2. Computers & electronics
  3. Software
  4. Alcatel-Lucent
  5. OmniAccess 5510 ADSL

Alcatel-Lucent OmniAccess 5510 ADSL Cli Configuration Manual

  • Hello! I am an AI chatbot trained to assist you with the Alcatel-Lucent OmniAccess 5510 ADSL Cli Configuration Manual. I’ve already reviewed the document and can help you find the information you need or explain it in simple terms. Just ask your questions, and providing more details will help me assist you more effectively!
Beta
1
2
Notes on numbered items on banner & legal pages
1
Man26801 West Agoura Road
Calabasas, CA 91301
(818) 880-3500
FAX (818) 880-3505
[email protected]
US Customer Support—(800) 995-2696
International Customer Support—(818) 878-4507
Internet—service.esd.alcatel-lucent.com
Website: www.alcatel-lucent.com
Part No: 060271-00, Rev A
For final production, import color definitions from
\\daldoc01\docteam\templates\framemaker\book-template\color-defs\ production-colors.fm.
OmniAccess 5510
Unified Services Gateway
CLI Configuration Guide
Release 2.2-R03
Copyright
The Specifications And Information regarding the products in this manual are subject to change without
notice. All statements, information, and recommendations in this manual are believed to be accurate
but are presented without warranty of any kind, express or implied. Users must take full responsibility
for their application of any products.
THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET
FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED
HEREIN BY THIS REFERENCE.
This equipment has been tested and found to comply within the limits pursuant to the (Centre for
Telecom) rules. These limits are designed to provide protection against harmful interference when the
equipment is operated in a commercial environment.
The following information is for the Users of the OmniAccess 5510 Unified Services Gateway: If it is not
installed in accordance with the installation instructions, it may not function exactly to the said
specifications. Modifying the equipment without Alcatel-Lucent’s written authorization may result in the
equipment no longer complying with the said dimensions.
Copyright © 2009, Alcatel-Lucent. All rights reserved. Alcatel-Lucent and Alcatel-Lucent logo are
registered trademarks of Alcatel-Lucent. The contents or specifications contained within this document
are subject to change without notice.
Not withstanding any other warranty herein, all hardware and software are provided "as is" with all
faults. Alcatel-Lucent disclaim all warranties, expressed or implied, including, without limitation, those
of merchantability, fitness for a particular purpose and non-infringement or arising from a course of
dealing, usage, or trade practice. In no event shall Alcatel-Lucent be liable for any indirect, special,
consequential, or incidental damages, including, without limitation, lost profits or loss or damage to data
arising out of the use or inability to use this manual, even if Alcatel-Lucent have been advised of the
possibility of such damages.
3
4
5
Table of Contents
1 Preface.............................................................................................................1
About This Guide ......................................................................................................................1
Audience...................................................................................................................................1
Organization..............................................................................................................................2
Part I - Introduction.............................................................................................................2
Part II - LAN Interfaces.......................................................................................................2
Part III- WAN Interfaces......................................................................................................3
Part IV - Packet Classification ............................................................................................3
Part V - Routing Protocols..................................................................................................3
Part VI - Network Security CLI............................................................................................4
Part VII - Quality Of Service ...............................................................................................5
Part VIII - TCP/IP Services.................................................................................................5
Document Conventions.............................................................................................................6
Obtaining Documentation..........................................................................................................7
Reference Publications.............................................................................................................7
Obtaining Technical Assistance................................................................................................8
Documentation Feedback.........................................................................................................8
Part 1: Introduction
2 The Command Line Interface......................................................................11
CLI Overview...........................................................................................................................11
Introduction to CLI Modes.......................................................................................................12
CLI User Mode .................................................................................................................12
CLI Configuration Mode....................................................................................................12
CLI Sub-Configuration Mode (SCM).................................................................................12
CLI Modes...............................................................................................................................13
CLI Modes........................................................................................................................14
Exiting Configuration Modes.............................................................................................23
Example............................................................................................................................23
Initial Setup.......................................................................................................................24
Using the Command Line Interface.........................................................................................25
CLI Help............................................................................................................................25
Partial Help.......................................................................................................................28
Partial Commands............................................................................................................28
Command Line Editing.....................................................................................................29
Command History.............................................................................................................31
Configuring Interfaces.............................................................................................................32
Interface Configuration Commands..................................................................................32
Interface Types and Limitations........................................................................................32
Common Interface Configuration Commands..................................................................32
Interface Show Commands..............................................................................................33
Clear Interface Commands...............................................................................................35
Shutting Down and Bring Up an Interface........................................................................35
Backup Interface...............................................................................................................36
3 System Configuration and Monitoring.......................................................39
System Configuration and Monitoring Tasks..........................................................................39
Chapter Conventions........................................................................................................39
Management Plane Overview.................................................................................................40
Out of Band Management ................................................................................................40
Inband Management (SSH and Telnet)............................................................................41
Idle Timeout......................................................................................................................43
Example............................................................................................................................43
Ping ..................................................................................................................................44
Example............................................................................................................................44
Traceroute........................................................................................................................47
Example............................................................................................................................47
Terminal Settings....................................................................................................................50
Example............................................................................................................................50
