2. Computers & electronics
  3. Software
  4. Alcatel-Lucent
  5. OmniAccess 700

Alcatel-Lucent OmniAccess 700 Cli Configuration Manual

  • Hello! I am an AI chatbot trained to assist you with the Alcatel-Lucent OmniAccess 700 Cli Configuration Manual. I’ve already reviewed the document and can help you find the information you need or explain it in simple terms. Just ask your questions, and providing more details will help me assist you more effectively!
Beta
1
2
Notes on numbered items on banner & legal pages
1
Man26801 West Agoura Road
Calabasas, CA 91301
(818) 880-3500
FAX (818) 880-3505
[email protected]
US Customer Support—(800) 995-2696
International Customer Support—(818) 878-4507
Internet—service.esd.alcatel-lucent.com
Website: www.alcatel-lucent.com
Part No: 060223-00, Rev B
For final production, import color definitions from
\\daldoc01\docteam\templates\framemaker\book-template\color-defs\ production-colors.fm.
OmniAccess 700
CLI Configuration Guide
Release Versions:
2.2
2.2-R02
2.3
Copyright
The Specifications And Information regarding the products in this manual are subject to change without
notice. All statements, information, and recommendations in this manual are believed to be accurate
but are presented without warranty of any kind, express or implied. Users must take full responsibility
for their application of any products.
THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET
FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED
HEREIN BY THIS REFERENCE.
This equipment has been tested and found to comply within the limits pursuant to the (Centre for
Telecom) rules. These limits are designed to provide protection against harmful interference when the
equipment is operated in a commercial environment.
The following information is for the Users of the OmniAccess 700: If it is not installed in accordance with
the installation instructions, it may not function exactly to the said specifications. Modifying the
equipment without Alcatel-Lucent’s written authorization may result in the equipment no longer
complying with the said dimensions.
Copyright © 2008, Alcatel-Lucent. All rights reserved. Alcatel-Lucent and Alcatel-Lucent logo are
registered trademarks of Alcatel-Lucent. The contents or specifications contained within this document
are subject to change without notice.
Not withstanding any other warranty herein, all hardware and software are provided "as is" with all
faults. Alcatel-Lucent disclaim all warranties, expressed or implied, including, without limitation, those
of merchantability, fitness for a particular purpose and non-infringement or arising from a course of
dealing, usage, or trade practice. In no event shall Alcatel-Lucent be liable for any indirect, special,
consequential, or incidental damages, including, without limitation, lost profits or loss or damage to data
arising out of the use or inability to use this manual, even if Alcatel-Lucent have been advised of the
possibility of such damages.
3
4
5
Table of Contents
1 Preface.............................................................................................................1
About This Guide ......................................................................................................................1
Audience...................................................................................................................................1
Organization..............................................................................................................................2
Part I - Introduction.............................................................................................................2
Part II - LAN Interfaces.......................................................................................................2
Part III- WAN Interfaces......................................................................................................3
Part IV - Packet Classification ............................................................................................4
Part V - Routing Protocols..................................................................................................4
Part VI - Network Security CLI............................................................................................5
Part VII - Quality Of Service ...............................................................................................6
Part VIII - TCP/IP Services.................................................................................................6
Part IX - License Manager..................................................................................................6
Part X - Lifeline (Dedicated Management Framework) ......................................................6
Part XI - Application Hosting (Application Services Engine - ASE)....................................6
Document Conventions.............................................................................................................7
Obtaining Documentation..........................................................................................................8
Reference Publications.............................................................................................................8
Obtaining Technical Assistance................................................................................................9
Documentation Feedback.........................................................................................................9
Part 1: Introduction
2 The Command Line Interface......................................................................13
CLI Overview...........................................................................................................................13
Introduction to CLI Modes.......................................................................................................14
CLI User Mode .................................................................................................................14
CLI Configuration Mode....................................................................................................14
CLI Sub-Configuration Mode (SCM).................................................................................14
CLI Modes...............................................................................................................................15
User Mode (UM)...............................................................................................................17
Super User Mode (SUM)..................................................................................................18
Example............................................................................................................................18
Configuration Mode (CM).................................................................................................20
Interface Configuration Mode (ICM) .................................................................................23
Sub-Interface Configuration Mode (S-ICM)......................................................................24
Router Configuration Mode (RCM)...................................................................................25
Exiting Configuration Modes.............................................................................................25
Initial Setup.......................................................................................................................26
Using the Command Line Interface.........................................................................................27
CLI Help............................................................................................................................27
Partial Help.......................................................................................................................30
Partial Commands............................................................................................................30
Command Line Editing.....................................................................................................31
Command History.............................................................................................................33
Configuring Interfaces.............................................................................................................34
Interface Configuration Commands..................................................................................34
Interface Types and Limitations........................................................................................34
Common Interface Configuration Commands..................................................................34
Interface Show Commands..............................................................................................35
Clear Interface Commands...............................................................................................39
Shutting Down and Bring Up an Interface........................................................................39
Backup Interface...............................................................................................................40
3 System Configuration and Monitoring.......................................................43
System Configuration and Monitoring Tasks..........................................................................43
Chapter Conventions........................................................................................................43
Management Plane Overview.................................................................................................44
Out of Band Management (Console or Modem)...............................................................44
Inband Management (SSH and Telnet)............................................................................46
Idle Timeout......................................................................................................................50
Example............................................................................................................................50
Ping ..................................................................................................................................50
Example............................................................................................................................50
Traceroute........................................................................................................................54
Example............................................................................................................................54
Terminal Settings....................................................................................................................57
Example............................................................................................................................57
System Name..........................................................................................................................57
Example............................................................................................................................57
AAA Configuration on OA-700................................................................................................58
To Enable AAA Services..................................................................................................58
Example............................................................................................................................58
