Y.1731 and IEEE 802.1ag
standards.
CFM consists of following components:
 MD
Maintenance Domain (MD), also called Maintenance Entity Group (MEG), is a network that
runs CFM. It defines network range of OAM management. MD has a level property, with 8
levels (level 0 to level 7). The bigger the number is, the higher the level is and the larger the
MD range is. Protocol packets in a lower-level MD will be discarded after entering a higher-
level MD. If no Maintenance association End Point (MEP) but a Maintenance association
Intermediate Point (MIP) is in a high-level MD, the protocol can traverse the higher-level MD.
However, packets in a higher-level MD can traverse lower-level MDs. In the same VLAN
range, different MDs can be adjacent, embedded, but not crossed.
As shown in Figure 8-2, MD 2 is in MD 1. Packets in MD 1 need to traverse MD 2.
Configure MD 1 to be at level 6, and MD 2 to be at level 3. Then packets in MD 1 can
traverse MD 2 and implement connectivity fault management of the whole MD 1. However,
packets in MD 2 cannot diffuse into MD 1. In actual applications, MD 2 is a server layer
while MD 1 is a client layer.
Figure 8-2 MDs at different levels
 MA

149
Raisecom
Maintenance Association (MA) is maintenance nodes collection in the MD. A MD can

configure multiple MAs, and each MA is corresponding to one Service Instance. CFM
packets can be transmitted between maintenance nodes that are in a same MA.
One service instance corresponds to one service and is mapped to a group of VLANs. VLANs
of different service instances cannot cross. Though a service instance can be mapped to
multiple VLANs, one service instance can only use a VLAN for sending or receiving OAM
packets. This VLAN is the master VLAN of the service instance.
 MEP
As shown in Figure 8-3, the MEP is an edge node of a service instance, confirming the range
and edge of the MD. MEPs can be used to send and process CFM packets. The service
instance and the MD where the MEP locates decide VLANs and levels of packets received
and sent by the MEP.
For any device that runs CFM in the network, the MEP is called local MEP. For MEPs on
other devices of the same service instance, they are called Remote Maintenance association
End Points (RMEP).
Multiple MEPs can be configured in a service instance. As for the packets, sent from the MEP
in a service instance, with the same S-VLAN TAG, priority, and C-VLAN TAG, the MEP can
receive the OAM packet sent from other MEP in a same service instance, and forward higher-
level packets.
Figure 8-3 MEP and MIP
 MIP
As shown in Figure 8-3, the MIP is the internal node of a service instance, which is
automatically created by the device. MIP cannot actively send CFM packets but can process
and response to Link Trace Message (LTM) and LoopBack Message (LBM) packets.
 MP
MEP and MIP are called Maintenance Point (MP).
CFM provides the following OAM functions:
 Fault detection (Continuity Check, CC)
The function is realized by periodically sending Continuity Check Messages (CCMs). One
MEP sends CCM and other MEPs in the same service instance can verify the RMEP status
when receiving this packet. If MEPs cannot properly receive CCMs sent by RMEPs during
150
Raisecom
3.5 CCM intervals or CCMs have errors checked by CC, it is believed that the link fails. Then
a fault Trap will be sent according to configured alarm priority.
 Fault acknowledgement (LoopBack, LB)
This function is used to verify the connectivity between two MPs through the source MEP
sending LoopBack Message (LBM) and the destination MP sending LoopBack Reply (LBR).
After checking the fault, the administrator manually confirms whether the fault occurs or not
to prevent misinformation. The source MEP sends a LBM to certain destination MP who
needs to acknowledge a fault. When receiving the LBM, the destination MP sends a LBR to
the source MEP. If the source MEP receives this LBR, it is believed that the route is reachable.
Otherwise, a connectivity fault occurs.
 Fault location (LinkTrace, LT)
The source MEP sends LinkTrace Message (LTM) to the destination MP and all MPs on the
LTM transmission route will send a LinkTrace Reply (LTR) to the source MEP. By recording
valid LTR and LTM, this function can be used to locate faults.
 Alarm Indication Signal (AIS)
This function is used to inhibit alarms when a fault is detected at the server layer (sub-layer).
When detecting a fault, the MEP (including the server MEP) sends an AIS frame to the client
MD. By transmitting ETH-AIS frames, the device can inhibit or stop an alarm on MEP (or
server MEP).
When receiving an AIS frame, the MEP must inhibit alarms for all peer MEPs regardless of
connectivity, because this frame does not include information about MEPs that are at the same
level with the failed MEP. With AIS, the device can inhibit the alarm information at client
level when the server layer (sub-layer) fails. Therefore, the network is easy for maintenance
and management.
 Ethernet lock signal (Lock, LCK)
This function is used to notify managed lock and service interruption of server layer (sub-
layer) MEPs. The data traffic is sent to a MEP that expects to receive it. This function helps
the MEP that receives ETH-LCK frame to identify a fault. It is a managed lock action for
server layer (sub-layer) MEP. Lock is an optional OAM management function. One typical
scenario for applying this function is to perform detection when services are interrupted.
In general, CFM is an end-to-end OAM technology at the server layer. It helps reduce
operation and maintenance cost. In addition, it improves the competitiveness of service
providers.
8.1.3 SLA
Service Level Agreement (SLA) is an agreement between users and a service provider about
the service quality, priority, and responsibility. It is a telecommunication service evaluating
standard negotiated by the service provider and users.
In technology, SLA is a real-time network performance detection and statistic technology,
which can collect statistics on responding time, network jitter, delay, packet loss ratio, and so
on. SLA can be used to monitor related metrics by selecting different tasks for different
applications.
Basic concepts involved in SLA are as below:
 Operation

151
Raisecom
It is a static concept. It is a point-to-point SLA network performance test task, including Layer
2 network delay/jitter test (y1731-echo/y1731-jitter).
 Test
It is a dynamic concept. It is used to describe an execution of one operation.
 Detection
It is a dynamic concept. It is used to describe a procedure for sending-receiving detection
packets in a test. According to the definition of operation, one test can contain multiple
detections (For an Echo operation, one test contains one detection only).
 Scheduling
It is a dynamic concept. It is used to describe a scheduling of one operation. One scheduling
contains multiple periodical tests.
The RAX711-C supports SLA operations based on RFC2544, with measurement indexes
including the latency, frame loss rate, and throughput. It supports measurement based on
Ethernet networking. It can work as an initiator or loopback node of the test.
8.1.4 Y.1564
Introduction
In Ethernet tests, RFC2544 measures performances of interconnected devices in extreme
conditions, and it can test only one measurement index at a time. As various Ethernet services
are deployed worldwide, the traditional RFC2544 tests cannot meet users' requirements on
Ethernet service tests, it takes a long time, and it interrupts services, which are obvious
disadvantages. ITU-T Y.1564, defined by ITU-T, by overcoming these disadvantages,
becomes a standard for configuring Ethernet services and measuring performances.
ITU-T Y.1564, also called Ethernet Service Activation Measurement (EtherSAM), is a method
for measuring activation of Ethernet services. It can verify all SLA parameters through one
single test and guarantees that the network can provide optimized QoS.
Compared with RFC2544, ITU-T Y.1564 has the following enhanced features:
 Support concurrent test of multiple services.
 Support the online test.
Raisecom Service Activation Measurement (RCSAM), developed by Raisecom on the basis
of ITU-T Y.1564, is a module used to measure whether the network meets SLA requirements.
RCSAM test types

RCSAM consists of two phases: service configuration test and service performance test. It
can guarantee that each service flow is correctly configured and transmitting the service flow
to the user is qualified.
 Service configuration test: this test is used to verify correctness of service configurations.
Before a service is activated, a test flow is generated based on features of the service and
is used to test whether network configurations meet service SLA requirements. During
test, each service must be independently tested. The service configuration test is divided
into 6 steps by the size of the test flow. Each step lasts 1s to 60s, covering rate, frame
loss rate, latency, and jitter. The size of the test flow is as below:
– 25% ×CIR
152
Raisecom
– 50% ×CIR
– 75% ×CIR
– 100% × CIR
– CIR + EIR
– CIR + 125% × EIR
 Service performance test: this test is used to measure the performance of the service and
thus guarantee the quality of the service during a long period. It supports concurrent test
of multiple services. All services during the test must be configured with the same CIR
and start test as triggered at the same time. All key indexes of each service must be
measured, such as Information Rate (IR), Frame Time Delay (FTD), Frame Delay
Variation, (FDV), and Frame Loss Rate (FLR).
RCSAM scenario
RCSAM is applied in the following three test scenarios:
 Roundtrip: as shown in Figure 8-4, the local device is enabled with Y.1564 while the
remote device is enabled with loopback. However, this scenario may not be accurate
enough because the test result will be affected by the policy of the device with the lower
device if both devices are configured with a policy.
Figure 8-4 Roundtrip test scenario
 One-way: both devices are enabled with Y.1564. The test is unidirectional. Namely, the
local device sends packets while the remote device receives packets. In this case, clock
synchronization must be considered. We recommend using IEEE 1588 to make the test
more accurate.
 Bidirectional: both devices are enabled with Y.1564. The test is targeted for EtherSAM
in each direction to locate the fault in configuration or poor performance in a direction.
At present, the RAX711-C supports the Roundtrip test only.
8.2 Configuring EFM

Scenario
Deploying EFM between directly-connected devices can effectively improve the management
and maintenance capability of Ethernet links and ensure normal operation of the network.

153
Raisecom
Prerequisite
Connect interfaces and configure physical parameters of interfaces. Make the physical layer
Up.
8.2.2 Configuring EFM basic functions

2 Raisecom(config)#oam send- (Optional) configure the OAM PDU delivery period and timeout.
period period-number
timeout time
By default, the OAM PDU delivery time is configured to 1s (the
period-number parameter is configured to 10; 10 × 100ms = 1s)
and the timeout is configured to 5s.
number
4 Raisecom(config-port)#oam Configure the working mode of EFM.
{ active | passive }
By default, the RAX711-C works in passive mode.
5 Raisecom(config-port)#oam Enable EFM OAM of the link.
enable
8.2.3 Configuring EFM active functions
EFM active functions can be configured when the RAX711-C is in active mode.
(Optional) configuring RAX711-C to initiate EFM remote loopback
 You can discover network faults in time by periodically detecting loopbacks. By

detecting loopbacks in segments, you can locate exact areas where faults occur
and you can troubleshoot these faults.
 When a link is in the loopback status, the RAX711-C returns all packets but OAM
packets received by the link to the peer. At this time, the user data packet cannot
be forwarded properly. Therefore, disable this function immediately when
detection is not required.
3 Raisecom(config-port)#oam Enable the physical interface to initiate remote loopback.
remote-loopback

154
Raisecom

4 Raisecom(config-port)#oam (Optional) configure the timeout for the physical interface
loopback timeout time to initiate remote loopback.
By default, it is 3s.
5 Raisecom(config-port)#oam (Optional) configure the retry times for the physical
loopback retry times interface to initiate remote loopback.
By default, it is 2 times.
(Optional) viewing current variable values of peer device
By getting the current variable values of the peer, you can get current link status.
IEEE 802.3 Clause 30 defines and explains supported variables and their denotation
gotten by OAM in details. The variable takes Object as the maximum unit. Each
object contains Package and Attribute. A package contains several attributes.
Attribute is the minimum unit of a variable. When an OAM variable is obtained, object,
package, branch, and leaf description of attributes are defined by Clause 30 to
describe requesting object, and the branch and leaf are followed by variable to
denote object responds variable request. The RAX711-C supports getting OAM
information and interface statistics.
Peer variable cannot be obtained unless EFM connection is established.
1 Raisecom#show oam peer oam-info [ interface-type Show OAM basic information
interface-number ] about the peer device.
Raisecom#show oam peer [ interface-type interface-
number ]
8.2.4 Configuring EFM passive functions
The passive functions of EFM can be configured regardless of the RAX711-C is in

active or passive mode.
(Optional) configuring device to respond to EFM remote loopback
The peer EFM remote loopback will not take effect until the remote loopback
response is configured on the local device.

155
Raisecom

2 Raisecom(config)#inte Enter physical layer interface configuration mode.
rface interface-type
interface-number
3 Raisecom(config- Configure the Layer 2 physical interface to ignore/respond to EFM
port)#oam loopback remote loopback sent by the peer device.
{ ignore | process }
By default, the Layer 2 physical interface ignores EFM remote loopback.
8.2.5 Configuring link monitoring and fault indication
(Optional) configuring OAM link monitoring
OAM link monitoring is used to detect and report link errors in different conditions.
When detecting a fault on a link, the RAX711-C provides the peer with the generated
time, window, and threshold, and so on, by OAM event notification packets. The peer
receives event notification and reports it to the NView NNM system through SNMP
Trap. Besides, the local device can directly report events to the NView NNM system
through SNMP Trap.
By default, the system sets default value for error generated time, window, and
threshold.
number
3 Raisecom(config-port)#oam Configure the monitor window and threshold for an error frame
errored-frame window event.
framewindow threshold
framethreshold By default, the monitor window is configured to 1s and the
threshold is configured to 1 error frame.
errored-frame-period window period event.
frameperiodwindow threshold
frameperiodthreshold By default, the monitor window is configured to 1000ms and the
threshold is configured to 1 error frame.
errored-frame-seconds seconds event.
window framesecswindow
threshold By default, the monitor window is configured to 60s and the
framesecsthreshold threshold is configured to 1s.
6 Raisecom(config-port)#oam Configure the monitor window and threshold for an error
errored-symbol-period symbol event.
window symperiodwindow
threshold By default, the monitor window is configured to 1s and the
symperiodthreshold threshold is configured to 1 error frame.

156
Raisecom
(Optional) configuring OAM fault indication

3 Raisecom(config-port)#oam notify Enable OAM notification of fault information
{ critical-event | dying-gasp | errored- and OAM link events.
frame | errored-frame-period | errored-
frame-seconds | errored-symbol-period } By default, OAM notification of all links is
enable enabled.
4 Raisecom(config-port)#oam event trap Enable OAM Trap of local OAM link events.
enable
5 Raisecom(config-port)#oam peer event Enable OAM Trap of peer OAM link events.
trap { enable | disable }

1 Raisecom#show oam [interface-type interface- Show configurations of OAM basic
number ] functions.
2 Raisecom#show oam event [interface-type Show local OAM link events.
interface-number ] [ critical ]
3 Raisecom#show oam loopback [interface-type Show configurations of OAM remote
interface-number ] loopback.
4 Raisecom#show oam notify [interface-type Show configurations of OAM notification.
interface-number ]
5 Raisecom#show oam peer oam-info [ interface- Show basic information about the OAM
type interface-number ] peer.
6 Raisecom#show oam peer event [interface-type Show information about OAM peer events.
interface-number ] [ critical ]
7 Raisecom#show oam peer link-statistic Show statistics on peer OAM link.
[interface-type interface-number ]
8 Raisecom#show oam statistics [interface-type Show OAM statistics.
interface-number ]
9 Raisecom#show oam trap [interface-type Show information about OAM Trap.
interface-number ]

157
Raisecom
8.3 Configuring CFM

Scenario
To expand application of Ethernet technologies at a Telecom-grade network, the Ethernet
must ensure the same QoS as the Telecom-grade transport network. CFM solves this problem
by providing overall OAM tools for the Telecom-grade Ethernet.
CFM can provide following OAM functions:
 Fault detection (Continuity Check, CC)
 Fault acknowledgement (LoopBack, LB)
 Fault location (LinkTrace, LT)
 Alarm Indication Signal (AIS)
 Ethernet lock signal (Lock, LCK)
 Client Signal Fail (CSF)
Prerequisite
 Connect interfaces and configure physical parameters of the interfaces. Make the
physical layer Up.
 Create a VLAN.
 Add interfaces to the VLAN.
8.3.2 Enabling CFM
 CFM fault detection and CFM fault location functions cannot take effect until the
CFM is enabled.
 To enable CFM on an interface, you need to enable global CFM in global
configuration mode and then enable CFM on the interface.
 When global CFM is disabled, it does not affect enabling/disabling EFM on the
interface.
 Ethernet LM cannot take effect unless CFM is enabled on the ingress interface of
the service packet and MEP-related interfaces.
 CFM is configured in physical layer interface configuration mode only.
2 Raisecom(config)#ethernet cfm enable Enable global CFM.
4 Raisecom(config-port)#ethernet cfm Enable CFM on the physical interface.

enable By default, it is disabled.

158
Raisecom
8.3.3 Configuring CFM basic functions

2 Raisecom(config)#ethernet cfm mode Configure the CFM working mode.
{ master | slave } By default, it is in slave mode.
3 Raisecom(config)#ethernet cfm domain Create a MD.
[ md-name domain-name ] level md-  If a MD name is assigned by the md-name
level parameter, it indicates that the MD is in 802.1ag
style. And all MAs and CCMs in the MD are in
802.1ag style.
 If a MD name is not assigned, the MD is in Y.1731
style and all MAs and CCMs in the MD are in

Y.1731 style.
 Support configuring Y.1731 and 802.1ag CFM
concurrently.
 If the MD name is specified, it must be globally
unique.
 Levels of different MDs must be different.
4 Raisecom(config)#service csi-id Create a service instance and enter service instance

level md-level configuration mode.
5 Raisecom(config-service)#service Configure the VLAN related to the MA.
vlan-list vlan-list [ primary vlan-
id ]
6 Raisecom(config-service)#service mep Configure the MEP based on the service instance.

[ up | down ] mpid mep-id Before configuring MEP, relating the service
[ interface-type interface-number ] instance to the VLAN.
Configure the MEP in physical layer interface

configuration mode.
7 Raisecom(config-service)#service Add static remote MEP of the service instance
remote-mep mep-list interface-type manually.
interface-number
802.1ag down MEP needs to manually add

the remote MEP and specify the interface. It
fails to find the remote MEP automatically.
8 Raisecom(config-service)#service Enable alarm inhibition.
suppress-alarms enable mep { mep-
list | all } By default, it is enabled.

159
Raisecom
8.3.4 Configuring fault detection

2 Raisecom(config)#ethernet cfm errors (Optional) configure the archive-hold time of error
archive-hold-time minutes CCMs.
By default, it is 100min.
3 Raisecom(config)#service csi-id level Enter service instance configuration mode.
md-level
4 Raisecom(config-service)#service cc (Optional) configure the delivery period of CCMs.

interval { 3ms | 10ms | 100ms | 1 |
10 | 60 | 600 }
5 Raisecom(config-service)#service cc Enable MEP to send CCMs.

enable mep { mep-list | all }
6 Raisecom(config-service)#service (Optional) configure the CVLAN of the MA.

cvlan vlan-id
7 Raisecom(config-service)#service (Optional) configure the priority of CFM OAM

priority priority packets.
8.3.5 Configuring fault acknowledgement

2 Raisecom(config)#service csi-id level md- Enter service instance configuration
level mode.
3 Raisecom(config-service)#ping mac-address Perform Layer 2 Ping for acknowledging
[ count count-number ] [ size size ] faults.
[ source mep-id ] [ timeout time ]
[ padding { null | null-crc | prbs | prbs- By default, 5 LBMs are sent. The TLV
crc } ] [ cos cos-value ] [ non-drop ] length of a packet is configured to 64.
The RAX711-C automatically looks for
Raisecom(config-service)#ping mep mep-id
an available source MEP.
[ ttl ttl ] [ count count-number ] [ size
size ] [ source mep-id ] [ timeout time ]
[ padding { null | null-crc | prbs | prbs-
crc } ] [ cos cos-value ] [ non-drop ]
To perform Ping MEP operation,
802.1ag down MEP needs to be
configured with the static remote
MAC address.
4 Raisecom(config-service)#ping ethernet Perform Layer 2 multicast Ping for
multicast [ size size ] [ timeout time ] acknowledging faults.
[ padding { null | null-crc | prbs | prbs-
crc } ] [ cos cos-value ] [ non-drop ]

160
Raisecom
 Before executing this command, you must ensure that global CFM is enabled.
Otherwise, the Ping operation fails.
 If there is no MEP in a service instance, Ping operation will fail because of failing
to find source MEP.
 Ping operation will fail if the specified source MEP is invalid. For example, the
specified source MEP does not exist or CFM is disabled on the interface where
the specified source MEP is.
 Ping operation will fail if the Ping operation is performed based on the specified
destination MEP ID and the MAC address of destination is not found based on the
MEP ID.
 Ping operation will fail if other users are using the specified source MEP to
perform Ping operation.
 To perform LB, you must enable global Ethernet CFM and AC-side CFM if a
service instance is associated with emulated Ethernet PW.
8.3.6 Configuring fault location

2 Raisecom(config)#service csi-id Enter service instance configuration mode.
level md-level
3 Raisecom(config- Perform Layer 2 Traceroute for locating faults.

service)#traceroute mac-address
[ ttl ttl ] [ source mep-id ]
By default, the TLV length of a packet is configured to
[ size packet-size ] 64. The RAX711-C automatically looks for an
Raisecom(config-
available source MEP.
service)#traceroute mep mep-id
[ ttl ttl ] [ source mep-id ]
[ interface-mode ] [ timeout
To perform Traceroute MEP operation, 802.1ag
time ] [ size packet-size ]
down MEP needs to be configured with the static
remote MAC address.
4 Raisecom(config-service)#exit (Optional) enable LinkTrace cache.
Raisecom(config)#ethernet cfm When LinkTrace cache is enabled, you can use the
traceroute cache enable show ethernet cfm traceroute cache command to
learn the routes discovered through the cache storage
protocol. When LinkTrace cache is disabled, the result
will be automatically erased by the traceroute
command.
By default, LinkTrace cache is disabled.
5 Raisecom(config)#ethernet cfm (Optional) configure the hold time of data in the
traceroute cache { hold-time LinkTrace cache and LinkTrace cache size.
minute | size size }
By default, the hold time is configured to 100min and
the LinkTrace cache size is configured to 100.

161
Raisecom
 Before executing this command, you must ensure that global CFM is enabled.
Otherwise, the Traceroute operation fails.
 If there is no MEP in a service instance, Traceroute operation will fail because of
failing to find source MEP.
 Traceroute operation will fail if the specified source MEP is invalid. For example,
the specified source MEP does not exist or CFM is disabled on the interface
where the specified source MEP is.
 Traceroute operation will fail if the Ping operation is performed based on the
specified destination MEP ID and the MAC address of destination is not found
based on the MEP ID.
 If the CC feature is invalid, you can ensure Layer 2 Traceroute operation works
normally by configuring static RMEP and specifying MAC address.
 Traceroute operation will fail if other users are using the specified source MEP to
perform Traceroute operation.
8.3.7 Configuring AIS
Configuring AIS on server-layer devices

[ md-name domain-name ] level md-
level

level md-level
4 Raisecom(config-service)#service ais Configure the level of the MD to which AIS is sent.

level md-level
The MD level must be higher than the service

instance level.
5 Raisecom(config-service)#service ais (Optional) configure the AIS delivery period. By
period { 1 | 60 } default, the AIS delivery period is configured to 1s.
6 Raisecom(config-service)#service ais Enable AIS delivery.
enable
By default, AIS delivery is disabled.
Configuring AIS on client-layer devices

2 Raisecom(config)#ethernet cfm domain [ md- Create a MD.
name domain-name ] level md-level

162
Raisecom

3 Raisecom(config)#service csi-id level md- Enter service instance configuration mode.
level
4 Raisecom(config-service)#service suppress- Enable alarm inhibition.

alarms enable mep { mep-list | all } By default, alarm inhibition is enabled.
8.3.8 Configuring LCK
Configuring LCK on server-layer devices

[ md-name domain-name ] level md-
level
3 Raisecom(config)#service csi-id level Enter service instance configuration mode.

md-level
4 Raisecom(config-service)#service lck Configure the level for sending the LCK packet.
level md-level [ vlan vlan-id ] The level must be higher than the service instance
level.
By default, use the level of the MIP, which is
higher than the MEP level, to send the LCK packet.
5 Raisecom(config-service)#service lck (Optional) configure the LCK packet delivery
period { 1 | 60 } period. By default, the LCK packet delivery period
is configured to 1s.
6 Raisecom(config-service)#service lck Configure the MEP to send the LCK packet.
start mep { mep-list | all }
By default, the MEP does not send the LCK packet.
Configuring LCK on client-layer devices

2 Raisecom(config)#ethernet cfm domain [ md- Create a MD.
name domain-name ] level md-level
3 Raisecom(config)#service csi-id level md- Enter service instance configuration mode.

level
4 Raisecom(config-service)#service suppress- Enable alarm inhibition.

alarms enable mep { mep-list | all } By default, alarm inhibition is enabled.

