D-Link DI-1750 Reference Manual

Other manuals for DI-1750: Installation Manual

Page of 549

Download

Print this page

Bookmark us

Router

Command Line Interface

Reference Manual

For DI-1750/DI-2621/DI-2630/DI-3660

Rev. 2 (August 2004)

RECYCLABLE

1 2 3 4 5 6 7 Next › »

Summary of DI-1750

Page 1
Router command line interface reference manual for di-1750/di-2621/di-2630/di-3660 rev. 2 (august 2004) recyclable.
Page 2
Command line interface reference manual - i - table of content 1. Prepare for configuration ................................................................................................................................................. 1 2. Configure system monitor status.............................
Page 3
Model name - 1 - 1. Prepare for configuration 1.1 preparation in this section, we will introduce the necessary information for the first time configuration of router, which includes port numbering, introduction of operation and command line interface before start. 1.2 port number the number of the r...
Page 4
Model name - 2 - 1.3 before start please confirm the following steps before power on the router for configuration: (1) set up router’s hardware according to the requirement of user manual (2) configure the pc terminal emulation program (3) for internet protocol (ip), decide: · layout of ip addresses...
Page 5
Model name - 3 - 1.6 cancel a command if you want to cancel a command or restore it to default properties, you can select u or u option at prompt rightly after inputting most of the commands. For example, when deleting a configured static route, please select the u option at prompt after inputting t...
Page 6
Model name - 4 - 2. Configure system monitor status the following message will be displayed when switch on the router (take di-1750 for example): d-link internetwork operating system software 1750 series software, version 1.3.1d (full), release software copyright (c) 2002 d-link corporation. Compile...
Page 7
Model name - 5 - there are two methods to update the software in the monitor status. 1. By tftp protocol monitor#copy tftp :filename > flash :filename > [ip_addr] this command is used to copy the file from tftp server to system flash memory. The system will prompt user to input the name of remote se...
Page 8
Model name - 6 - figuer 2-1 input the full path of router software main.Bin provided by this company in the filename input box, and choose zmodem for the protocol. Press “send” button to send the file. When completing sending the file, the following message will appear: zmodem:successfully receive 3...
Page 9
Model name - 7 - example monitor#ip route default 192.168.1.1 2.5 test network connection by ping monitor#ping this command is used for testing the connecting status of the network. Parameter description ip_address destination ip address example monitor#ping 192.168.0.100 reply from 192.168.0.100 : ...
Page 10
Model name - 8 - 3. Interface configuration 3.1 overview by the information in this chapter to understand the types of interfaces supported on d-link routers and to search configuration information for various types of interfaces. For a complete description of the interface commands used in this and...
Page 11
Model name - 9 - ♦ asynchronous serial ♦ channelized e1 ♦ isdn pri interface ♦ isdn bri interface ♦ dtu interface ♦ asynchronous modem interface presently, the logic interface supported by d-link router are: ♦ loop-back interface ♦ empty interface ♦ dialup interface ♦ virtual template and virtual ac...
Page 12
Model name - 10 - (03)async asynchronous interface (04)null null interface (05)loopback loopback interface (06)tunnel tunnel interface (07)dialer dialer interface (08)multilink multilink-group interface (09)virtual-template virtual template interface (10)virtual-tunnel virtual tunnel interface pleas...
Page 13
Model name - 11 - command purpose bandwidth kilobps set the bandwidth for current configured interface choose the item 1 of prompt and set the bandwidth. The bandwidth is only a parameter of route that did not affect the communication rate of actual physical interface. 3.4.2 set timing delay the inf...
Page 14
Model name - 12 - (01)ethernet ethernet interface (02)serial serial interface (03)async asynchronous interface (04)null null interface please input the code of command to be excute(0-4): input the value of type, slot and port of the interface to be displayed: to display the current configuration, in...
Page 15
Model name - 13 - please input the code of command to be excute(0-10): input the type, slot and port of the physical interface to be initialized or the virtual interface to be deleted. 3.6 close and restart interface forbid an interface will cause the forbiddance of all the functions that use to ass...
Page 16