System Name..........................................................................................................................50
Example............................................................................................................................50
AAA Configuration on OA5510-TE..........................................................................................51
To Enable AAA Services..................................................................................................51
Example............................................................................................................................51
Authentication Commands ...............................................................................................52
Show Commands.............................................................................................................67
Clear Commands..............................................................................................................70
Setting and Displaying the System Time and Date.................................................................71
Clock Set..........................................................................................................................72
Example............................................................................................................................72
Clock Synchronize............................................................................................................73
Example............................................................................................................................73
System Logging and Debugging.............................................................................................74
Example............................................................................................................................75
Example 1.........................................................................................................................76
Example 2.........................................................................................................................77
Example 3.........................................................................................................................77
Example 4.........................................................................................................................77
Rate Limiting in Statlog...........................................................................................................78
Example 1.........................................................................................................................79
Example 2.........................................................................................................................79
Example 3.........................................................................................................................79
Saving Log Messages.............................................................................................................80
Example............................................................................................................................80
Viewing Tech Support ......................................................................................................81
Example............................................................................................................................81
The File System......................................................................................................................82
Example 1.........................................................................................................................82
Example 2.........................................................................................................................82
Copying Files....................................................................................................................83
Example............................................................................................................................83
Deleting Files....................................................................................................................84
Example............................................................................................................................84
Configuration File Management .......................................................................................85
Software Package Management.............................................................................................92
Package Types.................................................................................................................92
Reloading the System.............................................................................................................98
Example............................................................................................................................98
System Monitoring and Troubleshooting.................................................................................99
System Hardware and Environment Information..............................................................99
Example............................................................................................................................99
To View Process Information..........................................................................................100
Example..........................................................................................................................100
Memory Information........................................................................................................102
Example..........................................................................................................................102
Hot Key Support.............................................................................................................103
Rescue Mode Options....................................................................................................105
SNMP (Simple Network Management Protocol)...................................................................108
SNMP Agent and Manager.............................................................................................109
SNMP Version................................................................................................................109
SNMP Configuration Commands ...................................................................................110
SNMP Show Commands................................................................................................113
SNMP MIB CLI...............................................................................................................115
SNMP MIB GUI ..............................................................................................................116
4 Virtual Router Redundancy Protocol........................................................117
Chapter Organization .....................................................................................................117
Chapter Conventions......................................................................................................117
VRRP Overview....................................................................................................................118
VRRP Configuration..............................................................................................................119
VRRP Configuration Steps.............................................................................................119
VRRP Configuration Flow...............................................................................................120
VRRP CLI Commands....................................................................................................121
Modify Global VRRP Group Parameters........................................................................123
Monitor and Debug VRRP..............................................................................................127
VRRP Interface Tracking ......................................................................................................130
Alcatel-Lucent's Interface Tracking Design ....................................................................130
VRRP Configuration Scenario using OA5510-TE.................................................................132
Procedure.......................................................................................................................132
VRRP Configuration .......................................................................................................133
Part 2: LAN Interfaces and Configuration
5 Fast Ethernet Interface...............................................................................137
Chapter Conventions......................................................................................................137
Ethernet Overview.................................................................................................................138
Ethernet Basics ..............................................................................................................138
Ethernet Terminologies ..................................................................................................139
Switched Ethernet ..........................................................................................................140
Full-duplex Ethernet .......................................................................................................140
Fast Ethernet Configuration..................................................................................................141
Fast Ethernet Interface Configuration Steps ..................................................................141
Fast Ethernet Interface Configuration Flow....................................................................142
Ethernet Interface Configuration Commands.................................................................143
Fast Ethernet Interface Show Commands......................................................................145