163
Raisecom
8.3.9 Configuring CSF
Configuring LCK on server-layer devices

2 Raisecom(config)#ethernet cfm Create a MD.
domain [ md-name domain-name ]
level md-level

level md-level
4 Raisecom(config-service)#service (Optional) configure the CSF packet delivery period.

csf period { 1 | 60 }
By default, the CSF packet delivery period is
configured to 1s.
5 Raisecom(config-service)#service Enable the MEP to send the LCK packet.
csf enable mpid mep-id
6 Raisecom(config-service)#service (Optional) enable CSF Trap.
csf trap enable

1 Raisecom#show cfm csf Show CSF information.
2 Raisecom#show ethernet cfm Show CFM global configurations.
3 Raisecom#show ethernet cfm ais [ level md- Show AIS information.
level ] [ source ]
802.1ag MDs do not support AIS.

4 Raisecom#show ethernet cfm domain [ level Show MD configurations.
md-level ]
5 Raisecom#show ethernet cfm errors [ level Show error CCM information.
md-level ]
6 Raisecom#show ethernet cfm lck [ level md- Show LCK information.
level ] [ source ]
802.1ag MDs do not support LCK.

7 Raisecom#show ethernet cfm local-mp Show local MEP configurations.
[ interface interface-type interface-
number ]
Raisecom#show ethernet cfm local-mp [ level
md-level ]
8 Raisecom#show ethernet cfm remote-mep Show remote MEP configurations.
[ level md-level [ service csi-id [ mpid
mep-id ] ] ]

164
Raisecom

9 Raisecom#show ethernet cfm remote-mep Show remote static MEP configurations.
static [ level md-level ]
10 Raisecom#show ethernet cfm traceroute-cache Show information about routes in the
LinkTrace cache.
8.4 Configuring SLA

Scenario
To ensure that users can get qualified network services. The Carrier and users sign a Service
Level Agreement (SLA). To effectively fulfil the SLA, the carrier needs to deploy the SLA
feature on the device to measure the network performance and takes the measurement result
as the basis for ensuring the network performance.
By selecting two detection points (source and destination RAX711-C devices), SLA
configures and schedules SLA operations on a detection point. Therefore, configurations and
network performance between these 2 detection points can be detected.
SLA gathers statistics about round-trip packet loss ratio, round-trip/unidirectional (SD/DS)
delay, jitter, throughput, and LM packet loss ratio test. In addition, it reports these data to the
upper monitoring software (such as the NView NNM system) to help analyze network
performance for getting an expected result.
When configuring SLA on the RAX711-C, note the following matters:

 Up to 16 operations can be configured and scheduled concurrently.
 Before scheduling a SLA operation, you have to establish the CFM environment.
 Do not modify the scheduling information or re-schedule the SLA operation if the
current scheduling does not stop.
 Up to 20 detection packets are available for one test and up to 5 pieces of
statistics records are shown.
Prerequisite
 When configuring Layer 2 test operations, you should deploy CFM between local and
remote devices that need to be detected. Layer 2 packets can be forwarded between local
and remote devices.
 When configuring Layer 3 test operations (icmp-echo and icmp-jitter), Layer 3 Ping
operation succeeds between local and remote devices.

165
Raisecom
8.4.2 Configuring SLA operation
Configuring basic functions of SLA test

2 Raisecom(config)#sla oper-number Configure the delay, jitter, and packet loss
{ delay-threshold | jitter-threshold | detection alarm thresholds.
loss-rate-threshold } { current |
average } [ ds | sd | two-way ] By default, they are 5000000μs, 10000000us, and
threshold 9999 (namely, 99.99%) respectively.
3 Raisecom(config)#sla oper-number Enable delay, jitter, and packet loss alarms.
{ delay-trap | jitter-trap | loss-pkt-
trap } { current | average } [ ds | sd
By default, they are disabled.
| two-way ] enable
4 Raisecom(config)#sla oper-num Configure the availability test threshold.
availability-threshold [ ds | sd | two-
way ] threshold
By default, it is 5000, namely, 50%.
5 Raisecom(config)#sla oper-num Configure the frame loss rate threshold in the
availability-flr-threshold threshold SLA availability test.
6 Raisecom(config)#sla oper-num Configure the number of CHLI availability
availability-num-consecutive-high-flr indicators in the SLA availability test.
number
7 Raisecom(config)#sla oper-num Configure the number of consecutive indicators
availability-num-consecutive-intervals in the SLA availability test.
number
8 Raisecom(config)#sla oper-num Enable availability Trap.
availability-trap [ ds | sd | two-way ]
enable
9 Raisecom(config)#sla oper-num Enable availability change Trap.
availabilitychange-trap [ ds | sd |
two-way ] enable
10 Raisecom(config)#sla private-tlv enable Configure the encapsulation private TLV of SLA
test packets.
11 Raisecom(config)#sla pkt-type { eth Configure the type of SLA test packets.
dest-mac mac-address [ cvlan vlan-id ]
[ svlan vlan-id ] | ipv4 dest-ip ip-
address [ source-ip ip-address ]
[ dest-udp-port port-id ] [ source-udp-
port port-id ] }
12 Raisecom(config)#sla alarm Enable overall SLA alarm.
{ availabilitychange | threshold }
enable

166
Raisecom
Configuring SLA test operation

2 Raisecom(config)#sla oper-num icmp dest-ipaddr ip- Create the Layer 3 SLA delay test
address [ dscp dscp-value ] [ interval period ] operation.
[ size size ]
3 Raisecom(config)#sla oper-num y1731 latency remote- Configure the Y1731 delay test
mep mep-id level level svlan vlan-id [ cvlan cvlan- operation based on the destination
id ] [ cos cos-value ] [ interval interval-num ] MEP ID.
[ size size ] dm
Raisecom(config)#sla oper-num y1731 latency remote- Configure the Y1731 delay test
mac mac-address level level svlan vlan-id [ cvlan operation based on the destination
cvlan-id ] [ cos cos-value ] [ interval interval- MAC address.
num ] [ size size ] dm
4 Raisecom(config)#sla oper-num y1731 pkt-loss Configure the Y1731 packet loss
remote-mep mep-id level level svlan svlan-id ratio test operation based on the
[ cvlan cvlan-id ] [ cos cos-value ] [ interval destination MEP ID.
interval-num ] [ size size ] [ slm ]
When you perform packet

loss ratio test operation, we
recommend specifying the
MAC address of the remote
MEP, when you use the
service remote-mep
command to configure it.
Raisecom(config)#sla oper-num y1731 pkt-loss Configure the Y1731 packet loss
remote-mac mac-address level level svlan svlan-id ratio test operation based on the
[ cvlan cvlan-id ] [ cos cos-value ] [ interval destination MAC address.
interval-num ] [ size size ] [ slm ]
5 Raisecom(config)#sla y1731 latency quick-input Quickly create an Ethernet delay
[ level level ] [ svlan vlan-id ] dm and jitter operation.
 After configuring one operation (differed by operation ID), you cannot modify or
configure it again. You need to delete the operation in advance if you need to
configure it again.
 SLA supports scheduling up to 16 operations at one time. Before you stop
scheduling the same operation, you cannot modify scheduling information or re-
schedule the operation. If you need to reschedule the operation, you need to
finish the scheduling (reach scheduling life time or stop scheduling) before
performing the next scheduling.
 During Ethernet SLA measurement, the operation performs delay and jitter
measurement in hardware mode, when you create the DOWN MEP (specify the
MD name when you configure the MD) and use the DM packet to create the
operation. The delay and jitter measurement accuracy in hardware mode is at a
microsecond level. Other modes are realized in software mode. The delay and
jitter measurement accuracy in software mode is at a millisecond level.

167
Raisecom
Configuring RFC2544-based test operation

mode.
2 Raisecom(config)#sla oper-num rfc2544 latency interface Configure RFC2544 delay
interface-type interface-number [ eth dest-mac mac- test operation based on
address ] [ cvlan vlan-id ] [ svlan vlan-id ] [ cos Ethernet.
cos ] [ pkt-size pkt-size ]
Raisecom(config)#sla oper-num rfc2544 latency interface Configure RFC2544 delay
interface-type interface-number ipv4 dest-ip ip-address test operation based on IP.
[ source-ip ip-address ] [ dest-udp-port port-id ]
[ source-udp-port port-id ] [ tc tc ] [ ttl ttl ] [ pkt-
size pkt-size ]
Raisecom(config)#sla oper-num rfc2544 latency interface Configure RFC2544 delay
interface-type interface-number [ pkt-size pkt-size ] test operation based on
interface.
3 Raisecom(config)#sla oper-num rfc2544 pkt-loss interface Configure RFC2544 packet
interface-type interface-number [ eth dest-mac mac- loss ratio test operation
address ] [ cvlan vlan-id ] [ svlan vlan-id ] [ cos based on Ethernet.
cos ] [ pkt-size pkt-size ] [ rate rate ]
Raisecom(config)#sla oper-num rfc2544 pkt-loss interface Configure RFC2544 packet
interface-type interface-number ipv4 dest-ip ip-address loss ratio test operation
[ source-ip ip-address ] [ dest-udp-port port-id ] based on IP.
[ source-udp-port port-id ] [ tc tc ] [ ttl ttl ] [ pkt-
size pkt-size ] [ rate rate ]
Raisecom(config)#sla oper-num rfc2544 pkt-loss interface Configure RFC2544 packet
interface-type interface-number [ pkt-size pkt-size ] loss ratio test operation
[ rate rate ] based on interface.
4 Raisecom(config)#sla oper-num rfc2544 throughput Configure RFC2544
interface interface-type interface-number [ eth dest-mac throughput test operation
mac-address ] [ cvlan vlan-id ] [ svlan vlan-id ] [ cos based on Ethernet.
cos ] [ pkt-size pkt-size ] [ threshold threshold ]
Raisecom(config)#sla oper-num rfc2544 throughput Configure RFC2544
interface interface-type interface-number ipv4 dest-ip throughput test operation
ip-address [ source-ip ip-address ] [ dest-udp-port based on IP.
port-id ] [ source-udp-port port-id ] [ tc tc ] [ ttl
ttl ] [ pkt-size pkt-size ] [ threshold threshold ]
Raisecom(config)#sla oper-num rfc2544 throughput Configure RFC2544
interface interface-type interface-number [ pkt-size throughput test operation
pkt-size ] [ threshold threshold ] based on interface.
8.4.3 Configuring SLA operation scheduling

mode.

168
Raisecom

2 Raisecom(config)#sla schedule [ oper-num | all ] [ life Schedule the SLA operation.
{ forever | life-time } ] [ begin ]
 The operation lifetime should not be shorter than the interval for scheduling the
SLA operation.
 The interval for scheduling the SLA operation should not be shorter than 20s.
8.4.4 Configuring maintenance window

2 Raisecom(config)#sla (Optional) start the emergency maintenance window.
maintenance { start | stop }
You can use the stop form of this command to close the
emergency maintenance window.

1 Raisecom#show sla Show configurations about SLA operations.
2 Raisecom#show sla { all | Show configurations of SLA operations.
oper-num } configuration
3 Raisecom#show sla { all | Show the last test information about an operation.
oper-num } result
4 Raisecom#show sla { all | Show configured threshold and alarm status of SLA
oper-num } threshold operations.
5 Raisecom#show sla maintenance Show the SLA maintenance window.
8.5 Configuring Y.1564

Scenario
To learn about configuration parameters and performance of Ethernet services, you can make
related configurations of Y.1564 on the RAX711-C.
On the same device, Y.1564 is exclusive with RFC2544 and Loopback.

169
Raisecom
Prerequisite
N/A
8.5.2 Configuring test task
Configuring test types of RCSAM

1 Raisecom#config Enter global
configuration mode.
2 Raisecom(config)#sla pkt-type eth dest-mac mac-address Configure the format of
[ cvlan vlan-id ] [ tpid tpid ] [ cos cos-value ] [ cfi Y.1564 global test
cfi-value ] [ svlan vlan-id ] [ tpid tpid ] [ cos cos- packets.
value ] [ cfi cfi-value ]
Raisecom(config)#sla pkt-type ipv4 dest-ip ip-address
source-ip ip-address [ dest-udp-port port-id ] [ source-
udp-port port-id ] [ tc tc ] [ svlan vlan-id ] [ ttl
ttl ]
3 Raisecom(config)#sla oper-num y1564 bandwidth enable Enable bandwidth
configuration.
4 Raisecom(config)#sla oper-num y1564 performance interface Create a Y.1564
interface-type interface-number eth dest-mac mac-address performance test
[ cvlan vlan-id ] [ tpid tpid ] [ cos cos-value ] [ cfi operation.
cfi-value ] [ svlan vlan-id ] [ tpid tpid ] [ cos cos-
value ] [ cfi cfi-value ] [ pkt-size { radom | size } ]
[ frame-pattern { null | prbs } ] bandwidth bandwidth tc
tc group-id group-id
Raisecom(config)#sla oper-num y1564 performance interface
interface-type interface-number ipv4 dest-ip ip-address
udp-port port-id ] [ svlan vlan-id ] [ nexthop-ip ip-
address ] [ smac mac-address ] [ ttl ttl ] [ pkt-size
{ radom | size } ] [ frame-pattern { null | prbs } ]
bandwidth bandwidth tc tc group-id group-id
Raisecom(config)#sla oper-num y1564 performance interface Configure the RCSAM
interface-type interface-number video | voice } dest-ip test services based on the
ip-address source-ip ip-address [ svlan vlan-id ] VLAN and CoS or based
[ nexthop-ip ip-address ] [ smac mac-address ] [ ttl on the VLAN and DSCP.
ttl ] [ frame-pattern { null | prbs } ] bandwidth
bandwidth tc tc
5 Raisecom(config)#sla oper-num y1564 throughput interface Create a Y.1564
interface-type interface-number eth dest-mac mac-address throughput test operation.
[ cvlan vlan-id ] [ tpid tpid ] [ cos cos-value ] [ cfi
cfi-value ] [ svlan vlan-id ] [ tpid tpid ] [ cos cos-
value ] [ cfi cfi-value ] [ pkt-size { radom | size } ]
[ frame-pattern { null | prbs } ] [ cir cir cbs cbs ]
[ eir eir ebs ebs ] [ mode cir [ step step ] [ eir ]
[ overload ] ] [ group-id group-id ]

170
Raisecom

Raisecom(config)#sla oper-num y1564 throughput interface
interface-type interface-number ipv4 dest-ip ip-address
udp-port port-id ] [ tc tc ] [ svlan vlan-id ] [ nexthop-
ip ip-address ] [ smac mac-address ] [ ttl ttl ] [ pkt-
size { radom | size } ] [ frame-pattern { null | prbs } ]
[ cir cir cbs cbs ] [ eir eir ebs ebs ] [ mode cir [ step
step ] [ eir ] [ overload ] ] [ group-id group-id ]
Raisecom(config)#sla oper-num y1564 performance interface
interface-type interface-number { video | voice } dest-ip
ip-address source-ip ip-address [ ttl ttl ] [ frame-
pattern { null | prbs } ] [ cir cir cbs cbs ] [ eir eir
ebs ebs ] [ mode cir [ step step ] [ eir ] [ overload ] ]
[ group-id group-id ]
6 Raisecom(config)#sla schedule group-id group-id [ life Schedule the Y.1564 test
{ life | forever } ] operation.
Raisecom(config)#sla schedule group-id group-id period
period throughput

1 Raisecom#show sla group-id group-id Show configurations of the Y.1564 test.
configuration
2 Raisecom#show sla group-id group-id result Show results of the Y.1564 test.
8.6 Maintenance
Command Description
Raisecom(config)#clear oam config Clear OAM configurations.

Raisecom(config)#clear extended-oam Clear statistics on extended OAM.

statistics interface-type interface-number
Raisecom(config)#clear ethernet cfm errors Clear error CCM records.

[ level md-level ]
Raisecom(config)#clear ethernet cfm Clear information about alarm suppression of

suppress-alarm source MEPs.
Raisecom(config)#clear ethernet cfm Clear LinkTrace cache configurations.

traceroute-cache

171
Raisecom
RAX711-C (A) Configuration Guide 9 QoS
9 QoS
This chapter describes principles and configuration procedures of QoS, and provides related
 Introduction
 Configuring priority trust and priority mapping
 Configuring traffic classification and traffic policy
 Configuring congestion avoidance
 Configuring queue shaping and queue scheduling
 Configuring rate limiting
9.1 Introduction
Generally, Internet (IPv4), which bases on the storage-and-forward mechanism, only provides
"best-effort" service for users. When the network is overloaded or congested, this service
mechanism will fail to transmit packets timely and completely.
With the ever-growing of network application, users bring different Quality of Service (QoS)
requirements on network application. Then network should distribute and schedule resources
for different network applications according to users' demands.
QoS guarantees timeliness and integrity of importance services when the network is
overloaded or congested, thus making the network run efficiently.
QoS consists of a number of traffic management technologies:
 Priority trust
 Priority mapping
 Traffic classification
 Traffic policy
 Queue scheduling
 Congestion avoidance
 Queue shaping
 Rate limiting

172
Raisecom
9.1.1 Priority trust

Priority trust refers that a packet adopts its own priority as the classification standard to
perform follow-up QoS management on the packet.
The RAX711-C supports interface-based priority trust. Priorities are divided into priorities
based on Differentiated Services Code Point (DSCP) of IP packets and priorities based on
Class of Service (CoS) of VLAN packets.
If the RAX711-C does not trust DSCP/CoS priorities carried by packets, you can configure
remarking or specify the interface priority.
9.1.2 Priority mapping

Priority mapping refers to sending packets to different queues with different local priorities
according to pre-configured mapping between external priority and local priority. Therefore,
packets in different queues can be scheduled on the egress interface.
The local priority refers to an internal priority that is assigned to packets. It is related
to the queue number on the egress interface. The bigger the value is, the more
quickly the packet is processed.
The RAX711-C supports priority mapping based on DSCP priority or IP precedence of IP
packets or CoS priority of VLAN packets.
ToS priority and DSCP priority

Figure 9-1 shows the structure of IP packet header. An 8-bit ToS field is contained in this
packet. In RFC1349, the first 3 bits of the ToS field represent the ToS priority, ranging from 0
to 7. In RFC2474, the ToS field is re-defined. The first 6 bits (0–5 bits) represent the priority
of IP packets, which is called DSCP priority, ranging from 0 to 63. The last 2 bits (6 and 7 bits)
are reserved bits. Figure 9-2 shows the structures of ToS and DSCP priorities.
Figure 9-1 Structure of IP packet header
Figure 9-2 Structures of ToS priority and DSCP priority

173
Raisecom
CoS priority
IEEE 802.1Q VLAN packets are a modification of Ethernet packets. A 4-byte 802.1Q header
is added between the source MAC address and protocol type, as shown in Figure 9-3. The
802.1Q header consists a 2-byte Tag Protocol Identifier (TPID, valuing 0x8100) filed and a 2-
byte Tag Control Information (TCI) field.
Figure 9-3 Structure of a VLAN packet
The first 3 bits of the TCI field represent the CoS priority, which ranges from 0 to 7, as shown
in Figure 9-4. CoS priority is used to ensure QoS in Layer 2 network.
Figure 9-4 Structure of CoS priority
By default, the mapping between the RAX711-C local priority and DSCP, CoS priorities is
listed in Table 9-1 and Table 9-2.
Table 9-1 Mapping between local priority and DSCP priority

Local 0 1 2 3 4 5 6 7
DSCP 0–7 8–15 16–23 24–31 32–39 40–47 48–55 56–63
Table 9-2 Mapping between local priority and CoS priority

Local 0 1 2 3 4 5 6 7
CoS 0 1 2 3 4 5 6 7
Table 9-3 Mapping between local priority and IP precedence

Local 0 1 2 3 4 5 6 7
IP 0 1 2 3 4 5 6 7
9.1.3 Traffic classification

Traffic classification is a process that recognizes specified packets according to some certain
rule. All resulting packets can be treated differently to differentiate the service implied to
users.

174
Raisecom
The RAX711-C supports classifying traffics based on ToS and DSCP priority of IP packets
and CoS priority of VLAN packets. In addition, it supports classifying traffics based on ACL
rules and VLAN IDs. Figure 9-5 displays the traffic classification process.
Figure 9-5 Traffic classification process
9.1.4 Traffic policy

After performing traffic classification on packets, you need to perform different operations on
packets of different categories. A traffic policy is formed when traffic classifiers are bound to
traffic behaviours.
Rate limiting based on traffic policy

Rate limiting refers to limiting network traffics. Rate limiting is used to control the speed of
traffic in the network. By dropping the traffic that exceeds the speed, you can control the
traffic within a reasonable range. Therefore, network resources and Carrier's benefits are
protected.
Redirection
Redirection refers that a packet is not forwarded according to the mapping between the
original destination address and the interface. Instead, the packet is redirected to a specified
interface for forwarding, realizing routing based on traffic policy.
Remarking
Remarking refers to re-configuring some priority fields for some packets, so that devices can
re-classify packets based on their own standards. In addition, downstream nodes can provide
differentiated QoS services depending on remarking information.
The RAX711-C supports performing re-remarking on the following priority fields of packets:
 DSCP priority of IP packets
 CoS priority of VLAN packets
9.1.5 Queue scheduling

Devices need to perform queue scheduling when delay-sensitive services need better QoS
services than delay-insensitive services and when the network is congested once in a while.

