Beruflich Dokumente
Kultur Dokumente
ExpandOS 4.0
User's Guide
US Headquarters
103 Eisenhower Parkway
Roseland, NJ 07068
Telephone: +1-973-618-9000
Important Notice
This guide is delivered subject to the following conditions and restrictions:
! This guide contains proprietary information belonging to Expand
Networks Inc. Such information is supplied solely for the purpose of
assisting explicitly and properly authorized users of the Expand product
series.
! No part of its contents may be used for any other purpose, disclosed to
any person or firm or reproduced by any means, electronic,
photographic or mechanical, without the express prior written
permission of Expand Networks, Inc.
! The text and graphics are for the purpose of illustration and reference
only. The specifications on which they are based are subject to change
without notice.
! The software described in this guide is furnished under a license. The
software may be used or copied only in accordance with the terms of
that agreement.
! Information in this guide is subject to change without notice. Corporate
and individual names and data used in examples herein are fictitious
unless otherwise noted.
Other company and brand product and service names are trademarks or
registered trademarks of their respective holders.
Terms and Conditions of Sale
iii
Acceptance
These terms and conditions of sale ("Terms and Conditions") are the terms and conditions upon which
Expand Networks, Ltd. and its affiliates and subsidiaries (together "Expand") make all sales. Expand
will not accept any other terms and conditions of sale, unless Purchaser and Expand have executed an
agreement that expressly supersedes and replaces these Terms and Conditions. Acceptance of all
purchase orders is expressly made conditional upon Purchaser's assent, expressed or implied, to the
Terms and Conditions set forth herein without modification or addition. Purchaser's acceptance of these
Terms and Conditions shall be indicated by Purchaser's acceptance of any shipment of any part of the
items specified for delivery (the "Products") or any other act or expression of acceptance by Purchaser.
Expand's acceptance is expressly limited to the Terms and Conditions hereof in their entirety without
addition, modification or exception, and any term, condition or proposals hereafter submitted by
Purchaser (whether oral or in writing) which is inconsistent with or in addition to the Terms and
Conditions set forth hereon is objected to and is hereby rejected by Expand.
Risk of Loss
Risk of loss or damage to the Products shall pass to the Purchaser upon delivery of the Products to the
common carrier, regardless of whether the purchase price has been paid in full. Unless advised
otherwise, Expand may insure the Products shipped to full value and all such insurance costs shall be
for the Purchaser's account. The Purchaser shall inspect the Products immediately upon receipt and shall
promptly file any applicable claims with the carrier when there is evidence of damage during shipping.
Warranty
EXPAND WARRANTS TO THE PURCHASER FOR A PERIOD OF NINETY (90) DAYS FROM
SHIPMENT THAT THE PRODUCTS SHALL BE FREE FROM DEFECTS IN MATERIAL AND
WORKMANSHIP AND SHALL PERFORM IN SUBSTANTIAL CONFORMANCE WITH
SPECIFICATIONS PUBLISHED BY EXPAND. EXPAND'S OBLIGATIONS UNDER THESE
TERMS AND CONDITIONS SHALL BE LIMITED SOLELY TO EXPAND MAKING, AT
EXPAND'S COST AND EXPENSE, SUCH REPAIRS AND REPLACEMENTS AS ARE
NECESSARY TO PLACE THE PRODUCTS IN GOOD WORKING ORDER AND TO CONFORM
THE PRODUCTS TO EXPAND'S PUBLISHED SPECIFICATIONS. THIS WARRANTY IS IN LIEU
OF ALL OTHER WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WITHOUT
LIMITATION, IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
PARTICULAR PURPOSE.
Product Returns
Return of Products purchased hereunder shall be governed by Expand's RMA policies in effect on the
date of the invoice. Expand reserves the right to modify or eliminate such policies at any time. The right
to return defective Products, as previously described, shall constitute Expand's sole liability and
Purchaser's exclusive remedy in connection with any claim of any kind relating to the quality, condition
or performance of any Product, whether such claim is based upon principles of contract, warranty,
negligence or other tort, breach of any statutory duty, principles of indemnity or contribution, the failure
of any limited or exclusive remedy to achieve its essential purpose, or otherwise. In the event Expand
issues a return authorization to Purchaser allowing Purchaser to return Product to Expand, Purchaser
will deliver the Product to Expand's address in the United States, if so required by Expand, and
Purchaser shall bear all applicable federal, state, municipal and other government taxes (such as sales,
use and similar taxes) as well as import or customs duties, license fees and similar charges, however
designated or levied, on any replacement Product to be shipped by Expand to Purchaser.
License Grant
The Products, though primarily composed of hardware components, contain software that is proprietary
to Expand or its licensors. Expand hereby grants to Purchaser, and Purchaser accepts, a personal
nonexclusive, nontransferable license to use the Program, in object code form only, and the
accompanying documentation (collectively referred to as the "Software") only as authorized in these
Terms and Conditions. The Software is licensed for Purchaser's internal use and the Software or any
derivative or by-product of the Software may not be used by, sub-licensed, re-sold, rented or distributed
to any other party. Purchaser agrees that Purchaser will not assign, sublicense, transfer, pledge, lease,
rent, or share Purchaser's rights under these Terms and Conditions. Purchaser shall not copy, modify,
reverse assemble, reverse engineer, reverse compile, or otherwise translate all or any portions of the
Software. The Software and the Documentation are proprietary to Expand and are protected under U.S.
and international copyright, trademark, trade secret and patent laws. All right, title, and interest in and to
the Software, including associated intellectual property rights, are and shall remain with Expand.
Terms and Conditions of Sale
v
Limitation of Liability
In no event shall Expand be liable for loss of profits, indirect, special, incidental, or consequential
damages (including, without limitation, loss of use, income or profits, losses sustained as a result of
personal injury or death, or loss of or damage to property including, but not limited to, property handled
or processed by the use or application of the products) arising out of any breach of these Terms and
Conditions or obligations under these Terms and Conditions. Expand shall not be liable for any
damages caused by delay in delivery, installation, or furnishing of the Products hereunder. No action
arising out of any claimed breach of these Terms and Conditions or transactions under these Terms and
Conditions may be brought by either party more than two years after the cause of action has accrued.
Expand's liability under these Terms and Conditions shall in no event exceed the purchase price of the
Products.
Default
The failure of the Purchaser to perform its obligations under these Terms and Conditions including but
not limited to payment in full of the purchase price for the Products, or the filing of any voluntary or
involuntary petition under the Bankruptcy Code, insolvency, assignment for the benefit of creditors, or
liquidation of the Purchaser's business shall constitute a default under these Terms and Conditions and
shall afford Expand all the remedies of a secured party under the Uniform Commercial Code. In the
event of default, Expand may, with or without demand or notice to Purchaser, declare the entire unpaid
amount immediately due and payable, enter the premises where the Products is located and remove it,
and sell any or all the Products as permitted under applicable law. Expand may, in addition to any other
remedies which Expand may have, refuse to provide service on the Products under any applicable
maintenance agreement relating to the Products then in effect between the parties at the time of the
default.
Indemnity
Expand shall defend or settle any suit or proceeding brought against Purchaser based on a claim that
Products sold hereunder constitutes an infringement of any existing United States patent, copyright or
trade secret providing that Expand is notified promptly in writing and is given complete authority and
information required for the defense. Expand shall pay all damages and costs awarded against
Purchaser, but shall not be responsible for any cost, expense or compromise incurred or made by
Purchaser without Expand's prior written consent. If any Products is in the opinion of Expand likely to
or does become the subject of a claim for patent infringement, Expand may, at its sole option, procure
for the Purchaser the right to continue using the Products or modify it to become non-infringing. If
Expand is not reasonably able to modify or otherwise secure the Purchaser the right to continue using
the Products, Expand shall remove the Products and refund the Purchaser the amounts paid in excess of
a reasonable rental for past use. Expand shall not be liable for any infringement or claim based upon use
of the Products in combination with other Products or with software not supplied by Expand or with
modifications made by the Purchaser.
ExpandOS 4.0 User's Guide
vi
General
Expand shall not be liable for Expand's failure to perform or for delay in performance of Expand's
obligations under these Terms and Conditions if such performance is prevented, hindered or delayed by
reason of any cause beyond the reasonable control of Expand. These Terms and Conditions and the
rights and duties hereunder shall not be assignable by either party hereto except upon written consent of
the other. Purchaser agrees to pay to Expand any reasonable attorney's fees and other costs and expenses
incurred by Expand in connection with the enforcement of these Terms and Conditions. These Terms
and Conditions and performance hereunder shall be governed by and construed in accordance with the
laws of the State of New York. Each party acknowledges that it has read, fully understands and agrees
to be bound by these Terms and Conditions, and further agrees that it is the complete and exclusive
statement of the agreement between the parties, which supersedes and merges all prior proposals,
understandings and all other agreements, oral and written, between the parties relating to the subject
matter of these Terms and Conditions. These Terms and Conditions may not be modified or altered
except by a written instrument duly executed by both parties. If any provision of these Terms and
Conditions shall be held to be invalid, illegal or unenforceable, the validity, legality and enforceability
of the remaining provisions shall in no way be affected or impaired thereby. The failure of either party
to exercise in any respect any right provided for herein shall not be deemed a waiver of any right
hereunder.
Table of Contents
vii
Introducing the
ACCELERATOR
Series
This is very significant in today's IT world, in which the need for increased
bandwidth is a fact of life. Corporations see bandwidth as a strategic
communications resource that enables their business-critical applications to
run unhindered.
4000 2700
Frame Relay
Network
Public or Private
2700 2700
LAN Applications
On-Path
On-Path configuration places the ACCELERATOR between the LAN and
the router on both sides of the IP network. The data from the LAN segment
passes through the ACCELERATOR before it reaches the router. The
ACCELERATOR changes the destination IP address of the accelerated
data, rerouting it via the far-end ACCELERATOR to be reconstructed
before it is passed on to its final destination IP address. See the sample
On-Path application in the following figure.
PUBLIC NETWORK
Data passes through and is accelerated before it reaches the router. In this
configuration, an internal-bypass circuit short circuits the two LAN ports
making the ACCELERATOR invisible to protect the network in the
unlikely event of failure.
ExpandOS 4.0 User's Guide
1-6
On-LAN
On-LAN configuration places the ACCELERATOR directly on the LAN
as a host. The ACCELERATOR is considered the next hop for all traffic on
the LAN. The accelerated data is redirected to the far-end
ACCELERATOR where it is reconstructed before it reaches its final IP
address. See the sample On-LAN application in the following figure.
PUBLIC NETWORK
ACCELERATOR 4800
ACCELERATOR 4800
ACCELERATOR 4800
ACCELERATOR Connection to a
Accelerator 4000
Console Port
PC
ExpandOS 4.0 User's Guide
1-10
Initial Configuration
2-1
Chapter 2
I nitial Configuration
Initial
Configuration
I nitial Configuration
Password:
Expand>
Expand>enable
Password:
Expand#
Expand #configure terminal
Expand (config)#
NOTE:
When entering commands, you can type in a unique command prefix instead
of the full command word and ExpandOS will recognize the command. For
example, type conf for configure. If you press <Tab> after typing the
unique prefix, the full command word will be displayed.
ExpandOS 3.5 User's Guide
2-4
I nitial Configuration
Expand (config)#route-rules
Expand (route-rules)#ip default-gateway 10.0.0.1
Expand (route-rules)#
3 Press <Enter>.
NOTE:
The configuration must be saved to the flash in order for it to be available when
ExpandOS is rebooted.
Configuring Passwords
Passwords are required in order to access parameters in Enable mode, and
for the initial login. ExpandOS' default password is Expand. It is
recommended that this password be changed during the initial setup
process.
I nitial Configuration
English), for example, 18-Sep-2001.
Type another space, then the time in hh:mm:ss format.
set 04-Jul-2001 10:30:00.
NOTES:
Entering a time is optional.
The time set on the ACCELERATOR can be checked at any time by typing
show clock at the prompt.
The ACCELERATOR has an option to be set to gather time information from
an SNTP server.
NOTES:
The command modem clear line clears the line by sending an initialization
AT string.
I nitial Configuration
The command modem hang up hangs up the connection.
Chapter 3
Configuring the
ACCELERATOR
This chapter also includes step-by-step detailed procedures for all available
ExpandOS initial configuration options.
Configuration Guides
The following point-to-point, Frame Relay and LAN configuration guides
include sample applications drawings accompanied by sample basic
configuration task lists and commands.
ExpandOS User's Guide
3-2
Point-to-Point Networks
In a point-to-point network, a direct line connects the two
ACCELERATORs, using PPP, HDLC or LAPB encapsulation. The
following drawing shows a typical point-to-point configuration:
Different parameters are configured for the DCE and DTE connections to
the network, as described in the following sections of this chapter.
Expand(conf)#route-rules
Expand(route-rules)#bridge route serial 0/0 serial 0/1
Expand(route-rules)#bridge route serial 0/1 serial 0/0
Expand(route-rules)#routing-policy bridge-routing-first
Expand(route-rules)#exit
Expand#configure
Expand(conf)#interface serial 0/1
Expand(config-if)#no bypass
Wait a few seconds until the encapsulation has been automatically detected and then perform
the following commands.
Expand(conf-if)#confirm autodetection
Expand(conf-if)#interface serial 0/0
Expand(conf-if)#confirm autodetection
Multipoint parameters are configured for the DCE and DTE connections to
the network, as described in Point-to-Point Networks, page 3-1. For the
purpose of the following procedures, Serial Interface 0/0 is configured as an
example. However, these procedures can be used to configure any serial
interface.
Expand(config-if)#no bypass
Wait a few seconds until the encapsulation has been automatically detected and then perform
the next two commands.
Expand(conf-if)#confirm autodetection
Expand(conf-if)#interface serial 0/0
Expand(conf-if)#confirm autodetection
LAN Configuration
LAN network configuration can be set up in three different ways:
! ACCELERATORs On-Path
! ACCELERATORs On-LAN
! Mixed configuration, one ACCELERATOR On-LAN and one
ACCELERATOR On-Path
BasicOn-LAN
BasicOn-LAN configuration places the ACCELERATOR directly on the
LAN as a host. The ACCELERATOR is considered the next hop for all
traffic on the LAN. The accelerated data is redirected to the far-end
ACCELERATOR where it is reconstructed before it reaches its final IP
address. See the sample On-LAN application in the following figure.
ExpandOS User's Guide
3-10
Expand#config
Expand(config)#interface ethernet 0
Expand(conf-if)#ip address 10.30.0.6 255.255.0.0
Expand(conf-if)#mode on-lan
Expand(config)#interface tunnel 5 ipv4
Expand(conf-tunnel-5)#tunnel source 10.30.0.6
Expand(conf-tunnel-5)#tunnel destination 10.20.0.6
Tunnel ID was set to 1
Source 10.30.0.6
Destination 10.20.0.6
Expand(conf-tunnel-5)#route-rules
Expand(route-rules)#routing-policy ip-routing-first
Expand(route-rules)#ip route 10.20.0.0 255.255.0.0 tunnel 5
Expand(route-rules)#ip route 10.20.0.6 255.255.255.255 10.30.0.1
OR
Expand#configure
Expand(conf)#interface ethernet 0
Expand(conf-if)#hsrp 0 preempt enable
Expand(conf-if)#hsrp 0 priority 101
Expand(conf-if)#hsrp 0 ip 10.30.0.3
OR
Confirming Autodetect
By default, the ACCELERATOR automatically detects the encapsulation
method used in your network application, based on the data packets that are
received on that interface.
Configuring the ACCELERATOR
3-15
# To confirm autodetection:
1 In Primary Configuration mode, type interface serial 0/0,
and then press <Enter> to enter the Serial Interface 0/0 configuration
mode.
2 Type confirm autodetection, to confirm the interface
encapsulation,
-or-
Type confirm autodetection all, to confirm the
encapsulation for both the interface and its related subinterfaces.
3 Press <Enter>.
Configuring Acceleration
An ACCELERATOR can only accelerate the data if there is another
ACCELERATOR at the opposite end. If the acceleration option is for some
reason disabled or in the unlikely event of a failure, the ACCELERATOR
will not probe for another ACCELERATOR, and data is sent at normal
speed.
ExpandOS User's Guide
3-18
# To configure acceleration:
1 In Serial Interface 0/0 configuration mode, type acceleration on
to enable acceleration,
-or-
Type no acceleration to disable acceleration.
2 Press <Enter>.
NOTE:
In a multipoint network, this procedure sets acceleration on/off for all the serial
interface's related subinterfaces, alternatively, you can set each subinterface
acceleration on/off by performing the same procedure while in subinterface
configuration mode.
2 Press <Enter>.
NOTE:
The DDS interface card can be set to either rx external tx external or
rx internal tx internal (the rx external only and rx external tx
internal modes supported by the serial card are not relevant for the DDS card).
2 Select the highest clock rate that is supported by the CSU/DSU. Type
clock rate, then a space followed by the selected rate, and press
<Enter> to set the clock rate.
NOTES:
You may only use a clock rate that is shown in the displayed list.
For DDS interfaces, the clock rate must be configured and is limited to clock
rates of 56000 and 64000.
On V.35/RS-530, you can alter the Tx clock polarity from low to high on
Serial 0/0, or you can alter the Rx clock polarity from low to high on
Serial 0/1.
On X.21, you can set the Rx clock polarity on serial 0/0 and the Rx clock
polarity on Serial 0/1.
NOTES:
On point-to-point links, CRC errors can be viewed at the remote site. These errors
cannot be viewed in Frame Relay connections.
Further information about Clock Polarity issues can be found in Expand Network's
Web site (www.expand.com), under Support.
Setting Description
The description is free text that describes the interface. For example, you
might describe the interface by its physical location.
Configuring the ACCELERATOR
3-21
# To configure DRC:
1 In Serial Interface 0/0 configuration mode, type drc mode full
and press <Enter>, to perform packet recovery and retransmission,
-or-
Type drc mode semi to perform retransmission only,
-or-
Type drc mode off to prevent packet recovery attempts.
ExpandOS User's Guide
3-22
2 Press <Enter>.
NOTE:
For a detailed explanation about the DRC mechanism, refer to Appendix A, Drop
Recovery.
Type no ignore dcd, to use the DCD signal from the CSU/DSU.
Configuring a Probe
A probe is a packet that is sent from an ACCELERATOR to the other end
of a communications link to determine if another ACCELERATOR is
connected at the remote end. When a second ACCELERATOR is detected,
the two devices are able to synchronize and begin communication. The
probe command defines the frequency with which probe packets are sent.
# To configure a probe:
Expand(conf-if)#show throughput
throughput
Data | System Up | Since Clear | Last 30 Secs
---------------+-----------+-------------+--------------
CRC Errors | 0| 0| 0 /Sec
Dropped Bytes | 0| 0| 0
Dropped Packets| 0| 0| 0
In Bytes | 0| 0| 0 Kbps
In Packets | 0| 0| 0 /Sec
Out Bytes | 0| 0| 0 Kbps
Out Packets | 0| 0| 0 /Sec
Raw In Bytes | 0| 0| 0 Kbps
Raw Out Bytes | 0| 0| 0 Kbps
---------------+-----------+-------------+--------------
! CRC Errors
Statistics for errored packets that arrived to the hardware (Physical
layer CRC Error).