Fast Ethernet Interface Clear Commands......................................................................148
6 Layer 2 Switching Configuration ..............................................................149
Chapter Conventions......................................................................................................149
Switching Overview...............................................................................................................150
Alcatel-Lucent Specific Overview on Switching..............................................................152
L2 Switching Configuration...................................................................................................153
L2 Switching Configuration Steps...................................................................................153
L2 Switching Configuration Flow....................................................................................155
L2 Switching Commands................................................................................................156
L2 Switching Show Commands......................................................................................159
L2 Switching Clear Commands ......................................................................................162
Switching Configuration using OA5510-TE...........................................................................163
OA5510-TE as a Switch with no VLANs.........................................................................163
OA5510-TE as a Switch with VLANs..............................................................................164
7 Spanning Tree Protocol.............................................................................167
Chapter Conventions......................................................................................................167
Spanning Tree Protocol Overview........................................................................................168
STP Configuration.................................................................................................................169
STP Configuration Steps................................................................................................169
STP Configuration Commands.......................................................................................170
Show Commands in Spanning Tree...............................................................................174
STP Configuration Example..................................................................................................176
Topology.........................................................................................................................176
Procedure.......................................................................................................................177
Verification......................................................................................................................177
8 Integrated Routing and Bridging ..............................................................179
Chapter Conventions......................................................................................................179
Integrated Routing and Bridging Overview ...........................................................................180
Alcatel-Lucent Specific IRB Overview............................................................................180
IRB Configuration..................................................................................................................181
IRB Configuration Steps.................................................................................................181
IRB Commands..............................................................................................................182
IRB Configuration using OA5510-TE....................................................................................183
Topology for IRB Configuration on OA5510-TE.............................................................183
Part 3: WAN Interfaces and Protocols
9 T1E1 Interface.............................................................................................187
Chapter Conventions......................................................................................................187
T1 and E1 Overview..............................................................................................................188
E1 Interface Overview...........................................................................................................188
E1 Timeslot Functionalities.............................................................................................189
Mechanisms Supported by the E1 interface...................................................................189
E1 Modes of Operation...................................................................................................190
Alcatel-Lucent Specific Overview...................................................................................190
E1 Configuration ...................................................................................................................191
E1 Configuration Steps...................................................................................................191
E1 Configuration Flow....................................................................................................193
E1 Configuration Commands .........................................................................................194
E1 Show Commands......................................................................................................201
Troubleshooting E1 Lines...............................................................................................203
T1 Interface Overview...........................................................................................................204
Frame Formats Used in T1.............................................................................................204
T1 Modes of Operation...................................................................................................205
T1 Configuration....................................................................................................................206
T1 Configuration Steps...................................................................................................206
T1 Configuration Flow ....................................................................................................208
T1 Configuration Commands..........................................................................................209
T1 Show Commands......................................................................................................216
Troubleshooting T1 Lines...............................................................................................218
10 High-level Data Link Control .....................................................................221
Chapter Conventions......................................................................................................221
HDLC Overview ....................................................................................................................222
HDLC Frame Structure...................................................................................................222
HDLC Frame Formats....................................................................................................223
HDLC Protocol Operation...............................................................................................223
HDLC Configuration..............................................................................................................224
HDLC Configuration Steps .............................................................................................225
HDLC Configuration Flow...............................................................................................227
HDLC Configuration Commands....................................................................................228
11 Frame Relay................................................................................................233
Chapter Conventions......................................................................................................233
Frame Relay Overview..........................................................................................................234
Frame Relay Devices .....................................................................................................234
Frame Relay Virtual Circuits...........................................................................................234
Frame Relay Network Deployments...............................................................................235
Frame Relay Configuration...................................................................................................236
Frame Relay Configuration Steps ..................................................................................237
Frame Relay Configuration Flow....................................................................................239
Frame Relay Configuration Commands.........................................................................240
12 Point-to-Point Protocol..............................................................................249
Chapter Conventions......................................................................................................249
PPP Overview.......................................................................................................................250
PPP Components...........................................................................................................250
PPP Operation................................................................................................................250
PPP Configuration.................................................................................................................251
PPP Configuration Steps................................................................................................252