175
Raisecom
Queue scheduling adopts different scheduling algorithms to send packets in a queue.

Scheduling algorithms supported by the RAX711-C include Strict-Priority (SP), Weight
Round Robin (WRR), and Weight Deficit Round Robin (WDRR). All scheduling algorithms
are designed for addressing specified traffic problems. And they have different effects on
bandwidth distribution, delay, and jitter.
 SP: the device strictly schedules packets in a descending order of priority. Packets with
lower priority cannot be scheduled until packets with higher priority are scheduled, as
shown in Figure 9-6.
Figure 9-6 SP scheduling
 WRR: on the basis of scheduling packets in a polling manner according to the priority,
the device schedules packets according to the weight of the queue, as shown in Figure 9-
7.
Figure 9-7 WRR scheduling
 WDRR: on the basis of scheduling packets in a polling manner according to the priority,
the device schedules packets according to the weight of the queue. In addition, during
the scheduling, if one queue has redundant bandwidth, the device will temporarily assign
176
Raisecom
this bandwidth to another queue. During next scheduling, the assigned schedule will
return equal bandwidth to the original queue, as shown in Figure 9-8.
Figure 9-8 WDRR scheduling
9.1.6 Congestion avoidance

By monitoring utilization of network resources (queues/memory buffer), congestion
avoidance can discard packets actively when congestion occurs or when network traffic
increases. It is a traffic control mechanism that is used to resolve network overload by
adjusting network traffic.
The traditional packet loss policy uses the Tail-Drop mode to process all packets equally
without differentiating class of services. When congestion occurs, packets at the end of a
queue are discarded until congestion is resolved.
This Tail-Drop policy may cause TCP global synchronization. In TCP global synchronization,
packets of multiple TCP connections are discarded, these TCP connections enter congestion
avoidance and slow startup status simultaneously to reduce and adjust traffic. And later these
TCP connections co-occur at some time to result in traffic peak. Therefore, network traffic is
not stable, which influences the link utilization rate.
RED
The Random Early Detection (RED) technology discards packets randomly and makes
multiple TCP connection not reduce transport speed simultaneously to avoid TCP global
synchronization.
The RED algorithm configures a minimum threshold and maximum threshold for length of
each queue. In addition:
 Packets are not discarded when the queue length is smaller than the minimum threshold.
 All received packets are discarded when the queue length is greater than the maximum
threshold.
 Packets to be received are discarded randomly when the queue length is between the
minimum and maximum thresholds. Add a random number to the packet to be received
and compare the random number with the drop ratio of the current queue. If the random

177
Raisecom
number is greater than the drop ration, the packet is discarded. The greater the queue size
is, the higher the packet drop probability is.
WRED
The Weighted Random Early Detection (WRED) technology also discards packets randomly
to avoid TCP global synchronization. However, the random drop parameter generated by
WRED technology is based on the priority. WRED differentiates drop policies through the
color of packets. This helps ensure that high-priority packets have a smaller packet drop
probability. The RAX711-C can perform WRED on TCP packets by color but perform WRED
on non-TCP packets regardless of color.
The RAX711-C performs congestion avoidance based on WRED.
9.1.7 Queue shaping

When the interface speed of downstream devices is smaller than the one of upstream devices,
congestion avoidance may occur on interfaces of downstream devices. At this time, you can
configure traffic shaping on the egress interface of upstream devices to shape upstream traffic.
This helps resolve congestion problem occurs on downstream devices.
Queue shaping is a traffic control technology applied to the interface queues. It can be used to
control speed of all packets in a specified interface queue, buffer packets whose speed
exceeds the threshold, and then forward them when enough bandwidth is available. If the
packet size exceeds the buffer queue size, the packet is discarded.
9.1.8 Rate limiting

Besides rate limiting based on traffic policy, the RAX711-C also supports rate limiting based
on interface, VLAN, and interface+VLAN. Similar to rate limiting based on traffic policy, the
RAX711-C discards excess traffic.
9.2 Configuring priority trust and priority mapping

Scenario
For packets from upstream devices, you can select to trust the priorities taken by these packets.
For packets whose priorities are not trusted, you can process them with traffic classification
and traffic policy. In addition, you can modify DSCP priorities by configure interface-based
DSCP priority remarking. After configuring priority trust, the RAX711-C can perform
different operations on packets with different priorities, providing related services.
Before performing queue scheduling, you need to assign a local priority for a packet. For
packets from the upstream device, you can map the outer priorities of these packets to various
local priorities. In addition, you can directly configure local priorities for these packets based
on interfaces. And then device will perform queue scheduling on these packets basing on local
priorities.
Generally, for IP packets, you need to configure the mapping between DHCP priority and
local priority. For VLAN packets, you need to configure the mapping between CoS priority
and local priority.

178
Raisecom
Prerequisite
N/A
9.2.2 Configuring priority trust

3 Raisecom(config-port)#mls qos trust Configure the priority trusted by an interface.
{ cos | dscp | inner-cos | ipp | port-
priority } By default, the interface trusts the CoS priority.
4 Raisecom(config-port)#mls qos priority Configure the interface priority.
priority
9.2.3 Configuring mapping between DSCP priority and local

priority based on interface
2 Raisecom(config)#mls qos mapping Create the DSCP-to-local-priority (color) mapping
dscp-to-local-priority profile-id profile and enter dscp-to-pri configuration mode.
3 Raisecom(dscp-to-pri)#dscp dscp-value Configure mapping from the DSCP priority to local
to local-priority localpri-value priority (color).
[ color { green | red | yellow } ]
4 Raisecom(dscp-to-pri)#dscp dscp-value Discard packets of the specified DSCP priority
drop according to the profile from DSCP to local
priority.
5 Raisecom(dscp-to-pri)#exit Exit dscp-to-pri configuration mode.
Raisecom(config)#interface interface-
type interface-number Enter interface configuration mode.
6 Raisecom(config-port)#mls qos dscp- Apply the DSCP-to-local priority (color) mapping
to-local-priority profile-id profile to an interface.
9.2.4 Configuring mapping from CoS priority to local priority based

on interface

179
Raisecom

2 Raisecom(config)#mls qos mapping cos-to- Create the CoS-to-local priority (color)
local-priority profile-id mapping profile and enter cos-to-pri
configuration mode.
3 Raisecom(cos-to-pri)#cos cos-value to local- Configure mapping from the CoS priority
priority localpri-value [ color { green | to local priority (color).
red | yellow } ]
4 Raisecom(cos-to-pri)#cos cos-value drop Discard packets of the specified CoS
priority according to the profile from
DSCP to local priority.
5 Raisecom(cos-to-pri)#exit Exit cos-to-pri configuration mode.
Raisecom(config)#interface interface-type
interface-number Enter interface configuration mode.
6 Raisecom(config-port)#mls qos cos-to-local- Apply the CoS-to-local-priority (color)
priority profile-id [ dei enable ] mapping profile to an interface.
9.2.5 Configuring mapping from IP precedence to local priority

based on interface
2 Raisecom(config)#mls qos mapping ipp-to- Create the ipp-to-local-priority (color)
local-priority profile-id mapping profile and enter ipp-to-pri
configuration mode.
3 Raisecom(ipp-to-pri)#ipp ipp-value to local- Configure mapping from IP precedence to
priority localpri-value [ color { green | local priority (color).
red | yellow } ]
4 Raisecom(ipp-to-pri)#exit Exit ipp-to-pri configuration mode.
5 Raisecom(config-port)#mls qos ipp-to-local- Apply the ipp-to-local-priority (color)
priority profile-id mapping profile to an interface.
9.2.6 Configuring mapping from Exp to local priority

2 Raisecom(config)#mls qos mapping exp-to- Create the Exp-to-pri (color) mapping
local-priority profile-id profile and enter exp-to-pri configuration
mode.
3 Raisecom(exp-to-pri)#exp exp-value to local- Configure mapping from the Exp to local
priority localpri-value [ color { green | priority (color).
red | yellow } ]

180
Raisecom
9.2.7 Configuring DSCP priority remarking

2 Raisecom(config)#mls qos mapping dscp- Create the DSCP remarking profile and
mutation profile-id enter dscp-mutation configuration mode.
3 Raisecom(dscp-mutation)#dscp dscp-value to Remark the DSCP priority of specified
new-dscp dscp-value packets.
4 Raisecom(dscp-mutation)#exit Exit dscp-mutation configuration mode.
5 Raisecom(config-port)#mls qos dscp-mutation Apply the DSCP remarking profile to an
profile-id interface.
6 Raisecom(config-port)#mls qos default-dscp Configure the default DSCP on the
dscp-value interface.
9.2.8 Configuring CoS priority remarking

2 Raisecom(config)#mls qos mapping cos-remark Create the CoS remarking profile and enter
profile-id dscp-remark configuration mode.
3 Raisecom(cos-remark)#local-priority Configure the mapping from the local
localpri-value to cos cos-value priority to CoS priority.
4 Raisecom(cos-remark)#exit Exit cos-remark configuration mode.
5 Raisecom(config-port)#mls qos cos-remark- Enable local-priority-to-CoS mapping.
mapping { enable | disable } [ dei enable ]
6 Raisecom(config-port)#mls qos cos-remark Apply the CoS remarking profile to an
profile-id interface.
9.2.9 Configuring Exp remarking

2 Raisecom(config)#mls qos mapping local- Create the Exp-to-local-priority mapping
priority-to-exp profile-id profile and enter pri-to-exp configuration
mode.

181
Raisecom

3 Raisecom(pri-to-exp)#local-priority Configure the mapping from the local
localpri-value to exp exp-value priority to Exp.

1 Raisecom#show mls qos mapping dscp-to-local- Show information about the DSCP-to-
priority [ default | profile-id ] local-priority (color) mapping profile.
2 Raisecom#show mls qos mapping cos-to-local- Show information about the CoS-to-
priority [ default | profile-id ] local-priority (color) mapping profile.
3 Raisecom#show mls qos mapping dscp-mutation Show information about the DSCP
[ default | profile-id ] remarking profile.
4 Raisecom#show mls qos mapping cos-remark Show information about the CoS
[ default | profile-id ] remarking profile.
5 Raisecom#show mls qos mapping local-priority- Show information about the local
to-exp [ default | profile-id ] priority-to-Exp mapping profile.
6 Raisecom#show mls qos interface [ interface- Show QoS information on the interface.
type interface-number ]
7 Raisecom#show mls qos mapping ipp-to-local- Show information about the ipp-to-local-
priority [ default | profile-id ] priority (color) mapping profile.
9.3 Configuring traffic classification and traffic policy

Scenario
Traffic classification is the basis of QoS. For packets from upstream devices, you can classify
them according to ACL rules. After traffic classification, the device can provide related
operations for different packets, providing differentiated services.
After configurations, the traffic classification cannot take effect until being bound to traffic
policy. The selection of traffic policy depends on the packet status and current network load
status. In general, when a packet is sent to the network, you need to limit the speed according
to Committed Information Rate (CIR) and remark the packet according to the service feature.
Prerequisite
N/A

182
Raisecom
9.3.2 Creating and configuring traffic classification

2 Raisecom(config)#class-map class-map-name [ match- Create traffic classification and
all | match-any ] enter CMAP configuration mode.
3 Raisecom(config-cmap)#match { access-list { acl- Define rules for traffic
number | name } | cos cos-value | dscp dscp-value | classification.
exp exp-value | inner-cos cos-value | inner-vlan
vlan-id | ip precedence ipp-value | ip tos tos-
value | label label | second-label label | vlan
vlan-id
9.3.3 Creating and configuring traffic policing profile

To perform traffic policing on packets, you need to configure traffic policing profile and then
quote this profile under the traffic classification, which is bound to traffic policy.
On the traffic policing profile, you can configure traffic policing rules or perform relate
operations on specified packets based on the color.

2 Raisecom(config)#mls qos policer-profile Create the traffic policing profile and enter
policer-name [ single | hierarchy | traffic policing profile configuration mode.
aggregate ]
3 Raisecom(traffic-policer)#drop-color red (Optional) configure the device to discard
packets of the specified color.
4 Raisecom(traffic-policer)#set-cos { green (Optional) configure the mapping from packet
green-value | yellow yellow-value | red color to CoS priority.
red-value } *
5 Raisecom(traffic-policer)#set-dscp (Optional) configure the mapping from packet
{ green green-value | red red-value } * color to DHCP priority.
6 Raisecom(traffic-policer)#set-pri { green (Optional) configure the mapping from packet
green-value | red red-value } * color to local priority.
7 Raisecom(traffic-policer)#recolor (Optional) recolor the packet.
{ green-recolor red | red-recolor green }
*
QoS uses the CAR to classify and color the
packet. The downstream network can accept
the color result of the upstream network or
recolor the packet based on its classification
standard.
8 Raisecom(traffic-policer)#cir cir cbs cbs (Optional) configure rate limiting parameters.
[ ebs ebs ]

183
Raisecom
9.3.4 Creating and configuring traffic policy

Steps 5–10 are coordinate. You can select one as required.

2 Raisecom(config)#policy-map policy-map- Create a traffic policy and enter PMAP
name configuration mode.
3 Raisecom(config-pmap)#class-map class- Add the traffic classification to the traffic policy
map-name and enter CMAP configuration mode.
 The traffic classification, bound with the

traffic policy, must be based on at least
one rule. Otherwise, the binding
operation fails.
 When the traffic policy is applied to an
interface, you cannot delete the bound

traffic classification or modify its
configuration.
 One traffic classification can be applied to
multiple traffic policies.

4 Raisecom(config-pmap-c)#policer Import a traffic policing profile (policer) into the
policer-name traffic policy.
5 Raisecom(config-pmap-c)#set { cos cos- (Optional) configure packet remarking.
value | dscp dscp-value | local-
priority priority-value }
Raisecom(config-pmap-c)#set { inner-
vlan inner-vlan-id | vlan vlan-id }
6 Raisecom(config-pmap-c)#add outer-vlan (Optional) configure the VLAN ID of the added
vlan-id outer VLAN Tag.
7 Raisecom(config-pmap-c)#redirect-to (Optional) configure the redirection rule to
[ interface-type interface-number ] forward matched packets through the specified
interface.
8 Raisecom(config-pmap-c)#copy-to-mirror (Optional) copy the traffic to the mirroring
group-id monitoring group.
9 Raisecom(config-pmap-c)#forward-to-cpu (Optional) forward traffic to the CPU.
10 Raisecom(config-pmap-c)#statistics (Optional) enable traffic statistics.
enable
11 Raisecom(config-pmap-c)#exit Exit CMAP configuration mode.
Raisecom(config-pmap)#exit
Raisecom(config)#interface interface-
Exit PMAP configuration mode.
type interface-number Enter interface configuration mode.
12 Raisecom(config-port)#service-policy Apply the traffic policy to an interface.
{ ingress | egress } policy-map-name

184
Raisecom

1 Raisecom#show class-map [ class-map-name ] Show information about traffic
classification.
2 Raisecom#show mls qos policer [ policer-name ] Show rate limiting rules.
3 Raisecom#show policy-map [ policy-map-name ] [ class Show information about traffic
class-map-name ] policies.
4 Raisecom#show service-policy interface Show information about applied
Raisecom#show service-policy interface interface- policies.
type interface-number [ egress | ingress ]
5 Raisecom#show service-policy statistics interface Show statistics on applied traffic
interface-type interface-number { egress | ingress } policies.
[ class-map class-map-name ]
9.3.6 Maintenance
Command Description
Raisecom(config)#clear service-policy statistics interface Show traffic classification
interface-type interface-number { egress | ingress } information.
Raisecom(config)#clear service-policy statistics interface Show rate limiting rules.
interface-type interface-number { egress | ingress }
[ class-map class-map-name ]
9.4 Configuring congestion avoidance

Scenario
To avoid network congestion and to resolve TCP global synchronization, you can configure
congestion avoidance to adjust the network traffic and resolve network overload. The
RAX711-C supports WRED-based congestion avoidance.
traffic congestion may occur on interfaces of downstream devices. At this time, you can
configure queue and traffic shaping on the egress interface of upstream devices to shape
upstream traffic.
Prerequisite
N/A

185
Raisecom
9.4.2 Configuring WRED profile

2 Raisecom(config)#mls qos wred Create a WRED profile and enter WRED profile
profile profile-id configuration mode.
3 Raisecom(wred)#wred color { green Configure information about the WRED profile.
| red | yellow } start-drop-
threshold start-drop end-drop-
For non-TCP packets, it does not distinguish the color.
threshold end-drop max-drop- You need to configure the wred start-drop-threshold
probability max-drop or wred color green parameter.
9.4.3 Configuring flow profile

2 Raisecom(config)#mls qos flow- Create a WRED profile and enter flow profile
queue profile flow-profile-id configuration mode.
3 Raisecom(flow-queue)#scheduler Configure the queue scheduling policy.
{ wdrr| wrr }
By default, it is SP, namely, strict priority policy.
4 Raisecom(flow-queue)#queue queue- Configure the queue, weight, shaping, and WRED
id [ weight weight-value ] information about the flow profile. If you do not
[ shaping cir cir-value [ cbs configure the weight, queues will be scheduled by SP.
cbs-value ] pir pir-value [ pbs
pbs-value ] ] [ wred profile
profile-id ]

1 Raisecom#show mls qos wred profile [ profile- Show configurations of the WRED
list ] profile.
2 Raisecom#show mls qos flow-queue profile Show configurations of the flow profile.
flow-profile-list
3 Raisecom#show mls qos queue interface Show information about queues on the
interface-type interface-number interface.
4 Raisecom#show mls qos queue statistics Show statistics on queues on the
interface interface-type interface-number interface.

186
Raisecom
9.5 Configuring queue shaping and queue scheduling

Scenario
congestion avoidance may occur on interfaces on downstream devices. At this time, you can
configure queue and traffic shaping on the egress interface of upstream devices to shape
upstream traffic.
Prerequisite
N/A
9.5.2 Configuring queue shaping

interface-number
3 Raisecom(config-port)#mls qos shaping { ingress Configure queue shaping for queues of
| egress } pir pir-value [ pbs pbs-value ] the interface.
9.5.3 Configuring queue scheduling

interface-number
3 Raisecom(config-port)#mls qos queue queue-id Configure the maximum buffer of the
max-buffer max-buffer-value specified queue on the interface
4 Raisecom(config-port)#mls qos queue queue-id Configure queue shaping of the specified
shaping cir cir-value [ cbs cbs-value ] pir queue on the interface.
pir-value [ pbs pbs-value ]
5 Raisecom(config-port)#mls qos queue queue-id Apply the WRED profile to the specified
wred profile-id queue on the interface.
6 Raisecom(config-port)#mls qos queue Configure the queue scheduling policy.

scheduler { { { drr | wrr } [ weight1
weight2 weight3 weight4 weight5 weight6
weight7 weight8 ] } | sp }

187
Raisecom

1 Raisecom#show mls qos queue interface Show information about queues on an
interface-type interface-number interface.
2 Raisecom#show mls qos shaping interface Show information about queue shaping.
[ interface-type interface-number [ ingress |
egress ] ]
3 Raisecom#show mls qos queue statistics Show queue statistics on the interface.
interface interface-type interface-number
4 Raisecom#show mls qos queue { max-buffer | Show configurations of queues on the
shaping | wred } [ interface ] interface-type specified interface.
interface-number
9.5.5 Maintenance
Command Description
Raisecom(config)#clear mls qos queue statistics interface Clear queue statistics on an
interface-type interface-number [ queueid queue-id ] interface.
9.6 Configuring rate limiting

Scenario
To transmit specific services at a specified rate upon network congestion, you can configure
rate limting. In this case, received packets are matched with the profile to guarantee normal
transmission of specific services.
Prerequisite
Create VLANs.
9.6.2 Configuring interface-based rate limiting

2 Raisecom(config)#bandwidth-profile Create a bandwidth profile, and configure the
index cir cir cbs cbs [ color-aware ] rate limiting for forwarding packets.
Raisecom(config)#bandwidth-profile
index cir cir cbs cbs eir eir ebs ebs
[ color-aware [ coupling ] ]

188
Raisecom

3 Raisecom(config)#bandwidth-profile bwp- Configure the description of the bandwidth
index description string profile.
5 Raisecom(config-port)#bandwidth Configure the interface to quote the bandwidth
{ ingress | egress } [ vlan vlan-id ] profile.
[ cos cos-value ] bwp-index

1 Raisecom#show bandwidth interface interface-type Show information about the
interface-number interface-based bandwidth profile.
2 Raisecom#show bandwidth-profile [ index ] Show configurations of the
bandwidth profile.

9.7.1 Example for configuring rate limiting based on traffic policy
As shown in Figure 9-9, User A, User B, and User C are respectively connected to the
RAX711-C through Router A, Router B, and Router C.
User A requires voice and video services; User B requires voice, video, and data services;
User C requires video and data services.
According to users' requirements, make following rules:
 For User A, provide 25 Mbit/s bandwidth, configure the burst traffic to 100 bytes, and
discard excess traffic.
 For User B, provide 35 Mbit/s bandwidth, configure the burst traffic to 100 bytes, and
 For User C, provide 30 Mbit/s bandwidth, configure the burst traffic to 100 bytes, and

189
Raisecom
Figure 9-9 Configuring rate limiting based on traffic policy
Configuration steps
Step 1 Create and configure traffic classification.
Raisecom#config
Raisecom(config-acl-ip-std)#rule 1 permit 1.1.1.1 255.255.255.0
Raisecom(config-acl-ip-std)#exit
Raisecom(config)#class-map usera
Raisecom(config-cmap)#match access-list 1001
Raisecom(config-cmap)#exit
Raisecom(config)#class-map userb
Raisecom(config)#class-map userc
Step 2 Create traffic policing profiles and configure rate limiting rules.
Raisecom(config)#mls qos policer-profile usera single

Raisecom(traffic-policer)#cir 25000 cbs 100
Raisecom(traffic-policer)#drop-color red
Raisecom(traffic-policer)#exit

190
Raisecom
Raisecom(config)#mls qos policer-profile userb single

Raisecom(config)#mls qos policer-profile userc single
Step 3 Create and configure traffic policies.
Raisecom(config)#policy-map usera
Raisecom(config-pmap)#class-map usera
Raisecom(config-pmap-c)#policer usera
Raisecom(config-pmap-c)#exit
Raisecom(config-client1)#service-policy ingress usera
Raisecom(config)#policy-map userb
Raisecom(config-pmap)#class-map userb
Raisecom(config-pmap-c)# policer userb
Raisecom(config-client2)#service-policy ingress userb
Raisecom(config)#policy-map userc
Raisecom(config-pmap)#class-map userc
Raisecom(config-pmap-c)#policer userc
Raisecom(config-client3)#service-policy ingress userc
Checking results
Use the show class-map command to show configurations of traffic classification.
Raisecom#show class-map usera

Class Map usera (id 0) (ref 1)
Match acl 1001
Raisecom#show class-map userb
Class Map userb (id 1) (ref 1)
Match acl 1002
Raisecom#show class-map userc
Class Map userb (id 2) (ref 0)
Match acl 1003

191
Raisecom
Use the show mls qos policer command to show configurations of rate limiting rules.
Raisecom#show mls qos policer
single-policer: usera mode:flow color:blind

cir: 25000 kbps cbs: 100 kB


Use the show policy-map command to show configurations of traffic policies.
Raisecom#show policy-map usera

Policy Map usera
Class-map usera
police usera
Raisecom#show policy-map userb
Policy Map userb
Class-map userb
police userb
Raisecom#show policy-map userc
Policy Map userc
Class-map userc
police userc
9.7.2 Example for configuring queue scheduling and congestion

avoidance
As shown in Figure 9-10, User A requires voice and video services; User B requires voice,
video, and data services; User C requires video and data services.
CoS priorities for voice, video and, data services are configured with 5, 4, and 2 respectively.
And these three CoS priorities are mapped to local priorities 6, 5, and 2 respectively.
Make following rules based on service types.
 Perform SP scheduling on voice service to ensure that the traffic is first transmitted.
 Perform WRR scheduling on video service and configure the weight to 50.
 Perform WRR scheduling on data service and configure the weight to 20. In addition,
you need to configure the discarding threshold to 50 to avoid network congestion caused
by too high burst traffic.