! Dropped bytes
Statistics for bytes that were discarded by the prioritization queues
or bytes that were discarded due to a bandwidth overflow
! Dropped packets
Statistics for packets that were discarded by the prioritization queues
or packets that were discarded due to a bandwidth overflow
! In bytes
Statistics for physical input of bytes on the line
! In packets
Statistics for physical input of packets on the line
! Out bytes
Statistics for physical output of bytes on the line
! Out packets
Statistics for physical output of packets on the line
ExpandOS User's Guide
3-26
! Raw In bytes
Total incoming bytes being accelerated using this (sub) interface or
tunnel
! Raw Out bytes
Total outgoing bytes being accelerated using this (sub) interface or
tunnel
For the purposes of the procedures described below, Serial Interface 0/1 is
configured. However, these procedures can be used to configure any serial
interface.
Confirming Autodetect
By default, the ACCELERATOR automatically detects the encapsulation
method used in your network application, based on the data packets that are
received on that interface.
Configuring the ACCELERATOR
3-27
# To confirm autodetection:
1 In Primary Configuration mode, type interface serial 0/0,
and then press <Enter> to enter the Serial Interface 0/0 configuration
mode.
2 Type confirm autodetection, to confirm the interface
encapsulation,
-or-
Type confirm autodetection all, to confirm the
encapsulation for both the interface and its related subinterfaces.
3 Press <Enter>.
2 Press <Enter>.
Bypass Mode
In order to provide greater network stability, the ACCELERATOR features
a built-in bypass mode. Bypass mode directs received traffic through the
hardware to the transmit port, bypassing the ACCELERATOR entirely. In
the unlikely event of a hardware failure or a power failure, the
ACCELERATOR will automatically operate in bypass mode. This provides
an automatic safeguard for the network connection, regardless of the
ACCELERATOR’s status. Alternatively, the ACCELRATOR can be
manually configured to operate in bypass mode.
NOTE:
In the ACCELERATOR 2700 Series, bypass is always on port 0/0.
SAVE:
Multipoint Networks
Configuring Data Encapsulation
In order to configure serial interfaces, you must set the encapsulation
method used in your network. Encapsulation refers to the way in which
data packets are encapsulated when sent from the router.
Confirming Autodetect
By default, the ACCELERATOR automatically detects the encapsulation
method used in your network application, based on the data packets that are
received on that interface.
# To confirm autodetection:
1 In Primary Configuration mode, type interface serial 0/0,
and then press <Enter> to enter the Serial Interface 0/0 configuration
mode.
2 Type confirm autodetection, to confirm the interface
encapsulation,
-or-
Type confirm autodetection all, to confirm the
encapsulation for both the interface and its related subinterfaces.
Configuring the ACCELERATOR
3-33
3 Press <Enter>.
Detecting Subinterfaces
Subinterfaces can be detected automatically or manually.
In addition, there are two options that are set at the subinterface level, as
follows:
! Configuring a DLCI Number: The DLCI number is automatically given
to the subinterface when it is autodetected. If it is not autodetected, the
DLCI number must be specified manually by the user.
! Defining the IP Address: If a separate IP address is required for each
subinterface, it must be configured manually by the user.
NOTE:
Once subinterface detection and configuration are complete, encapsulation can be
enabled in order to allow autodetection again.
NOTE:
Refer to Chapter 11, Command Reference, for the subinterface configuration
commands.
SAVE:
Expand#conf
Expand(config)#int s0/0
Expand(conf-if)#clock rate ?
56000
64000
Expand(conf-if)#clock source rx external tx external
Expand(conf-if)#clock source rx internal tx internal
The following is an example of the show interface command for the DDS
card:
Expand#show interface serial 0/0
0/0
Bandwidth.............................2000000
acceleration..........................on
clock
rate................................56000
source..............................rx internal
tx internal
counters period throughput............30
crc...................................16-bit
description...........................(not
configured)
drc
chunk-size method...................automatic
mode................................off
encapsulation.........................autodetect
(undecided)
Configuring the ACCELERATOR
3-37
queuing strategy......................fifo
hardware type.........................Dds Rev: 1
keepalive-interval....................3
keepalive-iterations..................10
mtu...................................2000
probe.................................5
DCD=D DSR=D DTR=U RTS=U CTS=U
throughput
Data | System Up | Since Clear | Last 30 Secs
---------------+-----------+-------------+-------------
CRC Errors | 0| 0| 0 /Sec
Dropped Bytes | 0| 0| 0 /Sec
Dropped Packets| 0| 0| 0 /Sec
In Bytes | 0| 0| 0 Kbps
In Packets | 0| 0| 0 /Sec
Out Bytes | 0| 0| 0 Kbps
Out Packets | 0| 0| 0 /Sec
---------------+-------+----------+--------------
on-lan
-or-
on-path wan-side connecting ethernet followed by a
space, followed by the interface number (for example 0/1)
In an On-Path configuration, the Ethernet interface must be configured
through the WAN side.
NOTE:
In On-Path mode, because it is impossible to connect two separate interfaces to the
same LAN, you cannot connect the LAN port and the management port to the same
subnet. If you have a separate LAN subnet, you can connect the management to
this subnet. In the unlikely event of ACCELERATOR failure, hardware bypass (in
ACCELERATOR 4800) will not operate via the management port.
# To enable promiscuous:
! In Ethernet Interface configuration mode, when the ACCELERATOR
is set to On-LAN mode, type promiscuous followed by enable,
and press <Enter>.
Throughput Statistics
Expand(conf-if)#show throughput
throughput
Data | System Up | Since Clear | Last 30 Secs
------------------------+-----------+-------------+--------------
CRC Errors | 0| 0| 0 /Sec
Dropped Bytes | 0| 0| 0
Dropped Packets | 0| 0| 0
In Bytes | 0| 0| 0 Kbps
In Packets | 0| 0| 0 /Sec
Out Bytes | 0| 0| 0 Kbps
Out Packets | 0| 0| 0 /Sec
Non Unicast In Packets | 0| 0| 0 /Sec
Non Unicast Out Packets | 0| 0| 0 /Sec
---------------------------+-----------+-------------+--------
! CRC Errors
Statistics for errored packets that arrived to the hardware (Physical
layer CRC Error)
! Dropped bytes
Statistics for bytes that were discarded by the prioritization queues
or bytes that were discarded due to a bandwidth overflow
! Dropped packets
Statistics for packets that were discarded by the prioritization queues
or packets that were discarded due to a bandwidth overflow
! In bytes
Statistics for physical input of bytes on the line
! In packets
Statistics for physical input of packets on the line
! Out bytes
Statistics for physical output of bytes on the line
! Out packets
Statistics for physical output of packets on the line
ExpandOS User's Guide
3-42
For example:
For example:
show arp - Display the complete ARP resolution table with IP addresses,
MAC addresses, and resolution type.
ExpandOS User's Guide
3-44
For example:
The timeout value is the number of seconds the CSS holds an ARP
resolution result. To set a timeout period, enter an integer from 60 to 86400
(24 hours) seconds. The default is 14400 seconds (4 hours). If you do not
want the ARP entries to timeout, enter 0.
For example:
arp-cache# arp timeout 120
Enter the ARP wait command followed by a wait time. The wait time is the
number of seconds you should wait for an ARP resolution in response to an
ARP request to the network. Enter an integer from 5 to 30 seconds. The
default is 5.
For example:
arp-cache# arp wait 15
Configuring IP Tunneling
By establishing IP tunnels, enterprises can transport any protocol over an IP
cloud. The ACCELERATORs process the original packet. Once the
original packet has been reduced, a new IP header is added. The IP header
has a new source and destination IP address that routes the packets to
remote ACCELERATORs. The following figure depicts the added IP
header.
NOTE:
At present, ExpandOS supports IP version 4 only.
ExpandOS User's Guide
3-46
Size Description
4 bits Version (always 4 for IPv4)
4 bits IP header length in 32 bit words
(5 for Expand’s tunnel)
1 byte Type of Service
(configuration dependent)
2 bytes Total length in bytes (24 bytes–MTU)
2 bytes Identification (sequence number)
2 bytes Fragmentation (configuration and packet-flow dependent)
1 byte Time to Live (Expand sends packets with 7F, 127 hops)
1 byte Protocol (Expand uses protocol IPComp, 108)
2 bytes Header Checksum
4 bytes Source IP address (source of the IP tunnel that was
configured)
4 bytes Destination IP address (destination of the IP tunnel that was
configured)
Data In the Expand tunnel, the first byte value is always 0.
ACCELERATOR 4000
PUBLIC NETWORK
ACCELERATOR 2700
ACCELERATOR 2700
Creating an IP Tunnel
# To create an IP tunnel:
NOTE:
To work with IP tunnels, Routing Policy must be configured to IP routing first or On-
Path, refer to page 3-62 for configuration details.
1 In the configuration mode, type interface tunnel followed
by a space and then type in a tunnel number (0 to 255) followed by a
tunnel mode (ExpandOS version 4.0 supports IPv4 only).
NOTE:
The tunnel number is a reference number for user-interface purposes. Do not
confuse this number with the tunnel ID.
2 Press <Enter>.
A new tunnel will be created. You are now in tunnel configuration mode
and can configure tunnel parameters.
ExpandOS User's Guide
3-48
If flow control is enabled, the Increase and Decrease Rate will be displayed,
see the description of Flow Control in the Supplementary Services Chapter.
Tunnel Service
ToS and precedence settings can be configured separately, or one
user-defined value (0 to 255) can be configured, as follows:
User Defined
7 6 5 4 3 2 1 0
# To configure ToS:
! In the tunnel configuration mode, type tunnel service tos
followed by a space, followed by one of the following commands:
normal no special treatment
user-defined user defined value
minimize-cost attempt to reduce cost
maximize-reliability attempt to avoid drops
maximize-throughput attempt to maximize throughput
minimize-delay attempt to minimize delay
! Press <Enter>.
# To configure precedence:
! In the tunnel configuration mode, type tunnel service
precedence followed by a space, followed by the precedence level,
0 to 7 (where 7 is the highest value).
! Press <Enter>.
Configuring the ACCELERATOR
3-51
Tunnel Statistics
It is possible to view statistics (packet and byte data) for available tunnels.
Expand(conf-tunnel-1)#show throughput
throughput
Data | System Up | Since Clear | Last 30 Secs
---------------+-----------+-------------+--------------
Dropped Bytes | 0| 0| 0
Dropped Packets| 0| 0| 0
ExpandOS User's Guide
3-52
In Bytes | 0| 0| 0 Kbps
In Packets | 0| 0| 0 /Sec
Out Bytes | 0| 0| 0 Kbps
Out Packets | 0| 0| 0 /Sec
Raw In Bytes | 0| 0| 0 Kbps
Raw Out Bytes | 0| 0| 0 Kbps
Wrong Checksum | 0| 0| 0 /Sec
Wrong Protocol | 0| 0| 0 /Sec
---------------+-----------+-------------+--------------
! Dropped bytes
Statistics for bytes that were discarded by the prioritization queues
or bytes that were discarded due to a bandwidth overflow
! Dropped packets
Statistics for packets that were discarded by the prioritization queues
or packets that were discarded due to a bandwidth overflow
! In bytes
Statistics for input of bytes
! In packets
Statistics for input of packets
! Out bytes
Statistics for output of bytes
! Out packets
Statistics for output of packets
! Raw In bytes
Total incoming bytes being accelerated using this tunnel
! Raw Out bytes
Total outgoing bytes being accelerated using this tunnel
! Wrong checksum
Statistics for packets arriving with an errored tunnel checksum.
This will only be displayed when checksum is active.
! Wrong protocol
Statistics for packets that arrived on the other side of the tunnel with
errors. If this occurs, make sure that checksum is enabled so that this
problem can be corrected (you may continue to see wrong protocol
packets because the protocol is checked before the checksum).
Configuring the ACCELERATOR
3-53
Fragmentation Statistics
Fragmentation statistics are relevant for tunneled data only.
fragmentation
Data | System Up | Since Clear | Last 30 Secs
------------------------+-----------+-------------+--------------
Bad Fragments | 0| 0| 0 /Sec
Complete Packet Bytes | 0| 0| 0 Kbps
Complete Packet Number | 0| 0| 0 /Sec
Drops Due To Collision | 0| 0| 0 /Sec
Drops Due To Failure | 0| 0| 0 /Sec
Drops Due To Timeout | 0| 0| 0 /Sec
Fragment Bytes | 0| 0| 0 Kbps
Fragment Number | 0| 0| 0 /Sec
Fragmented Packet Bytes | 0| 0| 0 Kbps
Fragmented Packet Number| 0| 0| 0 /Sec
------------------------+-----------+-------------+--------------
! Bad fragments
Statistics for errored fragmentation data that arrived
! Complete packet bytes
Statistics for the number of bytes that arrived in whole packets
! Complete packet number
Statistics for the number of packets that arrived whole
! Drops due to collision
Statistics for the number of inappropriate fragments that arrived
! Drops due to failure
Statistics for the number of drops that occurred due to internal errors
! Drops due to timeout
Statistics for fragments in which one fragment arrived on time and
the rest of the fragments did not, indicating that there were problems
resulting in dropped byes.
! Fragment bytes
Statistics for how many bytes arrived in fragmented packets
ExpandOS User's Guide
3-54
! Fragment number
Statistics for the total number of fragments that arrived
! Fragmented packet bytes
Statistics for the total number of bytes that arrived fragmented
! Fragmented packet number
Statistics for the total number of fragmented packets that arrived
NOTE:
The bandwidth parameter reflects an approximation of the bandwidth that is
dedicated to the tunnel.
Configuring the ACCELERATOR
3-55
NOTES:
It is also possible to configure bandwidth for subinterfaces. This can be performed
only after invoking the confirm autodetection all command. This impacts
the acceleration cores allocation to the subinterfaces.
Core is a logical component of the system used for acceleration. The higher the
number of cores allocated to an interface or a subinterface, the higher the
acceleration.
The system allocates cores to interfaces and subinterfaces according to their
bandwidth. By default, the bandwidth of a subinterface is assumed to be the
bandwidth of its parent serial interface divided by the number of subinterfaces.
However, manual modification is possible by allowing manual control.
See Flow Control in Chapter 9, Supplementary Services.
This Command will limit throughput over the tunnel by a given number
with a 10% margin of error, if flow controller is enabled.
NOTE:
In order to enforce the bandwidth, flow controller must be enabled..
The backup is configured in the active tunnel – the one that will be backed
up in the event of failure.
ExpandOS User's Guide
3-56
Configuring Acceleration
An ACCELERATOR can only accelerate the data if there is another
ACCELERATOR at the opposite end. If the acceleration option is for some
reason disabled or in the unlikely event of a failure, the ACCELERATOR
will not probe for another ACCELERATOR, and data is sent at normal
speed.
# To configure acceleration:
1 In tunnel configuration mode, type acceleration on to enable
acceleration,
-or-
Type no acceleration to disable acceleration.
2 Press <Enter>.
Setting Description
The description is free text that describes the interface. For example, you
might describe the interface by its physical location.
# To configure DRC:
1 In tunnel configuration mode, type drc mode full and press
<Enter>, to perform packet recovery and retransmission,
-or-
Type drc mode semi to perform retransmission only,
-or-
Type drc mode off to prevent packet recovery attempts.
2 Press <Enter>.
NOTE:
For a detailed explanation about the DRC mechanism, refer to Appendix A, Drop
Recovery.
ExpandOS User's Guide
3-58
Configuring a Probe
A probe is a packet that is sent from an ACCELERATOR to the other end
of a communications link to determine if another ACCELERATOR is
connected at the remote end. When a second ACCELERATOR is detected,
the two devices are able to synchronize and begin communication. The
probe command defines the frequency with which probe packets are sent.
# To configure a probe:
SAVE:
IP Mask 255.255.255.0
route-rules
bridge
route
source-interface | | dest-interface |
-----------------+-----+----------------+----
ExpandOS User's Guide
3-64
Defining an IP Route
# To define an IP route:
1 Enter Route Rules configuration mode, as described on page 3-60.
2 Type ip route, then a space, followed by the outgoing IP address.
Type another space, followed by the outgoing IP mask, another space,
then the destination interface type followed by a space and then the
interface name or an IP address, for example,
ip route 10.20.0.0 255.255.0.0 ethernet 0/1 <Enter>.
or
ip route 10.20.0.0 255.255.0.0 15.0.0.1 <Enter>.
NOTE:
If Forwarding IP Address is configured before the interface name, the configuration
is accepted, even though a warning message appears.
Label 2 Label 0
Serial Serial
Interface Serial Serial Interface
R o u te r 0/1 Interface Interface 0/1 Router
(DCE) ACCELERATOR 0/0 0/0 ACCELERATOR (DCE)
(DCE) (DCE)
Serial Serial
Interface Interface
1/1 1/1
(DTE) (DTE)
Label 3 Label 1
In the diagram above, Serial Interfaces 0/1 and 1/1 are multiplexed into
Serial Interface 0/0. In order to multiplex, you must enable labeling in the
Route Rules configuration mode. After enabling labeling, each multiplexed
serial interface must be given a label. The label will be utilized by the
ACCELERATOR on the remote side for bridging that label to the
appropriate interface. In order to configure multiplexing, you must
configure the following bridge route commands.
ExpandOS User's Guide
3-66
The following table shows the bridge routes and labeling used in the above
examples:
I/F 0/1% I/F 0/0 destination label 2 I/F 0/1% I/F 0/0 destination label 0
Configuring the ACCELERATOR
3-67
I/F 1/1% I/F 0/0 destination label 3 I/F 1/1% I/F 0/0 destination label 1
I/F 0/0 source label 0 % I/F 0/1 I/F 0/0 source label 2 % I/F 0/1
I/F 0/0 source label 1 % I/F 1/1 I/F 0/0 source label 3 % I/F 1/1
NOTE:
Source and destination labels must be an integer between 0-15.
Chapter 4
Congestion
Management
C onfiguring QoS
About This Chapter
The queuing configuration will apply for all traffic passing through the
ACCELERATOR, both accelerated and non-accelerated.
First In, First Out (FIFO), a basic store and forward process, is the default
queuing algorithm of the ACCELERATOR. FIFO does not take into
account any factors in terms of determining network traffic priority other
than order of arrival. If packet "A" arrives before packet "B", then the
ACCELERATOR advances packet "A" first, regardless of importance, size,
or any other factor.
C onfiguring QoS
queue being permitted to transfer up to 2000 bytes before moving on to the
next queue.
With WFQ, packets are classified by flow. Packets with the same source IP
address, destination IP address, source Transmission Control Protocol
(TCP) or User Datagram Protocol (UDP) port, or destination TCP or UDP
port belong to the same flow. When the packet size is larger than 100 bytes,
WFQ allocates an equal share of the bandwidth to each flow. Flow-based
WFQ is also called fair queuing because all flows are equally weighted.