Authentication Commands ...............................................................................................59
Show Commands.............................................................................................................76
Setting and Displaying the System Time and Date.................................................................78
Clock Set..........................................................................................................................79
Example............................................................................................................................79
Clock Synchronize............................................................................................................80
Example............................................................................................................................80
System Logging and Debugging.............................................................................................81
Example............................................................................................................................82
Example 1.........................................................................................................................83
Example 2.........................................................................................................................84
Example 3.........................................................................................................................84
Example 4.........................................................................................................................84
Rate Limiting in Statlog...........................................................................................................85
Example 1.........................................................................................................................86
Example 2.........................................................................................................................86
Example 3.........................................................................................................................86
Saving Log Messages.............................................................................................................87
Example............................................................................................................................87
Viewing Tech Support ......................................................................................................88
Example............................................................................................................................88
The File System......................................................................................................................89
Example 1.........................................................................................................................89
Example 2.........................................................................................................................90
Copying Files....................................................................................................................90
Example............................................................................................................................90
Deleting Files....................................................................................................................91
Example............................................................................................................................91
Configuration File Management .......................................................................................92
Software Package Management...........................................................................................100
Package Types...............................................................................................................100
Reloading the System...........................................................................................................106
Example..........................................................................................................................106
Managing Individual Slots...............................................................................................107
Example..........................................................................................................................107
System Monitoring and Troubleshooting...............................................................................108
Environmental Information..............................................................................................108
Example..........................................................................................................................108
System Hardware Information........................................................................................110
Example..........................................................................................................................110
System Status ................................................................................................................113
Example..........................................................................................................................113
To View the Current State Of LEDs................................................................................113
Example..........................................................................................................................113
To View Process Information..........................................................................................114
Example..........................................................................................................................114
Memory Information........................................................................................................115
Example..........................................................................................................................115
Hot Key Support.............................................................................................................116
SNMP (Simple Network Management Protocol)...................................................................118
SNMP Agent and Manager.............................................................................................119
SNMP Version................................................................................................................120
SNMPv3 Protocol Overview ...........................................................................................120
SNMP Configuration Commands ...................................................................................121
SNMP Show Commands................................................................................................125
SNMP MIB CLI...............................................................................................................129
SNMP MIB GUI ..............................................................................................................130
4 Virtual Router Redundancy Protocol........................................................131
Chapter Conventions......................................................................................................131
VRRP Overview....................................................................................................................132
VRRP Configuration..............................................................................................................133
VRRP Configuration Steps.............................................................................................133
VRRP Configuration Flow...............................................................................................135
VRRP CLI Commands....................................................................................................136
Modify Global VRRP Group Parameters........................................................................139
Monitor and Debug VRRP..............................................................................................143
VRRP Interface Tracking ......................................................................................................145
Alcatel-Lucent's Interface Tracking Design ....................................................................145
VRRP Configuration Scenario using OA-700........................................................................147
Procedure.......................................................................................................................147
VRRP Configuration .......................................................................................................148
Part 2: LAN Interfaces and Configuration
5 Ethernet Interfaces on SE..........................................................................151
Chapter Conventions......................................................................................................151
Ethernet Overview.................................................................................................................152
Ethernet Basics ..............................................................................................................152
Ethernet Terminologies ..................................................................................................153
Switched Ethernet ..........................................................................................................154
Full-duplex Ethernet .......................................................................................................154
Alcatel-Lucent Specific Overview on Ethernet Interfaces...............................................154
Ethernet Configuration..........................................................................................................155
Ethernet Interface Configuration Steps ..........................................................................155
Ethernet Interface Configuration Flow............................................................................156
Ethernet Interface Configuration Commands.................................................................157
Ethernet Interface Show Commands..............................................................................159
Ethernet Interface Clear Commands..............................................................................162
6 Layer 2 Switching Configuration ..............................................................163
Chapter Conventions......................................................................................................163
Switching Overview...............................................................................................................164
Alcatel-Lucent Specific Overview on Switching..............................................................166
L2 Switching Configuration...................................................................................................168
L2 Switching Configuration Steps...................................................................................168
L2 Switching Configuration Flow....................................................................................170
L2 Switching Commands................................................................................................171