PPP Configuration Flow .................................................................................................254
PPP Configuration Commands.......................................................................................255
PPP Optional Parameters ..............................................................................................256
PPP Show Commands...................................................................................................264
PPP Debug Commands .................................................................................................271
Part 4: Common Classification
13 Common Classifiers...................................................................................275
Chapter Conventions......................................................................................................275
CC Overview.........................................................................................................................276
Benefits of Alcatel-Lucent Devices Common Classifiers................................................277
CC Architecture..............................................................................................................277
Before you Configure CC ...............................................................................................278
CC Configuration...................................................................................................................279
CC Configuration Steps..................................................................................................279
Elements Used in Configuring CC..................................................................................280
To Configure a Match-list ...............................................................................................283
Example..........................................................................................................................283
Rules within Match-lists..................................................................................................283
To Configure Rules Using the Protocol Numbers...........................................................290
Lists in CC......................................................................................................................291
Nesting Of Match-lists ....................................................................................................293
Show commands in CC..................................................................................................295
Deletion Commands in CC.............................................................................................298
Sample examples on the usage of CC across applications..................................................300
Example 1.......................................................................................................................300
Example 2.......................................................................................................................301
Example 3.......................................................................................................................302
Part 5: Routing Protocols
14 Protocol Independent Features.................................................................305
Protocol Independent Features Configuration ......................................................................305
Chapter Conventions......................................................................................................305
Protocol-Independent Configuration...............................................................................306
Protocol-Independent Configuration Commands ...........................................................307
15 Routing Information Protocol....................................................................333
Chapter Conventions......................................................................................................333
RIP Overview........................................................................................................................334
RIP Configuration..................................................................................................................335
RIP Configuration Steps.................................................................................................336
RIP Configuration Flow...................................................................................................338
RIP Configuration Commands........................................................................................339
RIP Optional Parameters................................................................................................340
RIP Show Commands ....................................................................................................353
RIP Clear Commands.....................................................................................................357
16 Border Gateway Protocol ..........................................................................359
Chapter Conventions......................................................................................................359
BGP Overview.......................................................................................................................360
BGP Configuration................................................................................................................361
BGP Configuration Steps ...............................................................................................361
BGP Configuration Flow.................................................................................................363
BGP Configuration Commands......................................................................................364
BGP Show Commands...................................................................................................366
BGP Clear Commands...................................................................................................369
A Typical BGP Example Using OA5510-TE..........................................................................372
17 Open Shortest Path First...........................................................................375
Chapter Conventions......................................................................................................375
OSPF Overview ....................................................................................................................376
OSPF Configuration..............................................................................................................377
OSPF Configuration Steps .............................................................................................377
OSFP Configuration Flow...............................................................................................379
OSPF Configuration Commands....................................................................................380
OSPF Optional Parameters............................................................................................381
Show Commands in OSPF.............................................................................................399
Clear Commands in OSPF.............................................................................................407
OSPF Configuration on OA5510-TE.....................................................................................408
Example..........................................................................................................................408
18 Multicast Routing .......................................................................................411
Chapter Conventions......................................................................................................411
Multicast Overview................................................................................................................412
Protocol Independent Multicast (PIM) ............................................................................412
Internet Group Management Protocol (IGMP)................................................................413
RFCs ..............................................................................................................................414
PIM Configuration .................................................................................................................415
PIM Configuration Steps.................................................................................................415
PIM Configuration Flow..................................................................................................417
PIM Configuration Commands .......................................................................................418
Show Commands in PIM................................................................................................423
Clear Commands in PIM ................................................................................................426
IGMP Configuration...............................................................................................................427
IGMP Configuration Steps..............................................................................................427
IGMP Configuration Flow ...............................................................................................429
IGMP Configuration Commands.....................................................................................430
Show Commands in IGMP.............................................................................................434
Show Commands in Multicast........................................................................................435
Clear Commands in Multicast.........................................................................................436
Multicast Configuration on OA5510-TE.................................................................................437