ExpandOS 4.0 User's Guide
4-6
Each queue has a limit of 32 packets, and all traffic has a global limit of 64.
The individual queue limit is enforced only after the global threshold is
exceeded. When the global threshold is exceeded, only new packets are
discarded.
While the global number of packets does not exceed 64, the individual
queue limit is not enforced, and this may result in an individual queue with
more than 32 packets. Once the global limit is reached, the individual limit
is applied to new packets. However, existing packets in the queue are not
discarded.
! To configure WFQ:
1 In Enable mode, type configure, and press <Enter> to enter Primary
Configuration mode.
2 Type interface serial 0/0, and press <Enter> to enter
Serial Interface 0/0 configuration mode.
3 Type fair-queue enable, and press <Enter> to enable WFQ.
C onfiguring QoS
ExpandOS 4.0 User's Guide
4-8
Priority Queuing
Priority Queuing (PQ), allocates bandwidth in an absolute manner,
assigning unconditional priority to higher priority traffic. This is designed
for environments that focus on mission-critical data, excluding or delaying
less critical traffic during periods of congestion.
The user first defines the custom policies (at this stage these policies are not
related to the interfaces) and then relays the policy to the appropriate
interfaces. Thus, any change made to a custom policy will automatically
update the relevant interfaces.
C onfiguring QoS
Setting Priority Queuing
For the purpose of these procedures, priority policy 1 is configured, as well
as Serial Interface 0/0, meaning card 0 and port 0. However, these
procedures can be used to configure any priority policy or serial interface.
In order to set Priority Queuing, you must:
! Configure up to 16 policies
! Assign these policies to specific interfaces.
ExpandOS 4.0 User's Guide
4-10
C onfiguring QoS
2 Press <Enter>.
Custom Queuing
Custom Queuing (CQ) involves allocating bandwidth to specific types of
traffic in accordance with defined rules or custom policies that are
established by the user. The user defines as many rules as are required.
The user first defines the custom policies (at this stage, these policies are
not associated with the interfaces) and then relays the policies to the
appropriate interfaces. Thus, any change made to a custom policy will
automatically update the relevant interfaces.
C onfiguring QoS
For the purpose of these procedures, custom policy 1 is configured, as well
as Serial Interface 0/0. However, these procedures can be used to configure
any custom policy or serial interface.
! To clear a custom-policy:
NOTE:
If you change a custom policy it is automatically relayed to the appropriate
interfaces.
C onfiguring QoS
In Enable mode, type configure, and press <Enter> to enter Primary
Configuration mode.
2 Enter interface configuration mode, for example interface
serial 0/0, and press <Enter> to enter Serial Interface 0/0
configuration mode.
3 Type custom-policy 1, and press <Enter> to apply priority policy
1 to this serial interface.
NOTE:
To disable custom policy 1 for a serial interface type custom-policy 1
disable, and press <Enter>.
Configuring SNMP
5-1
Chapter 5
Configuring SNMP
C onfiguring SNMP
This chapter describes how to configure the ACCELERATOR to enable
remote management access. This chapter includes the following sections:
! What is SNMP?, page 5-2.
! Basic SNMP Components, page 5-2.
! Basic SNMP Protocol Operations, page 5-4.
! SNMP Management Information Base (MIB) Tables, page 5-4.
! SNMPv1 Protocol Operations, page 5-6.
! SNMP Configuration, page 5-7.
! Displaying the Current SNMP Configuration, page 5-7.
! Disabling SNMP Access, page 5-7.
! Defining SNMP Communities, page 5-8.
! Enabling Traps, page 5-8.
! Example SNMP Configuration, page 5-9.
! Supported Traps, page 5-11.
! Supported MIB-2 Entries, page 5-13.
! System MIB, page 5-13.
! IfEntry MIB, page 5-14.
! RMON MIB, page 5-15.
! Private MIB Entries, page 5-16.
! Private MIB Diagram, page 5-48.
ExpandOS User's Guide
5-2
What is SNMP?
The Simple Network Management Protocol (SNMP), is an
application-layer protocol that enables management information exchange
between network devices. SNMP allows network administrators to locate
and solve network problems, manage network performance and plan for
future network growth. The following diagram illustrates a basic network
managed by SNMP:
C onfiguring SNMP
An NMS executes applications that monitor and control managed devices,
and provides the majority of the processing and memory resources needed
to manage the network. One or more NMS must exist on a managed
network. The following diagram illustrates the relationship between these
components:
ExpandOS User's Guide
5-4
A managed object (also called a MIB object, object, or MIB) is one of any
number of specific characteristics of a managed device. Managed objects
are comprised of one or more object instances, or variables.
Configuring SNMP
5-5
There are two types of managed objects: scalar and tabular. Scalar objects
define single object instances, while tabular objects contain multiple
variables. These are grouped together in a highly structured MIB table
using the SNMPv1 Structure of Management Information (SMI). The
tables are composed of zero or more rows, indexed in a way that allows
SNMP to retrieve or alter an entire row using a single Get, GetNext, or
Set command.
C onfiguring SNMP
The following diagram illustrates the SNMP tree:
ExpandOS User's Guide
5-6
SNMP Configuration
In order to enable SNMP management of the ACCELERATOR using
HP OpenView or other SNMP management software, you must define the
following:
! Defining SNMP Communities, page 5-8.
! Enabling Traps, page 5-8.
C onfiguring SNMP
2 Type snmp and press <Enter> to enter the SNMP configuration mode.
Enabling Traps
A trap enables events to be sent to defined recipients in order to enable
central management. In order to send traps, you must first define the
recipients.
# To enable traps:
1 In SNMP mode, as described on page 5-7, type host, followed by a
space, type host’s IP address, space and a community
string or user name and press <Enter>. This will set up the host
(the SNMP entity which will receive the traps).
2 Type traps enable, and press <Enter> to enable all traps.
NOTE:
To disable the traps, type traps disable.
IfTable Index
The IfTable charts which index belongs to which interface number on the
ACCELERATOR rear panel. This table assists in showing how Expand’s
interface names are indexed in the IfTable under SNMP MIB II.
C onfiguring SNMP
In SNMP mode, type sh interface-table and press <Enter>. The
example below displays the ifTable index for two interfaces and
sub-interfaces (including DLCI numbers) for an ACCELERATOR 4000:
Interface Name | Index in ifTable
-----------------------------
0/1 | ifInex.2
0/1/1(769) | ifInex.201
0/0 | ifInex.1
0/0.1(769) | ifInex.101
SAVE:
$ In order to save a configuration to flash memory so that it will be available after
ExpandOS is rebooted, type write at the Enable (#) prompt.
contact.....................John Smith
host
IP | COMMUNITY
-----------------+------------
172.16.32.53 | traps
-----------------+------------
location........................Paris
snmp............................enable
traps...........................enable
Configuring SNMP
5-11
Supported Traps
SNMP events (alerts) are driven by trap messages generated as a result of
certain device parameters. These parameters can be either generic or
vendor-device-specific. Enterprise-specific are Expand Networks’
proprietary trap messages and provide more ACCELERATOR
device-specific detail.
Standard Traps
C onfiguring SNMP
ExpandOS 3.5 supports the following standard SNMP traps:
! ColdStart: Sent after a successful system start-up.
! LinkDown: Signals a failure in one of the communications links of the
ACCELERATORs. An indication for a Link Down status on a DTE
port is a reflection of a DSR signal from the DCE device, and on the
DCE port it is a reflection of the DTR signal from the DTE device.
! LinkUp: Signals that one of the communications links of the
ACCELERATORs came up after a Down state. An indication for a link
up status on a DTE port is a reflection of a DSR signal from the DCE
device, and on the DCE port it is a reflection of the DTR signal from
the DTE device.
! AuthenticationFailure: Signals an SNMP authentication
failure.
Enterprise-Specific Traps
ExpandOS supports the following Expand Networks traps:
! redundantPowerSupplyUp: Signifies that both power supplies
are working (after redundantPowerSupplyDown trap was
issued). These traps are applicable to ACCELERATORs with dual
power supplies.
! redundantPowerSupplyDown: Signifies that one of the redundant
power supplies stopped working. These traps are applicable to
ACCELERATORs with dual power supplies.
ExpandOS User's Guide
5-12
System MIB
ExpandOS supports the standard MIB-2 system entries according to
RFC1213. The entries listed below are all of the type OBJECT-TYPE.
sysDescr
OID: 1.3.6.1.2.1.1.1
C onfiguring SNMP
Full path: iso(1).org(3).dod(6).internet(1).mgmt(2).mib-
2(1).system(1).sysDescr(1)
sysObjectID
OID: 1.3.6.1.2.1.1.2
sysUpTime
OID: 1.3.6.1.2.1.1.3
sysContact
OID: 1.3.6.1.2.1.1.4
sysName
OID: 1.3.6.1.2.1.1.5
sysLocation
OID: 1.3.6.1.2.1.1.6
sysServices
OID: 1.3.6.1.2.1.1.7
IfEntry MIB
ExpandOS supports the following standard MIB-2 ifTable entries according
to RFC1213:
Name:ifEntry
OID: 1.3.6.1.2.1.2.2.1
Sequences:
C onfiguring SNMP
non-unicast packets (only multicast and broadcast)
1 0/0 1 0/0
2 0/1 2 1/0
3 1/0 3 2/0
4 1/1
RMON MIB
ExpandOS supports the standard MIB-2 RMON entries according to
RFC1757.
expandSystemId
OID: 1.3.6.1.4.1.3405.1
Module: EXPAND-NETWORKS-SMI
Description: This object identifier defines the object identifiers that are
assigned to the various Expand-Networks operating systems, and hence are
returned as values for sysObjectID leaf of MIB 2.
Configuring SNMP
5-17
accProductId
OID: 1.3.6.1.4.1.3405.3.1
Module: EXPAND-ACCLERETOROS-MIB
Description: This object identifier defines the object identifiers that are
assigned to the various Expand-Networks products, and hence is assign to
the outgoing traps.
C onfiguring SNMP
accSysUpTime
OID: 1.3.6.1.4.1.3405.3.2.1
Module: EXPAND-ACCLERETOROS-MIB
accSoftwareVersion
OID: 1.3.6.1.4.1.3405.3.2.2
Module: EXPAND-ACCLERETOROS-MIB
ExpandOS User's Guide
5-18
accSysHostName
OID: 1.3.6.1.4.1.3405.3.2.3
Module: EXPAND-ACCLERETOROS-MIB
accSysLocation
OID: 1.3.6.1.4.1.3405.3.2.4
Module: EXPAND-ACCLERETOROS-MIB
Description: The physical location of this node, the value is the same as in
sysLocation leaf in MIB 2.
accSysContact
OID: 1.3.6.1.4.1.3405.3.2.5
Module: EXPAND-ACCLERETOROS-MIB
accCpuTotalEntries
OID: 1.3.6.1.4.1.3405.3.3.1.1.1
Module: EXPAND-ACCLERETOROS-MIB
C onfiguring SNMP
accCpuIndex
OID: 1.3.6.1.4.1.3405.3.3.1.1.2.1.1
Module: EXPAND-ACCLERETOROS-MIB
accCpuDesc
OID: 1.3.6.1.4.1.3405.3.3.1.1.2.1.2
Module: EXPAND-ACCLERETOROS-MIB
accCpuUtilization
OID: 1.3.6.1.4.1.3405.3.3.1.1.2.1.3
Module: EXPAND-ACCLERETOROS-MIB
accSystemWide
OID: 1.3.6.1.4.1.3405.3.3.2.1.1
Module: EXPAND-ACCLERETOROS-MIB
accInterfaceTotalEntries
OID: 1.3.6.1.4.1.3405.3.4.1
Module: EXPAND-ACCLERETOROS-MIB
accInterfaceIndex
OID: 1.3.6.1.4.1.3405.3.4.2.1.1
Module: EXPAND-ACCLERETOROS-MIB
accInterfaceDescription
C onfiguring SNMP
OID: 1.3.6.1.4.1.3405.3.4.2.1.2
Module: EXPAND-ACCLERETOROS-MIB
accInterfaceEncapsulation
OID: 1.3.6.1.4.1.3405.3.4.2.1.3
Module: EXPAND-ACCLERETOROS-MIB
Value list:
1: other(1)
2: ppp(2)
3: hdlc-cisco(3)
4: frame-relay-ietf(4)
5: frame-relay-cisco(5)
6: lapb-8(6)
7: lapb-128(7)
8: ethernet(8)
9: expand-special(9)
10: raw-hdlc(10)
accInterfaceFrameRelayDlci
OID: 1.3.6.1.4.1.3405.3.4.2.1.4
Module: EXPAND-ACCLERETOROS-MIB
Configuring SNMP
5-23
accInterfaceOperStatus
OID: 1.3.6.1.4.1.3405.3.4.2.1.6
Module: EXPAND-ACCLERETOROS-MIB
Value list:
1: up(1)
C onfiguring SNMP
2: down(2)
3: testing(3)
accInterfaceAdminStatus
OID: 1.3.6.1.4.1.3405.3.4.2.1.7
Module: EXPAND-ACCLERETOROS-MIB
Value list:
1: up(1)
2: down(2)
3: testing(3)
Description: The desired state of the interface. The testing(3) state indicates
that no operational packets can be passed.
ExpandOS User's Guide
5-24
accInterfaceMtu
OID: 1.3.6.1.4.1.3405.3.4.2.1.8
Module: EXPAND-ACCLERETOROS-MIB
accInterfaceSpeed
OID: 1.3.6.1.4.1.3405.3.4.2.1.9
Module: EXPAND-ACCLERETOROS-MIB
accInterfaceOutQlength
OID: 1.3.6.1.4.1.3405.3.4.2.1.10
Module: EXPAND-ACCLERETOROS-MIB
accInterfaceBufferUtil
OID: 1.3.6.1.4.1.3405.3.4.2.1.11
Module: EXPAND-ACCLERETOROS-MIB
accInterfaceAccelerationAdminStatus
C onfiguring SNMP
OID: 1.3.6.1.4.1.3405.3.4.2.1.12
Module: EXPAND-ACCLERETOROS-MIB
Value list:
1: off(1)
2: on(2)
accInterfaceQueuingStrategy
OID: 1.3.6.1.4.1.3405.3.4.2.1.13
Module: EXPAND-ACCLERETOROS-MIB
Value list:
1: fifo(1)
2: wfq(2)
3: priority(3)
4: custom(4)
accInterfaceIpAddress
OID: 1.3.6.1.4.1.3405.3.4.2.1.14
Module: EXPAND-ACCLERETOROS-MIB
accInterfaceIpMask
OID: 1.3.6.1.4.1.3405.3.4.2.1.15
Module: EXPAND-ACCLERETOROS-MIB
accInterfaceChunkSizeMethod
C onfiguring SNMP
OID: 1.3.6.1.4.1.3405.3.4.2.1.16
Module: EXPAND-ACCLERETOROS-MIB
Value list:
1: manual(1)
2: automatic(2)
accInterfaceChunkSize
OID: 1.3.6.1.4.1.3405.3.4.2.1.17
Module: EXPAND-ACCLERETOROS-MIB
accInterfaceDrcMode
OID: 1.3.6.1.4.1.3405.3.4.2.1.18
Module: EXPAND-ACCLERETOROS-MIB
Value list:
1: off(1)
2: semi(2)
3: full(3)
accInterfaceKeepAliveInterval
OID: 1.3.6.1.4.1.3405.3.4.2.1.19
Module: EXPAND-ACCLERETOROS-MIB
accInterfaceKeepAliveIterations
OID: 1.3.6.1.4.1.3405.3.4.2.1.20
Module: EXPAND-ACCLERETOROS-MIB
accInterfaceProbe
OID: 1.3.6.1.4.1.3405.3.4.2.1.21
Module: EXPAND-ACCLERETOROS-MIB
Description: Frequency (in seconds) of probe packets that are sent to detect
the presence of a far-end ACCELERATOR.
C onfiguring SNMP
accInterfaceInboundStatus
OID: 1.3.6.1.4.1.3405.3.4.2.1.22
Module: EXPAND-ACCLERETOROS-MIB
Value list:
1: not-connected(1)
2: connected(2)
accInterfaceInboundCore
OID: 1.3.6.1.4.1.3405.3.4.2.1.23
Module: EXPAND-ACCLERETOROS-MIB
accInterfaceOutboundStatus
OID: 1.3.6.1.4.1.3405.3.4.2.1.24
Module: EXPAND-ACCLERETOROS-MIB
Value list:
1: not-connected(1)
2: connected(2)
accInterfaceOutboundCore
OID: 1.3.6.1.4.1.3405.3.4.2.1.25
Module: EXPAND-ACCLERETOROS-MIB
accInterfaceTransmitDirection
OID: 1.3.6.1.4.1.3405.3.4.2.1.26
Module: EXPAND-ACCLERETOROS-MIB
Value list:
1: duplex(1)
C onfiguring SNMP
2: simplex-receive(2)
3: simplex-transmit(3)
accInterfacePerformancePeriod
OID: 1.3.6.1.4.1.3405.3.4.2.1.27
Module: EXPAND-ACCLERETOROS-MIB
accInterfacePerformanceInAccelerationUp
OID: 1.3.6.1.4.1.3405.3.4.2.1.28
Module: EXPAND-ACCLERETOROS-MIB
accInterfacePerformanceInAccelerationClear
OID: 1.3.6.1.4.1.3405.3.4.2.1.29
Module: EXPAND-ACCLERETOROS-MIB
accInterfacePerformanceInAccelerationPeriod
OID: 1.3.6.1.4.1.3405.3.4.2.1.30
Module: EXPAND-ACCLERETOROS-MIB
accInterfacePerformanceOutAccelerationUp
OID: 1.3.6.1.4.1.3405.3.4.2.131
Module: EXPAND-ACCLERETOROS-MIB
accInterfacePerformanceOutAccelerationClear
OID: 1.3.6.1.4.1.3405.3.4.2.1.32
Module: EXPAND-ACCLERETOROS-MIB
C onfiguring SNMP
accInterfacePerformanceOutAccelerationPeriod
OID: 1.3.6.1.4.1.3405.3.4.2.1.33
Module: EXPAND-ACCLERETOROS-MIB
accInterfacePerformanceDrcResetsUp
OID: 1.3.6.1.4.1.3405.3.4.2.1.34
Module: EXPAND-ACCLERETOROS-MIB
Description: Number of times the DRC module had to reset since system
power-up.