L2 Switching Show Commands......................................................................................174
L2 Switching Clear Commands ......................................................................................179
Switching Configuration using OA-700 .................................................................................180
OA-700 as a Switch with no VLANs ...............................................................................180
OA-700 as a Switch with VLANs ....................................................................................181
7 Per VLAN Spanning Tree +........................................................................183
Chapter Conventions......................................................................................................183
Per VLAN Spanning Tree (PVST+) Overview.......................................................................184
PVST+ Configuration............................................................................................................185
PVST+ Configuration Steps............................................................................................185
PVST+ Configuration Flow.............................................................................................186
PVST+ Configuration Commands ..................................................................................187
Show Commands in PVST+...........................................................................................191
PVST+ Configuration Examples ...........................................................................................195
Example 1.......................................................................................................................195
Example 2.......................................................................................................................196
Topology.........................................................................................................................196
Procedure.......................................................................................................................197
8 Integrated Routing and Bridging ..............................................................199
Chapter Conventions......................................................................................................199
Integrated Routing and Bridging Overview ...........................................................................200
Alcatel-Lucent Specific IRB Overview............................................................................200
IRB Configuration..................................................................................................................201
IRB Configuration Steps.................................................................................................201
IRB Commands..............................................................................................................202
IRB Configuration using OA-700...........................................................................................203
Topology for IRB Configuration on OA-700....................................................................203
9 802.1X Port-Based Authentication............................................................205
Chapter Conventions......................................................................................................205
802.1X Overview...................................................................................................................206
Generic terms used in 802.1X........................................................................................207
Using 802.1X with VLAN Assignment ............................................................................209
Alcatel-Lucent Specific Overview...................................................................................209
802.1X Configuration ............................................................................................................210
802.1X Configuration Steps............................................................................................210
802.1X Configuration Flow.............................................................................................213
802.1X Configuration Commands ..................................................................................214
802.1X Show Commands...............................................................................................220
802.1X Configuration Example .............................................................................................222
10 Port Monitoring...........................................................................................227
Chapter Conventions......................................................................................................227
Port Monitoring Overview......................................................................................................228
Port Monitoring Configuration ...............................................................................................229
Port Monitoring Configuration Steps...............................................................................229
Port Monitoring Commands............................................................................................230
Port Monitoring Configuration on OA-700.............................................................................231
Part 3: WAN Interfaces and Protocols
11 T1E1 Line Card ...........................................................................................235
Chapter Conventions......................................................................................................235
T1 and E1 Overview..............................................................................................................236
E1 Interface Overview...........................................................................................................237
E1 Timeslot Functionalities.............................................................................................237
Mechanisms Supported by the E1 interface...................................................................238
E1 Modes of Operation...................................................................................................239
Alcatel-Lucent Specific Overview...................................................................................239
E1 Configuration ...................................................................................................................240
E1 Configuration Steps...................................................................................................240
E1 Configuration Flow....................................................................................................242
E1 Configuration Commands .........................................................................................243
E1 Show Commands......................................................................................................251
Troubleshooting E1 Lines...............................................................................................253
T1 Interface Overview...........................................................................................................254
Frame Formats Used in T1 Cards..................................................................................254
T1 Modes of Operation...................................................................................................255
T1 Configuration....................................................................................................................256
T1 Configuration Steps...................................................................................................256
T1 Configuration Flow ....................................................................................................258
T1 Configuration Commands..........................................................................................259
T1 Show Commands......................................................................................................267
Troubleshooting T1 Lines...............................................................................................269
12 Universal Serial Port (USP) Line Card......................................................271
Chapter Conventions......................................................................................................272
USP Line Card (V.35/X.21/RS-232) Overview......................................................................273
Alcatel-Lucent Specific Overview...................................................................................274
V.35/X.21/RS-232 Configuration...........................................................................................275
V.35/X.21/RS-232 Interface Configuration Steps...........................................................275
V.35/X.21/RS-232 Configuration Flow............................................................................276
V.35/X.21/RS-232 Configuration Commands.................................................................277
V.35/X.21/RS-232 DTE and DCE CLI Configuration Commands ..................................278
Show Command.............................................................................................................281
Clear Command .............................................................................................................282
13 High-level Data Link Control .....................................................................283
Chapter Conventions......................................................................................................283
HDLC Overview ....................................................................................................................284
HDLC Frame Structure...................................................................................................284
HDLC Frame Formats....................................................................................................285
HDLC Protocol Operation...............................................................................................285
HDLC Configuration..............................................................................................................286
HDLC Configuration Steps .............................................................................................287
HDLC Configuration Flow...............................................................................................289
HDLC Configuration Commands....................................................................................290
14 Frame Relay................................................................................................295
Chapter Conventions......................................................................................................295
Frame Relay Overview..........................................................................................................296
Frame Relay Devices .....................................................................................................296
Frame Relay Virtual Circuits...........................................................................................296
Frame Relay Network Deployments...............................................................................297
Frame Relay Configuration...................................................................................................298