Model name - 14 - please see the “interface configuration example” later in this chapter to get the examples of configuring task. For hardware technical descriptions and information about installing interfaces, refer to the hardware installation and configuration manual for your product. For a compl...
Page 17
Model name - 15 - input the command “cd config” to enter the global configuration mode. Step 2: input the command “interface”, list all the parameters: (00)fastethernet fastethernet interface (01)ethernet ethernet interface (02)serial serial interface ...... Please input the code of command to be ex...
Page 18
Model name - 16 - 3.7.3 duplex configuration mode of fastethernet the duplex mode of fastethernet executed through self-negotiation as well as configuration on interface. Command function duplex half set the operational mode of fastethernet as half-duplex. Duplex full set the operational mode of fas...
Page 19
Model name - 17 - command function encapsulation dot1q vlan-identifier encapsulate 802.1q protocol and assign vlan id choose the item 11 of prompt, it will display: (00)dot1q ieee 802.1q virtual lan please input the code of command to be excute(0-0): 0 input 0 and the value of vlan-identifier ， then...
Page 21
Model name - 19 - choose the item 25 of prompt, it will display: u(undo) d(default) q(quit) (00)flow-control flow control (01)mode configure sync or async physical layer on serial interface (02)sampling set clock sampling mode (03)speed port speed please input the code of command to be excute(0-3): ...
Page 22
Model name - 20 - 3.8.2 configuring e1 interface to configure e1 interface, command config-controller e1 must be inputed firstly in the status of global configuring. Command function controller e1 / configure e1 interface slot is number of solt that controller located in, config-group is link number...
Page 23
Model name - 21 - command function framing crc4 configure the frame checking of e1 interface as 4bytes crc check. Framing(undo) or framing no-crc4 configure the frame checking of e1 interface as unchecking. Take the first command as an example: choose the item 13 of interface-parameter prompt, it wi...
Page 24
Model name - 22 - 5. Configuring loopback transmission mode of e1 interface while in the mode of remot loop-back transmission, the message that received through the port will be return by e1 through the sending channel. Command function loopback local configure the operation mode of e1 as remote loo...
Page 26
Model name - 24 - 3.8.3 configure unframe e1 interface 1. Introduction of unframe e1 interface unframe e1 port can be used only in unframe mode and the interface is unchannelized , its logic features is the same as synchronization serial interface, support ppp, frame relay, lapb , x.25 and etc. Link...
Page 27
Model name - 25 - 4. Configure unframe e1 interface clock mode when unframe e1 is used as synchronization interface, there are two work modes: “dte” and “dce”, you need to choose line clock also. When unframe e1 interfaces of two routers are directly connected , it is necessary to let two interfaces...
Page 28
Model name - 26 - (02)serial serial interface please input the code of command to be execute(0-11): 2 please input slot/port:2/0:0 will you execute it? [y]:y key word: (09)encapsulation set encapsulation type for an interface please input the code of command to be execute(0-28): 9 current status:s2/...
Page 29
Model name - 27 - can set the detailed timeslot as a b channel of a general serial port or a pri interface through the command line. When one or more timeslot has been configured as the pri b channel of an e1 interface, the fifteenth timeslot will always be utilized by the pri interface as the d cha...
Page 30
Model name - 28 - command function interface bri slot >/ group > enter the isdn bri interface slot is the slot number of bri controller group is the link number bri controller input the command “ interface ”, it will prompt: (00)fastethernet fastethernet interface (01)ethernet ethernet interface (02...
Page 31
Model name - 29 - (01)lt lt mode please input the code of command to be excute(0-1): 0 input 1, choose the item “it”. 3. Configuring speed of the dtu interface command function physical-layer speed speed designate the interface speed choose the item 26 of the interface-paramter prompt, it will displ...
Page 32
Model name - 30 - how to connect with v.92 modem or those that doesn’t support v.42bis since the chip of our modem card can not support the protocol beyond v.90, if you want to connect with some v.92 modem of other company, the connection with the v.92 modem may be failed. (however, you can still di...
Page 33
Model name - 31 - the null interface can be used in any command that has an interface type as an argument. The following example configures a null interface for ip route 192.168.20.0. Ip route 192.168.20.0 255.255.255.0 null 0 2. Configure a loopback interface a loopback interface is a logical inter...
Page 34