ExpandOS User's Guide
5-34
accInterfacePerformanceDrcResetsClear
OID: 1.3.6.1.4.1.3405.3.4.2.1.35
Module: EXPAND-ACCLERETOROS-MIB
Description: Number of times the DRC module had to reset since counters
were last cleared.
accInterfacePerformanceDrcResetsPeriod
OID: 1.3.6.1.4.1.3405.3.4.2.1.36
Module: EXPAND-ACCLERETOROS-MIB
Description: Number of times the DRC module had to reset during last
sampling period.
accInterfacePerformanceLostPacketsUp
OID: 1.3.6.1.4.1.3405.3.4.2.1.37
Module: EXPAND-ACCLERETOROS-MIB
accInterfacePerformanceLostPacketsClear
OID: 1.3.6.1.4.1.3405.3.4.2.1.38
Module: EXPAND-ACCLERETOROS-MIB
C onfiguring SNMP
accInterfacePerformanceLostPacketsPeriod
OID: 1.3.6.1.4.1.3405.3.4.2.1.39
Module: EXPAND-ACCLERETOROS-MIB
accInterfacePerformanceRetransmitPacketsUp
OID: 1.3.6.1.4.1.3405.3.4.2.1.40
Module: EXPAND-ACCLERETOROS-MIB
accInterfacePerformanceRetransmitPacketsClear
OID: 1.3.6.1.4.1.3405.3.4.2.1.41
Module: EXPAND-ACCLERETOROS-MIB
accInterfacePerformanceRetransmitPacketsPeriod
OID: 1.3.6.1.4.1.3405.3.4.2.1.42
Module: EXPAND-ACCLERETOROS-MIB
accInterfacePerformanceRecoveredPacketsUp
OID: 1.3.6.1.4.1.3405.3.4.2.1.43
Module: EXPAND-ACCLERETOROS-MIB
accInterfacePerformanceRecoveredPacketsClear
OID: 1.3.6.1.4.1.3405.3.4.2.1.44
Module: EXPAND-ACCLERETOROS-MIB
C onfiguring SNMP
accInterfacePerformanceRecoveredPacketsPeriod
OID: 1.3.6.1.4.1.3405.3.4.2.1.45
Module: EXPAND-ACCLERETOROS-MIB
accInterfaceThroughputPeriod
OID: 1.3.6.1.4.1.3405.3.4.2.1.46
Module: EXPAND-ACCLERETOROS-MIB
accInterfaceThroughputCrcErrUp
OID: 1.3.6.1.4.1.3405.3.4.2.1.47
Module: EXPAND-ACCLERETOROS-MIB
accInterfaceThroughputCrcErrClear
OID: 1.3.6.1.4.1.3405.3.4.2.1.48
Module: EXPAND-ACCLERETOROS-MIB
accInterfaceThroughputCrcErrPeriod
OID: 1.3.6.1.4.1.3405.3.4.2.1.49
Module: EXPAND-ACCLERETOROS-MIB
accInterfaceThroughputDropByteUp
Type: OBJECT-TYPE
OID: 1.3.6.1.4.1.3405.3.4.2.1.50
Module: EXPAND-ACCLERETOROS-MIB
C onfiguring SNMP
discarded on the interface due to congestion, since system power-up.
accInterfaceThroughputDropByteClear
Type: OBJECT-TYPE
OID: 1.3.6.1.4.1.3405.3.4.2.1.51
Module: EXPAND-ACCLERETOROS-MIB
accInterfaceThroughputDropBytePeriod
Type: OBJECT-TYPE
OID: 1.3.6.1.4.1.3405.3.4.2.1.52
Module: EXPAND-ACCLERETOROS-MIB
accInterfaceThroughputDropPacketsUp
Type: OBJECT-TYPE
OID: 1.3.6.1.4.1.3405.3.4.2.1.53
Module: EXPAND-ACCLERETOROS-MIB
accInterfaceThroughputDropPacketsClear
Type: OBJECT-TYPE
OID: 1.3.6.1.4.1.3405.3.4.2.1.54
Module: EXPAND-ACCLERETOROS-MIB
C onfiguring SNMP
congestion, since counters were last cleared.
accInterfaceThroughputDropPacketsPeriod
Type: OBJECT-TYPE
OID: 1.3.6.1.4.1.3405.3.4.2.1.55
Module: EXPAND-ACCLERETOROS-MIB
accInterfaceThroughputInBytesUp
OID: 1.3.6.1.4.1.3405.3.4.2.1.56
Module: EXPAND-ACCLERETOROS-MIB
accInterfaceThroughputInBytesClear
OID: 1.3.6.1.4.1.3405.3.4.2.1.57
Module: EXPAND-ACCLERETOROS-MIB
accInterfaceThroughputInBytesPeriod
OID: 1.3.6.1.4.1.3405.3.4.2.1.58
Module: EXPAND-ACCLERETOROS-MIB
accInterfaceThroughputInPacketsUp
OID: 1.3.6.1.4.1.3405.3.4.2.1.59
Module: EXPAND-ACCLERETOROS-MIB
accInterfaceThroughputInPacketsClear
OID: 1.3.6.1.4.1.3405.3.4.2.1.60
Module: EXPAND-ACCLERETOROS-MIB
C onfiguring SNMP
accInterfaceThroughputInPacketsUp
OID: 1.3.6.1.4.1.3405.3.4.2.1.59
Module: EXPAND-ACCLERETOROS-MIB
accInterfaceThroughputInPacketsClear
OID: 1.3.6.1.4.1.3405.3.4.2.1.60
Module: EXPAND-ACCLERETOROS-MIB
accInterfaceThroughputInPacketsPeriod
OID: 1.3.6.1.4.1.3405.3.4.2.1.61
Module: EXPAND-ACCLERETOROS-MIB
accInterfaceThroughputOutBytesUp
OID: 1.3.6.1.4.1.3405.3.4.2.1.62
Module: EXPAND-ACCLERETOROS-MIB
accInterfaceThroughputOutBytesClear
OID: 1.3.6.1.4.1.3405.3.4.2.1.63
Module: EXPAND-ACCLERETOROS-MIB
accInterfaceThroughputOutBytesPeriod
OID: 1.3.6.1.4.1.3405.3.4.2.1.64
Module: EXPAND-ACCLERETOROS-MIB
Description: Throughput in kilobit per second over the last sampling period.
accInterfaceThroughputOutPacketsUp
C onfiguring SNMP
OID: 1.3.6.1.4.1.3405.3.4.2.1.65
Module: EXPAND-ACCLERETOROS-MIB
accInterfaceThroughputOutPacketsClear
OID: 1.3.6.1.4.1.3405.3.4.2.1.66
Module: EXPAND-ACCLERETOROS-MIB
accInterfaceThroughputOutPacketsPeriod
OID: 1.3.6.1.4.1.3405.3.4.2.1.67
Module: EXPAND-ACCLERETOROS-MIB
accInterfaceThroughputRawInBytesUp
OID: 1.3.6.1.4.1.3405.3.4.2.1.69
accInterfaceThroughputRawInBytesClear
OID: 1.3.6.1.4.1.3405.3.4.2.1.70
accInterfaceThroughputRawInBytesPeriod
OID: 1.3.6.1.4.1.3405.3.4.2.1.71
Configuring SNMP
5-47
accInterfaceThroughputRawOutBytesUp
OID: 1.3.6.1.4.1.3405.3.4.2.1.72
C onfiguring SNMP
Full path: iso(1).org(3).dod(6).internet(1).private(4).enterprises(1).expand-
networks(3405).acceleratorOs(3).accInterfaces(4).accInterfaceTable(2).accI
nterfaceEntry(1) accInterfaceThroughputRawOutBytesUp (71)
accInterfaceThroughputRawOutBytesClear
OID: 1.3.6.1.4.1.3405.3.4.2.1.73
accInterfaceThroughputRawOutBytesPeriod
OID: 1.3.6.1.4.1.3405.3.4.2.1.74
C onfiguring SNMP
ExpandOS User's Guide
5-50
Configuring SNMP
5-51
C onfiguring SNMP
Web User Interface
6-1
Chapter 6
W eb User Interface
user-friendly and intuitive method of managing and configuring the
ACCELERATORs.
The Web User Interface is accessed using the Microsoft Internet Explorer
Web browser version 5.0 and above, through the URL http://, followed by
the IP Address of the ACCELERATOR.
The Enable mode branch and the various configuration mode branches are
indicated by , while the configuration parameters are represented by .
Click to view the current status of a configurable parameter or mode.
This is the equivalent of invoking the show command in a Telnet session.
Web User Interface
6-3
The Command pane displays the associated command and parameters for
the mode selected in the Tree pane. A next to a parameter indicates that
the parameter value is mandatory, and you must complete the entry. Other
fields are optional. A list, or range, of permitted values for each of the
parameters is indicated to the right of each parameter.
The following buttons are available:
OPTION DESCRIPTION
Refreshes the tree in the left pane.
W eb User Interface
Cancels the commands in the Command pane, and
discards any changes that have been made.
ExpandOS User's Guide
6-4
Logging In
You must log in to the ACCELERATOR in order to configure or view the
ACCELERATOR's status.
# To log in:
1 Type http:// and the IP address of the ACCELERATOR, and then
press <Enter>. The login window of the ACCELERATOR is displayed:
W eb User Interface
NOTE:
The IP address that you use to access the Web User Interface is the IP
address of the ACCELERATOR that has been configured using Telnet (For
further information, see Defining the IP Address and the Default Gateway, in
Chapter 2).
2 Enter your username and password, and click Login.
NOTE:
Both the username and the password are case sensitive.
ExpandOS User's Guide
6-6
2 Enter the required privilege level <1-15> in the Enable level field,
and click Execute.
NOTES:
When a user enters the Web user interface, the lowest privilege level is
automatically assigned, and must be changed as required. If the privilege level
is changed, the window view is refreshed and the new value is displayed.
Similarly, various submenus are enabled, based on the updated privilege level.
Level 15 is the equivalent of entering Enable mode in a Telnet session.
Web User Interface
6-7
W eb User Interface
ExpandOS User's Guide
6-8
NOTES:
Another method of setting a default value is to right-click a leaf in the
hierarchical tree. From the pop-up menu that is displayed, click no.
Showing a Configuration
W eb User Interface
and their values for the selected entries are displayed in the Command pane:
Configuring Parameters
# To configure parameters:
1 Navigate to the required mode in the Tree pane. The Command pane
displays the associated command and parameters for the mode selected
in the Tree pane.
ExpandOS User's Guide
6-10
2 Enter the required values in the fields, and then click Update.
NOTES:
A parameter may be accessed at the command leaf level or in the
corresponding mode branch.
Some parameters may be selected form a dropdown list, as displayed below:
W eb User Interface
NOTES:
This is the equivalent of invoking the no command in a Telnet session.
To enter a value for a parameter that has a default set, click edit, then enter
the required value and click Update.
3 Click Update.
NOTES:
Another method of setting a default value is to right-click a leaf in the
hierarchical tree. From the pop-up menu that is displayed, click no.
RMON
7-1
Chapter 7
RMON
R MON
! RMON Groups, page 7-3.
! RMON Monitoring Groups, page 7-4.
! RMON2 Groups (RFC 2021 and 2074), page 7-4.
! Configuring RMON, page 7-7.
! RMON Traps as Defined in RFC 1757 (RMON I), page 7-11.
ExpandOS User's Guide
7-2
Overview
RMON is a standard monitoring specification that:
! Enables certain network monitors and console systems to share
network-monitoring data.
! Offers network administrators greater freedom to select
network-monitoring probes and consoles with features that meet their
particular networking needs.
The RMON specification defines a set of statistics and functions that can be
exchanged between RMON-compliant console managers and network
probes. As such, it:
! Provides network administrators with extensive network-fault
diagnosis, as well as with planning and performance-tuning
information.
The following figure illustrates an RMON probe. The probe can monitor
WAN links and convey statistical information back to an RMON-compliant
console:
RMON
7-3
RMON Groups
RMON delivers information in nine RMON groups of monitoring elements,
each providing specific sets of data to meet mutual requirements for
network-monitoring. Each group is optional. Vendors need not support all
groups within the Management Information Base (MIB). Some RMON
groups require the support of other RMON groups in order to function
properly. The following figure illustrates the structure of the RMON tree of
groups:
R MON
ExpandOS User's Guide
7-4
History
Periodically records statistical samples from a network and stores them for
later retrieval.
The elements: Sample period, number of samples, item(s) sampled.
Alarm
Periodically records statistical samples from variables in the probe and
compares them with previously configured thresholds. If the monitored
variable crosses a threshold, an event is generated.
The elements: Includes the alarm table and requires the implementation of
the event group. Alarm type, interval, starting threshold, stop threshold.
Hosts
Contains statistics on hosts discovered on the network.
The elements: Host address, packets, and bytes received and transmitted,
as well as broadcast, multicast, and error packets.
HostTop N
Generates tables that describe major hosts on a list ordered by one of their
statistics. The available statistics are samples of one of their base statistics
over an interval specified by the management station. Thus, these statistics
are rate-based.
The elements: Statistics, host(s), sample start and stop periods, rate base,
and duration.
RMON
7-5
Matrix
Stores statistics for use in conversations between two addresses. The device
creates a new entry in its table whenever it detects a new conversation.
The elements: Source and destination address pairs and packets, bytes,
errors for each pair.
Filter
Enables packets to be matched by a filter equation. These matched packets
form a data stream that might be captured or might generate events.
The elements: Bit-filter type (mask or not mask), filter expression (bit
level), conditional expression (and, or, not) to other filters.
Capture
Enables packets to be captured after flowing through a channel.
The elements: Size of buffer for captured packets, full status (alarm),
number of captured packets.
R MON
Event
Controls the generation and notification of events from this device.
The elements: Event type, description, last time the event was sent.
ExpandOS User's Guide
7-6
Protocol Directory
List of protocols the probe has the capability of monitoring, providing the
means for an RMON2 application to learn which protocols a specific
RMON2 probe can see. Especially important when application and probe
are from different vendors.
Protocol Distribution
Traffic statistics for each protocol, providing distribution and trend
information on the use of protocols such as IP, IPX, DECnet, AppleTalk,
and so on.
Address Map
Maps network-layer addresses to MAC-layer addresses, making it easier for
the network manager to see and interpret the data.
Network-Layer Host
Traffic statistics to and from each discovered host, useful for improving the
configuration and placement of network resources for optimized
performance.
Network-Layer Matrix
Traffic statistics on conversations between pairs of discovered hosts.
Application-Layer Host
Traffic statistics to and from each host by protocol (up to and including the
application-layer protocols), providing insight into the use and growth of
applications such as Web, Telnet, Lotus Notes, and so on.
Application-Layer Matrix
Traffic statistics on conversations between pairs of hosts by protocol (up to
and including the application-layer protocols).
RMON
7-7
User History
Periodic samples of user-specified variables, extending the capabilities
beyond RMON1 History, which focuses exclusively on RMON1 Statistics
group variables.
Probe Configuration
Provides a standard way to remotely configure probe parameters, such as
trap destination and out-of-band management.
R MON
! trapDest Table
Configuring RMON
When an ACCELERATOR is first activated, the default state for RMON is
disabled. This means no RMON functionality is supported.
community
None configured.
contact...............................(not configured)
host
None configured.
location..............................(not configured)
rmon
current
status............................disable
future
memory............................32
status............................disable
snmp..................................disable
traps.................................disable
RMON Security
The filter-capture command enables you to block direct access to the filter
and capture RMON groups via RMON manager software and SNMP.
NOTE:
RMON statistics continue to be collected while filter-capture is disabled, but
they cannot be viewed.
R MON
future
memory............................64
status............................enable
pause...............................off
Pausing RMON
The pause command will be displayed only if RMON is enabled.
Pause temporarily deactivates RMON, meaning:
! RMON traps will not be sent.
! RMON statistics will not be calculated and accumulated.
! Any SNMO request by an SNMO browser or RMON manager software
will not be able to acquire RMON information.
! To pause RMON:
To un-pause RMON, in RMON mode type pause off, and then press
<Enter>.
RMON
7-11
risingAlarm
The SNMP trap that is generated when an alarm entry crosses its rising
threshold and generates an event that is configured for sending SNMP
traps.
fallingAlarm
The SNMP trap that is generated when an alarm entry crosses its falling
threshold and generates an event that is configured for sending SNMP
traps.
R MON
Access Authentication
8-1
Chapter 8
Access
Authentication
This chapter describes the various methods for ensuring security within
ExpandOS.
A ccess Authentication
! The AAA Approval Process, page 8-3.
! How AAA Handles Authentication Transactions, page 8-4.
! Daemon, page 8-4.
! RADIUS and TACACS+ Compared, page 8-5.
! AAA Authorization Methods and Types, page 8-5.
! Configuring AAA, page 8-6.
! Building a Local User Database, page 8-8.
! Creating a Custom List and Defining its Access Methods,
page 8-8.
! Modifying an Existing List, page 8-10.
! Viewing an Access List and Attaching an Access List to a
User Interface, page 8-11.
! RADIUS, page 8-12.
! Client/Server Model, page 8-13.
! Protocol Operation, page 8-13.
! Authentication and Authorization Features, page 8-14.
ExpandOS User's Guide
8-2
A ccess Authentication
commands are located in OS Privileged Exec mode. Each client device is
configured for security using the AAA commands from Primary
Configuration mode. The ACCELERATOR can be configured to make use
of a security server via either the TACACS+ or RADIUS security
protocols, or both.
TACACS+ and RADIUS are client-server network protocols that are used
to achieve client-server security over the network (this makes them the
equivalent of what SNMP is to network management). The following
diagram depicts the various components:
ExpandOS 3.5 User's Guide
8-4
Daemon
Daemons are processes that perform predefined tasks on a server, usually as
a response to an event. In Windows, daemons are called "system agents". A
TACACS+ daemon sits on the security server and fields authentication or
authorization queries from client ACCELERATORs. It does this by
searching the user database for required AV pairs, and returning the results
to the client in TACACS+ packets.
A ccess Authentication
authorization attributes on a case-by-case basis.
RADIUS is a standard and uses the UDP transport layer. TACACS+, which
is a Cisco-enhanced protocol, uses the TCP transport layer. TACACS+ is a
third revision of the TACACS protocol.
Configuring AAA
Configuring AAA for the ACCELERATOR involves validating the user's
identity as authentic when logging in, including how to achieve validation.
Once the user's identity has been established and validated, the
configuration process involves the process of granting the user privileges to
specific access networks and commands.
-or-
! authentication, to display authentication data,
-or-
! authorization exec, to display authorization data,
-or-
! exit, to exit to the previous mode,
-or-
! priv-level, to define the privilege level for configuring AAA.
-or-
! show, to display the AAA system information.
3 Press <Enter>.
In AAA configuration mode, type show, and then press <Enter>. The
A ccess Authentication
existing AAA configuration is displayed, as follows:
aaa
authentication
enable
WebUI list.. .line
console list. none
telnet list.... enable
login
WebUI list......…………….. none
console list...............none
telnet list...............…line
authorization exec
WebUI list............... none
console list.............. none
telnet list............... none
ExpandOS 3.5 User's Guide
8-8
In AAA configuration mode, type show local users, and then press
<Enter>.
-or-
! line, to use the line password,
-or-
! local, to use the local method,
-or-
! none, for free access,
-or-
! radius, to use the RADIUS access method,
-or-
! tacacs, to use the TACACS+ access method.