Frame Relay Configuration Steps ..................................................................................299
Frame Relay Configuration Flow....................................................................................301
Frame Relay Configuration Commands.........................................................................302
15 Point-to-Point Protocol..............................................................................311
Chapter Conventions......................................................................................................311
PPP Overview.......................................................................................................................312
PPP Components...........................................................................................................312
PPP Operation................................................................................................................312
PPP Configuration.................................................................................................................313
PPP Configuration Steps................................................................................................314
PPP Configuration Flow .................................................................................................316
PPP Configuration Commands.......................................................................................317
PPP Optional Parameters ..............................................................................................318
PPP Show Commands...................................................................................................326
PPP Debug Commands .................................................................................................333
16 Point-to-Point Protocol over Ethernet (PPPoE).......................................335
Chapter Conventions......................................................................................................335
PPPoE Overview...................................................................................................................336
PPPoE Operation...........................................................................................................336
Alcatel-Lucent Specific Overview on PPPoE Features ..................................................336
PPPoE Configuration............................................................................................................337
PPPoE Configuration Steps ...........................................................................................338
PPPoE Configuration Flow.............................................................................................340
PPPoE Configuration Commands ..................................................................................341
PPPoE Optional Parameters..........................................................................................343
PPPoE Show Commands...............................................................................................346
17 Multilink Point to Point Protocol...............................................................347
Chapter Conventions......................................................................................................347
MLPPP Overview..................................................................................................................348
MLPPP Components......................................................................................................349
MLPPP Operation...........................................................................................................349
Alcatel-Lucent Specific Overview on MLPPP Features..................................................350
MLPPP Configuration............................................................................................................351
MLPPP Configuration Steps...........................................................................................352
MLPPP Configuration Flow ............................................................................................354
MLPPP Configuration Commands..................................................................................355
MLPPP Show Commands..............................................................................................357
MLPPP Configuration Example.............................................................................................358
18 Multilink Frame Relay.................................................................................361
Chapter Conventions......................................................................................................361
MLFR Overview ....................................................................................................................362
MLFR Components ........................................................................................................362
MLFR Operation.............................................................................................................362
Alcatel-Lucent Specific Overview on MLFR Features....................................................364
MLFR Configuration..............................................................................................................364
MLFR Configuration Steps.............................................................................................365
MLFR Configuration Flow...............................................................................................368
MLFR Configuration Commands....................................................................................369
MLFR Show Commands ................................................................................................373
19 Link Fragmentation and Interleaving (LFI)...............................................375
Chapter Conventions......................................................................................................375
LFI Overview.........................................................................................................................376
Alcatel-Lucent Specific Overview on LFI Features.........................................................376
Overview of LFI in MLPPP....................................................................................................377
Packet Formats ..............................................................................................................377
Configuration of LFI on MLPPP......................................................................................379
LFI Configuration on MLPPP ................................................................................................380
LFI - MLPPP Configuration Steps ..................................................................................381
LFI - MLPPP Configuration Flow....................................................................................384
LFI - MLPPP Configuration Commands.........................................................................385
LFI - MLPPP Show Commands......................................................................................388
Configuration Example of LFI on MLPPP.......................................................................389
Overview of LFI in Frame Relay............................................................................................392
End-to-End Fragmentation .............................................................................................392
Packet Formats ..............................................................................................................392
Configuration of LFI on FR (and FR Sub Interface)........................................................393
LFI Configuration on FR........................................................................................................394
LFI - FR Configuration Steps..........................................................................................395
LFI - FR Configuration Flow ...........................................................................................398
LFI-FR Configuration Commands...................................................................................399
LFI Configuration on FR Sub Interface...........................................................................401
LFI - FR Show Commands.............................................................................................402
Configuration Example of LFI on FR..............................................................................405
Part 4: Common Classification
20 Common Classifiers...................................................................................409
Chapter Conventions......................................................................................................409
CC Overview.........................................................................................................................410
Benefits of Alcatel-Lucent Devices Common Classifiers................................................411
CC Architecture..............................................................................................................411
Before you Configure CC ...............................................................................................412
CC Configuration...................................................................................................................413
CC Configuration Steps..................................................................................................413
Elements Used in Configuring CC..................................................................................414
To Configure a Match-list ...............................................................................................417
Example..........................................................................................................................417
Rules within Match-lists..................................................................................................417
To Configure Rules Using the Protocol Numbers...........................................................423
Lists in CC......................................................................................................................424
Nesting Of Match-lists ....................................................................................................426
Show commands in CC..................................................................................................428
Deletion Commands in CC.............................................................................................431
Sample examples on the usage of CC across applications..................................................433
Example 1.......................................................................................................................433
Example 2.......................................................................................................................434
Example 3.......................................................................................................................435
Part 5: Routing Protocols
21 Protocol Independent Features.................................................................439
Chapter Conventions......................................................................................................439
Protocol-Independent Configuration...............................................................................440