192
Raisecom
Figure 9-10 Configuring queue scheduling and congestion avoidance
Configuration steps
Step 1 Create a WRED profile.
Raisecom#config
Raisecom(config)#mls qos wred profile 1
Raisecom(wred)#wred start-drop-threshold 50 end-drop-threshold 90 max-
drop-probability 60
Raisecom(wred)#exit
Step 2 Configure the priority trust and congestion avoidance on interfaces.
Raisecom(config)#mls qos flow-queue profile 6

Raisecom(flow-queue)#scheduler wrr
Raisecom(flow-queue)#queue 6 weight 50
Raisecom(flow-queue)#queue 3 weight 20 wred profile 1
Raisecom(flow-queue)#exit
Raisecom(config-line1)# mls qos flow-queue 6
Raisecom(config-client1)#mls qos trust cos
aisecom(config)#interface client 2
Step 3 Configure the mapping from the CoS priority and local priority.

193
Raisecom
Raisecom(config)#mls qos mapping cos-to-local-priority 1

Raisecom(cos-to-pri)#cos 5 to local-priority 6
Raisecom(cos-to-pri)#exit
Raisecom(config-client1)#mls qos cos-to-local-priority 1
Raisecom(config-client1)#interface interface client 2
Raisecom(config-client2)#interface interface client 3
Checking results
Use the show mls qos mapping cos-to-local-priority command to show mapping
configurations on specified priorities.
Raisecom#show mls qos mapping cos-to-local-priority

G:GREEN
Y:Yellow
R:RED
cos-to-localpriority(color)
Index Description CoS: 0 1 2 3 4 5 6 7
-------------------------------------------------------------------------
1 localpri(color): 0(G) 1(G) 2(G) 3(G) 5(G) 6(G) 6(G) 7(G)
Use the show mls qos command to show configurations of priority trust and queue
scheduling mode on specified interfaces.
Raisecom#show mls qos interface client 1

Interface TrustMode UntaggedPriority Cos-PriProfile Dscp-PriProfile
Dscp-Mutation Cos-Remark
-----------------------------------------------------------------------
client 1 cos 5 0 0 0
0
Use the show mls qos flow-queue command to show configurations of queue scheduling.
Raisecom#show mls qos flow-queue profile 2

CIR: Committed information rate,unit:Kbps
CBS: Committed burst size,unit:KB
PIR: Peak information rate,unit:Kbps
PBS: Peak burst size,unit:KB
ProfileIndex :2
Flow-Queue-Description :
Flow-Queue-Reference :3

194
Raisecom
Flow-Queue-Scheduler :wrr
QueueId Weight Wred CIR(Kbps) CBS(KB) PIR(Kbps) PBS(KB)
----------------------------------------------------------------
1 0 0 -- -- -- --
2 0 0 -- -- -- --
3 0 1 -- -- -- --
4 0 0 -- -- -- --
5 0 0 -- -- -- --
6 20 0 -- -- -- --
7 50 0 -- -- -- --
8 0 0 -- -- -- --
Use the show mls qos wred profile command to show WRED profile configurations.
Raisecom#show mls qos wred profile

GSDT:Green Start Drop Threshold
GEDT:Green End Drop Threshold
GDP :Green Drop Probability
YSDT:Yellow Start Drop Threshold
YEDT:Yellow End Drop Threshold
YDP :Yellow Drop Probability
RSDT:Red Start Drop Threshold
REDT:Red End Drop Threshold
RDP :Red Drop Probability
Index Description Ref GSDT GEDT GDP YSDT YEDT YDP RSDT REDT RDP
-------------------------------------------------------------------------
1 3 50 90 60 50 90 60 50 90 60
9.7.3 Example for configuring interface-based rate limiting
As shown in Figure 9-11, User A, User B, and User C are connected to the RAX711-C
through Switch A, Switch B, and Switch C.
User A requires voice and video services; User B requires voice, video, and data services;
User C requires video and data services.
According to users' requirements, make following rules:
 For User A, provide 25 Mbit/s bandwidth, configure the burst traffic to 100 Kbytes,
configure the EIR to 50 Mbit/s, and configure the EBS to 200 Kbytes.
 For User B, provide 35 Mbit/s bandwidth, configure the burst traffic to 100 Kbytes,
 For User A, provide 30 Mbit/s bandwidth, configure the burst traffic to 100 Kbytes,

195
Raisecom
Figure 9-11 Configuring interface-based rate limiting
Configuration steps
Step 1 Configure the bandwidth profile.
Raisecom#config
Raisecom(config)#bandwidth-profile 1 cir 25000 cbs 100 eir 50000 ebs 200
Step 2 Apply the bandwidth profile to the interface.
Raisecom(config-client1)#bandwidth ingress 1
Raisecom(config-client1)#interface client 2
Raisecom(config-client2)#interface client 3
Checking results
Use the show bandwidth interface command to show configurations of interface-based rate
limiting.
Raisecom#show bandwidth interface client 1

Port Direction bwp-index hv-bwp-index
Cir(kbps) Cbs(KB) Eir(kbps) Ebs(KB)
-------------------------------------------------------------------------

196
Raisecom
client1 Ingress 1 --
25000 100 50000 200
-------------------------------------------------------------------------
35000 100 70000 200
-------------------------------------------------------------------------
30000 100 60000 200
Raisecom#

197
Raisecom
RAX711-C (A) Configuration Guide 10 RSOM
10 RSOM
This chapter describes principles and configuration procedures of RSOM, and provide
 Introduction
 Configuring RSOM
 Maintenance
10.1 Introduction
Raisecom Service Oriented Management (RSOM) is based on the MEF40, and aims to
promote usability of the Ethernet, activate and manage the Ethernet PLS.
Ethernet services include Ethernet Virtual Connection (EVC) and its corresponding UNI.
Each EVC is corresponding to a service.
Figure 10-1 shows the Ethernet service networking. User network A and User network B are
connected to the carrier's network through the UNI, and they communicate through an EVC
established on the carrier's network. RSOM contains two parts of Ethernet services: service
transmission and test and measurement. When a service is created and normally transmitted, it
can be tested and measured through SLA and RCSAM.
Figure 10-1 Ethernet service networking

198
Raisecom
10.1.2 Types of Ethernet services

Types of Ethernet services are as below:
 E-Line: Ethernet Private Line (EPL) services, leased line services implemented through
point-to-point EVC
 E-LAN: Ethernet Virtual Private Local Access Network (E-LAN) services implemented
through point-to-multipoint EVC for customers in multiple positions
 E-Tree: Ethernet Private Tree (EPT) services, Ethernet point-to-multipoint services
implemented through tree point-to-multipoint EVC. One node is the root node while
others are leaf nodes. The root node can communicate with leaf nodes while leaf nodes
cannot communicate with each other.
Table 10-1 lists types of Ethernet services according to sharing of services and bandwidth.
Table 10-1 Types of Ethernet services

Type Service UNIs per Service instances Bandwidth sharing
EVC per UNI
 Dedicated UNI
E-Line Point-to-point 2 1
 Dedicated network transmission
EPL
bandwidth
 Shared UNI
Point-to-point 2 or more 1 or more
 Shared network transmission bandwidth
EVPL
by multiple customers
 Dedicated UNI
E-LAN EPLAN Multiple 1
bandwidth
 At least one shared UNI
EVPLAN Multiple 1 or more
by service instances of multiple customers

 Dedicated UNI
E-Tree EP-Tree, Multiple 1
Ethernet
Private Tree bandwidth
 At least one shared UNI
EVP-Tree Multiple 1 or more
by service instances of multiple customers
Services transmission of the Ethernet service

Based on the different profiles, services transmission of the Ethernet service matches the
packets entering the service and deal with them according to rules. The Ethernet service
supports the following profiles.
 L2CP profile: it supports configuring the protocol for matching packets and
corresponding action for processing them. It also supports configuring transparent
transmission of L2CP packets to the specified destination MAC address.
 CoS profile: it is namely the QoS profile. It is used for the bandwidth profile. It supports
configuring CoS and traffic classification rules. Packets enter the queue and are
transmitted according to traffic classification rule. Because according to different
classification rules, the rules of priority mapping are different, thus packets enter the

199
Raisecom
queue configured through Ethernet QoS to schedule according to different priority

mapping rules.
 Bandwidth profile: it supports configuring coupling function and color aware mode, and
supports configuring rate limiting rule.
Interfaces
Physical interfaces on the RAX711-C work as the UNI or NNI. The UNI is the interace where
the user network accesses the carrier's network. The NNI is a forwarding interface inside the
carrier's network. Figure 10-2 shows the location of UNIs and NNIs in a network topology.
Figure 10-2 Location of UNIs and NNIs in a network topology
Rules for mapping packets

When an untagged packet reaches the UNI, it will be added with a VLAN ID of PVID. When
a tagged packet reaches the UNI, it is mapped into the corresponding EVC according to its
CEVLAN ID and then forwarded.
Rules for mapping among the UNI, CEVLAN, and EVC are as below:
 All-to-one: there is only one EVC on a UNI, and all CEVLANs are mapped into the
EVC.
 Bundling: there is only one EVC on a UNI, and CEVLANs are mapped into EVCs as
required.
 Bundling-multiplex: there are multiple EVCs on a UNI, and each EVC is mapped into a
CEVLAN.
 Multiplex: there are multiple EVCs on a UNI, and CEVLANs are mapped into EVCs as
required.
There is a table for mapping CEVLANs and EVCs on a UNI. You can configure it after
learning its mapping rules. For example, there are 2 EVCs on UNI 1, and they carry packets
of CEVLANs 1–100 to the EVC 1 and then forward these packets. They also carry packets of
CEVLANs 200–300 to the EVC 2 and then forward these packets.
Rules for classifying traffic

When packets enter a UNI, they will enter the EVC corresponding to the carried CEVLAN ID
and then be classified by local priority in the following types:

200
Raisecom
 Based on interface: on a UNI, local priorities (CoS priorities) are the same; namely, all
EVCs on the UNI are the same.
 Based on EVC: on an EVC, local priorities (CoS priorities) are the same.
 Based on DSCP: packets that carry the specified DSCP list are configured as a data flow.
Before packets are classified by carried DSCP in the EVC, you should configure
mappings between DSCP and local priorities (CoS priorities) to conduct rate limit based
on CoS (namely, you can configure non-IP packets to be added with the default DSCP
priority on the UNI).
 Based on PCP: packets that carry the specified PCP list (carried CoS priority) are
configured as a data flow. Before packets are classified by carried PCP in the EVC, you
should configure mappings between PCP and local priorities (CoS priorities) to conduct
rate limit based on CoS.
 Based on L2CP: after an EVC is established, a L2CP profile can be quoted; in this way,
packets that carry the specified MAC address and protocol ID are configured as a data
flow. You can combine the L2CP profile with the interface, EVC, DSCP, and PCP during
configurations.
– When you combine the L2CP profile with the EVC, DSCP, and PCP, the EVC will
check whether an arriving packet is a L2CP packet. If yes, the EVC classifies packets
by L2CP rules. If no, the EVC classifies packets by EVC, DSCP, and PCP rules.
– When you combine the L2CP profile with the interface, the local priority based on
interface and that based on L2CP are different. For example, the local priority based
on interface is 1 while that based on L2CP is 2. When packets reach the UNI, they
are classified by local priority 2 if they are L2CP packets, or by local priority 1 if
they are non-L2CP packets.
To configure traffic classification based on interface or EVC,
 When CEVLAN and CoS reservation are enabled, packets enter the UNI with their
carried CEVLAN and CoS, and packet CoS is the local priority.
 When CEVLAN and CoS reservation are disabled, packets will be processed as
untagged packets and obtain the PVID and local priority from the UNI.
Rate limiting
After an EVC is established, you need to configure rate limiting by simply quoting a
bandwidth profile (containing multiple rate limiting rules, with each rule corresponding to a
local priority) in the ingress and egress direction of a UNI. Namely, rate limiting works based
on local priority in the following types:
 Based on interface: packets are matched with the uniform local priority of the UNI and
thus processed with rate limiting.
 Based on EVC: packets are matched with the uniform local priority of the EVC and thus
processed with rate limiting.
 Based on DSCP: the DSCP flow is matched with the local priority of the UNI and thus
 Based on PCP: the PCP flow is matched with the local priority of the UNI and thus
When rate limiting is configured on basis of DSCP or PCP, all DSCP flows or PCP flows of
the EVC must be conducted with or without rate limiting. When they are conducted with rate
limiting, you cannot configure rate limiting based on EVC. When they are conducted without
rate limiting, the CIR of DSCP flows or PCP flows must be smaller than the EVC CIR.

201
Raisecom
Test and measurement of Ethernet service

Test and measurement of the Ethernet service function is achieved by the SLA, Y.1564,
Loopback, and CFM.
When the Ethernet service is created, you can start the Y.1564 test to measure its indexes,
such as the delay, jitter, and frame loss rate.
10.2 Configuring RSOM

Scenario
RSOM includes service transmission and service test and measurement.
To configure service transmission, configure L2CP, CoS bandwidth profile, bandwidth profile,
and flow profile, and connect services with each profile. Packets entering the service will be
processed according to rules of the applied profile.
To configure service test and measurement, configure the SLA, Y.1564, and loopback,
associate the service with each function, and test functions in the service.
Prerequisite
Global CFM and interface CFM are enabled on devices at both ends of the EVC.
10.2.2 (Optional) configuring L2CP profile

Step Configuration Description
1 Raisecom#config Enter the RSOM configuration mode.
Raisecom(config)#mefservice
2 Raisecom(mefservice)#l2cp-profile Create the L2CP profile group, and enter the
l2cp-profile-id L2CPprofile group configuration mode.
By default, the system has 3 profiles, but the default
profile cannot be deleted and modified.
3 Raisecom(mefservice- Configure the L2CP profile group description.
l2cpprofile)#description string
By default, it is mef-l2cp-profile-group--l2cp-
profile-id.
4 Raisecom(mefservice- Create the L2CP bandwidth profile.
l2cpprofile)#l2cp-item l2cp-item-id
5 Raisecom(mefservice-l2cpitem)#l2cp- Configure protocol rules and processing command
protocol { stp | lacp | lamp | link- of the packets corresponding to the L2CP bandwidth
oam | esmc | dot1x | elmi | lldp | profile.
ptp | cdp | vtp | pvst | udld |
pagp } action { discard | forward |
peer | tunnel }

202
Raisecom

6 Raisecom(mefservice-l2cpitem)#dest- Configure the destination MAC rules and processing
mac mac-address [ ethertype value command of the packets corresponding to the L2CP
[ sub-type value ] ] action bandwidth profile.
{ discard | forward | peer |
tunnel } By default, processing action is Tunnel.
Raisecom(mefservice-l2cpitem)#exit
7 Raisecom(mefservice-l2cpprofile)# Configure transparent transmission of the L2CP
exit packets with the specified destination MAC address.
Raisecom(mefservice)#l2cp-process
tunnel destination mac-address By default, transparent transport the L2CP packets
with destination MAC address 010e.5e00.0003.
10.2.3 Configure CoS profile

1 Raisecom#config Enter RSOM configuration mode.
2 Raisecom(mefservice)#cos-profile cos- Create CoS profile group, and enter CoS profile
profile-id configuration mode.
3 Raisecom(mefservice-cosprofile)#name Configure CoS profile group description.
name
By default, CoS profile group description is cos-
profile-id.
4 Raisecom(mefservice-cosprofile)#coslable Configure CoS value of CoS profile.
cos-value [ remark-pcp pcp-value ]
By default, it is 0. Re-mark PCP is 0.
5 Raisecom(mefservice-cosprofile)#type Configure services traffic offload mode of the
{ evc | dscp dscp-list | pcp pcp-list } CoS profile. After service traffic is classified, it
Raisecom(mefservice-cosprofile)#type will be transmitted according to QoS rule of the
{ evc | dscp dscp-list | pcp pcp-list } Ethernet.
l2cp { l2cp-profile-id | default1 |
default2 | default3 }
When you do not need to process L2CP packets
Raisecom(mefservice-cosprofile)#type
in a specified way, you can skip configuration
l2cp { l2cp-profile-id | default1 |
of rules for classifying L2CP packets.
default2 | default3 } By default, it is PCP mode Cos is from 0 to 7.
In the EVC configuration mode, the association way between UNI and EVC is
different, and traffic classification is different.
 When the association mode is All-To-One and Bundling, the packets carrying
interface priority, Untagged packets, and packets carrying C-Tag enter the same
line, namely line 1.
 When the association way is Bundling-Multipex or Multipex, all the packets enter
the same line, namely line 1.
In the DSCP configuration mode, the association way between UNI and EVC is

203
Raisecom
 When the association way is All-To-One, Layer 3 packets is mapped to the local
priority according to carried DSCP, and enter the corresponding line; Non-Layer 3
packets is mapped to the local priority according to services Default-DSCP
configured by the default-dscp command, and enter the corresponding line. If
DSCP is full mapping, do not discard the packets.
 When the association way is Bundling, Bundling-Multipex, and Multipex, Layer 3
packets is mapped to the local priority according to carried DSCP, and enter the
corresponding line; Non-Layer 3 packets is mapped to the local priority according
to services Default-DSCP configured by the default-dscp command, and enter
the corresponding line. When the DSCP carried on the Layer 3 does not match
with services DSCP, discard the packets.
In the PCP configuration mode, the association way between UNI and EVC is
 When the association way is All-To-One, the packets carrying interface priority
and the packet carrying C-Tag according to configured PCP are mapped to the
local priority; untagged packets is mapped to the local priority according to
default-cepriority configured by the default-cepriority command.
In the L2CP configuration mode, the packets are matched and processed according
to L2CP profile attribute.
In the L2CP and DACP, PCP or EVC mixed mode, classification follows L2CP, DSCP,
PCP, and EVC in descending priority.
10.2.4 Configuring bandwidth profile

2 Raisecom(mefservice)#bandwidth enable Enable global bandwidth.
3 Raisecom(mefservice)#bandwidth-profile Create a bandwidth profile group, and enter
bandwidth-profile-id bandwidth profile group configuration.
4 Raisecom(mefservice- Create bandwidth profile group, and enter
bwpprofile)#bandwidth-item bandwidth- bandwidth profile group configuration.
item-id
Raisecom(mefservice-bwpitem)#bandwidth- Create hierarchical bandwidth profile, and enter
hierachy hierarchical bandwidth profile configuration
mode.
By default, the new hierarchical bandwidth
profile does not limit on the speed and color
blind mode.
5 Raisecom(mefservice-bwpitem)#name name Configure bandwidth profile description.
6 Raisecom(mefservice-bwpitem)#cir cir cbs Configure speed-limit rule for the bandwidth
cbs [ eir eir ebs ebs ] profile.
Raisecom(mefservice-bwpitem)#cir
unlimited
7 Raisecom(mefservice-bwpitem)#color-mode Configure color aware mode for the bandwidth
{ aware | blind } profile.
8 Raisecom(mefservice-bwpitem)#coupling Enable bandwidth coupling.
enable
204
Raisecom

9 Raisecom(mefservice-bwpitem)#cos-profile Configure bandwidth profile to quote the CoS
cos-profile-id profile.
10.2.5 Configuring interface

3 Raisecom(config-port)#mef-type { uni | Configure physical interface type.
nni }
By default, the line interface is the NNI while
the client interface is the UNI.
4 Raisecom(config-port)#exit Enter RSOM configuration mode.
Raisecom(config)# mefservice
5 Raisecom(mefservice)#interface Enter RSOM UNI configuration mode.
6 Raisecom(mefservice-interface)#uni-id Configure UNI interface identification.
string
7 Raisecom(mefservice- Configure the association between interface and
interface)#bandwidth-profile { ingress | bandwidth group.
egress } bandwidth-profile-id
8 Raisecom(mefservice-interface)#l2cp- (Optional) configure the association between
profile { l2cp-profile-id | default1 | the UNI interface and L2CP profile group.
default2 | default3 } service service-id
9 Raisecom(mefservice-interface)#bundling- Configure association rules between the CE
type { all-to-one | bundling | bundling- VLAN on the UNI and services.
multiplex | multiplex }
By default, it is All-To-One.
10 Raisecom(mefservice- interface)#default- Configure the default CE VLAN of the
cevlan vlan-id Untagged packets.
11 Raisecom(mefservice- interface)#default- Configure the default CE VLAN priority of the
cepriority priority Untagged packets.
10.2.6 Configuring CFM

2 Raisecom(mefservice)#service service-id Enter service configuration mode.

205
Raisecom

3 Raisecom(mefservice-evc)#md level level Configure the MD level.
By default, it is level 5.
4 Raisecom(mefservice-evc)#cfm local-mep Configure the local MEP ID.
mep-id
5 Raisecom(mefservice-evc)#far-end remote- Configure UNI interface information on the
uni-id { ip-address ip-address | mac service remote devices.
mac-address | remote-mep mep-id }
6 Raisecom(mefservice-evc)#cc enable Enable transmitting CCM.
7 Raisecom(mefservice-evc)#cc interval { 1 Configure the transmission period of the CCM,
| 10 | 60 | 600 | 3ms | 10ms | 100ms }
By default, it is 3.3s.
8 Raisecom(mefservice-evc)#ping { remote- Configure PING RMEP.
mep mep-id | mac-address } [ size size ]
9 Raisecom(mefservice-evc)#traceroute Configure Traceroute RMEP.
{ remote-mep mep-id | mac-address }
[ size size ]
Parameters related to CFM on the service are calculated automatically by the system,
such as the MD name and MA name.
10.2.7 Configuring SLA

2 Raisecom(mefservice)#performance-tier Create a threshold configuration profile,
performance-tier-id and enter threshold configuration profile
mode.
3 Raisecom(mefservice- Configure the description of a profile.
thresholdprofile)#description string
By default, it is PTperformance-tier-id.
4 Raisecom(mefservice-thresholdprofile)#cos- Configure index thresholds and CoS in
lable cos-value { availability | delay | the SLA threshold profile.
jitter | loss-rate } threshold-value
10.2.8 Configuring SLA test and measurement


206
Raisecom

2 Raisecom(mefservice)#service service-id Enter EVC configuration mode.
3 Raisecom(mefservice-evc)#performance-tier Configure association between the
performance-tier-id service and threshold profile.
4 Raisecom(mefservice-evc)#sla remote-ip ip- Configure the IP address of the remote
address device for the SLA test.
5 Raisecom(mefservice-evc)#sla remote-mep { all Configure the RMEP of the SLA test.
| mep-list } [ size size ]
6 Raisecom(mefservice-evc)#sla start Start the SLA test.
10.2.9 Configuring Y.1564
Configuring Y.1564 test traffic profile

2 Raisecom(mefservice)#flow profile Create Y.1564 traffic profile, and enter traffic
flow-profile-id profile configuration mode.
3 Raisecom(mefservice- Configure Y.1564 traffic profile description.
flowprofile)#description string
By default, description about traffic profile is
FLOW-flow-profile-id.
4 Raisecom(mefservice- Configure Y.1564 test traffic type.
flowprofile)#frame type { vsm | udp
source-port port-number dest-port
By default, it is VSM packet.
port-number }
5 Raisecom(mefservice- Configure next hop IP address of Y.1564 test
flowprofile)#nexthop ip-address ip- traffic only when the packet of Y.1564 test is UDP.
address
6 Raisecom(mefservice- Configure the frame size of Y.1564 test traffic.
flowprofile)#frame length single
length By default, it is uniframe and it is 512 bytes.
7 Raisecom(mefservice-flowprofile)# Configure Y.1564 test traffic calibration.
frame pattern prbs
8 Raisecom(mefservice- Configure the source IP address of Y.1564 test
flowprofile)#source-ip ip-address traffic.
9 Raisecom(mefservice- Configure the source MAC address of Y.1564
flowprofile)#source-mac mac-address traffic.