2 Press <Enter>.
3 Type show, and then press <Enter> to view the updated AAA
configuration, as follows:
aaa
A ccess Authentication
authentication
enable
WebUI list line
console list none
telnet list enable
login
WebUI list. none
console list none
telnet list line
authorization exec
WebUI list none
console list none
sample local
telnet list none
NOTE:
You can select more than one of the above methods. Follow step 1, add another
space after the method selected, and then type other required methods from the list
with a space between them. ExpandOS will use the methods in the order in which
they were selected in order to define the available access methods.
ExpandOS 3.5 User's Guide
8-10
-or-
! line, to use line authentication,
-or-
! local, to use local authentication,
-or-
! tacacs, to use TACACS+ authentication,
-or-
! radius, to use RADIUS authentication.
-or-
! none, for no authentication.
2 Press <Enter>.
NOTE:
You can similarly modify an existing list in authentication exec or
authorization exec, as well as for the Web UI or console user interface.
Access Authentication
8-11
A ccess Authentication
password....................Expand
privilege...................1
NOTE:
In the example above, all of the security options are configured to work with the
access list called telnet. Note that there is a password and a privilege level defined
for this Line Telnet mode.
ExpandOS 3.5 User's Guide
8-12
RADIUS
The RADIUS protocol is an accounting/access server authentication
protocol. Implemented by several network access server vendors, this
protocol has gained the support of a wide customer base, including Internet
service providers (ISPs).
Access Authentication
8-13
Client/Server Model
The RADIUS protocol is based on a client/server model. This means that
the client passes user information to a designated RADIUS server, and then
acts on the response that is returned.
Protocol Operation
For technical reasons, communication between an NAS and a daemon
is based on the User Datagram Protocol (UDP). The RADIUS protocol is
generally considered to be a connectionless service. The RADIUS-enabled
A ccess Authentication
devices, and not the transmission protocol, handle issues related to
retransmission, timeouts, and server availability.
When the daemon receives the Access-Request query packet from the
NAS, it searches the database for the listed username. If the username does
not exist in the database, the daemon either loads a default profile or
immediately sends an Access-Reject message. This Access-Reject message
can be accompanied by an optional text message, which could indicate the
reason for the rejection of the query.
ExpandOS 3.5 User's Guide
8-14
If the username is found in the database and the password is correct, the
daemon returns an Access-Accept response. This includes a list of
attribute-value pairs that describe the parameters to be used for this session,
such as service type (shell or framed), protocol type, the IP address to
assign to the user (either static or dynamic), access list to apply, or a static
route to install in the NAS routing table. The configuration information in
the RADIUS server defines what is installed on the NAS.
A ccess Authentication
specified. More than one RADIUS server may be defined.
A ccess Authentication
The ACCELERATOR has a default code set that can be reconfigured, if
required, in order to match the code of the RADIUS server being accessed.
SAVE:
$ In order to save configurations to flash memory so that they will be available after
the ACCELERATOR are rebooted, type write at the Enable (#) prompt.
TACACS+
TACACS+ is a security application that provides centralized validation of
users attempting to gain access to a network access server. TACACS+
services are maintained in a database on a TACACS+ daemon that runs on
a UNIX or Windows NT workstation. TACACS+ features are available to
ACCELERATOR users who have configured a TACACS+ server and have
access to it.
A ccess Authentication
In TACACS+ Server configuration mode, type server, then a space
followed by the IP address of the TACACS+ server, and then press
<Enter>.
NOTE:
To disable access to a specific TACACS+ server, type no server, then a space,
followed by the IP address of the specific TACACS+ server.
A ccess Authentication
prompt. This option is only available for TACACS+ servers that do not have specific
keys defined.
NOTE:
Codes should not be changed without the prior authorization of a professional
TACACS+ Server Manager.
You can use predefined codes to map the service type required, or type in a
number to specify the code. It is recommended that the Enable service type
be defined for users with Enable access, and the Login service type be
defined for users with View access.
# To set a timeout:
1 In TACACS+ Server configuration mode, type timeout then a space
and a number (between 1-500000) representing the time (in seconds) to
wait for a TACACS+ server to reply.
2 Press <Enter>.
A ccess Authentication
ExpandOS 3.5 User's Guide
8-24
A ccess Authentication
The common syntax is:
priv-level [number] for [user-interface] [access-
right] command [mode-command]
This command will assign privilege level 4 and access read/write to the
command, interface serial 0/0 (which is used to access the serial
interface 0/0 from Primary Configuration mode). This command assigns
read/write access only for users who access the ExpandOS via Telnet and
have privilege level 4 and above.
ExpandOS 3.5 User's Guide
8-26
When exec is typed before the privilege level number, the commands that
are assigned a privilege level are those in Exec mode.
Access Authentication
8-27
An example is as follows:
Expand(config)#priv-level exec 2 command ?
clear Clear data
configure Enter configuration mode
copy Copy from one file to another
cpu-counter Show the gateway counter for
the last second
cpu-utilization Show CPU utilization
debug Debug data
delete Delete a file
dir List files on a filesystem
disable Turn off privileged
commands
enable Turn on privileged commands
erase Erase flash
memory Show memory data
A ccess Authentication
ping Send echo messages
reboot Reboot the system
rename Rename from one file to another
reset-factory-default Reset the Factory Default
Configuration-
erase it.
restore-factory-default Restore the Factory
Default Configuration-
to be the StartupConfig.
serial-bypass Bypass at layer 1
set-factory-default Set the Factory Default
Configuration to be identical
to Startup Config.
write Write configuration
ExpandOS 3.5 User's Guide
8-28
Expand(config)#priv-level 2 command ?
aaa Authentication, Authorization
and Accounting
alias Create command alias for this mode
banner Banner
boot Modify system boot parameters
clock System clock
custom-policy Custom policy number
debug Debug data
enable Modify enable password parameters
hostname This system's network name
interface interface data
led-manager Led Manager
line Line data
local Configure local options
logging Logging data
modem Modem settings
net-tftp Net-TFTP parameters
power-check Redundant power check
priority-policy Priority policy number
radius Configure RADIUS options
route-rules Handle routing definitions
service Technicians' tools
snmp SNMP data
sntp SNTP
tacacs Configure TACACS+ options
terminal Terminal settings
watch-dog System WatchDog
Configuring Supplementary Services
9-1
Chapter 9
Configuring
Supplementary
Services
Banner
Banner commands provide the option to edit the Welcome banner. An
example of a typical ACCELERATOR 4000 series banner is as follows:
*********************************************
* *
* FEB-11-2001 10:02:54 *
* *
* Expand 4000 series *
* *
* Running ExpandOS 3.2(2) *
* *
* For details, http://www.expand.com *
* *
*******************************************
# To configure a banner:
1 In Primary Configuration mode, type banner, followed by a space
and then the required setting:
! alias, to create a command alias for this mode,
-or-
! default, to restore the default welcome banner,
-or-
! edit, to edit the welcome banner,
-or-
! exit, to exit to the previous mode,
-or-
! priv-level, to define the privilege level for configuring a
banner.
2 Press <Enter>.
NOTES:
The default banner is saved in the banner.txt file
Date, time, and ExpandOS versions are taken automatically from the system's
parameters.
Configuring Supplementary Services
9-3
Mail
Mail provides the option for log messages to be sent to up to three e-mail
addresses and a syslog server, informing the administrator exactly which
ACCELERATOR transmitted the log.
LED Manager
LED Manager enables you to test the front panel LEDs.
SNTP
Network Time Protocol (NTP) is designed to synchronize a network of
machines. It runs over UDP, which in turn runs over IP. A detailed
explanation of the NTP can be found in RFC 1305.
An NTP network gets its time from an authoritative time source, either a
radio clock or an atomic clock attached to a time server, and then
distributes this time across the network. NTP is an extremely efficient
protocol, with no more than one packet per minute needed to synchronize
two machines to within a millisecond of one another.
NTP uses the concept of a "stratum" to describe how many hops away a
machine is from an authoritative time source. A "stratum 1" time server is
directly attached to a radio or atomic clock, a "stratum 2" time server
receives its time from a "stratum 1" time server, and so on. A machine
running NTP will automatically choose the machine with the lowest
stratum number that it is configured to communicate with via NTP as its
time source. This effectively builds a self-organizing tree of NTP speakers.
NTP is careful to avoid synchronizing with a machine whose time may not
be accurate. It does not synchronize with a machine that is not itself
synchronized. NTP compares the time reported by several machines, and
does not synchronize with a machine whose time is significantly different
from the others, even if its stratum is lower.
SNTP can provide time within 100 milliseconds of the accurate time, but
does not provide the complex filtering and statistical mechanisms that NTP
does. An SNTP client is much more vulnerable to problematic servers than
an NTP client is, and should only be used in situations where strong
authentication is not required.
SNTP can either request and accept packets from configured servers only
or can accept NTP broadcast packets from any source. When multiple
sources send NTP packets, the server with the best stratum is selected. If
SNTP does not authenticate traffic, although extended access lists can be
configured to provide some protection against unauthorized traffic.
ExpandOS User's Guide
9-8
Configuring SNTP
In order to enable SNTP management of ACCELERATORs, the following
setting has to be defined:
sntp
Interval 100
Sntp on
Source server
Ip 110.50.50.6
-or-
sntp
Interval 100
Sntp on
Source broadcast
Ip 192.116.68.50
Configuring Supplementary Services
9-11
WatchDog
The WatchDog application within the ExpandOS system serves as an
external monitor for the operation of both the hardware and software within
the ACCELERATOR. It is this component of the operating system that
seeks out faults, failures, and abnormal operating conditions, and provides
detection and recovery services to counter them.
# To configure WatchDog:
1 In Primary Configuration mode, type watch-dog, and then press
<Enter> to enter WatchDog configuration mode.
2 Type watch-dog, followed by a space and then the required setting:
! alias, to create a command alias for this mode,
-or-
! exit, to exit to the previous mode,
-or-
Simplex
Simplex services enable transmission of data traffic in only one direction.
Whereas standard duplex Frame Relay circuits require the same CIR in
both directions, simplex mode enables a different CIR (in cases of Frame
Relay).
Simplex mode is especially useful for applications such as:
! Broadcasting services
! Two simplex circuits (in opposite directions) operating opposite each
other, each with a different CIR
! Data communications configurations in which a high volume of
data flows in one direction (e.g. large file transfers) while only a
minimal volume flows in the other direction (the protocol's
acknowledgments).
A B
Ethernet 0 Ethernet 0
# To configure ACCELERATOR A:
1 In Enable mode, type configure, and press <Enter>.
2 Type interface serial 0/0, and press <Enter> to enter the
Serial Interface 0/0 configuration mode.
Configuring Supplementary Services
9-13
# To configure ACCELERATOR B:
1 In Enable mode, type configure, and press <Enter>.
2 Type interface serial 0/0, and press <Enter> to enter the
Serial Interface 0/0 configuration mode.
3 Type transmit direction receive-only (assuming
ACCELERATOR B receives only).
4 Type send through <IP> B where IP is ACCELERATOR A’s
LAN port IP address and B is ACCELERATOR B’s ID (In this case
“B” is the ID which will be encoded on the system messages from B to
A – it can be any other string).
transmit-direction....................duplex
Expand(conf-if)#transmit-direction ?
Expand(conf-if)#send-through ?
ExpandOS User's Guide
9-14
and
Expand(conf-if)#send-through 192.116.48.1 ?
Expand(conf-if)#sh
send-through peer-
ip..................192.116.48.1 interface-id ACC1
And ACCELERATOR B:
Expand(conf-if)#transmit-direction receive-only
transmit-direction....................send-only
Expand(conf-if)#receive-from ?
Expand(conf-if)#receive-from ACC1
Expand(conf-if)#show
receive-from peer-id..................ACC1
transmit-direction....................send-only
Configuring Supplementary Services
9-15
Frame-Relay Configuration
In the following Frame-Relay configuration example, two
ACCELERATORs, A and B, are connected in simplex mode. Neither
ACCELERATOR has an Internet connection. ACCELERATOR A’s sub-
interface (PVC) 0/0.1 is connected to ACCELERATOR B’s sub-interface
0/0.1 by a PVC which is receive-only, and ACCELERATOR A’s sub-
interface 0/0.2 is connected to ACCELERATOR B’s sub-interface 0/0.2 by
a PVC which is send-only.
A B
0/0.1 0/0.1
0/0.2 0/0.2
Frame-
# To configure ACCELERATOR A:
1 In Enable mode, type configure, and press <Enter>.
2 Type interface serial 0/0.1, and press <Enter> to enter the
Serial Interface 0/0 sub-interface configuration mode.
3 Type transmit direction receive-only.
4 Type send-through 11.0.0.2 ACC1 (ACC1 is
ACCELERATOR A’s ID)
5 Type interface serial 0/0.2, and press <Enter> to enter the
Serial Interface 0/0 sub-interface configuration mode.
6 Type transmit-direction send-only.
7 Type receive-from ACC2 (ACC2 is ACCELERATOR B’s ID)
# To configure ACCELERATOR B:
1 In Enable mode, type configure, and press <Enter>.
2 Type interface serial 0/0.1, and press <Enter> to enter the
Serial Interface 0/0 sub-interface configuration mode.
3 Type transmit direction send-only followed by
receive-from ACC1
4 Type sub-interface 0/0.2.
Configuring Supplementary Services
9-17
Expand(config)#simplex
Expand(simplex)#?
simplex commands:
Expand(simplex)#show ?
ExpandOS User's Guide
9-18
<cr>
Expand(simplex)#show receive-table
Receive Table:
------------------------------------------------
| Interface | Interface ID to receive from |
--------------------------------------------
| 0/0 | ACC1
|
Expand(simplex)#show send-table
Send Table:
---------------------------------------------
| Interface | Ip to send through | Interface ID |
------------------------------------------------
Expand(simplex)#simplex-port ?
Invoking the tables command displays both receive and send tables:
--------------------------------------------
| Interface | Interface ID to receive from |
Configuring Supplementary Services
9-19
-------------------------------------------------
| 0/0 | ACC1 |
-------------------------------------------------
| Interface | Ip to send through | Interface ID |
-------------------------------------------------
Signal Routing
This feature sets signaling transmissions to be sent transparently through
the ACCELERATOR from the router to the modem (WAN termination
device, e.g. CSU/DSU) and vice versa. The signals reflected are DCD,
DSR and DTR.
Flow Control
(For ExpandOS versions 3.5(1) and above)
If too many packets are dropped from the network, the DRC buffer may
overfill. In the event that this occurs, the DRC requests a retransmission of
lost packets. The Flow Control feature enables the ACCELERATOR to
adjust the current bandwidth in order to decrease instances of DRC
retransmission requests.
NOTE:
DRC must be set to either semi or full for Flow Control to operate (refer to
Appendix A, Drop and Recovery, for more information on DRC).
The “(now XXX)” field in the flow-control line indicates that the
bandwidth is currently controlled by the flow control. When flow
adjustment is enabled, and there are DRC retransmits, this field will
indicate the reduced or raised bandwidth status.
Once Flow Control has been enabled, the Increase and Decrease Rate
parameters can be set as follows.
ExpandOS User's Guide
9-24
bandwidth.............................2000000
decrease-rate.........................100
flow-adjustment.......................enable
flow-control..........................enable (now 2000000)
increase-rate.........................20
Upgrading ExpandOS
10-1
Chapter 10
Upgrading
ExpandOS
ExpandOS has three separate types of memory: RAM used for internal
processing, memory allocated for the cache and Flash memory for software
updates.
U pgrading ExpandOS
Version control in ExpandOS involves three operations:
! The supplied file must first be copied from the TFTP server to the Flash
card.
! The updated file must then be specified as the boot file that is to be
used when rebooting the system.
! The system must be rebooted to activate the upgraded version.
NOTES:
It is not possible to upgrade from versions below 3.2(3) to 3.5. To upgrade from a
version lower than 3.2(3), first upgrade to version 3.2(3) and then upgrade again to
version 3.5.
It is not possible to downgrade from version 3.5 to version 3.1. ExpandOS 3.5 will
not synchronize with any pre-3.2 ExpandOS version.
ExpandOS User's Guide
10-2
This will save the startup configuration file to the station on which the
TFTP server is running. After the successful ExpandOS upgrade has been
performed, the configuration file can be downloaded to the
ACCELERATOR by typing copy net-tftp startup-config.
Following a successful process, the file resides on the Flash card, with the
defined filename.
U pgrading ExpandOS
1 Press <Control-Z> to exit Primary Configuration mode.
2 Type reboot.
3 Press <Enter>. You are prompted to confirm the reboot.
4 Type yes. The system reboots.
NOTE:
The upgraded version is only activated following a system reboot.
SAVE:
Chapter 11
Command
Reference
This chapter provides a reference for the commands that are available for
configuration of the ACCELERATOR 4000.
In this chapter, commands are typed in bold, and parameters are typed
within square brackets [ ], For example, ping [IP Address].
C ommand Reference
! Commands Available in Enabled Configuration Mode, page 11-7.
! Show Commands, page 11-28.
! BootROM Commands, page 11-30.
ExpandOS User's Guide
11-2
Common Commands
The following commands can be performed at nearly every level
throughout ACCELERATOR configuration.
The No Command
The no command can be typed before almost any command to reset the
setting for the command.
The ? Command
To view help for a command, type ? after the command and you will receive a detailed list
of all possible configuration parameters for this command with a brief explanation.
For example:
Expand(config)#clock
Expand(clock)#?
clock commands:
alias Create command alias for this mode
daylight-saving Configure daylight savings
exit Exit to previous mode
priv-level Give privilege level to a command
set Set the time and date
timezone Configure time zone (Min)
The show command can be used after any command to reveal the set parameters for a
command.
For example:
Expand(config)#interface ethernet 0/0
Expand(conf-if)#show
0/0
bypass................................disable
counters period throughput............30
Command Reference
11-3
description...........................(not configured)
ip
address.............................1.2.3.1
mask................................255.255.255.255
mac...................................aaaa.bbbb.cccc
mode..................................on-path lan-side
queue-usage...........................0
queuing-strategy......................fifo
throughput
Data | System Up | Since Clear | Last 30 Secs
---------------+-----------+-------------+--------------
CRC Errors | 0| 0| 0 /Sec
Dropped Bytes | 0| 0| 0
Dropped Packets| 0| 0| 0
In Bytes | 0| 0| 0 Kbps
In Packets | 0| 0| 0 /Sec
Out Bytes | 0| 0| 0 Kbps
Out Packets | 0| 0| 0 /Sec
---------------+-----------+-------------+--------------
Executable Commands
Expand#
C ommand Reference
COMMAND DESCRIPTION
debug Debug data.
dir Displays files on a file system.
disable Disables privileged commands.
enable Enables privileged commands.
exit Exits the shell.
no Negates a command or set its default.
packet Packet data
ping [IP address] [number] Sends echo messages.