Verifying Multicast Routing.............................................................................................441
19 Policy Based Routing.................................................................................443
Chapter Conventions......................................................................................................443
PBR Overview.......................................................................................................................444
Alcatel-Lucent Specific Overview...................................................................................444
PBR Configuration................................................................................................................445
PBR Configuration Steps................................................................................................445
PBR Configuration Flow.................................................................................................447
PBR Configuration Commands ......................................................................................448
Show Commands in PBR...............................................................................................451
Clear Commands............................................................................................................452
PBR Configuration Example.................................................................................................453
Configuration Steps........................................................................................................454
Verification......................................................................................................................455
Part 6: Network Security
20 Network Address Translation....................................................................459
Chapter Conventions......................................................................................................459
NAT Overview.......................................................................................................................460
Types of NAT..................................................................................................................460
Benefits of NAT ..............................................................................................................462
Before You Configure NAT.............................................................................................462
Alcatel-Lucent Specific Overview...................................................................................462
Source NAT Configuration....................................................................................................463
SNAT Configuration Steps .............................................................................................464
SNAT Configuration Flow...............................................................................................466
SNAT Configuration Commands....................................................................................467
Sample Configurations of SNAT on OA5510-TE............................................................473
Destination NAT Configuration..............................................................................................474
DNAT Configuration Steps.............................................................................................475
DNAT Configuration Flow...............................................................................................477
DNAT Configuration Commands....................................................................................478
Sample Configuration Example of DNAT on OA5510-TE ..............................................481
Bypass............................................................................................................................482
NAT Show Commands...................................................................................................483
NAT Clear Commands ...................................................................................................485
NAT Debug Commands .................................................................................................486
Modifying NAT Configuration................................................................................................487
Insertions........................................................................................................................487
Updations .......................................................................................................................488
NAT Deletion Commands...............................................................................................490
21 Filter and Firewall.......................................................................................493
Chapter Conventions......................................................................................................493
Network Security - An overview............................................................................................494
Network Security Terminologies.....................................................................................495
Firewall Mechanisms......................................................................................................496
Before You Configure Filters and Firewalls....................................................................497
OA5510-TE Specific Overview.......................................................................................497
Filter Configuration................................................................................................................498
Filter Configuration Steps...............................................................................................498
Filter Configuration Flow.................................................................................................500
Filter Configuration Commands......................................................................................501
Filter Show Commands ..................................................................................................505
Filter Deletion Commands..............................................................................................507
Filter Clear Commands...................................................................................................508
Sample Examples of Configuring Filters on OA5510-TE ...............................................509
Managing Security Configuration..........................................................................................510
Insertions........................................................................................................................510
Updations .......................................................................................................................511
Network Attacks - An Overview.............................................................................................513
Types of Network Attacks...............................................................................................513
Default Attacks (Rate-limiting / Stateful).........................................................................514
Default Attacks (Non-rate Limiting / Stateless)...............................................................516
Optional Attacks .............................................................................................................518
Network Attack Prevention Configuration.............................................................................520
Network Attack Prevention Configuration Steps.............................................................520
Network Attack Prevention Configuration Flow ..............................................................522
Network Attack Prevention Configuration Commands ...................................................523
Firewall Show Commands..............................................................................................533
Sample Firewall Policy Configurations on OA5510-TE ..................................................539
Zone Configuration................................................................................................................541
Trusted Zone Configuration............................................................................................541
Untrusted Zone Configuration ........................................................................................541
Semi-trusted Zone or Demilitarized Zone.......................................................................542
Three Zone Firewall Example.........................................................................................543
Example 2: Simple Zone Configuration in OA5510-TE..................................................551
Time-range/Timer Configuration...........................................................................................553
Time-range Configuration Commands ...........................................................................553
Time-range Show Command..........................................................................................554
ALGs Supported in OA5510-TE............................................................................................555
ALG Configuration Commands.......................................................................................557
Customized-service Rule Based ALG Configuration ............................................................564
Customizing ALG Commands........................................................................................564
NOE ALG Configuration........................................................................................................567
Persistent Memory..........................................................................................................567
Alcatel-Lucent Specific Overview...................................................................................567
NOE ALG Configuration Steps.......................................................................................568