207
Raisecom
Configuring Y.1564 test

2 Raisecom(mefservice)#service service-id Enter EVC configuration mode.
3 Raisecom(mefservice-evc)#rcsam flow- Configure association between service and
profile flow-profile-id Y.1564 traffic profile.
4 Raisecom(mefservice-evc)#performance- Configure association between services and
tier performance-tier-id threshold profile.
5 Raisecom(mefservice-evc)#rcsam duration Configure Y.1564 test period.
{ forever | period }
By default, it is 15 minutes.
6 Raisecom(mefservice-evc)#rcsam Configure Y.1564 performance test bandwidth
performance cir ratio ratio ratio.
By default, it is 100%.
7 Raisecom(mefservice-evc)#rcsam Configure remote devices information of the
{ remote-mac mac-address | remote-mep Layer 2 Y.1564 test based on CFM or remote
{ all | mep-id } } devices MAC.
Raisecom(mefservice-evc)#rcsam remote- Configure information, carried in emulated user
ip ip-address packets, about the remote device for the Layer 3
Y.1564 test on Internet leased line services.
8 Raisecom(mefservice-evc)#rcsam start Start the Y.1564 test.
{ both | configuration | performance }
The SLA test and Y.1564 test share threshold profile. During the test, it needs to bind
respective threshold profile.
10.2.10 Configuring loopback

Configure the loopback test as below.

2 Raisecom(mefservice)#service service-id Create the service, and enter EVC configuration
mode.
3 Raisecom(mefservice-evc)#loopback type Configure the type of loopback packets.
{ vsm | udp source-port port-number
dest-port port-number }
By default, it is VSM.
4 Raisecom(mefservice-evc)#loopback enable Enable service loopback.

208
Raisecom
 The loopback and Y.1564 test needs to cooperate with each other. Enable
loopback on the remote device, and then enable Y.1564 test on the local device
for test.
 Be cautious about starting service loopback because it can have influence on
normal services.
 After the loopback test is complete, the loopback disable command to disable
loopback immediately.
10.2.11 Configuring services

2 Raisecom(mefservice-evc)#sdp Configure association between the service and
interface-type interface-number SDP interface.
[ interface-type backup-interface-
number ]
3 Raisecom(mefservice-evc)#sap Configure association between service and SAP,
interface-type interface-number and enter service UNI configuration mode,
4 Raisecom(mefservice-evcuni)#cevlan-map Configure the CE VLAN on the service UNI.
vlan-list
5 Raisecom(mefservice-evcuni)#type Configure UNI interface type of the E-Tree
{ leaf | root } services only when the type of the Ethernet
service is configured to E-Tree.
6 Raisecom(mefservice-evcuni)#bandwidth- Configure association between UNI of the service
profile { ingress | egress } and bandwidth profile group.
bandwidth-profile-id
7 Raisecom(mefservice-evcuni)#exit Exit UNI configuration mode.
8 Raisecom(mefservice)#service service- Enter service configuration mode.
id
9 Raisecom(mefservice-evc)#id string Configure the service ID.
By default, it is service-service-id.
10 Raisecom(mefservice-evc)#type { eline Configure the type of the Ethernet service.
| elan | etree }
By default, it is E-LAN.
11 Raisecom(mefservice-evc)#cevlan-cos Enable preservation of the CE VLAN and CoS
preservation label of packets.
12 Raisecom(mefservice-evc)#default-dscp Configure the default DSCP priority of non-IP
dscp packets.
13 Raisecom(mefservice-evc)#encapsulate- Configure the mode for the service to process
mode { forward | svlan } received packets.
By default, the service adds a SVLAN Tag to
received packets.

209
Raisecom

14 Raisecom(mefservice-evc)#primary-vid Configure the SVLAN for the service.
vlan-id
15 Raisecom(mefservice-evc)#link-state- Enable link-state tracking for the service.
tracking enable
16 Raisecom(mefservice-evc)#statistics Enable service statistics.
enable
17 Raisecom(mefservice-evc)#no shutdown Enable the service.
Test and measurement of the service mainly aim at test of the EVC on the network
side.
Services include EVC and corresponding UNI. To configure the EVC UNI, you need
to configure the content as below:
 Enter interface configuration mode, and configure interface type of the physical
layer according to the mef-type command. For example, configure the physical
interface as the UNI or NNI.
 In the RSOM configuration mode, enter UNI interface configuration mode by using
the interface command, and configure attributes of the UNI.
 Enter the EVC mode; associate the EVC and UNI by using the sap command.
The SAP interface is the UNI of the service.

No. Configuration Description
1 Raisecom#show rsom l2cp-profile [ l2cp-profile-id Show configurations of the L2CP
| default1 | default2 | default3 ] profile group.
2 Raisecom#show rsom cos-profile [ cos-profile-id ] Show configurations of the CoS
profile group.
3 Raisecom#show rsom bandwidth-profile bandwidth- Show configurations of the
profile-id bandwidth profile group.
4 Raisecom#show rsom uni interface [ interface-type Show the UNI interface.
interface-number ]
5 Raisecom#show rsom statistics interface Show the UNI interface statistics.

6 Raisecom#show rsom service service-id performance Show statistics on the SLA test.
{ remote-ip ip-address | remote-mep mep-id }
7 Raisecom#show rsom service statistics [ service- Show service statistics.

id ]
8 Raisecom#show rsom service [ service-id ] status Show the service status.

210
Raisecom
10.3 Maintenance
Command Description
Raisecom(mefservice-evc)#clear statics Clear EVC statistics.

10.4.1 Example for configuring RSOM
As shown in Figure 10-3, to fast activate point-to-point Ethernet leased line services, establish
an EVC between iTN A and iTN B. Then, start the Y.1564 test to measure indexes, such as
delay, jitter, and packet loss rate.
The Ethernet lease line should meet the following requirements:
 Allow all VLANs to pass the EVC.
 Classify packets and limit their rate based on CoS in the EVC, with packet priorities 0–2
corresponding to local priority 1, packet priorities 3–5 corresponding to local priority 2,
and packet priorities 6–7 corresponding to local priority 3.
 Apply the same rate limit on packets of different priorities in the EVC. Configure CIR to
10 Mbit/s, CBS to 100 Kbytes, CIR to 10 Mbit/s, and EBS to 100 Kbytes.
 Test the performance and configurations of the service by using a test flow of packets
with a fixed length.
Figure 10-3 RSOM networking
Configuration steps
Configuration of iTN A and those of iTN B are similar. The following steps take iTN A for
example and will clarify their differences.
Step 1 Create a CoS profile which classifies traffic based on PCP.
Raisecom#config
Raisecom(mefservice)#cos-profile 1
Raisecom(mefservice-cosprofile)#coslable 1
Raisecom(mefservice-cosprofile)#type pcp 0-2
Raisecom(mefservice-cosprofile)#exit
211
Raisecom
Raisecom(mefservice-cosprofile)#type pcp 3-5
Raisecom(mefservice-cosprofile)#type pcp 6,7
Step 2 Enable global bandwidth.
Raisecom(mefservice)#bandwidth enable
Step 3 Create a bandwidth profile, and configure it to quote the CoS profile.
Raisecom(mefservice)#bandwidth-profile 1
Raisecom(mefservice-bwpprofile)#bandwidth-item 1
Raisecom(mefservice-bwpitem)#cir 10000 cbs 100 eir 10000 ebs 100
Raisecom(mefservice-bwpitem)#cos-profile 1
Raisecom(mefservice-bwpitem)#exit
Raisecom(mefservice-bwpprofile)#exit
Step 4 Create a SLA threshold profile.
Raisecom(mefservice)#performance-tier 5
Raisecom(mefservice-thresholdprofile)#cos-label 1 availability 100
Raisecom(mefservice-thresholdprofile)#cos-label 1 delay 500
Raisecom(mefservice-thresholdprofile)#cos-label 1 jitter 500
Raisecom(mefservice-thresholdprofile)#cos-label 1 loss-rate 100
Raisecom(mefservice-thresholdprofile)#exit

212
Raisecom
Step 5 Create a RCSAM profile.
Raisecom(mefservice)#flow profile 2
Raisecom(mefservice-flowprofile)#frame type vsm
Raisecom(mefservice-flowprofile)#frame length single 512
Raisecom(mefservice-flowprofile)#exit
Raisecom(mefservice)#exit
Step 6 Configure physical layer interface configuration mode. Enable interface CFM.
Raisecom(config-port)#mef-type uni
Raisecom(config-port)#ethernet cfm enable
Raisecom(mefservice-port)#uni-id itnauni1
Raisecom(config-port)#mef-type nni
Raisecom(config-port)#ethernet cfm enable
Step 7 Configure SAP and SDP of EVC services. Configure SAP to quote the bandwidth profile.
Configure the UNI ID to itnauni1 on iTN A. Configure the UNI ID to itnbuni1 on iTN B.
Raisecom(mefservice)#service 1
Raisecom(mefservice-evc)#sap client 1
Raisecom(mefservice-evcuni)#bandwidth-profile ingress 1
Raisecom(mefservice-evcuni)#bandwidth-profile egress 1
Raisecom(mefservice-evcuni)#exit
Raisecom(mefservice-evc)#sdp line 1
Step 8 Create an EVC service.

Configure the name of the remote UNI to 2 and MEP to 2 on iTN A. Configure the name of
the remote UNI to 1 and MEP to 1 on iTN B.
Raisecom(mefservice-evc)#type eline
Raisecom(mefservice-evc)#encapsulate-mode forward
Raisecom(mefservice-evc)#primary-vid 10
Raisecom(mefservice-evc)#far-end 2 remote-mep 2
Step 9 Configure OAM.

Configure the local MEP to 1 on iTN A. Configure the local MEP to 2 on iTN B.

213
Raisecom
Raisecom(mefservice-evc)#cfm local-mep 1
Raisecom(mefservice-evc)#cc enable
Step 10 Configure the EVC to quote the threshold profile.
Raisecom(mefservice-evc)#performance-tier 5
Step 11 Configure the EVC to quote the RCSAM flow profile.
Raisecom(mefservice-evc)#rcsam flow-profile 2
Step 12 Activate the EVC.
Raisecom(mefservice-evc)#no shutdown
Step 13 Configure the RCSAM remote MEP on iTN A.
Raisecom(mefservice-evc)#rcsam remote-mep 2
Step 14 Enable loopback on iTN B.
Raisecom(mefservice-evc)#loopback enable
Step 15 Start the RCSAM test of the EVC.
Raisecom(mefservice-evc)#rcsam start both
Checking results
Use the show rsom service command on iTN A to view EVC configurations.
ServiceIndex: 1,State: no shutdown

Identifier: service1
Type: eline,Statistics: enable
Cevlan-Cos: Preserve,Default-dscp: 0
Encapsulte-Mode: forward,Primary-vid: 10

214
Raisecom
Sdp 1: line 1 Sdp 2: --

Sap: client 1
Type: Root,Cevlan-map: 1-4094
Ingress-bwp-profile: 1,Egress-bwp-profile: 1
farend configuration information:
far-end 2 remote-mep 2
cfm configuration information:
md level: 5
cc interval: 3.3ms
Sdp 1: line 1 Sdp 2: --
cfm local-mep: 1
cc enable
sla configuration information:
performance-tier: 5
description: Performancetier5
cos-label 1 delay 500
cos-label 1 jitter 500
cos-label 1 loss-rate 100
cos-label 1 availability 100
sla remote-ip 172.16.70.32
sla start
Transmit Interval(msec): 1000
schedule Period(sec): 300
Schedule Life(sec): Forever
Y.1564 configuration information:
flow profile: 2
description: RcSamFlow2
frame type: vsm source-port: -- dest-port: --
frame length type: single frame size: 512
frame pattern: null
source-mac: --
source-ip: --
nexthop ip-address: --
rcsam duration: 15
rcsam performance cir ratio: 100
loopback configuration information:
loopback type: vsm source-port: -- dest-port: --
loopback disable
Use the show rsom service rcsam result command on iTN A to view results of the test.
Raisecom(mefservice-evc)#show rsom service 1 rcsam result

Rcsam configuration test detail result:
Service Index: 1
Cos-label: 1

215
Raisecom
Far-end type: remote-mep

Far-end value: 2
Test result: PASS
Flow profile ID: 2
SAC: FD(500us), FDV(500us), FLR(100(0.001%))
Test-step Throughput(Kbps) FD(us) FDV(us) FLR(0.001%) result
---------------------------------------------------------------------
1 0 12 0 0 PASS
2 0 0 0 0 PASS
3 64 12 0 0 PASS
4 64 12 0 0 PASS
5 192 12 0 0 PASS
6 192 12 0 0 PASS
Rcsam performance test total result:

Service Index: 1
Cos-label: 1
test status: IDLE
AVAIL(%): 0
Flow profile ID: 2
SAC: FD(500us), FDV(500us), FLR(100(0.001%)), AVAIL(100(0.001%))
Parameter min mean max
----------------------------------------------
IR(Kbps) 64 64 64
FD(us) 12 12 13
FDV(us) 0 0 1
FLR(%%) 0 0 0
FDR -- 1 --
BER -- 0 --
Rcsam performance test last result:

Service Index: 1
Cos-label: 1
Last Index: 1
test status: IDLE
test start time: 2016-08-10,23:24:20.0
AVAIL(%): 0
Flow profile ID: 2
-------------------------------------------------
IR(Kbps) -- 64 --
FD(us) 12 12 13
FDV(us) 0 0 1
FLR(%%) -- 0 --
BER -- 0 --

Service Index: 1
Cos-label: 2
Far-end value: 2
Test result: PASS
Flow profile ID: 2

216
Raisecom

--------------------------------------------------------------------
1 0 12 0 0 PASS
2 0 0 0 0 PASS
3 64 12 0 0 PASS
4 64 12 0 0 PASS
5 192 12 0 0 PASS
6 192 12 0 0 PASS

Service Index: 1
Cos-label: 2
test status: IDLE
AVAIL(%): 0
Flow profile ID: 2
-------------------------------------------------
IR(Kbps) 64 64 64
FD(us) 12 12 13
FDV(us) 0 0 1
FLR(%%) 0 0 0
FDR -- 1 --
BER -- 0 --

Service Index: 1
Cos-label: 2
Last Index: 1
test status: IDLE
test start time: 2016-08-10,23:24:20.0
AVAIL(%): 0
Flow profile ID: 2
------------------------------------------------
IR(Kbps) -- 64 --
FD(us) 12 12 13
FDV(us) 0 0 1
FLR(%%) -- 0 --
BER -- 0 --

Service Index: 1
Cos-label: 3
Far-end value: 2
Test result: PASS
Flow profile ID: 2
--------------------------------------------------------------------
1 0 12 0 0 PASS
2 0 0 0 0 PASS
3 64 12 0 0 PASS

217
Raisecom
4 64 12 0 0 PASS
5 192 12 0 0 PASS
6 192 12 0 0 PASS

Service Index: 1
Cos-label: 3
test status: IDLE
AVAIL(%): 0
Flow profile ID: 2
-------------------------------------------------
IR(Kbps) 64 64 64
FD(us) 12 12 12
FDV(us) 0 0 0
FLR(%%) 0 0 0
FDR -- 0 --
BER -- 0 --

Service Index: 1
Cos-label: 3
Last Index: 1
test status: IDLE
test start time: 2016-08-10,23:24:20.0
AVAIL(%): 0
Flow profile ID: 2
-------------------------------------------------
IR(Kbps) -- 64 --
FD(us) 12 12 12
FDV(us) 0 0 0
FLR(%%) -- 0 --
BER -- 0 --

218
Raisecom
RAX711-C (A) Configuration Guide 11 Security
11 Security
This chapter describes principles and configuration procedures of security, and provides
 Introduction
 Configuring CPU protection
 Configuring RADIUS
 Configuring TACACS+
 Maintenance
11.1 Introduction
With continuous development of Internet technology, network is increasingly applied. More
and more enterprises make development with network. How to ensure the data and resource
security becomes a significant problem. In addition, the device performance is reduced or the
device operates improperly in case users access the network in an unconscious but aggressive
way.
Security technologies, such as Access Control List (ACL) and user authentication, can
improve network and device security effectively.
11.1.1 ACL
To control influence of illegal packets on the network, you need to configure a series of rules
on network devices to decide which packets can be transmitted. There rules are defined
through ACL.
ACL is a series of sequential rules composed by permit | deny sentences. These rules describe
packets based on based on source MAC addresses, destination MAC addresses, source IP
addresses, destination IP addresses, and interface IDs. The device decides packets to be
received or refused based on these rules.
11.1.2 CPU protection

Because the network environment of the RAX711-C is complex, the RAX711-C may be
attacked by multiple packets, such as ARP packets, BPDU packets, and ICMP packets. If the

219
Raisecom
RAX711-C receives a great number of attack packets in a short period, the CPU may work
with full load. Therefore, the RAX711-C cannot process normal services in time, degrading
device performance.
To effectively use resources and prevent packet attacks, the RAX711-C needs to protect the
CPU. In a certain interval, when the number of some packet received by an interface exceeds
the configured CIR, the RAX711-C (or interface) will calculate the number of allowable data
to pass according to preconfigured CIR and CBS, discard excess data, and send a Trap on the
attacking by this type of packets.
11.1.3 RADIUS
Remote Authentication Dial In User Service (RADIUS) is a standard communication protocol
that provides centralized Authentication, Authorization, and Accounting (AAA) management
for remote users. RADIUS uses the User Datagram Protocol (UDP) as the transport protocol
(port 1812 is for authentication. Port 1813 is for accounting) and has good instantaneity. In
addition, RADIUS supports re-transmission mechanism and backup server mechanism.
Therefore, it provides good reliability.
RADIUS works in client/server mode. Network devices are clients of the RADIUS server.
RADIUS server is responsible for receiving users' connection requests, authenticating uses,
and replying configurations required by all clients to provide services for users. This mode
can control users accessing devices and network to improve network security.
Clients and the RADIUS server communicate with each other through the shared key. The
shared key is not transmitted through the network. In addition, any user password needs to be
encapsulated when it is transmitted through clients and RADIUS. This helps prevent getting
the user password by sniffing unsecure network.
RADIUS accounting is designed for RADIUS authenticated users. When a user logs in to the
device, the device sends an Account-Start packet to the RADIUS accounting server to begin
accounting. During login, the device sends Account-Update packets to the RADIUS
accounting server. When the user exits from the device, no accounting packet is sent to the
RADIUS accounting server. These packets contain the login time. With these packets, the
RADIUS accounting server can record the access time and operation of each user.
11.1.4 TACACS+
Terminal Access Controller Access Control System (TACACS+) is a network access
authentication protocol, similar to RADIUS. Compared with RADIUS, TACACS+ has the
following features:
 Use TCP port 49, providing the higher transmission reliability. RADIUS uses the UDP
port.
 Encapsulate the whole standard TACACS+ packet but for the TACACS+ header,
providing the higher security. RADIUS encapsulates the user password only.
 Separate TACACS+ authentication from TACACS+ authorization and TACACS+
accounting, providing a more flexible deployment mode.
Therefore, compared with RADIUS, TACACS+ is more secure and reliable. However, as an
open protocol, RADIUS is more widely-used.

220
Raisecom
11.2 Configuring ACL

Scenario
To filter packets, you should configure ACL on a network device to identify objects to be
filtered. Then, the network device can allow or disallow packets of specified types to pass
according to preconfigured rules.
Prerequisite
N/A
11.2.2 Configuring ACL

Select steps 3–8 as required.

2 Raisecom(config)#access-list acl-number [ name Create an ACL and enter ACL
acl-name ] configuration mode.
The value of acl-number parameter
defines the type of ACL configuration
mode.
 Values 1000–0999: basic IP ACL
 Values 2000–2999: extended IP
ACL
 Values 3000–3999: MAC ACL
 Values 4000–4999: MPLS ACL
 Values 5000–5999: user ACL
 Values 6000–6999: basic IPv6 ACL
 Vaules 7000–7999: advanced ACL
3 Raisecom(config-acl-ip-std)#rule [ rule-id ] (Optional) configure the basic IP ACL

{ deny | permit } { source-ip-address source- rule.
ip-mask | any }
4 Raisecom(config-acl-ip-ext)#rule [ rule-id ] (Optional) configure the extended IP
{ deny | permit } { protocol-id | icmp | igmp | ACL rule.
ip } { source-ip-address source-ip-mask | any }
{ destination-ip-address destination-ip-mask |
any } [ dscp dscp-value | precedence
precedence-value | tos tos-value ] [ ttl ttl-
value ] [ fragment ]

221
Raisecom

Raisecom(config-acl-ip-ext)#rule [ rule-id ]
{ deny | permit } { tcp | udp } { source-ip-
address source-ip-mask | any } [ source-port |
range mini-port max-port ]{ destination-ip-
address destination-ip-mask | any }
[ destination-port | range mini-port max-port ]
[ dscp dscp-value | precedence precedence-value
| tos tos-value ] [ ttl ttl-value ]
[ fragment ]
5 Raisecom(config-acl-mac)#rule [ rule-id ] (Optional) configure the MAC ACL
{ deny | permit } { source-mac-address source- rule.
mac-mask | any } { destination-mac-address
destination-mac-mask | any } [ ethertype
{ ethertype [ ethertype-mask ] | ip | arp } ]
[ svlan svlan-id ] [ cvlan cvlan-id ] [cos
cos ] [ inner-cos inner-cos ]
6 Raisecom(config-acl-udf)#rule [ rule-id ] (Optional) configure the user ACL
{ deny | permit } { layer2 | ipv4 } rule-string rule.
rule-mask offset-value
7 Raisecom(config-acl-ipv6)#rule [ rule-id ] (Optional) configure basic IPv6 ACL
{ deny | permit } { protocol-id | ipv6 } rules.
{ source-ipv6-address/M | any } { destination-
ipv6-address/M | any } [ traffic-class class-
value ] [ flow-label label-value ] [ fragment ]
Raisecom(config-acl-ipv6)#rule [ rule-id ]
{ deny | permit } icmpv6 { source-ipv6-
address/M | any } { destination-ipv6-address/M
| any } [ icmpv6-type icmpv6-type [ icmpv6-
code ] ] [ traffic-class class-value ] [ flow-
label label-value ] [ fragment ]
{ deny | permit } tcp { source-ipv6-address/M |
any } [ source-port ] { destination-ip-
address/M | any } [ destination-port ] [ ack
ack-value ] [ fin fin-value ] [ psh psh-value ]
[ rst rst-value ] [ syn syn-value ] [ urg urg-
value ] [ traffic-class class-value ] [ flow-
label label-value ] [ fragment ]
{ deny | permit } udp { source-ipv6-address/M |
any } [ source-port ] { destination-ip-
address/M | any } [ destination-port ]
[ traffic-class class-value ] [ flow-label
label-value ] [ fragment ]

222
Raisecom

8 Raisecom(config-acl-advanced)#rule [ rule-id ] (Optional) configure advanced ACL
{ deny | permit } { source-mac-address source- rules.
mac-mask | any } { destination-mac-address
destination-mac-mask | any } [ svlan svlanid ]
[ cvlan cvlanid ] [cos cos ] [ inner-cos inner-
cos ] { source-ip-address source-ip-mask |
any } { destination-ip-address destination-ip-
mask | any } [ dscp dscp-value | precedence
precedence-value | tos tos-value ] [ ttl ttl-
value ] [ fragment ]
11.2.3 Configuring filter

interface-number
3 Raisecom(config-port)#filter { ingress | Apply the ACL rule to the interface.
egress } access-list { acl-number | name acl-
name } [ statistics ]

1 Raisecom#show access-list [ acl-number | name acl- Show ACL information.
name ]
2 Raisecom#show filter interface Show filter information.
Raisecom#show filter interface interface-type
interface-number [ ingress | egress ]
11.3 Configuring CPU protection

Scenario
When the RAX711-C receives a great number of attack packets in a short period, the CPU
will run with full load and its utilization rate will reach to 100%, which may cause the
breakdown of the device. CPU CAR helps efficiently limit the rate of packets entering the
CPU.