ExpandOS User's Guide
11-4
Expand#debug
COMMAND DESCRIPTION
ber-permil [number] Promil of packet drop [debug].
clear-tasks Clears tasks information
events [all] or [long] Sets selection parameters for events:
All: Displays events in long format.
Long: Displays a full description of
events.
queuing Activates data queuing.
tasks Creates trace task data in a file.
trace [task name] Enables task tracing according to its name.
Expand#dir
COMMAND DESCRIPTION
flash Activates the flash file system.
null Deactivates the flash file system.
Expand#enable
COMMAND DESCRIPTION
clear [counters interface Clears data from the specified serial
serial] or [events] interface counters or events data
configure Enables Configuration mode.
copy Enables copying from one file to another.
debug Debugs data.
delete Deletes a file.
dir Lists files in a file system.
Command Reference
11-5
Expand#configure mode
C ommand Reference
COMMAND DESCRIPTION
aaa Enables Authentication, Authorization and
Accounting mode.
alias Creates a command alias for this mode.
banner Displays the banner.
boot [system] or [flash] Modifies system boot parameters.
Boots the system image file or flash file
system.
clock Displays the system clock.
custom-policy [1-16] Configures a custom queuing policy.
ExpandOS User's Guide
11-6
COMMAND DESCRIPTION
enable Modifies enable password parameters.
exit Exits to the previous mode.
hostname [network name] Defines the system network name.
interface [ethernet] or Interface data: ethernet data or serial
[serial] interface help.
led-manager Displays the LED manager.
line [console] or [telnet] Configures console, Telnet, WebUI or
or [WebUI] or [auxiliary] auxiliary (modem connected to the rs line)
parameters.
local Configures local options.
logging Displays logging data.
modem Defines modem settings.
net-tftp [port number] Sets the parameters of the port (between
[seconds] 0-65535), and the timeout, in seconds
(between 0-70000).
no Deactivates a command or sets its default.
power-check Enables monitoring of dual power
supplies.
priority-policy [1-16] Configures a priority queuing policy.
priv-level Defines the privilege level of a command.
radius Configures RADIUS options.
route-rules Sets routing definitions.
show Displays active system information.
snmp Displays SNMP data.
sntp Displays SNTP server settings.
tacacs Configures TACACS+ options.
terminal Displays terminal settings.
watch-dog Displays System Watch Dog.
Command Reference
11-7
Expand(config)#AAA
COMMAND DESCRIPTION
alias [alias word] [alias Creates a command alias for this mode.
command]
authentication Displays authentication data.
authorization exec Displays authorization data.
exit Exits to the previous mode.
no Deactivates a command or sets its default.
priv-level Defines the privilege level of a command.
show Displays running system information.
C ommand Reference
ExpandOS User's Guide
11-8
Expand(AAA)#Authentication &
Authorization
This command is performed from within the Configuration mode, see the
configuration command, above.
COMMAND DESCRIPTION
authentication enable [Web Sets the method of enabled authentication:
UI] or [console] or 1: Enable: Use enable password
[telnet] or [list name]
authentication.
[1] [2] [3] [4] [5] [6]
2: Line: Use line authentication.
[1] (enable)
[2] (line) 3: Local: Use local authentication.
[3] (local) 4: Tacacs: Use TACACS+
authentication.
[4] (tacacs)
5: Radius: Use RADIUS authentication.
[5] (radius)
[6] (none) 6: None: No authentication.
COMMAND DESCRIPTION
[5] (radius) 5: Radius: Use RADIUS authorization.
[6] (none) 6: None: No authorization.
Expand(config)#arp-cache
COMMAND DESCRIPTION
timeout Enables configuration of the number of
seconds the ARP cache should wait before
deleting dynamic entries.
wait Enables configuration of the number of
seconds the ARP cache should wait before
discarding packets.
Expand(config)#banner
COMMAND DESCRIPTION
alias Creates a command alias for this mode.
default Restores the default welcome banner.
edit Edits the welcome banner.
exit Exits to the previous mode.
priv-level Defines the privilege level of a command.
C ommand Reference
Expand(config)#clock
COMMAND DESCRIPTION
alias Creates a command alias for this mode.
daylight-saving Configures daylight savings.
Defines the start day for summer daylight
saving time (between 1-31).
exit Exits to the previous mode.
priv-level Defines the privilege level of a command.
set [day] [time] Sets the date [dd-mmm-yyyy]
ExpandOS User's Guide
11-10
COMMAND DESCRIPTION
and time [hh:mm:ss].
timezone [min] Defines the time zone, in minutes
(between 0-1380).
Expand(config)#custom policy
COMMAND DESCRIPTION
clear Clears the policy properties.
queue [1-16] [1] [2] [3] Sets the queue number:
[4] [5] [6] 1: Sets the byte count (between
[1] (byte-count) 0-10000).
[2] (default) 2: Sets as the default queue.
[3] (interface) 3: Queues by serial interface.
[card]/[port]
4: Sets the queue limit.
[4] (limit)
5: Queues by protocol.
[5] (protocol) ip
6: TCP or UDP port number.
transport [none] or
[tcp] or [udp]
[6] (tcp or udp port
number)
show Shows the policy properties.
Expand(config)#enable
COMMAND DESCRIPTION
alias Creates a command alias for this mode.
Exits to the previous mode.
exit
no Deactivates a command or set its default.
password [password] Defines a privilege level password and
[level] level (between 1-15).
Sets the unencrypted (clear text)
"enable" password.
Command Reference
11-11
Expand(config)#interface
ethernet 0
COMMAND DESCRIPTION
alias Creates a command alias for this mode.
exit Exits to the previous mode.
ip [IP address] [subnet Defines the IP address and subnet mask.
mask]
mac address Defines the interface’s MAC address.
mode Sets the ACCELERATOR mode to
on-path or on-lan.
no Deactivates a command or sets its default.
priv-level [number] Defines the privilege level of a command
(between 1-15).
show Displays running system information.
Expand(config-if)#hsrp
This command is performed from within the Ethernet interface mode, see the
interface ethernet command, above.
C ommand Reference
COMMAND DESCRIPTION
authentication Sets HSRP authentication string.
Sets the virtual IP address for the HSRP
ip group.
mac-address Sets the MAC address of the HSRP group.
preempt Enables or disables the ACCELERATOR
to preempt lower priority devices in the
HSRP group.
priority Sets the ACCELERATOR’s status within
the HSRP group.
timers [hello time] [hold Enables configuration of Hello Time and
ExpandOS User's Guide
11-12
Expand(config)#interface
serial
COMMAND DESCRIPTION
bandwidth [bps] Sets the bandwidth
(between 32000-4000000).
acceleration [on] or [off] Enables or disables acceleration
(false/true value).
alias [WORD] Creates a command alias for this mode.
clock Sets the clock data.
confirm Confirms that the auto-detection results
are valid.
counters period throughput Defines the counters data throughput
[seconds] period, in seconds (between 5-300).
crc [16-bit] or [32-bit] Sets the CRC length.
or [none]
custom-queue [enable] or Enables or disables custom queuing.
[disable]
dcd [enable] or [disable] Enables or disables Data Carrier Detect,
DCE only.
description [line] Defines an interface-specific description.
drc [chunk-size] [mode] Sets the Data Carrier Detect configuration:
automatic or manual plus size, and
full, semi or off.
Command Reference
11-13
COMMAND DESCRIPTION
encapsulation Sets the interface encapsulation:
[1] (autodetect) 1: Sets the device to detect automatically.
[2] (ppp) 2: Sets the type to PPP.
[3] (hdlc) 3: Sets the type to CISCO-HDLC.
[4] (frame-relay) 4: Sets the type to frame relay.
[5] (lapb) 5: Sets the LAPB options.
[6] (raw-hdlc) 6: Sets the type to unknown protocol over
standard HDLC.
exit Exits to the previous mode.
fair-queue [enable] or Enables or disables weighted fair queuing.
[disable]
hardware [data type] Sets the hardware data type: Amsterdam,
multi-bypass, V.35, or multi-DCE.
ignore Defines the data to be ignored:
[1] (dcd) 1: Disables or enables Data Carrier Detect.
[2] (packet-size) [size] 2: Disables acceleration for a specific
packet size (between 0-5000).
ip [IP address] [subnet Defines the IP address and subnet mask.
mask] Does not appear in Auto detect
encapsulation mode.
keepalive_interval [time] Sets the frequency of keepalives, in
seconds (between 1-60).
C ommand Reference
keepalive_iterations Defines the quantity of keepalives before
[number] the connection is lost (between 1-50).
mtu Defines the maximum MTU size for the
serial interface.
no Deactivates a command or sets its default.
priority-queue [enable] or Enables or disables priority queuing.
[disable]
priv-level [number] Defines the privilege level of a command
(between 1-15).
probe [seconds] Defines the time between probes, in
seconds (between 0-30).
ExpandOS User's Guide
11-14
COMMAND DESCRIPTION
show Displays running system information.
transmit-direction Defines the interface transmit direction:
[1] (duplex) 1: Interface can send and receive data.
[2] (receive-only) 2: Interface can only receive data.
[3] (send-only) 3: Interface can only send data.
type [cable type] Multi-type help: V.35, RS-422, RS-
232, RS-530 or cable (displays which
cable is attached).
Command Reference
11-15
Expand(config-if)#clock
This command is performed from within the serial interface mode, see the interface
serial command, above.
COMMAND DESCRIPTION
rate [bps] Sets the rate from one of the following
values: 0, 2400, 4800, 9600,
19200, 38400, 56000, 64000,
128000, 256000, 512000,
1000000, 1523800, 2000000,
2909000, 3500000, 4000000,
4571400, 5333300, 6400000, or
8000000.
rx polarity [low] or Sets the Rx data to low or high.
[high]
source rx [options] tx Sets the clock source help:
[options] 1: Sets the receive & transmit clock
[1] (source rx internal tx sources to internal.
internal) 2: Sets the receive clock source to external
[2] (source rx external tx & transmit clock source to internal.
internal)
3: Sets the receive clock source to external
[3] (source rx external tx & transmit clock source to external.
external)
4: When the interface is X.21, the clock is
[4] (source from rx only) only derived from the receive.
tx polarity [low] or Sets the Tx data to low or high.
C ommand Reference
[high]
ExpandOS User's Guide
11-16
Expand(config)#interface
tunnel
COMMAND DESCRIPTION
tunnel [tunnel number] Creates an IP tunnel.
[tunnel mode]
tunnel source [local ip Defines the IP tunnel path.
address]
tunnel destination [remote Defines the IP tunnel path.
ip address]
tunnel id Identifies the IP tunnel.
bandwidth Limits tunnel throughput.
tunnel force Forces an IP header on non-accelerated
data.
tunnel allow-fragmentation Enables/disables packet fragmentation of
tunneled packets.
tunnel sequence Enables/disables packet sequence
preservation of tunnel packets.
tunnel service [tos and Configures the IP tunnel service.
precedence or user
defined]
tunnel checksum Enables/disables checksum on tunneled
data.
Expand(config)#led-manager
COMMAND DESCRIPTION
alias Creates a command alias for this mode.
exit Exits to the previous mode.
priv-level Defines the privilege level of a command.
show Displays running system information.
testing [on] or [off] Sets the Testing mode to on or off.
Command Reference
11-17
Expand(config)#line
auxiliary
COMMAND DESCRIPTION
alias Creates a command alias for this mode.
authenticate [enable] or Authenticates the parameters:
[login] enable: Authentication of enable
parameters.
login: Authentication of login
parameters.
authorize Authorizes the parameters:
[1] (none) 1: No authorization list.
[2] (auxiliary) 2: Default authorization list.
[3] (console) 3: Default authorization list.
[4] (telnet) 4: Default authorization list.
exit Exits to the previous mode.
modem Sets the modem connected to the rs line:
[1] (clear) 1: Clears the line by sending an
[2] (hang) initialization AT string.
[3] (type) 2: Hangs up the connection.
3: Modem name.
no Deactivates a command or set its default.
C ommand Reference
password Configures the password.
priv-level Defines the privilege level of a command.
privilege Changes the privilege level for the line.
show Displays running system information.
ExpandOS User's Guide
11-18
Expand(config)#line console
COMMAND DESCRIPTION
alias Creates a command alias for this mode.
authenticate Authenticates the parameters.
authorize Authorizes the parameters.
exit Exits to the previous mode.
no Negates a command or sets its default.
password Configures the password for this line.
priv-level Gives a privilege level to a command.
privilege Changes the privilege level for this line.
show Shows running system information.
Expand(config)#line telnet
COMMAND DESCRIPTION
alias Creates a command alias for this mode.
authenticate Authenticates the parameters.
authorize Authorizes the parameters.
exit Exits to the previous mode.
no Negates a command or sets its default.
password Configures the password for this line.
priv-level Gives a privilege level to a command.
privilege Changes the privilege level for this line.
show Shows running system information.
Command Reference
11-19
Expand(config)#line WebUI
COMMAND DESCRIPTION
alias Creates a command alias for this mode.
authenticate [enable] or Authenticates the parameters.
[login] enable: Authentication of enable
parameters.
login: Authentication of login
parameters.
authorize Authorizes the parameters:
[1] (none) 1: No authorization list.
[2] (auxiliary) 2: Default authorization list.
[3] (console) 3: Default authorization list.
[4] (telnet) 4: Default authorization list.
exit Exits to the previous mode.
no Deactivates a command or set its default.
password Configures the password.
priv-level Defines the privilege level of a command.
privilege Changes the privilege level for the line.
show Displays running system information.
web Enables or disables the web user interface.
C ommand Reference
Expand(config)#local
COMMAND DESCRIPTION
alias Creates a command alias for this mode.
exit Exits to the previous mode.
max-num-of-users [number] Sets the maximum number of users that
can be configured (between 1-50).
no Deactivates a command or sets its default.
priv-level Defines the privilege level of a command.
show Displays running system information.
ExpandOS User's Guide
11-20
Expand(config)#logging
COMMAND DESCRIPTION
alias Creates a command alias for this mode.
autosave period [seconds] Defines the autosave intervals, in seconds
(between 10-1000000).
broadcast Sets broadcast information:
[1] (active) [Y] or [N] 1: Sets broadcast active state to yes or
[2] (priority) [number] no.
[3] (severity) [max] or 2: Sets the user priority for sending
[min] messages (between 1-15).
[4] (terminal) 3: Sets the severity limits to maximum or
[auxiliary], [console] or minimum.
[telnet]
4: Defines to which terminal to send
messages.
exit Exits to the previous mode.
mail Email information:
[1] active 1: Email active state: Yes or No.
[2] domain 2: Domain name parameter <string>.
[3] from 3: From address parameter <string>.
4: Recipients’ data:
[4] recipient Number <1-3>.
[5] server Active state: Yes or No.
Email address.
[6] severity
5: Destination servers’ information
[7] subject <IP address and port number>.
6: Severity limits.
7: The e-mail subject to be sent with the
message.
no Deactivates a command or sets its default.
priv-level Defines the privilege level of a command.
Command Reference
11-21
Expand(config)#modem
COMMAND DESCRIPTION
alias Creates a command alias for this mode.
exit Exits to the previous mode.
modemcap [modem name] Defines the modem and its settings:
[default] NEC: No Echo (E0 or E1).
NRS: No Result Codes (Q0, Q1 or Q2).
ONH: On Hook (H0 or H1).
no Deactivates a command or sets its default.
priv-level Defines the privilege level of a command.
C ommand Reference
show Displays running system information.
ExpandOS User's Guide
11-22
Expand(config)#power-check
COMMAND DESCRIPTION
alias Creates a command alias for this mode.
events [on] or [off] Enables or disables the redundant power
check events:
off: False value.
on: True value.
exit Exits to the previous mode.
no Deactivates a command or sets its default.
priv-level Defines the privilege level of a command.
show Displays running system information.
snooze-interval [number] Sets snooze interval between alerts, in
hours (between 1-72).
Expand(config)#priority
policy
COMMAND DESCRIPTION
clear Clears the policy properties.
queue [1-16] [1] [2] [3] Sets the queue number:
[4] [5] 1: Sets as the default queue.
[1] (default) 2: Queues by serial interface.
[2] (interface) 3: Sets the queue limit.
[card]/[port]
4: Queues by protocol.
[3] (limit)
5: Transport protocol port.
[4] (protocol) ip
transport [none] or
[tcp] or [udp]
[5] (TCP or UDP port)
show Shows the policy properties.
Command Reference
11-23
Expand(config)#RADIUS
COMMAND DESCRIPTION
key [encryption key] Defines the RADIUS default encryption
key.
timeout [seconds] Defines the time to wait for a RADIUS
server to reply (between 0-500000).
alias Creates a command alias for this mode.
exit Exits to the previous mode.
no Deactivates a command or sets its default.
priv-level [number] Defines the privilege level of a command
(between 1-15).
retransmit [number] Sets the number of retries to the active
server (between 1-20). The default is 3.
server [IP address] Adds a RADIUS server to the server list.
show Displays running system information.
Expand(config)#route-rules
COMMAND DESCRIPTION
alias Creates a command alias for this mode.
bridge route[source I/F Sets the global bridge configuration
type] [source I/F] subcommands: source interface
C ommand Reference
[destination I/F type] type (serial or ethernet), source
[destination I/F] interface, destination
interface type, and
destination interface.
bridge use-labels [enable] Enables or disables multiplex-interface
or [disable] configuration mode.
bridge default-label Sets the default path in case of software
[0-15] bypass, valid only if use-labels is
enabled.
exit Exits to the previous mode.
ip default gateway [ip] Defines the default gateway’s IP address.
ExpandOS User's Guide
11-24
Expand(config)#signal-route
COMMAND DESCRIPTION
alias Creates command alias for this mode.
exit Exits to the previous mode.
no Negates a command or set its defaults.
priv-level Gives privilege level to a command.
route Configures the signal route.
show Show running system information.
Expand(config)#simplex
COMMAND DESCRIPTION
alias Creates a command alias for this mode.
exit Exits to the previous mode.
no Negates a command or sets its default.
priv-level [number] Defines the privilege level of a command
(between 1-15).
receive-from Defines the ID for send-only transmission.
send-through Defines IP address and ID for receive-only
transmission.
simplex-port Defines the simplex UDP port.
show Displays running system information.
Command Reference
11-25
COMMAND DESCRIPTION
transmit-direction Defines transmit direction as duplex,
receive only or transmit only.
Expand(config)#SNMP
COMMAND DESCRIPTION
alias Creates a command alias for this mode.
community [community Enables SNMP.
string] Sets a community string and access
privileges.
contact [contact name] Defines the contact person for this unit.
exit Exits to the previous mode.
host [IP address] Defines a host to receive SNMP
[community string] or notifications: The IP address of the SNMP
[user name] notification host, SNMPv1/v2c
community string, or SNMPv3 user name.
interface-table Shows interface if-table index.
location Defines the location for this unit.
no Deactivates a command or sets its default.
priv-level [number] Defines the privilege level of a command
(between 1-15).
rmon Enters RMON mode.
show Displays running system information.