Protocol-Independent Configuration Commands ...........................................................441
22 Routing Information Protocol....................................................................467
Chapter Conventions......................................................................................................467
RIP Overview........................................................................................................................468
RIP Configuration..................................................................................................................469
RIP Configuration Steps.................................................................................................470
RIP Configuration Flow...................................................................................................472
RIP Configuration Commands........................................................................................473
RIP Optional Parameters................................................................................................474
RIP Show Commands ....................................................................................................487
RIP Clear Commands.....................................................................................................491
23 Border Gateway Protocol ..........................................................................493
Chapter Conventions......................................................................................................493
BGP Overview.......................................................................................................................494
BGP Configuration................................................................................................................495
BGP Configuration Steps ...............................................................................................495
BGP Configuration Flow.................................................................................................497
BGP Configuration Commands......................................................................................498
BGP Show Commands...................................................................................................500
BGP Clear Commands...................................................................................................503
A Typical BGP Example Using OA-700................................................................................506
24 Open Shortest Path First...........................................................................509
Chapter Conventions......................................................................................................509
OSPF Overview ....................................................................................................................510
OSPF Configuration..............................................................................................................511
OSPF Configuration Steps .............................................................................................511
OSFP Configuration Flow...............................................................................................513
OSPF Configuration Commands....................................................................................514
OSPF Optional Parameters............................................................................................515
Show Commands in OSPF.............................................................................................533
Clear Commands in OSPF.............................................................................................542
OSPF Configuration on OA-700............................................................................................543
Example 1.......................................................................................................................543
25 Multicast Routing .......................................................................................545
Chapter Conventions......................................................................................................545
Multicast Overview................................................................................................................546
Protocol Independent Multicast (PIM) ............................................................................546
Internet Group Management Protocol (IGMP)................................................................547
RFCs ..............................................................................................................................548
PIM Configuration .................................................................................................................549
PIM Configuration Steps.................................................................................................549
PIM Configuration Flow..................................................................................................551
PIM Configuration Commands .......................................................................................552
Show Commands in PIM................................................................................................557
Clear Commands in PIM ................................................................................................560
IGMP Configuration...............................................................................................................561
IGMP Configuration Steps..............................................................................................561
IGMP Configuration Flow ...............................................................................................563
IGMP Configuration Commands.....................................................................................564
Show Commands in IGMP.............................................................................................568
Show Commands in Multicast........................................................................................569
Clear Commands in Multicast.........................................................................................570
Multicast Configuration on OA-700.......................................................................................571
Example 1.......................................................................................................................571
Verifying Multicast Routing.............................................................................................575
26 Policy Based Routing.................................................................................577
Chapter Conventions......................................................................................................577
PBR Overview.......................................................................................................................578
Alcatel-Lucent Specific Overview...................................................................................578
PBR Configuration................................................................................................................579
PBR Configuration Steps................................................................................................579
PBR Configuration Flow.................................................................................................581
PBR Configuration Commands ......................................................................................582
Show Commands in PBR...............................................................................................585
Clear Commands............................................................................................................586
PBR Configuration Example.................................................................................................587
Configuration Steps........................................................................................................587
Show Commands...........................................................................................................588
27 Virtual Routing and Forwarding................................................................589
Chapter Conventions......................................................................................................590
VRF-CE Overview.................................................................................................................591
VRF-CE Configuration ..........................................................................................................593
VRF-CE Configuration Steps..........................................................................................593
VRF-CE Configuration Flow...........................................................................................595
VRF-CE CLI Commands ................................................................................................596
VRF Show Commands...................................................................................................605
Example..........................................................................................................................605
VRF Clear Commands ...................................................................................................610
Example..........................................................................................................................610
Part 6: Network Security
28 Network Address Translation....................................................................613
Chapter Conventions......................................................................................................613
NAT Overview.......................................................................................................................614
Types of NAT..................................................................................................................614
Benefits of NAT ..............................................................................................................616
Before You Configure NAT.............................................................................................616
Alcatel-Lucent Specific Overview...................................................................................616
Source NAT Configuration....................................................................................................617
SNAT Configuration Steps .............................................................................................618
SNAT Configuration Flow...............................................................................................620
SNAT Configuration Commands....................................................................................621
Sample Configurations of SNAT on OA-700..................................................................627
Destination NAT Configuration..............................................................................................628
DNAT Configuration Steps.............................................................................................629
DNAT Configuration Flow...............................................................................................631
DNAT Configuration Commands....................................................................................632