Model name - 32 - ...... (09)rotary-group add this interface to a dialer rotary group ...... Please input the code of command to be excute(0-28): 9 input 9 ， choose the item “rotary-group” ， it will prompt: (00)dialer dialer interface please input the code of command to be excute(0-0): 0 input 0 ， c...
Page 35
Model name - 33 - please input a interface name: multilink input “multilink” ， it will prompt ： (00) multilink interface number please input the code of command to be excute(0-0): 0 input 0 ， it will prompt ： please input a interface number: input “number” 6. Configure the tunnel interface tunnel in...
Page 36
Model name - 34 - (04)bm bm interface ..... Please input the code of command to be excute(0-10): 4 input 4 ， choose bm option,clew: please input a interface name: bm2/0 input bm2/0. 3.13.1 configur idsl interface work mode command purpose linemode nt configure idsl interface to nt work mode linemode...
Page 37
Model name - 35 - 2. Example 2 router a and b are connected with isdn lease line and use multilink ppp to transmit data at a rate of 128kbps. Router a configuration: interface multilink1 ip address 10.1.1.1 255.255.255.0 ppp multilink multilink-group 1 ! Interface bm2/0 no ip address encapsulation p...
Page 38
Model name - 36 - 2. Example of low-speed serial interface following example illustrates how to switch the low-speed serial interface from synchronous mode to asynchronous mode: interface serial 1/0 physical-layer mode async following example illustrates how to switch the low-speed serial interface ...
Page 39
Model name - 37 - with this configuration, a is only to ping with c each other and b is only to ping with d each other. 4. Example of pri interface configuring router _config# control e1 3/2 (enter the e1 configurative mode) router _config _controller# pri-group timeslot 1-5,9,10 router _config _con...
Page 40
Model name - 38 - 4. Basic configuration 4.1 configuring snmp 4.1.1 configuring snmp list ♦ snmp system consist of 3 parts as below: ♦ snmp network management system (nms) ♦ snmp agent ♦ management information bsae (mib) 4.1.2 snmp intrudution snmp is link layer protocol. It provides the message for...
Page 41
Model name - 39 - snmpv2c--- community based management frame of snmpv2. Test protocol of internet that defined in rfc1901. D-link router support following snmp versions: snmpv3 . Snmpv1 utilizes community based security mode to access management port that the agent of mib. The community is definite...
Page 42
Model name - 40 - please see the section "snmp command“ to get more examples about configuration of community character string. 4.1.4 set the contact information of the route’s administrator and location of router sys contact and syslocation are all management variable of system group in mib and res...
Page 43
Model name - 41 - (04)packetsize largest snmp packet size ...... Please input the code of command to be excute(0-8): 4 input 4, choose the item “packetsize”, it will prompt: (00) packet size please input the code of command to be excute(0-0): 0 input 0, it will prompt: please input a digital number:...
Page 44
Model name - 42 - please input the code of command to be excute(0-0): 0 input 0 ， it will prompt: please input a string: input the hostname or ip address ， it will prompt: (00)word snmp community string please input the code of command to be excute(0-0): 0 input 0, choose the item “word”, it will pr...
Page 45
Model name - 43 - 4.1.9 example of configuration 1. Example 1: snmp-server community public ro snmp-server community private rw snmp-server host 192.168.10.2 public there are two community character strings that to be configured in this example. One is “public” that has the authority to read all of ...
Page 46
Model name - 44 - 4.2.2 set the cdp message interval and holdtime you can use the following commands in global configurative mode to set cdp message interval and holdtime: command function pdp timer s econds configuring the message interval of cdp pdp holdtime seconds configuring the cdp message hol...
Page 47
Model name - 45 - q(quit) …… (23)pdp pdp configuration commands (24)physical-layer configure physical layer parameters …… please input the code of command to be excute(0-32): 23 key word: u(undo) d(default) q(quit) (00)enable enable pdp on interface please input the code of command to be excute(0-0)...
Page 48
Model name - 46 - 4.2.5 example of cdp configuration 1. Enable cdp function [default@router /config/]# pdp run [default@router /config/]# int f0/0 [default@router /f0/0/]# pdp enable configuring the cdp message interval and message holdtime [default@router /config/]# pdp timer 30 [default@router /co...
Page 49
Model name - 47 - port of router (such as ethernet and serial interface). 3. Relation of circuit and interface ♦ asynchronous interface and tty circuit ♦ synchronous interface and vty circuit asynchronous interface and tty asynchronous interface correspond to physical terminal circuit [tty]. Asynchr...
Page 50