C ommand Reference
snmp [enable] or [disable] Enables or disables the SNMP state.
traps [enable] or Enables or disables SNMP Traps.
[disable]
ExpandOS User's Guide
11-26
Expand(snmp)#RMON
This command is performed from within the Configuration mode, see the
configuration command, above.
COMMAND DESCRIPTION
alias Creates a command alias for this mode.
current memory [number] Current memory allocation.
current status Displays current RMON status: enable or
disable.
exit Exits to the previous mode.
filter-capture RMON I filter tables mode.
future memory [number] RMON memory to be allocated upon next
reboot.
future status Displays RMON status desired upon next
reboot: enable or disable.
no Negates a command or sets its default.
pause Pauses RMON functionality.
priv-level [number] Defines the privilege level of a command
(between 1-15).
show Displays running system information.
status Operation mode in next restart.
Expand(config)#SNTP
COMMAND DESCRIPTION
server [IP address] Configures the server’s IP address.
broadcast [IP address] Configures the broadcast servers IP
address.
alias Creates a command alias for this mode.
exit Exits to the previous mode.
interval [minutes] Defines the interval time, in minutes.
priv-level Defines the privilege level of a command.
Command Reference
11-27
Expand(config)#TACACS
COMMAND DESCRIPTION
key [encryption key] Sets the TACACS+ default encryption
key.
timeout [seconds] Sets the time to wait for a TACACS+
server to reply, in seconds (between
1-500000).
alias Creates a command alias for this mode.
attempts [number] Defines the number of authentication
request retries (between 1-20).
auto_send [yes] or [no] Enables or disables automatic requests and
the sending of user and password data.
exit Exits to the previous mode.
no Deactivates a command or sets its default.
priv-level [number] Defines the privilege level of a command
(between 1-15).
server [IP Address] Enables an additional TACACS+ server to
be added to the server list.
show Displays running system information.
C ommand Reference
Expand(config)#terminal
COMMAND DESCRIPTION
alias Creates a command alias for this mode.
exit Exits to the previous mode.
lines [number] [current] Configures the number of lines for the
current session (between 3-512).
no Deactivates a command or sets its default.
priv-level [number] Defines the privilege level of a command
ExpandOS User's Guide
11-28
(between 1-15).
show Displays running system information.
timeout [minutes] Activates the terminal session idle
time out [1-9999].
Show Commands
Expand#show
COMMAND DESCRIPTION
acceleration Displays all acceleration information.
aliases Displays the aliases defined for Exec
mode.
banner Displays the banner text.
boot Displays the system boot parameters.
clock Displays the clock data.
configure Displays the Primary Configuration mode
information.
cpu-counter Displays the gateway counter for the last
second.
cpu-utilization Displays the CPU utilization in
percentages.
daylight-saving Displays the daylight savings time
settings.
debug Displays debug data information.
events Displays the events selection parameters.
frame-relay Displays frame relay data.
hostname Displays the system's network name.
interface Displays the interface data.
led-manager Displays the LED manager.
leds Displays the LED mode.
line Displays the terminal line configuration.
Command Reference
11-29
COMMAND DESCRIPTION
local Displays the local configuration.
logging Displays the logging data.
memory Displays the memory data.
modem Displays the modem settings.
net-tftp Displays the net-TFTP parameters.
power-check Displays the redundant power supply.
privilege Displays the current privilege level.
radius Displays the RADIUS configuration.
route-rules Displays the routing definitions.
snmp Displays the SNMP data.
sntp Displays the SNTP data.
tacacs Displays the TACACS configuration.
tech-support Displays system information for purposes
of technical support query diagnosis.
terminal Displays the terminal settings.
up-time Displays the system uptime since the last
reboot.
version Displays the system version.
watch-dog Displays System Watch Dog.
Expand#show events
C ommand Reference
COMMAND DESCRIPTION
long Displays the events in the long format.
short Displays the events in the short format.
filter Displays the filtered results by the required
[1] (message) fields:
[2] (severity) 1: Message counter's display range.
2: Severity's display range.
sortby Displays sorted fields.
ExpandOS User's Guide
11-30
BootRom Commands
These commands can be invoked during ACCELERATOR’s boot-up, by pressing
<Control-C>:
COMMAND DESCRIPTION
cd [path] Defines the current directory.
copy flash ftp Copies a file from the flash using FTP.
copy flash tftp Copies a file from the flash using TFTP.
copy ftp flash Copies a file to the flash using FTP.
copy tftp flash Copies a file to the flash using TFTP.
delete [file name] Deletes a file.
dir [directory name] Displays the contents of a directory.
erase flash Erases all flash files.
flash size Displays the available and used space for
flash.
ftp password [password] Configures a password for the FTP server.
ftp username [username] Configures a username for the FTP server.
ipshow Displays the IP configuration.
mkdir [directory name] Creates a directory.
ping [address] [num of Tests that a remote host can be reached.
packets]
pwd Prints the current directory.
rmdir [directory name] Deletes a directory.
routeshow Displays the routing table.
Chapter 12
LAN Resilience
HSRP
HSRP Overview
In the event that the Active device fails, the Standby device assumes the
packet-forwarding duties of the Active device. If the Standby device fails
or becomes the Active device, then another device is elected as the Standby
device. Hosts continue to forward IP packets to a consistent IP and MAC
address, and the changeover of devices is transparent.
ExpandOS User's Guide
12-2
ACCELERATORs can take part in HSRP and work in tandem with routers
to provide backup for the network. The following figure displays an
ACCELERATOR application working with routers in a virtual HSRP
group. The ACCELERATOR and routers are configured with the MAC
address and the IP network address of the virtual HSRP group.
HSRP GROUP
HSRP
Standby Device PUBLIC NETWORK
Listen Device
Active Device
ACCELERATOR
Configuring HSRP
Expand recommends that you use the auto-config command to
configure the ACCELERATOR.
LAN Resilience
12-3
HSRP Auto-Configuration
The auto-config command ensures that the correct HSRP parameters
are implemented for the ACCELERATOR to become the Active device in
all HSRP groups on the LAN.
HSRP
HSRP group, gives the ACCELERATOR a priority higher than that of the
current Active device and enables preempt, allowing the ACCELERATOR
to continually try to be the Active device (see Manual HSRP Configuration
parameters, below, for details on the specific parameters).
NOTE:
Expand recommends that you avoid a situation in which two ACCELERATORs on
the same LAN are both set to auto-config enable.
ExpandOS User's Guide
12-4
HSRP
If an ACCELERATOR has been manually configured, auto-
configuring the ACCELERATOR will overwrite any parameters
necessary, so that the ACCELERATOR will be the Active device in all
HSRP groups.
HSRP
setting. If you change the default authentication setting, verify that all the other
devices in the HSRP group have the same authentication setting.
IMPORTANT:
The Virtual Router’s MAC address must be identical for all devices in the HSRP
group. If you change the MAC address in the ACCELERATOR, make sure you
change it in all other devices participating in the HSRP group.
NOTE:
If you change the MAC address, be careful to assign an address that is not used by
any other device on the local network.
HSRP
! To set the HSRP MAC address:
1 In Enable mode, type configure, and press <Enter>.
2 Type interface followed by a space, and then type ethernet
followed by a space and then the interface name, for example 0 (for
ACCELERATOR 4800) or 3/0 (in ACCELERATOR 2700 series).
3 Press <Enter> to enter Interface configuration mode.
4 Type hsrp, followed by a space, followed by the group number and
then type mac-address and enter the desired MAC address
5 Press <Enter>.
HSRP
! To enable priority status:
1 In Enable mode, type configure, and press <Enter>.
2 Type interface followed by a space, and then type ethernet
followed by a space and then the interface name, for example 0 (for
ACCELERATOR 4800) or 3/0
(in ACCELERATOR 2700 series).
3 Press <Enter> to enter Interface configuration mode.
4 Type hsrp, followed by a space, followed by the group number
followed by a space, and then type priority, followed by a space,
and then type in the number of priority level to be given to the
ACCELERATOR (0 to 255) and press <Enter>.
NOTE:
In the event that two devices in the HSRP group have the same priority, the Active
router will be set according to IP address. Expand does not recommend this setup.
Expand recommends that you do not change the default timer setting!
IMPORTANT:
The default rate is 3 second Hello Time and 10 second Hold Time. It is
recommended that the Hold Time be more than three times the length of the Hello
Time.
HSRP
2 Type interface followed by a space, and then type ethernet
followed by a space and then the interface name, for example 0 (for
ACCELERATOR 4800) or 3/0 (in ACCELERATOR 2700 series).
3 Press <Enter> to enter Interface configuration mode.
4 Type hsrp, followed by a space, then type the group number followed
by a space, and then type timers, followed by a space, followed by
the number of seconds to be set as hello time, followed by the number
of seconds to be set as hold time, and press <Enter>. For example:
hsrp 1 timers 4 15
IMPORTANT:
It is imperative that all members of the HSRP group have the same Hello Time and
Hold Time. If you change the default parameters, make sure you do so on all
members of the HSRP group.
NOTES:
Increasing timer-default rates will shorten the time that the network has without a
default gateway during Active router changeover, but will increase the protocol
bandwidth overhead and vice versa.
If the ACCELERATOR is not currently the Active device in the HSRP group, Timer
settings will be derived from the Active device and any timer configurations that you
set in the ACCELERATOR will not be saved.
HSRP
then type ip, followed by a space, followed by the Virtual Router’s IP
address (VIP), and press <Enter>.
IMPORTANT:
It is essential that all the devices in the HSRP group have the same VIP.
Group 0
Local state is Standby
Active router is 10.0.214.11
Standby router is local
authentication........................cisco
ip....................................10.0.118.110
mac-address...........................0000.0c07.ac00
preempt...............................enable
priority..............................222
timers................................3
hold..........................10
! The Local state displays the ACCELERATOR’s status as follows:
ExpandOS User's Guide
12-10
# Initial
Initial state before configuration (this will not be visible in the show
menu)
# Learn
The ACCELERATOR can learn the VIP from the Active device, for
cases in which it was not configured.
# Listen
The ACCELERATOR listens to the other HSRP members on the
HSRP
same subnet
# Speak
The ACCELERTOR sends packets including priority data
(including coup packets)
# Standby
The ACCELERATOR is waiting for the Active device to become
inactive (fault condition or unavailable)
# Active
The Active device adds the MAC address of the virtual router to its
interface; all packets sent to the VIP will reach this interface.
This router answers all ARP, ping and Telnet messages sent to the
VIP.
! The Active router state displays the real IP address of the Active
device or “local”, if the ACCELERATOR itself is currently the Active
device.
! The Standby router state displays the real IP address of the Standby
router or “local” if the ACCELERATOR itself is currently the Standby
device.
LAN Resilience
12-11
Protocol Monitor
In HSRP, it is important that all the devices are synchronized and have
compatible settings. After HSRP configuration is complete and stable, it is
possible to configure the protocol-monitor command to enable email
messages to be sent to network administrators in the event that HSRP
settings change. Protocol monitoring enables you to receive errors for all
HSRP devices on the LAN.
NOTE:
HSRP
If protocol-monitor is set, before HSRP configuration is complete and stable, a
number of error emails may be generated as the HSRP settings are updated to the
proper configuration.
! To set protocol-monitor:
1 In Enable mode, type configure, and press <Enter>.
2 Type interface followed by a space, and then type ethernet
followed by a space and then the interface name, for example 0 (for
ACCELERATOR 4800) or 3/0 (in ACCELERATOR 2700 series).
3 Press <Enter> to enter Interface configuration mode.
4 Type hsrp, followed by a space, followed by protocol-monitor
and then type one of the following protocol monitor severity levels:
debug-logging
info-logging
warning-logging
error-logging
fatal-logging
no-logging
5 Press <Enter>.
Drop Recovery (DRC)
A-1
D rop Recovery
Appendix A
Drop Recovery
(DRC)
Overview
Drop Recovery Code (DRC) is a unique mechanism used to tackle data loss
problems. Occasionally, the network drops packets. This can occur when
ACCELERATORs are connected over "noisy" lines, or over WAN links
with statistical multiplexing capabilities (such as Frame Relay). Beginning
with ExpandOS 3.5, ACCELERATORs can apply a recovery mechanism to
handle this phenomenon.
DRC Modes
There are currently three different DRC modes:
! DRC Off
! DRC Semi
! DRC Full
DRC Off
In this mode, the DRC mechanism performs the relatively simple task of
segmenting the packets coming out of the ACCELERATOR to the required
chunk size, as described in the following section. The ACCELERATOR at
the other end reassembles the packets. If a chunk is lost, it does not attempt
to recover it but merely waits for the beginning of the next packet, and
continues from there.
It should be noted that the term chunk refers to the data packet travelling
between the machines. The term chunk size (explained in the following
section) defines the largest chunk that can travel between the machines.
DRC Semi
In this mode, the DRC mechanism attempts to recover lost chunks by
retransmitting the lost data (packet) from the originating ACCELERATOR.
The DRC utilizes a reliable retransmission mechanism, enabling it to
retrieve lost data quickly.
No bandwidth is wasted when this mode is used, because the DRC transfers
extra data over the line only when packet loss occurs. This is similar to the
activity performed by other, reliable, higher level protocols (for example,
TCP) running on the line.
In this mode, when a chunk is lost, the DRC accumulates the received
packets and releases them only after the lost packet is retrieved.
Drop Recovery (DRC)
A-3
DRC Full
D rop Recovery
When using this mode, the transmitting ACCELERATOR sends a
correcting chunk (for example, a data delivery assurance packet) for every
predefined number of transmitted chunks. The correcting chunk contains
information about the chunks preceding it, and the receiving side uses these
special chunks to recover lost chunks.
The DRC Full mechanism requires more resources (CPU time per packet
handled) than DRC Semi. Transmitting the correcting chunks also costs in
terms of bandwidth. If the DRC rate (as described on the following page) is
1
set to x, then of the bandwidth is spent for DRC usage, causing a
( x + 1)
reduction in the provided acceleration ratio.
In this mode, as in the DRC Semi mode, when a chunk is lost, the packets
accumulate in the DRC until it can recover the lost data.
ExpandOS User's Guide
A-4
Chunk Size
The chunk size used can be determined using one of two possible methods:
! Automatic: DRC will use 1500 as the chunk size. This option should
be sufficient for most configurations, and is the default configuration.
! Manual: Choosing this option allows the user to manually specify the
required chunk size. The chunk size cannot be configured to be higher
than the interface MTU.
DRC Rate
This feature is only available when working in the DRC full mode. DRC
rate determines the transmission rate of correcting chunks. Setting this
1
value to x, means that of the bandwidth is spent for DRC
( x + 1)
correcting chunks, causing a reduction in the provided acceleration ratio.
1
For example, if the DRC rate is set to 12, then of the bandwidth is spent
13
for DRC usage.
DRC Depth
This feature is only available when working in the DRC full mode. Setting
this value to x means that each correcting chunk contains information about
the x chunks that precede it. The default setting is 255. There is no reason
to change this field value.
Drop Recovery (DRC)
A-5
Configuring DRC
D rop Recovery
This section provides general guidelines about to how to configure the
DRC mode, chunk size, and rate over different lines. The main parameters
are the line BER and round-trip time. Many other factors influence the
required configuration, several of which are not commonly monitored in
most networks, and as such, they are omitted in this section. It should be
noted that these are general guidelines. The behavior on a specific line may
be different, and require more fine-tuning.
Mode Configuration
Use DRC Off over very reliable lines (for example, point-to-point leased
lines). It can be assumed that the line will not be "noisy", causing packet
loss.
On less reliable lines with a relatively low round trip time, use DRC Semi.
It should be noted that the retransmit mechanism works better when the
round-trip time is lower. This is very intuitive, since the success of this
mechanism heavily depends upon the time it takes from when a retransmit
request is sent until the lost data arrives.
When using lines with a relatively high BER, use DRC Full. It should be
noted that when a chunk is lost, two mechanisms attempt to recover it,
namely, retransmit, and the recovery mechanism using the correcting
chunks. The data is recovered when the first mechanism is successful.
When using lines with a low round-trip time, the retransmit mechanism is
usually used. This changes for lines with a higher round-trip time or if the
chunk size or rate value (as described in the following sections) is
decreased.
When using DRC Full over lines with a higher probability of packet loss,
especially lines with a higher round-trip time in which the retransmit
mechanism is limited, configure the chunk size manually to 500-1000
(assuming that the defined MTU is higher). This should usually be
performed concurrently when changing the DRC rate to a smaller value, as
described in the following section.
Changing the DRC rate should usually be performed when manually setting
the chunk size to a lower value (around 500). This is performed on lines
with high chunk loss and a relatively high round-trip time, in which the
retransmit mechanism is weaker.
IMPORTANT:
Do not trade a lower DRC rate for a higher chunk size. The bandwidth consumed by
the DRC will be higher, without improving the DRC function.
In order to determine the proper DRC setting for your needs, match the line
D rop Recovery
round-trip time to the average error rate, and this is your recommended
setting for proper operation of the ACCELERATOR. Anything above this
figure is considered beyond the capability of the ACCELERATOR.
It is important to note that our lab simulation assumes that the drop rate is
constant. The ACCELERATOR can handle bursts of packet loss if they are
followed by periods of calm. Also, the figures given are lab simulation
results. Real world figures might be different.
NOTE:
-11
For lines with BER < 10 , you can use default settings. For other lines, refer to
the table below.
ExpandOS User's Guide
A-8
D rop Recovery
PACKETS: Minimum: 1050 (bytes)
Average: 1300 (bytes)
Maximum: 1550 (bytes)
CONFIGURATION DRC SETTINGS
I semi
II full, 1000, rate 12
III full, 500, rate 12
IV full, 500, rate 6
ExpandOS User's Guide
A-10
Show Commands
B-1
Appendix B
S how Commands
Show Commands
Overview
Bandwidth...........................2000000
Description: Actual line's speed on the DTE interface. Only applicable in
cases where an external clock is provided to the interface.
autodetect subinterfaces............enable
Description: This is applicable only for Frame Relay with subinterfaces. It
enables/disables creation of new DLCIs. In a point-to-point application, this
command will not be present.
mode................................DTE
Description: Read-only parameter.
acceleration........................on
Description: Sets acceleration on/off for interfaces and/or sub-interfaces.
clock rate..............................2000000
Description: DTE port’s clock rate. Please refer to the list of supported
rates. This value is not applicable when the clock source is set to rx external
tx external.
rx polarity.......................low
Description: Sets the sampling method on the Rx clock (rising or falling
edge of the clock signal).
tx polarity.......................low
Description: Sets the sampling method on the Tx clock (rising or falling
edge of the clock signal).