Sample Configuration Example of DNAT on OA-700.....................................................635
Bypass IPsec Traffic.......................................................................................................636
NAT Show Commands...................................................................................................637
NAT Clear Commands ...................................................................................................639
NAT Debug Commands .................................................................................................640
Modifying NAT Configuration................................................................................................641
Insertions........................................................................................................................641
Updations .......................................................................................................................642
NAT Deletion Commands...............................................................................................644
29 Filter and Firewall.......................................................................................647
Chapter Conventions......................................................................................................647
Network Security - An overview............................................................................................648
Network Security Terminologies.....................................................................................649
Firewall Mechanisms......................................................................................................650
Before You Configure Filters and Firewalls....................................................................651
OA-700 Specific Overview..............................................................................................651
Filter Configuration................................................................................................................652
Filter Configuration Steps...............................................................................................652
Filter Configuration Flow.................................................................................................654
Filter Configuration Commands......................................................................................655
Filter Show Commands ..................................................................................................659
Filter Deletion Commands..............................................................................................661
Filter Clear Commands...................................................................................................662
Filter Debug Commands.................................................................................................663
Sample Examples of Configuring Filters on OA-700......................................................664
Managing Security Configuration..........................................................................................665
Insertions........................................................................................................................665
Updations .......................................................................................................................666
Network Attacks - An Overview.............................................................................................668
Types of Network Attacks...............................................................................................668
Default Attacks (Rate-limiting / Stateful).........................................................................669
Default Attacks (Non-rate Limiting / Stateless)...............................................................671
Optional Attacks .............................................................................................................673
Network Attack Prevention Configuration.............................................................................675
Network Attack Prevention Configuration Steps.............................................................675
Network Attack Prevention Configuration Flow ..............................................................677
Network Attack Prevention Configuration Commands ...................................................678
Firewall Show Commands..............................................................................................688
Firewall Debug Commands ............................................................................................694
Sample Firewall Policy Configurations on OA-700.........................................................695
Zone Configuration................................................................................................................697
Trusted Zone Configuration............................................................................................697
Untrusted Zone Configuration ........................................................................................697
Semi-trusted Zone or Demilitarized Zone.......................................................................698
Three Zone Firewall Example.........................................................................................699
Example 2: Simple Zone Configuration in OA-700.........................................................707
Time-range/Timer Configuration...........................................................................................709
Time-range Configuration Commands ...........................................................................709
Time-range Show Command..........................................................................................710
ALGs Supported in OA-700..................................................................................................711
ALG Configuration Commands.......................................................................................713
Customized-service Rule Based ALG Configuration ............................................................720
Customizing ALG Commands........................................................................................720
NOE ALG Configuration........................................................................................................723
Persistent Memory..........................................................................................................723
Alcatel-Lucent Specific Overview...................................................................................723
NOE ALG Configuration Steps.......................................................................................724
NOE ALG Configuration Commands..............................................................................725
NOE Show Commands ..................................................................................................727
NOE Clear Commands...................................................................................................729
Typical Rule Based ALG and DNAT Example Using OA-700...............................................730
Security - Best Practices.......................................................................................................732
Rules for Configuring Packet Filters...............................................................................732
30 IP Security - Virtual Private Network ........................................................737
Chapter Conventions......................................................................................................738
IPsec VPN Overview.............................................................................................................739
IPsec Enabled VPN........................................................................................................741
IPsec Connection Types.................................................................................................741
IPsec Concepts ..............................................................................................................743
Benefits of IPsec Enabled VPN......................................................................................748
Default Configuration Setting on OA-700.......................................................................749
IPsec VPN Configuration......................................................................................................750
IPsec VPN Configuration Steps......................................................................................750
IPsec VPN Configuration Flow.......................................................................................752
IPsec Configuration Commands.....................................................................................753
To Configure the Match-lists...........................................................................................753
IPsec Configuration with Preshared Key........................................................................753
Example..........................................................................................................................753
IPsec Configuration with X.509 Certificates ...................................................................754
To Import a RSA Key......................................................................................................754
Example..........................................................................................................................754
Example..........................................................................................................................755
To Export RSA Keys.......................................................................................................761
Example..........................................................................................................................761
To Delete a CA Certificate..............................................................................................761
Example..........................................................................................................................761
To Delete a Signed Certificate........................................................................................762
Example..........................................................................................................................762
To Delete a Peer Certificate ...........................................................................................762
Example..........................................................................................................................762
To Delete an RSA Key Pair............................................................................................762
Example..........................................................................................................................762
Internet Key Exchange (IKE) Policy ...............................................................................763
To Configure Transform-set in IPsec..............................................................................767
To Configure IPsec Crypto Map.....................................................................................769
Example..........................................................................................................................769
To Attach Crypto Map to an Interface.............................................................................773