NOE ALG Configuration Commands..............................................................................569
NOE Show Commands ..................................................................................................571
NOE Clear Commands...................................................................................................573
Typical Rule Based ALG and DNAT Example Using OA5510-TE........................................574
Security - Best Practices.......................................................................................................576
Rules for Configuring Packet Filters...............................................................................576
22 IP Security - Virtual Private Network ........................................................581
Chapter Conventions......................................................................................................582
IPsec VPN Overview.............................................................................................................583
IPsec Enabled VPN........................................................................................................585
IPsec Connection Types.................................................................................................585
IPsec Concepts ..............................................................................................................587
Benefits of IPsec Enabled VPN......................................................................................592
Default Configuration Setting on OA5510-TE.................................................................593
IPsec VPN Configuration......................................................................................................594
IPsec VPN Configuration Steps......................................................................................594
IPsec VPN Configuration Flow.......................................................................................596
IPsec Configuration Commands.....................................................................................597
To Configure the Match-lists...........................................................................................597
IPsec Configuration with Pre-shared Key.......................................................................597
Example..........................................................................................................................597
IPsec Configuration with X.509 Certificates ...................................................................598
To Import a RSA Key......................................................................................................598
Example..........................................................................................................................598
Example..........................................................................................................................599
To Export RSA Keys.......................................................................................................605
Example..........................................................................................................................605
To Delete a CA Certificate..............................................................................................605
Example..........................................................................................................................605
To Delete a Signed Certificate........................................................................................606
Example..........................................................................................................................606
To Delete a Peer Certificate ...........................................................................................606
Example..........................................................................................................................606
To Delete an RSA Key Pair............................................................................................606
Example..........................................................................................................................606
Internet Key Exchange (IKE) Policy ...............................................................................607
To Configure Transform-set in IPsec..............................................................................611
To Configure IPsec Crypto Map.....................................................................................613
Example..........................................................................................................................613
To Attach Crypto Map to an Interface.............................................................................617
Dead Peer Detection (DPD)...........................................................................................618
IPsec VPN Show Commands.........................................................................................620
Clear Commands in IPsec..............................................................................................637
IPsec Scenarios on OA5510-TE...........................................................................................638
Best Practices For Deploying IPsec VPN .............................................................................641
Identity............................................................................................................................641
IPsec Access Control .....................................................................................................642
IPsec...............................................................................................................................642
Network Address Translation .........................................................................................643
Network Access Control.................................................................................................643
Interoperability................................................................................................................643
Routing Entry..................................................................................................................643
IPsec NAT-Traversal.............................................................................................................644
Scenarios Depicting IPsec Nat-traversal...............................................................................645
IPsec Tunnel Interface..........................................................................................................647
Before You Configure IPsec Tunnel Interface................................................................647
Default Configuration......................................................................................................648
IPsec Tunnel Interface Configuration....................................................................................649
IPsec Tunnel Interface Configuration Steps...................................................................649
IPsec Tunnel Interface Configuration Flow.....................................................................651
IPsec Tunnel Interface Configuration Commands..........................................................652
IPsec Tunnel Configuration Scenarios using OA5510-TE....................................................659
23 Intrusion Detection/Intrusion Prevention System...................................661
Chapter Conventions......................................................................................................661
IDS/IPS Overview .................................................................................................................662
Alcatel-Lucent Specific Overview...................................................................................662
IDS/IPS Configuration...........................................................................................................662
IDS/IPS Configuration Steps..........................................................................................663
IDS/IPS Configuration Flow............................................................................................665
IDS/IPS Configuration Commands.................................................................................666
IDS/IPS Show Commands .............................................................................................672
IDS/IPS Clear Commands..............................................................................................677
IDS/IPS Debug Commands............................................................................................678
IDS/IPS Configuration Scenario Using OA5510-TE..............................................................679
Configuration Steps........................................................................................................679
Show Commands...........................................................................................................679
IDS/IPS Topology...........................................................................................................680
24 Generic Routing Encapsulation................................................................683
Chapter Conventions......................................................................................................683
GRE Overview ......................................................................................................................684
GRE Tunnel Setup .........................................................................................................684
GRE Tunnel Features.....................................................................................................685
Summary........................................................................................................................686
Alcatel-Lucent Specific Overview...................................................................................686