223
Raisecom
Prerequisite
N/A
11.3.2 Configuring global CPU protection

2 Raisecom(config)#cpu-protect car Configure the protocol type, rate limiting mode,
{ arp | dhcp | global | icmp | igmp | CIR, and CBS of global CPU packet protection.
tcp } kbps cir cir cbs cbs
By default, the CIR and CBS are respectively
configured to 500 pps and 500 pkt globally.
11.3.3 Configuring interface CPU preotection

3 Raisecom(config-port)#cpu- Configure the CIR and CBS of physical interface CPU
protect car { arp | dhcp | icmp packet protection.
| igmp | tcp } { kbps | pps }
cir cir cbs cbs By default, default configurations of CPU CAR are
adopted.

1 Raisecom#show cpu-protect statistics Show configurations of global CPU protection.
2 Raisecom#show cpu-protect car statistics Show CPU CAR statistics on the interface.
11.4 Configuring RADIUS

Scenario
To control users to access devices and network, you can deploy the RADIUS server at the
network to authenticate and account users. The RAX711-C can be used as a Proxy of the
RADIUS server to authenticate users based on results returned by the RADIUS server.

224
Raisecom
Prerequisite
N/A
11.4.2 Configuring RADIUS authentication

1 Raisecom#radius [ backup ] ip-address Specify the IP address and port ID of the RADIUS
[ auth-port port-id ] authentication server.
The backup parameter is used to specify a backup
RADIUS authentication server.
2 Raisecom#user login { local-user | Configure the authentication mode for login when
radius-user | local-radius | radius- RADIUS authentication is applied.
local [ server-no-response ] }
11.4.3 Configuring RADIUS accounting

1 Raisecom#aaa accounting Enable RADIUS accounting.
login enable
By default, RADIUS accounting is disabled.
2 Raisecom#radius Specify the IP address and port ID of the RADIUS accounting server.
[ backup ] accounting- By default, the UDP port ID is configured to 1813.
server ip-address
[ auth-port port-id ] The backup parameter is used to specify a backup RADIUS
accounting server.
3 Raisecom#radius Configure the shared key used for communicating with the RADIUS
[ backup ] accounting- accounting server. The shared key must be identical to the one
server key string configured on the RADIUS accounting server. Otherwise, accounting
operation fails.
By default, the shared key is empty.
4 Raisecom#aaa accounting Configure the processing policy for accounting failure.
fail { online |
offline} By default, the processing policy is configured to online. In indicates
that users are allowed to log in if accounting operation fails.
5 Raisecom#aaa accounting Configure the interval for sending accounting update packets. If the
update period interval is configured to 0, it indicates that no accounting update
packet is sent.
By default, the interval for sending accounting update packets is
configured to 0.
With the Account-Start packet, Account-Update packet, and

Account-Stop packet, the RADIUS server can record the
access time and operations of each user.

225
Raisecom

1 Raisecom#show radius-server Show configurations of the RADIUS server.
11.5 Configuring TACACS+

Scenario
To control users accessing devices and network, you can deploy the RADIUS server in the
network to authenticate and account users. Compared with RADIUS, TACACS+ is more
secure and reliable. The RAX711-C can be used as a Proxy of the TACACS+ server to
authenticate users based on results returned by the TACACS+ server.
Prerequisite
N/A
11.5.2 Configuring TACACS+ authentication

1 Raisecom#tacacs-server [ backup ] Specify the IP address and port ID of the TACACS+
ip-address [ auth-port port-id ] authentication server.
TACACS+ authentication server.
2 Raisecom#tacacs-server key string Configure the shared key for TACACS+ authentication.
3 Raisecom#tacacs [ backup ] Specify the IP address and port ID of the TACACS+
accounting-server ip-address accounting server.
[ auth-port port-id ]
TACACS+ accounting server.
4 Raisecom#user login { local-user Configure the authentication mode for login when
| tacacs-user | local-tacacs | TACACS+ authentication is applied.
tacacs-local [ server-no-
response ] }

1 Raisecom#show tacacs-server Show TACACS+ server configurations.

226
Raisecom
11.6 Maintenance
Command Description
Raisecom(config)#clear filter statistics interface-type interface- Clear statistics on the
number { ingress | egress } [ access-list acl-number ] filter.

11.7.1 Examples for configuring ACL
As shown in Figure 11-1, to control users accessing the server, you can deploy ACL on
RAX711-C A to disallow 192.168.1.1 to access the server with the IP address of
192.168.1.100.
Figure 11-1 Configuring ACL
Configuration steps
Step 1 Configure IP ACL.
Raisecom#config
Raisecom(config-acl-ip-ext)#rule 1 deny ip 192.168.1.1 255.255.255.0
192.168.1.100 255.255.255.0
Step 2 Apply ACL to Client interface 2 on RAX711-C A.
Raisecom(config-port)#filter ingress access-list 2001

227
Raisecom
Checking results
Use the show access-list command to show ACL configurations.
Raisecom#show access-list 2001

advanced-ipv4 ACL 2001, 1 rules
ACL's step is 10
rule 1 deny ip 192.168.1.1 255.255.255.0 192.168.1.100 255.255.255.0
Use the show filter command to show filter configurations.
Raisecom#show filter interface client 2

Interface Direction Acl-Num
-----------------------------------------
client2 ingress 2001
11.7.2 Example for configuring RADIUS
As shown in Figure 11-2, to control users accessing RAX711-C A, you need to deploy
RADIUS authentication and accounting on RAX711-C A to authenticate users logging in to
RAX711-C A and record their operations.
Configure the interval for sending Account-Update packet to 2min. Configure the processing
policy for accounting failure to offline.
Figure 11-2 Configuring RADIUS
Configuration steps
Step 1 Authenticate login users through RADIUS.
Raisecom#radius 192.168.1.1
Raisecom#radius-key raisecom
Raisecom#user login radius-user
Step 2 Account login users through RADIUS.

228
Raisecom
Raisecom#aaa accounting login enable

Raisecom#radiusaccounting-server 192.168.1.1
Raisecom#radius accounting-server key raisecom
Raisecom#aaa accounting fail offline
Raisecom#aaa accounting update 120
Checking results
Use the show radius-server command to show RADIUS configurations.
Raisecom#show radius-server
Authentication server IP: 192.168.1.1 port:1812
Backup authentication server IP:0.0.0.0 port:1812
Authentication server key: raisecom
Accounting server IP: 192.168.1.1 port:1813
Backup accounting server IP: 0.0.0.0 port:1813
Accounting server key: raisecom
Accounting login: enable
Update interval(min.): 120
Accounting fail policy: offline
11.7.3 Example for configuring TACACS+
As shown in Figure 11-3, to control users accessing RAX711-C A, you need to deploy
TACACS+ authentication on RAX711-C A to authenticate users logging in to RAX711-C A.
Figure 11-3 TACACS+ networking
Configuration steps
Authenticate login users through TACACS+.
Raisecom#tacacs-server 192.168.1.1
Raisecom#tacacs-serverkey raisecom
Raisecom#user login tacacs-user

229
Raisecom
Checking results
Use the show tacacs-server command to show TACACS+ configurations.
Raisecom#show tacacs-server
Server Address: 192.168.1.1
Backup Server Address: --
Sever Shared Key: raisecom
Accounting server Address: --
Backup Accounting server Address: --
Total Packet Sent: 0
Total Packet Recv: 0
Num of Error Packets: 0

230
Raisecom
RAX711-C (A) Configuration Guide 12 System management and maintenance
12 System management and

maintenance
This chapter describes principles and configuration procedures of system management and
maintenance, and provides related configuration examples, including following sections:
 Introduction
 Configuring LLDP
 Configuring SNMP
 Configuring optical module DDM
 Configuring system log
 Configuring alarm management
 Configuring memory monitoring
 Configuring CPU monitoring
 Configuring RMON
 Configuring fan monitoring
 Configuring loopback
 Configuring fault detection
 Maintenance
12.1 Introduction
12.1.1 LLDP
With the enlargement of network scale and increase of network devices, the network topology
becomes more and more complex and network management becomes very important. A lot of
network management software adopts auto-detection function to trace changes of network
topology, but most of the software can only analyze the Layer 3 network and cannot make
sure the interfaces connect to other devices.
Link Layer Discovery Protocol (LLDP) is based on IEEE 802.1ab standard. Network
management system can fast grip the Layer 2 network topology and changes.

231
Raisecom
LLDP organizes the local device information in different Type Length Value (TLV) and
encapsulates in Link Layer Discovery Protocol Data Unit (LLDPDU) to transmit to straight-
connected neighbour. It also saves the information from neighbour as standard Management
Information Base (MIB) for network management system querying and judging link
communication.
LLDP packet
The LLDP packet is an Ethernet packet encapsulated with LLDPDU in data unit and
transmitted by multicast.
LLDPDU is data unit of LLDP. The device encapsulates local information in TLV before
forming LLDPDU, then several TLV fit together in one LLDPDU and encapsulated in
Ethernet data for transmission.
As shown in Figure 12-1, LLDPDU is made by several TLV, including 4 mandatory TLV and
several optional TLV.
Figure 12-1 Structure of LLDPDU packet
As shown in Figure 12-2, each TLV denotes a piece of information on the local device, such
as the device ID, interface ID, related Chassis ID TLV, Port ID TLV, and fixed TLV.
Figure 12-2 Structure of a TLV packet
Table 12-1 lists TLV types.
Table 12-1 TLV types

TLV type Description Optional/Required
0 End Of LLDPDU Required
1 Chassis ID Required
2 Port ID Required
3 Time To Live Required
4 Port Description Optional
5 System Name Optional
6 System Description Optional
7 System Capabilities Optional

232
Raisecom
TLV type Description Optional/Required

8 Management Address Optional
Principles of LLDP
LLDP is a kind of point-to-point one-way issuance protocol, which notifies local device link
status to the peer device by sending LLDPDU (or sending LLDPDU when link status changes)
periodically from the local device to peer device.
The procedure of packet exchange:
 When local device transmits packet, it gets system information required by TLV from
NView NNM (Network Node Management) and gets configuration information from
LLDP MIB to generate TLV and form LLDPDU to transmit to peer.
 The peer receives LLDPDU and analyzes TLV information. If there is any change, the
information will be updated in neighbor MIB table of LLDP and notifies NView NNM
system.
When the device status is changed, the RAX711-C sends a LLDP packet to the peer. To avoid
sending LLDP packet continuously because of device status changes frequently, you can
configure a delay timer for sending the LLDP packet.
The aging time of Time To Live (TTL) of local device information in the neighbour node can
be adjusted by modifying the parameter values of aging coefficient, sends LLDP packets to
neighbour node, after receiving LLDP packets, neighbour node will adjust the aging time of
its neighbour nodes (sending side) information. Aging time formula, TTL = Min {65535,
(interval × hold-multiplier)}:
 Interval indicates the time period to send LLDP packets from neighbor node.
 Hold-multiplier refers to the aging coefficient of device information in neighbor node.
12.1.2 SNMP
Simple Network Management Protocol (SNMP) is designed by the Internet Engineering Task
Force (IETF) to resolve problems in managing network devices connected to the Internet.
Through SNMP, a network management system can manage all network devices that support
SNMP, including monitoring network status, modifying configurations of a network device,
and receiving network alarms. SNMP is the most widely used network management protocol
in TCP/IP networks.
Working mechanism
SNMP is separated into two parts: Agent and NMS. In the SNMP network, the Agent is a
managed device while the NMS is a manager. The Agent and NMS communicate through
SNMP packets transmitted through UDP.
The RAX711-C and Raisecom NView NNM system communicate with each other through
SNMP. Raisecom NView NNM system can provide friendly Human Machine Interface (HMI)
to facilitate network management. The below functions can be realized through it:
 Send request packets to the RAX711-C.
 Receive reply packets and Trap packets from the RAX711-C, and show result.

233
Raisecom
Agent is a program stays on the RAX711-C, providing the below functions:

 Receive/Reply request packets from the NView NNM system.
 Read/Write packets and generate response packets according to the packets type, then
return the result to the NView NNM system.
 Define trigger condition according to protocol modules, enter/exit system, or reboot the
RAX711-C when conditions are satisfied; reply module sends Trap packets to NView
NNM system via agent to report current status of device.
Agent can be configured with several versions. Agent use different versions to
communicate with different NView NNM systems. However, SNMP version of the
NView NNM system must be consistent with the one on Agent when they are
communicating. Otherwise, they cannot communicate properly.
SNMP versions
Till now, SNMP has three versions: v1, v2c, and v3, described as below.
 SNMPv1 uses community name authentication mechanism. The community name, a
string defined by an agent, acts like a secret. The network management system can visit
the agent only by specifying its community name correctly. If the community name
carried in a SNMP message is not accepted by the RAX711-C, the message will be
dropped.
 Compatible with SNMPv1, SNMPv2c also uses community name authentication
mechanism. SNMPV2c supports more operation types, data types, and error codes, and
thus better identifying errors.
 SNMPv3 uses User-based Security Model (USM) authentication mechanism. You can
configure whether USM authentication is enabled and whether encryption is enabled to
provide higher security. USM authentication mechanism allows authenticated senders
and prevents unauthenticated senders. Encryption is to encrypt messages transmitted
between the network management system and agents, thus preventing interception.
The RAX711-C supports v1, v2c, and v3 of SNMP.
MIB
Management Information Base (MIB) is the collection of all objects managed by NMS. It
defines attributes for the managed objects:
 Name
 Access authority
 Data type
The device-related statistic contents can be reached by accessing data items. Each proxy has
its own MIB. MIB can be taken as an interface between NMS and Agent, through which
NMS can read/write every managed object in Agent to manage and monitor the device.
MIB store information in a tree structure, its root is on the top, without name. Nodes of the
tree are the managed objects, which take a uniquely path starting from root (OID) for
identification. SNMP packets can access network devices by checking the nodes in MIB tree
directory.
The RAX711-C supports standard MIB and Raisecom customized MIB.
234
Raisecom
12.1.3 E1 NMS channel

The E1 NMS channel transmits NMS information through the Sa4 bit and Sa5 bit of TS0 or
an independent timeslot in E1 frames, so it is called Sa bit NMS or independent timeslot NMS.
The CO device manages remote devices through the E1 NMS channel.
12.1.4 Optical module DDM

Small Form-factor Pluggables (SFP) is an optical module in optical module transceivers. The
SFP Digital Diagnostic Monitoring (DDM) provides a method for monitoring performance.
By analyzing monitored data provided by the SFP module, the administrator can predict the
lifetime of the SFP module, isolate system faults, as well as verify the compatibility of the
SFP module.
The SFP module offers 5 performance parameters:
 Temperature for the transceiver
 Internal Power Feeding Voltage (PFV)
 Tx bias current
 Tx optical power
 Rx optical power
12.1.5 System log

The system log means that the device records system information and debugging information
in a log and sends the log to the specified destination. When the device fails to work, you can
check and locate the fault easily.
The module can classify and manage all system logs and then send them to different
destination ends to provide powerful support for the administrator and developer for
diagnosing network faults.
The system information and some scheduling output will be sent to the system log to deal
with. According to the configuration, the system will send the log to various destinations. The
destinations that receive the system log are divided into:
 Console: send the log message to the local console through Console interface.
 Host: send the log message to the host.
 Monitor: send the log message to the monitor.
 Flash: send the log file to the Flash of the device.
Generally, the system log is in a format of timestamp module-level- Message content.
An instance of the system log is as below:
FEB-22-2005 14:27:33 CONFIG-7-CONFIG:USER "raisecom" Run "logging on"

FEB-22-2005 06:46:20 CONFIG-6-LINK_D:port 2 Link Down
FEB-22-2005 06:45:56 CONFIG-6-LINK_U:port 2 Link UP

235
Raisecom
12.1.6 Alarm management

An alarm refers to information generated by the system based on module failures when a fault
is generated on the RAX711-C or some working condition changes.
The alarm is used to report some urgent and important events and notify them to the network
administrator promptly, which provides strong support for monitoring device operation and
diagnosing faults.
The alarm is stored in the alarm buffer. Meanwhile, the alarm is generated to log information.
If the NView NNM system is configured, the alarm will be sent to it through SNMP. The
information sent to the NView NNM system is called Trap.
Classification of alarms
There are 3 kinds of alarms according to properties of an alarm:
 Fault alarm: alarms generated because of hardware failure or anomaly of important
functions, such as port Down alarm
 Recovery alarm: alarms generated when device failure or abnormal function returns to
normal, such as port Up alarm;
 Event alarm: prompted alarms or alarms that are generated because the fault alarm and
recovery alarm cannot be related, such as alarms generated because of failing to Ping.
Alarms are divided into 5 types according to functions:
 Communication alarm: alarms related to the processing of information transmission,
including alarms generated because of communication failure between Network
Elements (NEs), NEs and NMS, or NMS and NMS
 Service quality alarm: alarms caused by service quality degradation, including
congestion, performance decline, high resource utilization rate, and the bandwidth
reducing
 Processing error alarm: alarms caused by software or processing errors, including
software errors, memory overflow, version mismatching, and abnormal program aborts
 Environmental alarm: alarms caused by equipment location-related problems, including
the temperature, humidity, ventilation. and other abnormal working conditions
 Device alarm: alarms caused by failure of physical resources, including the power supply,
fan, processor, clock, input/output interface, and other hardware.
Alarm output
There are 3 alarm output modes:
 Alarm buffer: alarms are recorded in tabular form, including the current alarm table and
history alarm table.
− Current alarm table: records alarms which are not cleared, acknowledged or restored.
− History alarm table: consists of acknowledged and restored alarms, recording the
cleared, auto-restored, or manually acknowledged alarms.
 Log: alarms are generated to system log when recorded in the alarm buffer, and stored in
the alarm log buffer.
 Trap: alarms sent to the NView NNM system when the NView NNM system is
configured

236
Raisecom
Alarms will be broadcasted according to various terminals configured on the RAX711-C,

including CLI terminal and NView NNM system.
Log output of alarms starts with the symbol "#", and the output format is:
#Index TimeStamp HostName ModuleName/Severity/name:Arise From Description
Table 12-2 describes alarm fields.
Table 12-2 Alarm fields

Field Description
Index Alarm index
TimeStamp Time when an alarm is generated
ModuleName Name of a module that generates an alarm
Severity Alarm level
Name Alarm name
Arise From Description Descriptions about an alarm
Alarm levels
The alarm level is used to identify the severity degree of an alarm. The level is defined in
Table 12-3.
Table 12-3 Alarm levels

Level Description Syslog
Critical (3) This alarm has affected system services and requires 1 (Alert)
immediate troubleshooting. Restore the device or
source immediately if they are completely unavailable,
even it is not during working time.
Major (4) This alarm has affected the service quality and requires 2 (Critical)
immediate troubleshooting. Restore the device or
source service quality if they decline; or take measures
immediately during working hours to restore all
performances.
Minor (5) This alarm has not influenced the existing service yet, 3 (Error)
which needs further observation and take measures at
appropriate time so as to avoid more serious fault.
Warning (6) This alarm will not affect the current service, but 4
maybe the potential error will affect the service, so it (Warning)
can be considered as needing to take measures.

237
Raisecom
Level Description Syslog

Indeterminate (2) Uncertain alarm level, usually the event alarm. 5 (Notice)
Cleared (1) This alarm shows to clear one or more reported alarms. 5 (Notice)
Related concepts
Related concepts about alarm management are displayed as below:
 Alarm inhibition
The RAX711-C only records root-cause alarms but incidental alarms when enabling alarm
inhibition. For example, the generation of alarm A will inevitably produce alarm B, then
alarm B is inhibited and does not appear in the alarm buffer or record the log information
when enabling alarm inhibition. By enabling alarm inhibition, the RAX711-C can effectively
reduce the number of alarms.
The root-cause alarm and all other incidental alarms will be recorded on the RAX711-C when
alarm inhibition is disabled.
 Alarm auto-report
Auto-report refers that an alarm will be reported to the NView NNM system automatically
with its generation and the NView NNM system does not need to query or synchronize alarms
actively.
You can configure auto-report to some alarm, some alarm source, or the specified alarm from
specified alarm source.
The alarm source refers to an entity that generates related alarms, such as interfaces,
devices, or cards.
 Alarm monitoring
Alarm monitoring is used to process alarms generated by modules:
− When alarm monitoring is enabled, the alarm module will receive alarms generated
by modules, and process them according to configurations of the alarm module, such
as recording alarm in the alarm buffer and recording system logs.
− When alarm monitoring is disabled, the alarm module will discard alarms generated
by modules without follow-up treatment. In addition, alarms will not be recorded on
the RAX711-C.
You can perform alarm monitoring on some alarm, alarm source, or specified alarm from
specified alarm source.
 Alarm reverse mode
In real operating environment, there are some reasonable but meaningless alarms. You can use
some mode to hidden these alarms without affecting the system to monitor them. This alarm
processing mode is alarm reverse.

238
Raisecom
Alarm reverse refers to the device will report the information opposite to actual status when
recording alarm information, or report the alarm when there is no alarm information. Not
report if there is alarm information.
Currently, the device is only in support of reverse mode configuration of the interface. There
are three reverse modes to be configured; the specific definitions are as below:
− Non-reverse mode
Device alarm is reported normally.
− Manual reverse mode
Configure the alarm reverse mode of an interface as manual reverse mode, then no matter
what the current alarm state is, the reported alarm state of the interface will be changed
opposite to the actual alarm state immediately, that is to say, not report when there are alarms,
report when there are not alarms actually. The interface will maintain the opposite alarm state
regardless of the alarm state changes before the alarm reverse state being restored to non-
reverse mode.
− Auto-reverse mode
Configure the alarm reverse mode as auto-reverse mode. If the interface has not actual reverse
alarm currently, the configuration will return fail; if the interface has actual reverse alarm, the
configuration is success and enter reverse mode, i.e. the interface reported alarm status is
changed opposite to the actual alarm status immediately. After the alarm is finished, the
enabling state of interface alarm reverse will ends automatically and changes to non-reverse
alarm mode so that the alarm state can be reported normally in next alarm.
 Alarm delay
Alarm delay refers that the RAX711-C will record alarms and report them to the NView
NNM system after a delay but not immediately when alarms generate. Delay for recording
and reporting alarms are identical.
By default, an alarm is reported after 0s it is generated and an alarm is cleared after 0s it is
finished.
 Alarm storage mode
Alarm storage mode refers to how to record new generated alarms when the alarm buffer is
full. There are two ways:
− stop: stop mode, when the alarm buffer is full, new generated alarms will be
discarded without recording.
− loop: loop mode, when the alarm buffer is full, the new generated alarms will replace
old alarm information and take rolling records.
The current alarm list can record up to 1000 alarms and the historical alarm table can record
up to 500 alarms. Use the configured storage mode to deal with newly-generated alarms when
the alarm table is full.
 Clearing alarms
Clear the current alarm, which means deleting current alarms from the current alarm table.
The cleared alarms will be saved to the historical alarm table and an all-alarm alarm is
generated.
 Viewing alarms

239
Raisecom
The administrator can view alarms and monitor alarms directly on the RAX711-C. If the
RAX711-C is configured with the NView NNM system, the administrator can monitor alarms
on the NView NNM system.
Hardware monitoring alarms

Hardware monitoring is used to monitor the operating environment of the RAX711-C. The
alarms to be monitored include:
 Power supply dying-gasp alarm
The RAX711-C supports dual power supplies. The power supply dying-gasp alarm is divided
into single power supply dying-gasp alarm and dual power supply dying-gasp alarm.
− Single power supply dying-gasp alarm: inform users that power supply 1/power
supply 2 is powered off. saving to the temperature beyond threshold alarm table,
sending Trap to the NView NNM system, and outputting to the system log.
− Device dying-gasp: 2 power supplies are powered off. Support outputting to system
log only.
 Temperature beyond threshold alarm
The device supports temperature beyond threshold alarm event, when the current temperature
is lower than low temperature threshold, the low temperature alarm event will generate. The
RAX711-C supports saving to the temperature beyond threshold alarm table, sending Trap to
the NView NNM system, and outputting to the system log.
When the device current temperature is higher than high temperature threshold, the high
temperature alarm event will generate. The RAX711-C supports saving to the device
hardware environment monitoring alarm table, sending Trap to the NView NNM system, and
outputting to the system log.
 Voltage beyond threshold alarm
The device supports voltage beyond threshold alarm event, when the current voltage is lower
than low voltage threshold, the low voltage alarm event will generate. The RAX711-C
supports saving to the voltage beyond threshold alarm table, sending Trap to the NView NNM
system, and outputting to the system log.
When current voltage value of the monitored voltage is greater than the threshold, a high
voltage alarm is generated. The RAX711-C supports saving to the voltage beyond threshold
alarm table, sending Trap to the NView NNM system, and outputting to the system log.
The RAX711-C monitors 3.3 V master chip voltage only.