Dead Peer Detection (DPD)...........................................................................................774
IPsec VPN Show Commands.........................................................................................776
Clear Commands in IPsec..............................................................................................792
IPsec Scenarios on OA-700..................................................................................................793
Best Practices For Deploying IPsec VPN .............................................................................796
Identity............................................................................................................................796
IPsec Access Control .....................................................................................................797
IPsec...............................................................................................................................797
Network Address Translation .........................................................................................798
Network Access Control.................................................................................................798
Interoperability................................................................................................................798
Routing Entry..................................................................................................................799
IPsec NAT-Traversal.............................................................................................................800
Scenarios Depicting IPsec Nat-traversal...............................................................................801
IPsec Tunnel Interface..........................................................................................................803
Before You Configure IPsec Tunnel Interface................................................................803
Default Configuration......................................................................................................804
IPsec Tunnel Interface Configuration....................................................................................805
IPsec Tunnel Interface Configuration Steps...................................................................805
IPsec Tunnel Interface Configuration Flow.....................................................................807
IPsec Tunnel Interface Configuration Commands..........................................................808
IPsec Tunnel Configuration Scenarios using OA-700...........................................................815
31 Intrusion Detection System.......................................................................817
Chapter Conventions......................................................................................................817
IDS Overview........................................................................................................................818
Alcatel-Lucent Specific Overview...................................................................................818
IDS Configuration..................................................................................................................818
IDS Configuration Steps.................................................................................................819
IDS Configuration Flow...................................................................................................821
IDS Configuration Commands........................................................................................822
IDS Show Commands....................................................................................................828
IDS Clear Commands.....................................................................................................833
IDS Debug Commands...................................................................................................834
IDS Configuration Scenario Using OA-700...........................................................................835
Configuration Steps........................................................................................................835
Show Commands...........................................................................................................835
IDS Topology..................................................................................................................836
32 Generic Routing Encapsulation................................................................837
Chapter Conventions......................................................................................................837
GRE Overview ......................................................................................................................838
GRE Tunnel Setup .........................................................................................................838
GRE Tunnel Features.....................................................................................................839
Summary........................................................................................................................840
Alcatel-Lucent Specific Overview...................................................................................840
GRE Tunnel Configuration....................................................................................................841
GRE Configuration Steps ...............................................................................................841
GRE Configuration Flow.................................................................................................843
GRE Configuration Commands......................................................................................844
GRE Configuration Scenarios using OA-700........................................................................847
1. GRE Configuration .....................................................................................................847
2. GRE + IP Filters + DoS Configuration......................................................................849
3. GRE over IPsec Configuration .................................................................................851
33 Transparent Firewall ..................................................................................855
Chapter Conventions......................................................................................................855
TF Overview..........................................................................................................................856
OA-700 Specific Overview..............................................................................................856
TF Configuration...................................................................................................................857
TF Configuration Steps...................................................................................................857
TF Configuration Flow....................................................................................................858
TF Configuration Commands .........................................................................................859
Show Commands in TF..................................................................................................861
Clear Commands in TF ..................................................................................................862
TF Configuration on OA-700.................................................................................................863
Configuration Steps........................................................................................................863
Show Commands...........................................................................................................863
34 Call Admission Controller .........................................................................865
Chapter Conventions......................................................................................................865
CAC Overview.......................................................................................................................866
Measurement Based CAC..............................................................................................866
Resource Based CAC ....................................................................................................866
CAC Functionality in OA-700..........................................................................................867
CAC Configuration................................................................................................................868
CAC Configuration Steps ...............................................................................................868
CAC Configuration Flow.................................................................................................870
CAC Configuration Commands......................................................................................871
Show Commands in CAC...............................................................................................875
Clear Commands in CAC ...............................................................................................878
CAC Configuration on OA-700..............................................................................................879
Configuration Steps........................................................................................................879
Verify CAC Configuration ...............................................................................................880
35 Telephony Services....................................................................................881
Chapter Conventions......................................................................................................882
Overview...............................................................................................................................883
OA-700 in Stand-alone Mode.........................................................................................883
OA-700 in Survivability Mode .........................................................................................883
Voice Survivability Process in OA-700 ...........................................................................885
OA-700 Specific Overview..............................................................................................887
Additional Configuration on OA-700 for Enhanced Telephony Service Functionality.....888
Telephony Service Configuration..........................................................................................889
Telephony Service Configuration Steps.........................................................................889
Telephony Service Configuration Flow...........................................................................891
Telephony Service Configuration Commands................................................................892
Show Commands in Telephony Service.........................................................................902
Debug Commands..........................................................................................................907
Telephony Service Configuration Example on OA-700.........................................................908
OA-700 in Stand-alone Mode.........................................................................................908