Show Commands
B-3
counters period
performance.......................30
throughput........................30
S how Commands
Description: Interval of time during which data is calculated.
crc.................................16-bit
Description: CRC method (16-bit or 32-bit). Must be set according to the
Router settings.
description.....................(not configured)
Description: Configurable user description text string for the interface.
drc
chunk-size
method..........................manual
size............................550
depth.............................255
mode..............................full
rate..............................12
encapsulation..autodetect (frame-relay cisco)
Description: Refer to Appendix A for a detailed description of the DRC
feature.
queuing strategy....................fifo
Description: Sets the queuing mechanism used (FIFO, WFQ, PQ, CQ) for
the interface.
ignore dcd..........................enable
Description: Indicates if the ACCELERATOR ignores (transmits data
regardless of the DCD signal) or enables (uses the DCD signal from the
WAN termination device).
keepalive-interval..................3
Description: Time interval between keepalive signals. This signal is sent
only when the interface status is connected.
ExpandOS User's Guide
B-4
keepalive-iterations................10
Description: Number of missed keepalive signals after which the status
changes to not connected (S/W bypass). The disconnection time can be
derived by multiplying the keepalive interval value by the keepalive
iterations value.
mtu.................................2000
Description: Defines the maximum packet size that the DCE serial
interface passes to ExpandOS. This parameter should be configured in
consideration of the MTU specified in the router. For further information,
refer to Chapter 3, Configuring the ACCELERATOR.
operational probe...............................5
Description: A packet that is sent from an ACCELERATOR to the other
end of a communications link to determine if another ACCELERATOR is
connected at the remote end. When a second ACCELERATOR is detected,
the two devices are able to synchronize and begin communication. The
probe command defines the frequency with which probe packets are sent.
type................................cable (v.35)
Description: Indicates the cable type connected to the interface throughput.
S how Commands
current serial interface configuration information (for the purpose of this
appendix, Serial Subinterface 0/0.1 is viewed). The output is displayed as
follows:
acceleration..........................on
Description: Enable/Disable acceleration in a subinterface (Frame Relay
DLCI).
bandwidth.............................200000
Description: Rate of the logical interface.
description....................(not configured)
Description: Configurable user description text string for the interface.
drc
chunk-size method...................automatic
mode................................off
interface-dlci........................504
Description: Refer to Appendix A for a detailed description of the DRC
feature.
ip
address.............................0.0.0.0
mask................................0.0.0.0
Description : The subinterface's IP address.
keepalive-interval....................3
Description : Time interval between keepalive signals. This signal is sent
only when the interface status is connected.
keepalive-iterations..................10
Description : Number of missed keepalive signals after which status
changes to not connected (S/W bypass). The disconnection time can be
derived by multiplying the keepalive interval value by the keepalive
iterations value.
ExpandOS User's Guide
B-6
probe.................................5
Description: A packet that is sent from an ACCELERATOR to the other
end of a communications link to determine if another ACCELERATOR is
connected at the remote end. When a second ACCELERATOR is detected,
the two devices are able to synchronize and begin communication. The
probe command defines the frequency with which probe packets are sent.
status
inbound.............................connected,
cores, self loopback
outbound............................connected,
cores, self loopback
transmit-direction....................duplex
Description: Displays the subinterface’s status:
Inbound means into the ACCELERATOR from a remote
ACCELERATOR.
Outbound means from the ACCELERATOR towards a remote
ACCELERATOR.
Loop back detection allows detecting and reporting of a state where the
interface is looped back. This state can be caused by a loop back in the
WAN termination device, for example, CSU/DSU or Modem. In addition,
physical loop back on the WAN interface enables testing.
S how Commands
performance
Data | System Up | Since Clear | Last 30 Secs
-----------------+-----------+-------------+-------------
in acceleration | +297% | +297% | N/A
lost packets | 1 | 1 | 0
out acceleration | N/A | N/A | N/A
retransmit packets
recovered packets
-----------------+-----------+-------------+-----
Description: Displays performance counters data in various intervals:
In acceleration – Acceleration figures for inbound traffic (into the
ACCELERATOR).
Lost packets: Number of inbound packets lost.
Out acceleration: Acceleration figures for outbound traffic (from the
ACCELERATOR).
Retransmit packets: Number of retransmitted packets.
Recovered packets: Number of packets recovered by the DRC mechanism.
counters period
performance.........................30
throughput..........................30
Description: Configurable period for the performance and throughput.
ExpandOS User's Guide
B-8
Show Acceleration
The show acceleration command shows which interfaces/
subinterfaces are currently connected, how many cores are allocated to each
one and the acceleration percentage in the last sampling period (defined by
the counters period). The output is displayed as follows:
+--------------+--------------+--------------+
|Interface |Resources |Performance |
+--------------+--------------+--------------+
| Outbound |
+-----------+----------+---------------+
| 0/0.10 | 1 | +340% |
| 0/0.9 | 1 | +339% |
| 0/0.8 | 1 | +337% |
| 0/0.4 | 1 | +339% |
| 0/0.7 | 1 | +338% |
| 0/0.2 | 1 | +338% |
| 0/0.6 | 1 | +338% |
| 0/0.3 | 1 | +338% |
| 0/0.5 | 1 | +341% |
+-----------+----------+---------------+
| Inbound |
+-----------+----------+---------------+
| 0/0.10 | 1 | +340% |
| 0/0.9 | 1 | +340% |
| 0/0.8 | 1 | +338% |
| 0/0.4 | 1 | +339% |
| 0/0.7 | 1 | +339% |
| 0/0.2 | 1 | +339% |
| 0/0.6 | 1 | +339% |
| 0/0.3 | 1 | +339% |
| 0/0.5 | 1 | +342% |
+-----------+----------+---------------+
Show Commands
B-9
Expand#
0/1
These are the parameters of the DCE interface:
S how Commands
Bandwidth...........................2000000
autodetect subinterfaces............enable
Mode................................DCE
acceleration........................on
bypass..............................disable
Description: H/W bypass enabling/disabling command.
clock
rate..............................2000000
rx polarity.......................low
source............................rx internal tx
internal
tx polarity.......................low
counters period
performance.......................30
throughput........................30
crc.................................16-bit
dcd.................................enable
description.........................(not configured)
drc`
chunk-size method.................automatic
mode..............................semi
encapsulation.......................autodetect (frame-
relay cisco)
queuing strategy....................fifo
hardware type.......................Multi Bypass Rev: 1
ignore dcd..........................enable
keepalive-interval..................3
keepalive-iterations................10
mtu.................................8000
operational
probe...............................5
DCD=U DSR=U DTR=U RTS=U CTS=U
type................................cable (v.35)
ExpandOS User's Guide
B-10
throughput
Data | System Up | Since Clear| Last 30 Secs
----------------+---------------+------------+------------
CRC Errors | 1,844 | 1,844 | 0 /Sec
Dropped Bytes | 0 | 0 | 0 /Sec
Dropped Packets | 0 | 0 | 0 /Sec
In Bytes | 81,883,449,647 | 81,883,449,647 | 606.73 Kbps
In Packets | 76,546,331 | 76,546,331 | 90.7 /Sec
Out Bytes | 37,231,940,341 | 37,231,940,341 | 648.77 Kbps
Out Packets | 76,577,116 | 76,577,116 | 108.33 /Sec
----------------+----------------+----------------+------------
0/1.1
acceleration........................on
bandwidth...........................666666
description.........................(not configured)
drc
chunk-size method.................automatic
mode..............................semi
interface-dlci......................600
ip
address...........................0.0.0.0
mask..............................0.0.0.0
keepalive-interval..................3
keepalive-iterations................10
probe...............................5
status
inbound...........................not connected
outbound..........................not connected
transmit-direction..................duplex
Show Commands
B-11
throughput
Data | System U | Since Clear | Last 30 Secs
------------+----------------+----------------+-------------
S how Commands
In Bytes | 81,866,251,961 | 81,866,251,961 | 606.62 Kbps
In Packets | 75,424,059 | 75,424,059 | 89.7 /Sec
Out Bytes | 37,216,284,534 | 37,216,284,534 | 648.65 Kbps
Out Packets | 75,496,299 | 75,496,299 | 107.33 /Sec
------------+----------------+----------------+-------------
performance
Nothing to display.
counters period
performance.......................30
throughput........................30
ExpandOS User's Guide
B-12
memory
RAM size..............................131068
Kbytes
packet
maximum-free-block..................7340032
num-blocks..........................1
num-free-blocks.....................1
status..............................ok
total-get-blocks....................0
total-occupied-bytes................0
Show Commands
B-13
memory
RAM size.....................……....131068 KBytes
Description: The actual installed physical memory in the box. The rest is
S how Commands
internal information regarding the buffers used for packet storage. All
packets in the system, in every queue, interface and DRC module, share
one huge memory pool. These are the statistics for this pool.
packet
maximum-free-block........….7340032
Description: The largest empty block that is currently allocated. This
indicates the fragmentation status of the memory pool.
num-blocks................………1
Description: Into how many blocks the pool is currently divided. Like
maximum-free-block, num-blocks indicates the fragmentation
status. One block means that the whole pool is unfragmented, and the entire
space is contiguous.
num-free-blocks....……...…..1
Description: Same as num-blocks, but only indicates unallocated
blocks, or free space.
ExpandOS User's Guide
B-14
status...................…………....ok
Description: Status of the system. If "not OK" is displayed, the system is
probably about to crash shortly.
total-get-blocks.........……......0
Description: How many times the allocation function has been invoked
since the system was started. This counter increases by 1 every time a
buffer is allocated from the pool.
total-occupied-bytes........……0
Description: How many bytes are currently allocated in the system. This
gives the system wide buffer utilization.
Show Commands
B-15
S how Commands
of the information that can assist Expand Networks Customer Support to
better diagnose your technical support queries. Invoking this command
displays the following output on the terminal screen:
! Show version
! Show time
! Show up-time
! Debug events long
! Debug tasks
! Show CPU counter
! Show memory
! Show interface
! Write terminal
For a detailed description of each parameter and examples see the
following:
show-version
ExpandOS, Accelerator 4000 Series
Version 3.5(0)Beta 4
Expand Networks, Inc.
Compiled at April 18 16:42:11 2001(Build 9)
Kernel version: 1.0.1 Compiled at Mon Aug 14
14:26:55 2000 (Build 0)
Bootrom version: No Bootrom info available.
With redundant power
show-time
System time is: MON APR 23 08:42:25 2001
Time zone offset: 0 minutes
ExpandOS User's Guide
B-16
show-up-time
System is up for 14 hours, 54 minutes and 22 seconds.
debug-events-long
22-APR-01 17:41:32 <info> #25 TrapBasic.cpp(11)
Interface Serial 0/1, changed
state to down
22-APR-01 17:44:43 <info> #25 TrapBasic.cpp(11)
Interface Serial 0/1, changed
state to up...
debug-tasks
show-cpu-counter
cpu-counter.............................302700
write-terminal
S how Commands
Calculating Acceleration
C-1
Appendix C
C alculating Acceleration
Calculating
Acceleration
Overview
For Frame Relay, do the calculation for each subinterface individually; that
is, serial 0/0.x and 0/1.x, where x is the subinterface number.
Example 1
The router’s output bytes (the ACCELERATOR’s serial 0/1 in bytes) is
256 Kbps, while the ACCELERATOR transmits to the WAN termination
device (through serial 0/0) at a rate of 128 Kbps. The result is:
(256/128)-1 = 1.00 = 100% acceleration
ExpandOS User's Guide
C-2
Example 2
The router’s output bytes (the ACCELERATOR’s serial 0/1 in bytes) is 4
Mbps, and the ACCELERATOR transmits to the WAN termination device
(through serial 0/0) at a rate of 1.5 Mbps. The result is:
(4/1.5)-1 = 1.666 = 166.66% acceleration
Example 3
The router’s output bytes (the ACCELERATOR’s serial 0/1 in bytes) is
512 Kbps, and the ACCELERATOR transmits to the WAN termination
device (through serial 0/0) at a rate of 512 Kbps. The result is:
(512/512)-1 = 0 = 0% acceleration
Byte Counts
Serial 0/0
C alculating Acceleration
Serial 0/1
Refer to the above right-hand side column (last 30 seconds) numbers for
this example.
Outbound Example
From the router, we received 4.75Kbps, and we output to the CSU
1.55Kbps. The result is (4.75/1.55)-1 = 2.06 x 100% = 206%
Inbound Example
From the CSU, we received 3.11Kbps, and we output to the router
19.38Kbps. The result is (19.38/3.11)-1 = 5.23 x 100% = 523%
This is the amount of data being sent over the WAN link via Serial 0/0, that
is, the ACCELERATOR transmits at 1.55 Kbps, and receives at 4.75 Kbps
at the other end.
Appendix D
Password
Recovery
P assword Recovery
Overview
6 Type dir, and press <Enter> to display the updated list of directories:
Appendix E
MAXIMUM PVCs
Maximum PVC
Overview
Appendix F
L OG FILE EVENTS
Log File Events
Introduction
This chapter describes event log features and lists all commands related to
error messages.
NOTE:
For a list of all ExpandOS events, see the Event Log Reference Guide.
Event Logging
The logging commands allow you to record events such as errors,
warnings, and state transitions. Logging starts automatically when the
system boots up. The logging and notification settings enable you to
monitor the ACCELERATOR's activities on your network. The logging
feature in the ACCELERATOR can save messages in a local log file or
direct the messages to other devices. The logging functions include:
! Storage of logging information for monitoring and troubleshooting.
! Selection of the types of captured logging information.
! Definition of the destination for captured logging information.
ExpandOS 3.5 User's Guide
F-2
Levels of Severity
The following logging levels are supported:
! Debug: Debugging messages
! Info: Informational messages
! Warning: Warning conditions exist
! Error: Error conditions exist
! Fatal: Unit failure
L OG FILE EVENTS
These levels are related to the severity levels used by e-mail and broadcast
functions. When used with these, the user can define the minimum and
maximum event logging (range) that will be emailed or broadcasted.
Debug Events
Events that are recorded to assist in diagnostics of issues within the
operation of the ACCELERATOR. These events are principally of a
technical support nature .For example:
Info Events
Status changes that occur in the normal operation of the system, for
example:
Warning Events
Events that identify issues or configuration errors within the
ACCELERATOR. The system continues to run, but action may be required
to return the ACCELERATOR to normal operating standards, for example:
L OG FILE EVENTS
PortOptionMultiType::PortOptionMultiType error
emulation type.
Error Events
Events that may occur sporadically but from which the ACCELERATOR
easily recovers, for example:
Fatal Events
Events for which corrective action must be taken before the
ACCELERATOR will return to operation, for example:
L OG FILE EVENTS
! Occurrence: The number of times this log has been recorded.
! Message-text: Text string containing detailed information about the
event being reported.
TWDSupervisor.cpp(26) TWDSupervisor::TWDSupervisor
Watch Dog: Reboot system due to a failure of
client, named: TelnetDaemon.
Autosave Period
Autosave period determines (in seconds) when the AutoSave function is
L OG FILE EVENTS
performed. This setting enables the ACCELERATOR to save its local log
files to the Flash.
Broadcast
Broadcast configures how log messages are sent, the importance of each
message, and where they appear.
L OG FILE EVENTS
2 Press <Enter>.
Show
Show enables the user to look at specific settings, as required, instead of
the entire log table. Aliases, autosave, broadcast, mail, and syslog
information can be located using the show command when in the Logging
configuration mode.
! To view specific settings:
1 In Logging configuration mode, type show, followed by a space and
then the required setting:
L OG FILE EVENTS
# alias, to view aliases defined for the logging mode,
-or-
# autosave, to view autosaved data,
-or-
# broadcast, to view broadcast information,
-or-
# mail, to view e-mail information,
-or-
# syslog, to view syslog information.
2 Press <Enter>.
Syslog
Syslog determines where the syslog server is located (IP address), what
types of levels are sent, and at what severity level. Configuring syslog
levels involves defining codes that will enable the syslog daemon to
interpret ACCELERATORs H/W ExpandOS events. Codes must be
defined for the facility (to identify the ACCELERATOR in the user
network level) and level error (identifies the level of the system event :
information, warning or error) parts of syslog messages.
! To configure syslog:
1 In Logging configuration mode, type syslog, followed by a space
and then the required setting:
# active, for the syslog active state,
ExpandOS 3.5 User's Guide
F-8
-or-
# facility, for facility's data,
-or-
# level, for facility's level of sent messages,
-or-
# server, for syslog information,
-or-
# severity, for severity limits.
L OG FILE EVENTS
2 Press <Enter>.
L OG FILE EVENTS
-or-
# minimum, to set the severity of messages to send to minimum.
2 Press <Enter>.
ExpandOS 3.5 User's Guide
F-10
L OG FILE EVENTS
SYSLOG =5 , /* messages generated internally by syslogd */
LPR =6 , /* line printer subsystem */
NEWS =7 , /* network news subsystem */
UUCP =8 , /* UUCP subsystem */
CRON =9 , /* clock daemon */
/* other codes through 15 reserved for system use */
LOCAL0 =16 , /* reserved for local use */
LOCAL1 =17 , /* reserved for local use */
LOCAL2 =18 , /* reserved for local use */
LOCAL3 =19 , /* reserved for local use */
LOCAL4 =20 , /* reserved for local use */
LOCAL5 =21 , /* reserved for local use */
LOCAL6 =22 , /* reserved for local use */
LOCAL7 =23 /* reserved for local use */
NOTE:
L OG FILE EVENTS
This is the only logging section of the configuration.
From Logging configuration mode, type show, and press <Enter>. The
current configuration information is displayed, as follows:
logging
autosave period.......................60
broadcast
active..............................no
priority............................1
severity
maximum...........................fatal
minimum...........................debug
terminal............................auxiliary,
console
mail
active..............................
domain..............................(not
configured)
from................................(not
configured)
recipient
ExpandOS 3.5 User's Guide
F-12
active..........................no
email...........................(not
configured)
2
active..........................no
L OG FILE EVENTS
email...........................(not
configured)
3
active..........................no
email...........................(not
configured)
server
ip................................0.0.0.0
port..............................25
severity
maximum...........................fatal
minimum...........................debug
syslog
active..............................no
facility............................1
level
debug.............................15
error.............................11
fatal.............................10
info..............................14
warning...........................12
server
ip................................0.0.0.0
port..............................514
severity
maximum...........................fatal
minimum...........................debug
Log File Events
F-13
The events within the log can be displayed using one of several commands.
Using the 'show events' or 'debug events' command group will define what
output is displayed regarding data stored in the event log.
L OG FILE EVENTS
Filtering allows the viewer to determine what type or types of events are
desired.
! To debug events:
1 In Enable mode, type debug events, followed by a space and the
required range, as follows:
# all, to display events giving the long format,
-or-
# long, to display events, giving the full description.
2 Press <Enter>.
ExpandOS 3.5 User's Guide
F-14
! To filter events:
1 In Primary Configuration mode, type show events filter,
followed by a space and the required range, as follows:
# message, to display the message counter's range,
-or-
# severity, to display severity's range.
2 Press <Enter>.
L OG FILE EVENTS
NOTE:
To clear all entries in the Events Log, type clear events.
L OG FILE EVENTS
20-OCT-00 10:15:30 <debug> #1 corehandler.cpp(521)
CoreHandlerR::CoreHandlerR Inbound connection
established at 0/0.4.