 Interface status anomaly alarm
Each interface has 3 alarm events:
− Interface link-fault alarm: link failure alarm refers to the peer link signal loss. The
alarm event only aims at optical interface, but not electrical interface.
− Interface link-down alarm: interface status Down alarm.
The RAX711-C supports saving alarms to the hardware environment monitoring alarm table,
sending Trap to the NView NNM system, and outputting to the system log.

240
Raisecom
12.1.7 CPU monitoring

The RAX711-C supports CPU monitoring, which is used to monitor task status, CPU
utilization rate, and stack usage in real time, helping the administrator locate the fault quickly.
CPU monitoring can provide the following functions:
 Viewing CPU utilization
– View CPU hold time and utilization rate of all tasks in each period (5 seconds, 1
minute, 10 minutes, or 2 hours). The total CPU utilization rate within each period can
be displayed statically or dynamically.
– View the operating status of all tasks and the detailed operating status information
about specified tasks.
– View historical CPU utilization rate within each period.
– View the dying gasp task information.
 CPU utilization rate threshold alarm
Within a specified sampling period, the system will generate an alarm and send Trap if CPU
utilization rate is over the configured rising threshold or below the declining threshold. The
Trap provides 5 task IDs and their CPU utilization rates of tasks which have the highest CPU
utilization rate in the latest period (5 seconds, 1 minute, or 10 minutes).
12.1.8 RMON
Remote Network Monitoring (RMON) is a standard developed by the Internet Engineering
Task Force (IETF). RMON is used to monitor network data through different Agents and
NMS. RMON is an extension to SNMP. However, compared with SNMP, ROMN is more
active and efficient for monitoring remote devices.
The administrator can quickly trace faults generated on the network, network segments, or
devices. With RMON, data traffic between the NMS and Agent is reduced greatly. In addition,
RMON helps effectively manage the large-scale network, which makes up for SNMP
restrictions across the increasing distributed network.
At present, RMON implements 4 function groups:
 Statistics group: collect statistic information on each interface, including the number of
received packets and packet size distribution statistics.
 History group: similar with the statistics group, it only gathers statistics in an assigned
detection period.
 Alarm group: monitor an assigned MIB object, configure the upper and lower thresholds
in an assigned time interval, and trigger an event if the monitored object exceeds the
threshold.
 Event group: cooperating with the alarm group, when an alarm triggers an event, it
records the event, such as sending Trap or writing it into the log.
12.1.9 Device monitoring
Temperature monitoring
The RAX711-C support monitoring the temperature and can be configured with the high
temperature alarm threshold and low temperature alarm threshold.

241
Raisecom
Fan monitoring
The RAX711-C supports fan monitoring, which is used to monitor the rotational speed and
temperature of the fan. When the rotational speed and temperature of the fan are abnormal, an
alarm is generated and Trap messages are sent.
The RAX711-C monitors the fan in two modes:
 Forced monitoring: the rotational speed of the fan is fixed.
 Automatic monitoring: the rotational speed of the fan is automatically adjusted according
to temperature change.
In automatic monitoring mode, the rotational speed is classified into 4 levels. Each level
corresponds to a group of temperature range. The RAX711-C automatically adjusts the
rotational speed of the fan according to temperature change.
12.1.10 Loopback
As shown in Figure 12-3, interface loopback test (Loopback) is a common method for
checking interface and network problems. Return the packets, which meet rules and related
parameters defined by users, to the RAX711-C B through Client 1 of RAX711-C A. By
counting packets transmitted and received by an interface, RAX711-C B can detect the
network connectivity.
Figure 12-3 Interface loopback
Ingress packets and egress packets

As shown Figure 12-3, ingress packets and egress packets are defined as below:
 Ingress packets: test packets received by Client interface 1
 Egress packets: test packets returned to the peer device through Client interface 1
Loopback parameters
Loopback parameters include the source MAC address, destination MAC address, source IP
address, destination IP address, SVLAN ID, and CVLAN ID. When you configure a loopback
parameter and enable loopback of the related rule, packets, which meet the parameter, will be
used for loopback.

242
Raisecom
Loopback hold time

The loopback hold time ranges from 0 to 30 minutes. When the hold time expires, loopback
of some rule will be automatically disabled on the interface. When the hold time is configured
to 0 minute, loopback will be performed continuously until being disabled manually.
Swap of unicast source MAC address

Swap of unicast source MAC address refers to swapping the source MAC address of egress
packets to the local MAC addresses of RAX711-C A or destination MAC address of ingress
packets. Only unicast packets support source MAC address translation. For multicast and
broadcast packets, their MAC addresses are the local MAC address of the RAX711-C A.
Swap of multicast destination MAC address

Swap of multicast destination MAC address refers to swapping destination MAC addresses of
egress packets to the MAC address of RAX711-C B. Namely, after loopback, multicast and
broadcast packets are changed to unicast packets. If destination MAC address translation is
disabled, destination MAC address of egress packets are the multicast and broadcast MAC
addresses of original packets.
Swap of multicast destination IP address

 For multicast IP packets, when swap of the destination IP address is enabled, the
destination IP address of egress packets are swap from the original multicast IP address
to the source IP address of ingress packets. Namely. The multicast packets are changed
to unicast packets to return to the peer. When destination IP address translation is
disabled, the destination IP address of egress packets are the original multicast IP address.
 For broadcast IP packets, the destination IP address is swapped to the source IP address
of the ingress packets regardless of whether swap of the destination IP address is enabled
or not.
 The source IP address of all egress packets is always swapped to the configured local IP
address. By default, the local IP address of the RAX711-C is configured to 127.0.0.1.
12.1.11 Fault detection
Ping
Ping derives from the sonar location operation, which is used to detect whether the network is
normally connected. Ping is achieved with ICMP echo packets. If an Echo Reply packet is
sent back to the source address during a valid period after the Echo Request packet is sent to
the destination address, it indicates that the route between source and destination address is
reachable. If no Echo Reply packet is received during a valid period and timeout information
is displayed on the sender, it indicates that the route between source and destination addresses
is unreachable.
Figure 12-4 shows the principles of Ping.

243
Raisecom
Figure 12-4 Principles of Ping
Traceroute
Just as Ping, Traceroute is a commonly-used maintenance method in network management.
Traceroute is often used to test the network nodes of packets from sender to destination,
detect whether the network connection is reachable, and analyze network fault
The following shows how Traceroute works:
 First, send a piece of TTL1 sniffer packet (where the UDP port number of the packet is
unavailable to any application programs in destination side).
 TTL deducts 1 when reaching the first hop. Because the TTL value is 0, in the first hop
the device returns an ICMP timeout packet, indicating that this packet cannot be sent.
 The sending host adds 1 to TTL and resends this packet.
 Because the TTL value is reduced to 0 in the second hop, the device will return an ICMP
timeout packet, indicating that this packet cannot be sent.
The above steps continue until the packet reaches the destination host, which will not return
ICMP timeout packets. Because the port number of destination host is not be used, the
destination host will send the port unreachable packet and finish the test. Thus, the sending
host can record the source address of each ICMP TTL timeout packet and analyze the path to
the destination according to the response packet.
Figure 12-5 shows the principle of Traceroute.
Figure 12-5 Principle of Traceroute

244
Raisecom
12.2 Configuring LLDP

Scenario
When you obtain connection information between devices through the NView NNM system
for topology discovery, you need to enable LLDP on the RAX711-C. Therefore, the RAX711-
C can notify its information to the neighbours mutually, and store neighbour information to
facilitate the NView NNM system querying information.
Prerequisite
N/A
12.2.2 Enabling global LLDP
After global LLDP is disabled, you cannot re-enable it immediately. Global LLDP
cannot be enabled unless the restart timer times out.
2 Raisecom(config)#lldp enable Enable global LLDP.
By default, global LLDP is disabled.
12.2.3 Enabling interface LLDP

3 Raisecom(config-port)#lldp enable Enable interface LLDP.
By default, interface LLDP is enabled.
4 Raisecom(config-port)#lldp dest- Configure the destination MAC address of LLDP
address mac-address packets sent by the interface.
By default, it is 0180.c200.000e.

245
Raisecom
12.2.4 Configuring basic functions of LLDP
We recommend configuring the LLDP delivery period in advance. The delivery period
and delivery delay are interact on each other. The delivery delay must be smaller
than or equal to 1/4 of the delivery period. Otherwise, the configuration will fail.
2 Raisecom(config)#lldp (Optional) configure the period timer of the LLDP packet.
message-transmission
interval second By default, it is 30s.
3 Raisecom(config)#lldp (Optional) configure the delay timer of the LLDP packet.
message-transmission delay
second By default, it is 2s.
4 Raisecom(config)#lldp (Optional) configure the aging coefficient of the LLDP packet.
message-transmission hold-
multiplier coefficient
5 Raisecom(config)#lldp (Optional) configure the restart timer. After global LLDP is
restart-delay second disabled, it cannot be enabled unless the restart timer times out.
12.2.5 Configuring LLDP alarm

When the network changes, you need to enable LLDP Trap to send topology update Trap to
the NView NNM system immediately.

2 Raisecom(config)#lldp trap- (Optional) configure the interval for sending LLDP Traps.
interval second
After enabled with LLDP Trap, the RAX711-C will send Traps after detecting aged
neighbours, newly-added neighbours, and changed neighbour information.

1 Raisecom#show lldp local config Show LLDP local configurations.
2 Raisecom#show lldp local system-data Show information about the LLDP
[ interface-type interface-number ] local system.

246
Raisecom

3 Raisecom#show lldp remote [ interface-type Show information about LLDP
interface-number ] [ detail ] neighbors.
4 Raisecom#show lldp statistic [ interface-type Show statistics on LLDP packets.
interface-number ]
12.3 Configuring SNMP

Scenario
When you need to log in to the RAX711-C through the NView NNM system, you should
configure basic SNMP functions on the RAX711-C.
Prerequisite
 Configure the IP address of the SNMP interface.
 Configure static routing, making the route between the RAX711-C and the NView NNM
system reachable.
12.3.2 Configuring basic functions of SNMP

Configure basic functions of SNMPv3 for the RAX711-C as below.

2 Raisecom(config)#snmp-server access Create and configure the SNMP access group.
group-name [ read view-name ] [write
view-name ] [notify view-name ][ context
context-name { exact | prefix } ] usm
{ noauthnopriv | authnopriv | authpriv }
3 Raisecom(config)#snmp-server group name (Optional) configure the mapping between
user user usm users and access groups.
4 Raisecom(config)#snmp-server contact (Optional) configure the identifier and contact
syscontact mode of the administrator.
5 Raisecom(config)#snmp-server host ip- Configure the address of SNMP target host.
address version 3 { noauthnopriv |
authnopriv | authpriv } user-name
[ udpport udpport ]
6 Raisecom(config)#snmp-server location (Optional) specify the physical location of the
sysLocation RAX711-C.

247
Raisecom

7 Raisecom(config)#snmp-server user user- Create the user name and configure the
name [ remote engine-id ] authentication authentication mode.
{ md5 | sha } password [ privacy
privacy ]
8 Raisecom(config)#snmp-server view view- Configure the SNMP view.
name oid-tree [ mask ] { included |
excluded }
9 Raisecom(config)#snmp-server lldp-trap Enable Trap. Use the snmp-server lldp-trap
enable disable command to disable Trap.
Configure basic functions of SNMPv1/v2c for the RAX711-C as below.

2 Raisecom(config)#snmp-server community
name [ view view ] { ro | rw } Create the community name and configure the
related view and authority.
3 Raisecom(config)#snmp-server contact
contact (Optional) configure the identifier and contact
mode of the administrator.
4 Raisecom(config)#snmp-server host ip-

address version { 1 | 2c } community- Configure the address of SNMP target host.
string [ udpport port-id ]
5 Raisecom(config)#snmp-server location
location (Optional) specify the physical location of the
RAX711-C.
12.3.3 Configuring Trap
Trap configurations on SNMPv1, v2c, and v3 are identical except for Trap target host
configurations. Please configure Trap as required.
Trap means refers to unrequested information sent to the NView NNM system automatically,
which is used to report some critical events.
Before configuring Trap, you need to perform the following configurations:
 Configure basic functions of SNMP. For SNMPv3, you need to configure the user name
and SNMP view.
 Configure a routing protocol, making the route between the RAX711-C and the NView
NNM system reachable.

248
Raisecom

2 Raisecom(config)#interface interface- Enter SNMP interface configuration mode.
3 Raisecom(config-port)#ip address snmp
1
Configure the IP address of the SNMP interface on
the RAX711-C.
4 Raisecom(config-port)#exit Exit SNMP interface configuration mode and enter

global configuration mode.
5 Raisecom(config)#snmp-server host ip-
address version 3 { noauthnopriv | (Optional) configure SNMPv3-based Trap target
authnopriv | authpriv } name
host.
[ udpport udpport ]
6 Raisecom(config)#snmp-serverhost ip-
(Optional) configure SNMPv1-/SNMPv2c-based Trap
address version { 1 | 2c } name
target host.
[udpport udpport ]
7 Raisecom(config)#snmp-server enable
traps
Enable SNMP to send Trap.

1 Raisecom#show snmp access Show configurations of the SNMP access group.
2 Raisecom#show snmp community Show configurations of the SNMP community.
3 Raisecom#show snmp config Show basic configurations of SNMP.
4 Raisecom#show snmp group Show the mapping between SNMP users and the access
group.
5 Raisecom#show snmp host Show information about the Trap target host.
6 Raisecom#show snmp statistics Show SNMP statistics.
7 Raisecom#show snmp user Show information about SNMP users.
8 Raisecom#show snmp view Show information about SNMP views.
9 Raisecom#show snmp trap remote Show the enabling status of Trap on the remote device.

249
Raisecom
12.4 Configuring optical module DDM

Scenario
Optical module DDM provides a method for monitoring SFP performance parameters. By
analyzing monitored data provided by the optical module, the administrator can predict the
SFP module lifetime, isolate system faults, as well as verify the compatibility of the optical
module.
Prerequisite
N/A
12.4.2 Enabling optical module DDM

2 Raisecom(config)#transceiver ddm Enable optical module DDM.
enable
By default, optical module DDM is disabled.
3 Raisecom(config)#transceiver ddm Configure the polling interval for optical module DDM.
poll_interval interval
4 Raisecom(config)#snmp-server trap Enable optical module DDM Trap on interfaces.
transceiver enable

1 Raisecom#show transceiver [interface-type Show historical information about optical
interface-number history { 15m | 24h } ] module DDM.
2 Raisecom#show transceiver ddm interface-type Show optical module DDM information.
interface-list [ detail ]
3 Raisecom#show transceiver ddm poll_interval Show the polling interval for optical
module DDM.
4 Raisecom#show transceiver information Show information about optical module
interface-type interface-number DDM.
5 Raisecom#show transceiver threshold- Show violation information about optical
violations interface-type interface-number module parameters.

250
Raisecom
12.5 Configuring system log

Scenario
The RAX711-C generates critical information, debugging information, or error information
about the system to system logs and outputs the system logs to log files or transmits them to
the host, Console interface, or monitor for viewing and locating faults.
Prerequisite
N/A
12.5.2 Configuring basic information about system log

2 Raisecom(config)#logging on (Optional) Enable system log.
By default, system log is enabled.
3 Raisecom(config)#logging time- (Optional) configure the timestamp of system log.
stamp { debug | log }
{ datetime | none | Uptime } The optional parameter debug is used to assign debug-level
(7) system log timestamp. By default, this system log does
not have timestamp
The optional parameter log is used to assign levels 0–6
system log timestamp. By default, these system logs adopt
date-time as timestamp.
4 Raisecom(config)#logging rate- (Optional) configure the transport rate of system log.
limit rate
By default, no transport rate is configured.
5 Raisecom(config)#logging (Optional) configure the discriminator of the system log.
discriminator distriminator-
number { facility | mnemonics |
msg-body } { drops | includes }
key
Raisecom(config)#logging
discriminator distriminator-
number { facility | mnemonics |
msg-body } none
6 Raisecom(config)#logging buginf (Optional) send Level 7 (debugging) debugging log.
[ high | normal | low | none ]
7 Raisecom(config)#logging (Optional) enable the sequence number field of the log.
sequence-number You can use the no form of this command to disable the
sequence number field of the log.
8 Raisecom(config)#logging time- (Optional) configure the timestamp for logs.
stamp { debug | log }
{ datetime | uptime | none }

251
Raisecom
12.5.3 Configuring output destination of system logs

2 Raisecom(config)#logging console [ log-level | (Optional) output system logs to
alerts | critical | debugging | discriminator | the Console interface.
emergencies | errors | informational |
notifications | warnings ]
3 Raisecom(config)#logging host ip-address[ log- (Optional) output system logs to
level | alerts | critical | debugging | the log host.
discriminator discriminator-number | emergencies |
errors | informational | notifications |
warnings ]
4 Raisecom(config)#logging monitor[ log-level | (Optional) output system logs to
alerts | critical | debugging | emergencies | the monitor.
warnings ]
5 Raisecom(config)#logging buffered [ log-level | (Optional) output system logs to
alerts | critical | debugging | emergencies | the log buffer.
warnings ]
6 Raisecom(config)#logging buffered size size (Optional) configure the log buffer
size.
7 Raisecom(config)#logging history (Optional) output system logs to
the log history table.
8 Raisecom(config)#logging history size size Configure the log history table size.

1 Raisecom#show logging Show configurations of system logs.
12.6 Configuring alarm management

Scenario
When the RAX711-C fails, the alarm management module will collect the fault information
and output the alarm in a log. The alarm information includes the time when the alarm is
generated, the name and descriptions of the alarm. It helps you quickly locate the fault.

252
Raisecom
If the RAX711-C is installed with the NView NNM system, the alarm is reported to the
NView NNM system. The NView NNM system gives the reasons and suggestions to help you
deal with the problem in time.
With alarm management, you can directly perform following operations on the RAX711-C:
alarm inhibition, alarm auto-report, alarm monitoring, alarm inverse, alarm delay, alarm
storage mode, alarm clearing, and alarm viewing.
Prerequisite
After hardware monitoring is configured on the RAX711-C,
 When alarms are output in Syslog form, alarms are generated to the system log. When
needing to send alarms to the log host, you need to configure the IP address of the log
host on the RAX711-C.
 When needing to send alarms to the NView NNM system in a Trap form, you need to
configure the IP address of the NView NNM system on the RAX711-C.
12.6.2 Configuring basic functions of alarm management

2 Raisecom(config)#alarm Enter alarm configuration mode.
3 Raisecom(config-alarm)#alarm inhibit (Optional) enable alarm inhibition.
enable
By default, alarm inhibition is enabled.
4 Raisecom(config-alarm)#alarm auto-report (Optional) enable alarm auto-report of all
{ enable | disable } index index alarms.
5 Raisecom(config-alarm)#alarm monitor (Optional) enable alarm monitoring.
{ enable | disable } index index
6 Raisecom(config-alarm)#alarm inverse (Optional) configure alarm inverse.
{ enable | disable } interface-type
interface-number By default, it is enabled.
7 Raisecom(config-alarm)#alarm { active | (Optional) configure the delay for generating
clear } delay second an alarm and the delay for clearing an alarm.
By default, both of them are 0s.
8 Raisecom(config-alarm)#alarm active (Optional) configure the alarm storage mode.
storage-mode { loop | stop }
By default, the alarm storage mode is
configured to stop.
9 Raisecom(config-alarm)#alarm clear all (Optional) clear all current alarms.
Raisecom(config-alarm)#alarm clear index (Optional) clear alarms with the specified
index alarm index.
For modules, which support the alarm feature, can be enabled/disabled with alarm
monitoring, alarm auto-report, and alarm clearing.
253
Raisecom
12.6.3 Configuring Layer 3 power failure or fiber breakage alarms

2 Raisecom(config)#power-down trap enable Enable Layer 3 power failure alarm.

1 Raisecom#show alarm { auto- Show current alarm parameters.
report | inverse | monitor }
config
Alarm parameters displayed by this command include alarm
inhibition, alarm inverse mode, alarm delay, alarm storage
mode, alarm buffer size, and alarm log size.
2 Raisecom#show alarm cleared Show cleared alarms.
3 Raisecom#show power-down Show configurations of Layer 3 power failure alarm.
12.7 Configuring memory monitoring

Scenario
This feature enables you to monitor the memory utilization of the system in real time and
configure memory utilization crossing threshold alarms, thus facilitating you to locate and
clear faults in time or assist NMS personnel to locate faulty.
Prerequisite
To output memory utilization alarms as Trap, you must configure the IP address of the target
server for outputting Trap, namely, the IP address of the NMS server.
12.7.2 Configuring memory monitoring

2 Raisecom(config)#memory Configure the alarm threshold for memory utilization.
threshold recovering
recovering-threshold rising By default, the recovering alarm threshold for memory
rising-threshold utilization is 75, namely, 75%; the rising alarm threshold for
memory utilization is 95, namely, 95%.