Configuration Steps........................................................................................................909
Show Commands...........................................................................................................909
OA-700 in Survivability Mode .........................................................................................910
Configuration Steps........................................................................................................911
Show Commands...........................................................................................................912
Part 7: Quality of Service
36 Quality of Service.......................................................................................915
Chapter Conventions......................................................................................................915
QoS Overview.......................................................................................................................916
Generic terms used in QoS............................................................................................916
Alcatel-Lucent Specific Overview on QoS......................................................................918
Traffic Without Policing and Shaping..............................................................................920
Traffic with Policing.........................................................................................................921
Traffic with Shaping........................................................................................................922
Hierarchical Queuing......................................................................................................923
Bandwidth Sharing in Tunnels........................................................................................925
QoS Configuration.................................................................................................................926
QoS Configuration Steps................................................................................................926
QoS Configuration Flow .................................................................................................929
QoS Configuration Commands.......................................................................................931
Class Map Configuration................................................................................................931
Policy Map Configuration................................................................................................932
Attaching a Policy Map to an Interface...........................................................................934
Traffic Class Attributes Configuration.............................................................................935
Auto QoS Configuration..................................................................................................944
Hierarchical Policy Configuration....................................................................................946
QoS over Tunnel Interface .............................................................................................951
Example..........................................................................................................................951
QoS Show Commands...................................................................................................953
QoS Clear Commands ...................................................................................................961
QoS Debug Commands .................................................................................................961
QoS Test Scenarios on OA-780............................................................................................962
Traffic Shaping ...............................................................................................................962
Priority Queuing..............................................................................................................963
QoS on Frame Relay (Per-PVC Queuing)............................................................................965
QoS on FR and FR Sub Interface ..................................................................................965
Frame Relay Queuing and Fragmentation at the Interface............................................966
Alcatel-Lucent Specific Overview...................................................................................967
QoS on FR Configuration Steps.....................................................................................968
QoS on FR Configuration Commands............................................................................971
QoS on FR Sub Interface Configuration Commands .....................................................972
QoS on FR Show Commands........................................................................................973
Part 8: TCP/IP Services
37 DHCP (Dynamic Host Configuration Protocol) Server............................977
Chapter Conventions......................................................................................................977
DHCP Server Overview ........................................................................................................978
Alcatel-Lucent Specific Overview...................................................................................978
DHCP Server Configuration..................................................................................................979
DHCP Server Configuration Steps.................................................................................979
DHCP Server Configuration Flow...................................................................................981
DHCP Server Configuration Commands........................................................................982
DHCP Server Show Commands ....................................................................................989
DHCP Server Test Scenarios using OA-780 ........................................................................992
Configuration Steps........................................................................................................993
38 TFTP (Trivial File Transfer Protocol) Server............................................995
Chapter Conventions......................................................................................................995
TFTP Server Overview..........................................................................................................996
Alcatel-Lucent Specific Overview...................................................................................996
TFTP Server Configuration...................................................................................................997
TFTP Configuration Steps..............................................................................................997
TFTP Configuration Flow................................................................................................998
TFTP Configuration Commands.....................................................................................999
TFTP Show Commands...............................................................................................1000
39 DHCP (Dynamic Host Configuration Protocol) Relay...........................1001
Chapter Conventions....................................................................................................1001
DHCP Relay Overview........................................................................................................1002
Alcatel-Lucent Specific Overview.................................................................................1002
DHCP Relay Configuration .................................................................................................1003
DHCP Relay Configuration Steps.................................................................................1003
DHCP Relay Configuration Flow ..................................................................................1004
DHCP Relay Configuration Commands .......................................................................1005
DHCP Relay Test Scenarios using OA-780........................................................................1007
Configuration Steps......................................................................................................1007
40 DNS (Domain Name Service) Client........................................................1009
Chapter Conventions....................................................................................................1009
DNS Client Overview ..........................................................................................................1010
DNS Client Configuration....................................................................................................1010
DNS Client Configuration Steps...................................................................................1011
DNS Client Configuration Flow.....................................................................................1012
DNS Client Configuration Commands..........................................................................1013
DNS Client Test Scenario using OA-780............................................................................1017
Configuration Steps......................................................................................................1017
Part 9: License Manager
41 License Manager ......................................................................................1021
Chapter Conventions....................................................................................................1021
License Manager Overview.................................................................................................1022
Alcatel-Lucent Specific Features..................................................................................1022
To Install a License File................................................................................................1023
Example........................................................................................................................1023
To Back-up a License File............................................................................................1026
Example........................................................................................................................1026
To Remove A License File ...........................................................................................1027
Example........................................................................................................................1027
To View Details of the Licenses Installed on the System.............................................1027
Example........................................................................................................................1027
To View the List of Licensable Features on the System...............................................1029
Example........................................................................................................................1029
To View the List of License Files Installed On The System..........................................1029
Example........................................................................................................................1029
Display Messages ........................................................................................................1030
/