GRE Tunnel Configuration....................................................................................................687
GRE Configuration Steps ...............................................................................................687
GRE Configuration Flow.................................................................................................689
GRE CLI Commands......................................................................................................690
GRE Configuration Scenarios using OA5510-TE .................................................................693
1. GRE Configuration .....................................................................................................693
2. GRE + IP Filters + DoS Configuration......................................................................695
3. GRE over IPsec Configuration .................................................................................697
Part 7: Quality of Service
25 Quality of Service.......................................................................................703
Chapter Conventions......................................................................................................703
QoS Overview.......................................................................................................................704
Generic terms used in QoS............................................................................................704
Alcatel-Lucent Specific Overview on QoS......................................................................706
Traffic Without Policing and Shaping..............................................................................708
Traffic with Policing.........................................................................................................709
Traffic with Shaping........................................................................................................710
Hierarchical Queuing......................................................................................................711
Bandwidth Sharing in Tunnels........................................................................................713
QoS Configuration.................................................................................................................714
QoS Configuration Steps................................................................................................714
QoS Configuration Flow .................................................................................................717
QoS Configuration Commands.......................................................................................719
Class Map Configuration................................................................................................719
Policy Map Configuration................................................................................................721
Attaching a Policy Map to an Interface...........................................................................723
Traffic Class Attributes Configuration.............................................................................724
Auto QoS Configuration..................................................................................................733
Hierarchical Policy Configuration....................................................................................735
QoS over Tunnel Interface .............................................................................................740
Example..........................................................................................................................740
QoS Show Commands...................................................................................................742
QoS Clear Commands ...................................................................................................750
QoS Test Scenarios on OA5510...........................................................................................751
Traffic Shaping ...............................................................................................................751
Priority Queuing..............................................................................................................752
Part 8: TCP/IP Services
26 DHCP (Dynamic Host Configuration Protocol) Server............................757
Chapter Conventions......................................................................................................757
DHCP Server Overview ........................................................................................................758
Alcatel-Lucent Specific Overview...................................................................................758
DHCP Server Configuration..................................................................................................759
DHCP Server Configuration Steps.................................................................................759
DHCP Server Configuration Flow...................................................................................761
DHCP Server Configuration Commands........................................................................762
DHCP Server Show Commands ....................................................................................769
DHCP Server Test Scenarios using OA5510-TE..................................................................772
Configuration Steps........................................................................................................773
27 TFTP (Trivial File Transfer Protocol) Server............................................775
Chapter Conventions......................................................................................................775
TFTP Server Overview..........................................................................................................776
Alcatel-Lucent Specific Overview...................................................................................776
TFTP Server Configuration...................................................................................................777
TFTP Server Configuration Steps ..................................................................................777
TFTP Server Configuration Flow....................................................................................778
TFTP Server Configuration Commands.........................................................................779
TFTP Show Commands.................................................................................................780
28 DHCP (Dynamic Host Configuration Protocol) Relay.............................781
Chapter Conventions......................................................................................................781
DHCP Relay Overview..........................................................................................................782
Alcatel-Lucent Specific Overview...................................................................................782
DHCP Relay Configuration ...................................................................................................783
DHCP Relay Configuration Steps...................................................................................783
DHCP Relay Configuration Flow ....................................................................................784
DHCP Relay Configuration Commands .........................................................................785
DHCP Relay Test Scenarios using OA5510-TE...................................................................787
Configuration Steps........................................................................................................787
29 DNS (Domain Name Service) Client..........................................................789
Chapter Conventions......................................................................................................789
DNS Client Overview ............................................................................................................790
DNS Client Configuration......................................................................................................790
DNS Client Configuration Steps.....................................................................................791
DNS Client Configuration Flow.......................................................................................792
DNS Client Configuration Commands............................................................................793
DNS Client Test Scenario using OA5510-TE........................................................................797
Configuration Steps........................................................................................................797
Part 10: Appendices
A Well Defined Port Numbers for Services......................................................3
B RFCs Supported by OA5510-TE..................................................................11
AAA Authentication.................................................................................................................11
SNMP......................................................................................................................................11
Management...........................................................................................................................11
VRRP......................................................................................................................................11
LAN.........................................................................................................................................11
Layer-2 protocols ....................................................................................................................12
Routing....................................................................................................................................12
IPsec VPN...............................................................................................................................13