254
Raisecom

3 Raisecom(config)#memory Configure the interval for sampling the memory.
interval value

1 Raisecom#show memory [ management | module Show memory statistics.
{ value | bufferpool | diff } | overflow ]
12.8 Configuring CPU monitoring

Scenario
CPU monitoring is used to monitor task status, CPU utilization rate, and stack usage in real
time. It provides CPU utilization threshold alarm to facilitate discovering and eliminating a
hidden danger, helping the administrator locate the fault quickly.
Prerequisite
To output CPU monitoring alarms in a Trap form. You need to configure the IP address of
Trap target host on the RAX711-C, that is, the IP address of the NView NNM system.
12.8.2 Viewing CPU monitoring information

1 Raisecom#show cpu-utilization [ dynamic | history Show CPU utilization rate.
{ 10min | 1min | 2hour | 5sec } ]
2 Raisecom#show process [ dead | sorted { priority Show task status.
| name } | taskname ]
3 Raisecom#show process cpu [ sorted [ 10min | 1min Show CPU utilization rate of all
| 5sec | invoked ] ] tasks.
12.8.3 Configuring CPU monitoring alarm


255
Raisecom

2 Raisecom(config)#cpu (Optional) configure the rising threshold and recovering threshold of
threshold recovering CPU alarm.
recovering-threshold
rising rising- By default, they are 99 and 79 respectively, namely, 99% and 79%
threshold respectively.
3 Raisecom(config)#cpu (Optional) configure the interval for sampling the CPU.
interval value
12.8.4 Checking configruations

1 Raisecom#show cpu-utilization Show CPU utilization and related configurations.
2 Raisecom#show process [ dead | pid Show status of each process.
pid-value | sorted { priority |
name } | taskname ]
3 Raisecom#show process cpu [ sorted Show CPU utilization of each task.
[ 10mins | 1min | 5secs | invoked ] ]
12.9 Configuring RMON

Scenario
RMON helps monitor and count network traffics.
Compared with SNMP, RMON is a more efficient monitoring method. After you specifying
the alarm threshold, the RAX711-C actively sends alarms when the threshold is exceeded
without gaining variable information. This helps reduce the traffic of managing and managed
devices and facilitates managing the network.
Prerequisite
The route between the RAX711-C and the NView NNM system is reachable.
12.9.2 Configuring RMON statistics


256
Raisecom

3 Raisecom(config-port)#rmon Enable RMON statistics on an interface.
statistics [ owner owner-name ]
By default, RMON statistics is enabled on all
interfaces, and the owner is monitoretherstats.
12.9.3 Configuring RMON historical statistics

2 Raisecom(config)#interface interface-type Enter physical layer interface
interface-number configuration mode.
3 Raisecom(config-port)#rmon history Enable RMON historical group.
[ shortinterval short-period ] [ longinterval
long-period ] [ buckets buckets-number ] By default, RMON historical group is
[ owner owner-name ] disabled on all interfaces, shortinterval is
30s, longinterval is 1800s, buckets is 10,
and string is monitorHistory.

1 Raisecom#show rmon [ alarms | Show RMON configurations.
events ]
2 Raisecom#show rmon history Show historic information about RMON.
interface-type interface-list
3 Raisecom#show rmon statistics Show statistical information about RMON.
[ interface-type interface-list ]
12.10 Configuring fan monitoring

12.10.1 Configuring fan monitoring
When the RAX711-C is installed in a hot environment, the overhigh temperature will affect
heat dissipation performance of the RAX711-C. Therefore, you need to configure fan
monitoring, which is used to automatically adjust the rotational speed of the fan based on
environment temperature and help the RAX711-C work properly.


257
Raisecom

2 Raisecom(config)#fan- Configure the working mode of the fan.
monitor mode { auto |
enforce } By default, it is auto.
3 Raisecom(config)#fan (Optional) configure the rotational speed in forced monitoring
enforce level level mode.
4 Raisecom(config)#fan- (Optional) configure the temperature scale.
monitor temperature-scale
value-1 value-2 value-3 By default, it is 0°C for level 1, 35°C for level 2, 45°C for level
3, and 55°C for level 4.
5 Raisecom(config)#fan- Enable fan monitoring Trap.
monitor trap send enable

1 Raisecom#show fan-monitor Show configurations and status of fan monitoring.
{ information | status }
12.11 Configuring loopback

Scenario
The network maintenance engineers can detect and analyze interface and network faults
through interface loopback.
Ingress packets and egress packets are defined as below:
 Ingress packets: test packets received by an interface
 Egress packets: test packets returned to the peer device through an interface
Prerequisite
When the current interface is in Forwarding status, packets entering the interface can be
properly forwarded or transmitted to the CPU.
12.11.2 Configuring interface loopback


258
Raisecom

interface-number
3 Raisecom(config-port)#loopback { external Enable interface loopback.
| internal } [ access-list acl-number ]
in-service { enable | disable }
4 Raisecom(config-port)#loopback { external Configure the loopback direction of the
| internal } interface.
5 Raisecom(config-port)#loopback { external Configure the interface loopback rule based
| internal } access-list acl-number [ swap on ACL.
sip source-ip-address ] [ swap smac
source-mac-address ] [ swap dip-disable ]
[ swap dmac-disable ] [ swap udp-dport-
disable ]
6 Raisecom(config-port)#loopback { external Configure the interface loopback rule based
| internal } rc-sam { l2 | l3 } on RCSAM Layer 2 or Layer 3 packet.
7 Raisecom(config-port)#loopback statistic Enable statistics on loopback packets.
{ enable | disable }
8 Raisecom(config-port)#loopback timeout Configure the loopback interface.
minute
By default, it is 0; namely, the loopback is
permanent.

1 Raisecom#show loopback [ interface-type Show configurations of interface loopback.
interface-number ]
12.12 Configuring fault detection

12.12.1 Configuring task scheduling
When you need to use some commands to perform periodical maintenance on the RAX711-C,
you can configure task scheduling. The RAX711-C supports achieving task scheduling
through the schedule list and CLI. You can use commands to perform periodical operation just
by specifying the begin time, period, and end time of a specified task in the schedule list and
bind the schedule list to the CLI.

1 Raisecom#config Enter global
configuration mode.
2 Raisecom(config)#schedule-list list-number start date-time Create and configure
mm-dd-yyyy hh:mm:ss

259
Raisecom

Raisecom(config)#schedule-list list-number start date-time the schedule list.
mm-dd-yyyy hh:mm:ss every { day | week } stop mm-dd-yyyy
hh:mm:ss
Raisecom(config)#schedule-list list-number start date-time
mm-dd-yyyy hh:mm:ss every days-interval time-interval [ stop
mm-dd-yyyy hh:mm:ss ]
Raisecom(config)#schedule-list list-number start Up–time
days-after-startup hh:mm:ss
Raisecom(config)#schedule-list list-number start Up–time
days-after-startup hh:mm:ss every days-interval time-interval
[ stop days-after-startup hh:mm:ss ]
3 Raisecom#show schedule-list Show schedule list
configurations.
12.12.2 Ping
1 Raisecom#ping [ vrf vpn-instance-name ] ip- (Optional) use the ping command to test
address [ count count ] [ size size ] IPv4 network connectivity.
[ source ip-address ] [ waittime second ]
2 Raisecom#ping ipv6 ipv6-address [ count (Optional) use the ping command to test
count ] [ size size ] [ waittime second ] IPv6 network connectivity.
The RAX711-C cannot perform other operations in the process of Ping. It can
perform other operations only when Ping is finished or Ping is broken off by pressing
Ctrl+C.
12.12.3 Traceroute
Before using Traceroute, you should configure the IP address and default gateway of the
RAX711-C.

3 Raisecom(config-port)#ip address Configure the IP address of the interface.
ip-address [ ip-mask ] vlan-id
4 Raisecom(config-port)#exit Exit interface configuration mode and enter global
configuration mode.
5 Raisecom(config)#ip default- Configure the default gateway.
gateway ip-address

260
Raisecom

6 Raisecom(config)#exit Exit global configuration mode and enter privileged
EXEC configuration mode.
7 Raisecom#traceroute { [ vrf vpn- (Optional) use the traceroute command to test network
instance-name ] ip-address | ipv6 connectivity and show nodes passed by the packet.
ipv6-address } [ firstttl first-
ttl ] [ maxttl max-ttl ] [ port By default, the initial TTL is 1; the maximum TTL is
port-number ] [ waittime second ] 30; the interface ID is 33433; the timeout is 3s; the
[ count times ] [ size size ] number of detection packets is 3.
12.13 Maintenance
Command Description
Raisecom(config)#clear filter statistics Clear filter statistics.

interface interface-type interface-number
Raisecom(config)#clear lldp global statistic Clear LLDP global statistics.
Raisecom(config)#clear lldp statistic Clear LLDP statistics on the specified

[ interface-type interface-number ] interface.
Raisecom(config)#clear lldp remote-table Clear information about LLDP neighbors on

[ interface-type interface-number ] the specified interface.
Raisecom(config)#clear mac-address { all | Clear MAC addresses in the MAC address

dynamic | static } [ interface-type interface- table.
number ]
Raisecom(config)#clear logging buffer Clear contents in the buffer.

Raisecom(config)#clear logging statistics Clear log statistics.

12.14.1 Examples for configuring LLDP basic functions
As shown in Figure 12-6, RAX711-C A and RAX711-C B are connected to the NView NNM
system. Enable LLDP on links between RAX711-C A and RAX711-C B. And then you can
query the Layer 2 link changes through the NView NNM system.

261
Raisecom
Figure 12-6 Configuring LLDP basic functions
Configuration steps
Step 1 Configure the management IP address.
Configure RAX711-C A.

Raisecom(config-client1)#switchport access vlan 1024
Raisecom(config-line1)#switchport access vlan 1024
Raisecom(config-line1)##ip address 10.10.10.1
Raisecom(config-line1)#exit
Configure RAX711-C B.

Raisecom(config-port)#switchport access vlan 1024
Raisecom(config-line1)#switchport access vlan 1024
Raisecom(config-line1)#ip address 10.10.10.2
Raisecom(config-line1)#exit
Step 2 Configure LLDP properties.

Configure RAX711-C A.

262
Raisecom
Raisecom(config)#lldp enable
Raisecom(config)#lldp message-transmission interval 60
Raisecom(config)#lldp message-transmission delay 9
Raisecom(config)#lldp trap-interval 10
Configure RAX711-C B.
Raisecom(config)#lldp enable
Raisecom(config)#lldp message-transmission interval 60
Raisecom(config)#lldp message-transmission delay 9
Raisecom(config)#lldp trap-interval 10
Checking results
Use the show lldp local config command to show local configurations. Take RAX711-C A
for example.
Raisecom#show lldp local config

System configuration:
------------------------------------------------------------------
LLDP enable status: enable (default is disabled)
LldpMsgTxInterval: 60 (default is 30s)
LldpMsgTxHoldMultiplier: 4 (default is 4)
LldpReinitDelay: 2 (default is 2s)
LldpTxDelay: 9 (default is 2s)
LldpNotificationInterval: 10 (default is 5s)
LldpNotificationEnable: enable (default is enabled)
------------------------------------------------------------------
Port Status
--------------------------------------------------------
PC1 enable
PC2 enable
line1 enable
line2 enable
line3 enable
line4 enable
client1 enable
client2 enable
client3 enable
client4 enable
client5 enable
client6 enable
client7 enable
client8 enable
client9 enable
client10 enable
client11 enable
client12 enable

263
Raisecom
Use the show lldp remote command to show neighbour information.

On RAX711-C A:
Raisecom#show lldp remote

Port ChassisId PortId SysName MgtAddress ExpiredTime
-------------------------------------------------------------------------
interface 1000E.5E02.B010 client1 RAXB10.10.10.2 106
On RAX711-C B:
Raisecom#show lldp remote

Port ChassisId PortId SysName MgtAddress ExpiredTime
-------------------------------------------------------------------------
interface 1000E.5E12.F120 client1 RAXA10.10.10.1 106
12.14.2 Examples for outputting system logs to log host
As shown in Figure 12-7, configure system log to output system logs of the RAX711-C to the
log host, facilitating log viewing at any time.
Figure 12-7 Outputting system logs to log host
Configuration steps
Step 1 Configure the IP address of the SNMP interface on the RAX711-C.
Raisecom#config
Raisecom(config)#interface snmp 1
Raisecom(config-snmp1)#ip address 20.0.0.6 255.0.0.0 1
Raisecom(config-snmp1)#exit
Step 2 Output system logs to the log host.
Raisecom(config)#logging on
Raisecom(config)#logging host 20.0.0.168 warnings

264
Raisecom
Raisecom(config)#logging rate-limit 2
Checking results
Use the show logging command to show system log configurations.
Raisecom#show logging
Syslog logging: enable
Dropped Log messages: 0
Dropped debug messages: 0
Rate-limited: 2 messages per second
Squence number display: disable
Debug level time stamp: none
Log level time stamp: datetime
Log buffer size: 4kB
Debug level: low
Syslog history logging: disable
Syslog history table size:1
Dest Status Level LoggedMsgs DroppedMsgs Discriminator
----------------------------------------------------------------------
buffer disable informational(6) 0 0 0
console enable informational(6) 3 0 0
trap disable warnings(4) 0 0 0
file disable warnings(4) 0 0 0
Log host information:
Max number of log server: 10
Current log server number: 1
Target Address Level Facility Sent Drop Discriminator
-------------------------------------------------------------------------
20.0.0.168 warnings(4) local7 0 0 0
Check whether the log information is displayed on the terminal emulation Graphical User
Interface (GUI) of the PC.
07-01-2014 11:31:28Local0.Debug 20.0.0.6JAN 01 10:22:15 RAX711-C: CONFIG-7-

CONFIG:USER " raisecom " Run " logging on "
07-01-2014 11:27:41Local0.Debug 20.0.0.6JAN 01 10:18:30 RAX711-C: CONFIG-7-
CONFIG:USER " raisecom " Run " ip address 20.0.0.6 255.0.0.0 1 "
07-01-2014 11:27:35Local0.Debug 20.0.0.10 JAN 01 10:18:24 RAX711-C: CONFIG-
7-CONFIG:USER " raisecom " Run " ip address 20.0.0.6 255.0.0.1 1 "
7-CONFIG:USER " raisecom " Run " logging host 20.0.0.168 local0 7 "
7-CONFIG:USER " raisecom " Run " logging on"

265
Raisecom
RAX711-C (A) Configuration Guide 13 Appendix
13 Appendix
This chapter lists terms and abbreviations involved in this document, including the following
sections
 Terms
 Acronyms and abbreviations
13.1 Terms
A
A series of ordered rules composed of permit | deny sentences. These
Access
rules are based on the source MAC address, destination MAC address,
Control List
source IP address, destination IP address, interface ID and so on. The
(ACL)
device decides to receive or refuse the packets based on these rules.
C
A standard defined by IEEE. It defines protocols and practices for OAM
Connectivity
(Operations, Administration, and Maintenance) for paths through 802.1
Fault
bridges and local area networks (LANs). Used to diagnose fault for EVC
Management
(Ethernet Virtual Connection). Cost-effective by fault management
(CFM)
function and improve Ethernet maintenance.
E
Encapsulation A technology used by the layered protocol. When the lower protocol
receives packets from the upper layer, it will map packets to the data of
the lower protocol. The outer layer of the data is encapsulated with the
lower layer overhead to form a lower protocol packet structure. For
example, an IP packet from the IP protocol is mapped to the data of
802.1Q protocol. The outer layer is encapsulated by the 802.1Q frame
header to form a VLAN frame structure.

266
Raisecom
Complying with IEEE 802.3ah protocol, EFM is a link-level Ethernet

Ethernet in OAM technology. It provides the link connectivity detection, link fault
the First Mile monitoring, remote fault notification, and so on. for a link between two
(EFM) directly-connected devices. EFM is mainly used for the Ethernet link on
edges of the network accessed by users.
L
Link A computer networking term which describes using multiple network
Aggregation cables/ports in parallel to increase the link speed beyond the limits of any
one single cable or port, and to increase the redundancy for higher
availability.
M
A term in data communication area. The structure is fixed, with its
Message header defining the destination address and the text as the actual packet.
It can also include information about the termination of packets.
P
In data communication field, packet is the data unit for switching and
transmitting information. In transmission, it will be continuously
encapsulated and decapsulated. The header is used to define the
Packet
destination address and source address. The trailer contains information
indicating the end of the packet. The payload data in between is the
actual packet.
In packet switching network, data is partitioned into multiple data
segments. The data segment is encapsulated by control information, such
as, destination address, to form the switching packet. The switching
Packet
packet is transmitted to the destination in the way of storage-forwarding
switching
in the network. Packet switching is developed based on the storage-
forwarding method and has merits of both circuit switching and packet
switching.
Q
QinQ QinQ is (also called Stacked VLAN or Double VLAN) extended from
802.1Q, defined by IEEE 802.1ad recommendation. Basic QinQ is a
simple layer-2 VPN tunnel technology, encapsulating outer VLAN Tag
for client private packets at carrier access end; the packets take double
VLAN Tag passing through trunk network (public network). In public
network, packets only transmit according to outer VLAN Tag, the private
VLAN Tag are transmitted as data in packets.

267
Raisecom
Virtual Local VLAN is a protocol proposed to solve broadcast and security issues for
Area Ethernet. It divides devices in a LAN into different segments logically
Network rather than physically, thus implementing multiple virtual work groups
(VLAN) which are based on Layer 2 isolation and do not affect each other.
VLAN mapping is mainly used to replace the private VLAN Tag of the
Ethernet service packet with the ISP's VLAN Tag, making the packet
transmitted according to ISP's VLAN forwarding rules. When the packet
VLAN
is sent to the peer private network from the ISP network, the VLAN Tag
mapping
is restored to the original private VLAN Tag according to the same
VLAN forwarding rules. Thus, the packet is sent to the destination
correctly.
13.2 Acronyms and abbreviations

A
ACL Access Control List
APS Automatic Protection Switching
C
CE Customer Edge
CFM Connectivity Fault Management
CoS Class of Service
D
DHD Dual Home Device
DRR Deficit Round Robin
DSCP Differentiated Services Code Point
E
EFM Ethernet in the First Mile
F
FTP File Transfer Protocol
G
GPS Global Positioning System

268
Raisecom
GSM Global System for Mobile Communications
H
HA High Availability
I
ICCP Inter-Chassis Communication Protocol
IEEE Institute of Electrical and Electronics Engineers
IETF Internet Engineering Task Force
IP Internet Protocol
International Telecommunications Union - Telecommunication
ITU-T
Standardization Sector
L
LACP Link Aggregation Control Protocol
LBM LoopBack Message
LBR LoopBack Reply
LLDP Link Layer Discovery Protocol
LLDPDU Link Layer Discovery Protocol Data Unit
LTM LinkTrace Message
LTR LinkTrace Reply
M
MA Maintenance Association
MAC Medium Access Control
MD Maintenance Domain
MEG Maintenance Entity Group
MEP Maintenance associations End Point
MIB Management Information Base
MIP Maintenance association Intermediate Point
MTU Maximum Transferred Unit

269
Raisecom
NTP Network Time Protocol
O
OAM Operation, Administration, and Maintenance
P
PDU Protocol Data Unit
PE Provider Edge
PSN Packet Switched Network
PTN Packet Transport Network
PW Pseudo Wire
PWE3 Pseudo Wire Emulation Edge-to-Edge
Q
QoS Quality of Service
R
RMEP Remote Maintenance association End Point
RMON Remote Network Monitoring
S
SAToP Structure-Agnostic TDM over Packet
SFP Small Form-factor Pluggables
SLA Service Level Agreement
SNMP Simple Network Management Protocol
SNTP Simple Network Time Protocol
SP Strict-Priority
SSH Secure Shell
T
TCI Tag Control Information
TCP Transmission Control Protocol
TFTP Trivial File Transfer Protocol

270
Raisecom
TLV Type Length Value

ToS Type of Service
TPID Tag Protocol Identifier
V
VPN Virtual Private Network
VLAN Virtual Local Area Network
W
WRR Weight Round Robin

271
Address: Raisecom Building, No. 11, East Area, No. 10 Block, East Xibeiwang Road,
Haidian District, Beijing, P.R.China Postal code: 100094 Tel: +86-10-82883305
Fax: 8610-82883056 http://www.raisecom.com Email: export@raisecom.com

RAX711-C (A) Configuration Guide (Rel - 01)

Hochgeladen von

Dokumentinformationen

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

RAX711-C (A) Configuration Guide (Rel - 01)

Hochgeladen von

Copyright:

Verfügbare Formate

www.raisecom.

Raisecom Proprietary and Confidential

is the trademark of Raisecom Technology Co., Ltd.

Product name Product version Hardware version

Indicate a potentially hazardous situation that, if not avoided,

Raisecom Proprietary and Confidential

Raisecom Proprietary and Confidential

User level conventions

Interface type and value range

Raisecom Proprietary and Confidential

1 Basic configurations ..................................................................................................................... 1

Raisecom Proprietary and Confidential

1.6.3 Enabling Banner display ....................................................................................................................... 23

2 Interface management ................................................................................................................ 24

4.2 Configuring route management ...................................................................................................................... 51

Raisecom Proprietary and Confidential

5.2.5 Configuring suppression of MAC address flapping .............................................................................. 76

5.11.1 Preparing for configurations ................................................................................................................ 88

6 Clock synchronization ............................................................................................................. 106

7 Network reliability ................................................................................................................... 111

Raisecom Proprietary and Confidential

7.2.4 (Optional) configuring ELPS switching control ................................................................................. 128

8 OAM ............................................................................................................................................ 146

Raisecom Proprietary and Confidential

8.2.6 Checking configurations ..................................................................................................................... 157

9 QoS ............................................................................................................................................... 172

Raisecom Proprietary and Confidential

9.2.8 Configuring CoS priority remarking ................................................................................................... 181

10 RSOM ........................................................................................................................................ 198

Raisecom Proprietary and Confidential

10.2.9 Configuring Y.1564 ........................................................................................................................... 207

12 System management and maintenance............................................................................... 231

Raisecom Proprietary and Confidential

12.1.3 E1 NMS channel ............................................................................................................................... 235

12.8.3 Configuring CPU monitoring alarm .................................................................................................. 255

13 Appendix .................................................................................................................................. 266

Raisecom Proprietary and Confidential

Figure 3-1 Principles of CO/remote zero-configuration....................................................................................... 29

Figure 3-3 Zero-configuration on direct connection between remote devices ..................................................... 32

Figure 3-5 Configuring directly-connected remote zero-configuration ............................................................... 43

Figure 4-1 Typical DHCP application .................................................................................................................. 47

Figure 4-2 Structure of DHCP packet .................................................................................................................. 48

Figure 4-3 Configuring DHCPv4 relay ................................................................................................................ 59

Figure 4-4 Configuring DHCPv4 server .............................................................................................................. 60

Figure 4-5 Configuring ARP ................................................................................................................................ 62

Figure 5-1 Unicast forwarding mode of MAC address ........................................................................................ 65

Figure 5-2 Multicast forwarding mode of MAC address ..................................................................................... 66

Figure 5-3 Broadcast forwarding mode of MAC address .................................................................................... 66

Figure 5-4 VLAN partition .................................................................................................................................. 67

Figure 5-6 Sub-VLAN and super VLAN partition ............................................................................................... 70

Figure 5-7 Typical networking of basic QinQ ...................................................................................................... 71

Figure 5-8 Principles of port mirroring ................................................................................................................ 73

Figure 5-9 Configuring MAC address table ......................................................................................................... 92

Figure 5-10 Configuring VLAN........................................................................................................................... 94

Figure 5-11 Configuring basic QinQ .................................................................................................................... 98

Figure 5-13 Configuring storm control .............................................................................................................. 102

Figure 5-14 L2CP networking ............................................................................................................................ 103

Figure 6-1 Principles of SyncE .......................................................................................................................... 107

Figure 7-1 Structure of an APS packet ............................................................................................................... 112

Raisecom Proprietary and Confidential

Figure 7-3 Unidirectional protection switching ................................................................................................. 114

Figure 7-5 ERPS ring network ........................................................................................................................... 117

Figure 7-6 Idle status of Ethernet ring network .................................................................................................. 118