GRE ........................................................................................................................................13
QoS.........................................................................................................................................13
C Failure Scenarios While Installing OA5510-TE Software Package..........15
Failure Scenarios While Installing...........................................................................................15
D QoS Values and Mnemonics .......................................................................17
Default Values for Random-detect ip-precedence............................................................17
Default Values for Random-detect ip-dscp.......................................................................17
IP-DSCP Mnemonics........................................................................................................20
IP-precedence Mnemonics...............................................................................................21
ToS Mnemonics................................................................................................................21
E IP Security Interoperability of OA5510-TE .................................................23
Configuring IPsec Tunnel Between OA5510-TE and VPN Firewall Brick...............................23
Configuration....................................................................................................................24
Verification........................................................................................................................28
Configuring IPsec between OA5510-TE and Sonicwall (PRO 3060)......................................29
Configuration....................................................................................................................30
Configuring Sonicwall (PRO 3060)...................................................................................32
Verifying the Configuration...............................................................................................36
F Software Licenses and Acknowledgements..............................................37
Linux Kernel......................................................................................................................38
Freescale Copyrights........................................................................................................38
Marvel...............................................................................................................................38
PMC-Sierra Linux Device Driver Software .......................................................................39
U-Boot ..............................................................................................................................39
Linux STP.........................................................................................................................40
Paul's PPP Package.........................................................................................................40
DHCP ...............................................................................................................................42
tftp-hpa .............................................................................................................................43
Net-SNMP ........................................................................................................................44
OpenSSH .........................................................................................................................46
ZEBRA CLI ......................................................................................................................48
GNU Pth - The GNU Portable Threads ............................................................................49
TCP Proxy and Reassembly ............................................................................................49
Strongswan IKE................................................................................................................50
FreeBSD Crypto Library ...................................................................................................50
Snort.................................................................................................................................51
Mbedthis AppWeb ............................................................................................................52
libxslt.................................................................................................................................52
BusyBox ...........................................................................................................................53
iputils ................................................................................................................................53
e2fsprogs..........................................................................................................................55
InetUtils, gawk, GDB ........................................................................................................55
cURL.................................................................................................................................56
PCRE................................................................................................................................56
MD5..................................................................................................................................57
GNU General Public License............................................................................................58
GNU Lesser General Public License................................................................................64
List of Figures
Configuration Modes 13
VRRP Configuration Flow 120
VRRP Configuration Scenario 132
Ethernet Network 139
Fast Ethernet Interface Configuration Flow 142
Layer 2 Switching 151
L2 Switching Configuration Flow 155
Switching with no VLANs 163
Switching with VLAN 164
Spanning Tree Topology on OA5510-TE 176
IRB Topology 183
E1 Frame Structure 188
E1 Configuration Flow 193
T1 Configuration Flow 208
An HDLC frame with an information field 222
HDLC Configuration Flow 227
FR Configuration Flow 239
PPP Configuration Flow 254
Depicting Common Classification 276
Elements in Common Classifiers 277
RIP Configuration Flow 338
BGP Configuration Flow 363
BGP Configuration Scenario 372
OSPF Configuration Flow 379
OSPF Configuration Scenario 408
PIM Configuration Flow 417
IGMP Configuration Flow 429
Multicast Configuration Scenario 437
PBR Configuration Flow 447
PBR Configuration Scenario using OA5510-TE 453
SNAT Configuration Flow 466
DNAT Configuration Flow 477
Depicting ALG Scenario 495
Filter Configuration Flow 500
Network Attack Prevention Flowchart 522
Figure Depicting Three Zones 541
Three Zone Network Topology 542
Three Zone Firewall Network Topology 543
ALG Configuration Scenario 574
General VPN Usage 583
A General Scenario of IPsec - VPN 586
Tunnel Mode 587
Phase 1 Negotiation - Main Mode 590
Phase 2 Negotiation - Quick Mode 591
IPsec Configuration Flowchart 596
IPsec Scenario with NAT-Traversal 645
IPsec Tunnel Interface Configuration Flowchart 651
IPsec Tunnel Interface Configuration Topology 659
IDS/IPS Configuration Flow 665
IDS/IPS Topology 680
GRE Configuration Flow 689
GRE Configuration Topology 693
GRE+ IP Filters + DoS Configuration Topology 695
GRE + IPsec Configuration Topology 697
Data Traffic before Policing And Shaping 708
Data Traffic with Policing 709
Data Traffic with Shaping 710
Link Sharing Requirement Example 711
Link Sharing Solution 712
Link Bandwidth sharing requirements over VPN tunnels 713
QoS Configuration Flow - Auto QoS Procedure 717
QoS Configuration Flow - Standard Procedure 718
QoS Traffic Shaping Using OA5510-TE 751
QoS Priority Queuing Using OA5510-TE 752
DHCP Server Configuration Flow 761
DHCP Server Test Scenario using OA5510-TE 772
TFTP Server Configuration Flow 778
DHCP Relay Configuration Flow 784
DHCP Relay Test Scenario using OA5510 787
DNS Client Configuration Flow 792
DNS Client Test Scenario using OA5510-TE 797
IPsec Interoperability Between OA5510 and VPN Firewall Brick 23
LAN Tunnel Editor - Endpoint 1 - Endpoint 2 - (a) 26
LAN Tunnel Editor - Endpoint 1 - Endpoint 2 - (b) 27
LAN Tunnel Editor - Endpoint 1 - Endpoint 2 - (c) 28
IPsec Interoperability Between OA5510 and Sonicwall PRO 3060 29
Configuring Local network behind Sonicwall 32
Configuring External IP Address for Sonicwall 33
Configuring IPsec Policy and Destination Network 34
Configuring IPsec Phase 1 and Phase 2 Proposals 35
Preface
Except on the first page, right running head:
Heading1 or Heading1NewPage text (automatic)
1
Alcatel-Lucent
Beta Beta
OmniAccess 5510 Unified Services Gateway CLI Configuration Guide
CHAPTER 1 PREFACE
ABOUT THIS GUIDE
This guide describes the Command Line Interface (CLI) commands used to
configure different services available in the OmniAccess 5510-TE Unified
Services Gateway (OA5510-TE). It focuses on accessing OA5510-TE by using
the CLI. In addition to showing how to configure each feature, this guide also
provides background on why user might need the service and how it works.
The following list is a sampling of what is found in this guide:
• Getting efficient use of network resources.
• Configuring the LAN and WAN interfaces effectively.
• Optimizing routing services to enhance network scalability.
• Integrating networks with different routing protocols.
• Adding intelligence and flexibility to use the ACLs across applications using the
Common Classifiers.
• Setting improved security policies on the network for users and their services.
• Extending the network to new places, such as Internet, securely.
• Protecting information and network resources.
AUDIENCE
This guide is intended for networking professionals who are responsible for
designing, implementing, and managing enterprise networks. This guide aims to
provide unique technologies and effective practices that not only deliver value on
the networking perspective but also provides an opportunity for professional
growth.
/