Model name - 48 - please input the code of command to be excute(0-36): 36 key word: u(undo) d(default) q(quit) (00) number of characters on a screen line(0 for no line wrap) please input the code of command to be excute(0-0): 0 please input a digital number: 132 （ input number of characters ） will y...
Page 51
Model name - 49 - please input the code of command to be excute(0-3): 3 key word: q(quit) (00) first line number please input the code of command to be excute(0-0): 0 please input a digital number: 0 （ input first line number ） key word: q(quit) (00) last line number (01) please input the code of co...
Page 52
Model name - 50 - write save the configuration [default@router /config/]# rmon key word: u(undo) d(default) q(quit) (00)alarm configure an rmon alarm (01)event configure an rmon event please input the code of command to be excute(0-1): 0 key word: q(quit) (00) alarm number please input the code of c...
Page 53
Model name - 51 - after configuring an item of alarm, device will get the oid value designated by variable every interval seconds, and compare the value with former one according to the alarm type(absolute or delta), if the current value is larger and exceed the limitation designated by the rising-t...
Page 54
Model name - 52 - please input the code of command to be excute(0-3): 0 key word: q(quit) (00)trap generate snmp trap when the event fires (01)owner specify an owner for the event (02) please input the code of command to be excute(0-2): 1 key word: q(quit) (00)word event owner please input the code ...
Page 55
Model name - 53 - please input the code of command to be excute(0-0): 0 please input a string: 100 (input index number) key word: q(quit) (00)owner set the owner of this rmon collection please input the code of command to be excute(0-0): 0 please input a string: dlink (input owner name) key word: q(...
Page 56
Model name - 54 - (00)buckets requested buckets of intervals. Default is 50 buckets (01)interval interval to sample data for each bucket. Default is 1800 seconds (02)owner set the owner of this rmon collection (03) please input the code of command to be excute(0-3): 0 key word: q(quit) (00) requeste...
Page 57
Model name - 55 - intervals. [default@router /config/]# show key word: u(undo) d(default) q(quit) …… (34)rmon rmon statistics (35)route-map information of route-map …… please input the code of command to be excute(0-50): 34 key word: q(quit) (00)alarm display the rmon alarm table (01)history display...
Page 58
Model name - 56 - 5. Wans configuration in this section, we will introduce the configuring method and process that of the correlative protocol of wan. In addition, the configuring example will be provided to you for practice. The protocols of wan that introduced in this section include: fr 、 x.25 、 ...
Page 59
Model name - 57 - the frame relay exchange will be used while the entire flow that received by a dlci can be sent to a similar next-skip address by another dlci. In this condition, it is no need to examine the frame one by one for confirm the target address, and thereby reduce the load of router. 5....
Page 60
Model name - 58 - 5.1.5 slip the point-to-point data link layer protocol(such as slip, ppp) is needed for either the router-router leased line connection, or dialup host-router connection, to complete encapsulation of frame, error control, etc. Slip is a data packet protocol, which defines series of...
Page 61
Model name - 59 - figuer 5-1: typical frame relay configuration the frame relay interface actually consists of one physical connection between the network server and the switch that provides the service. This single physical connection provides direct connectivity to each device on a network 5.2.3 f...
Page 62
Model name - 60 - will you excute it? (y/n): y key word: q(quit) …… (10)dsr-ignore ignore dsr signal (11)encapsulation set encapsulation type for an interface …… please input the code of command to be excute(0-34): 11 key word: u(undo) d(default) q(quit) (00)frame-relay frame relay protocol (01)hdlc...
Page 63
Model name - 61 - u(undo) d(default) q(quit) …… (04)local-dlci set local dlci parameters (05)map set map table for framerelay …… please input the code of command to be excute(0-10): 5 key word: q(quit) (00)a.B.C.D ip address please input the code of command to be excute(0-0): 0 please input a ip add...
Page 64
Model name - 62 - q(quit) …… (15)frame-relay set parameters for framerelay (16)help description of the interactive help system …… please input the code of command to be excute(0-32): 15 key word: u(undo) d(default) q(quit) (00)cir set committed information rate (01)intf-type set interface mode for f...
Page 65
Model name - 63 - u(undo) d(default) q(quit) …… (06)n391 set lmi n391 counter (07)n392 set lmi n392 counter (08)n393 set lmi n393 counter (09)t391 set lmi t391 timer (10)t392 set lmi t392 timer please input the code of command to be excute(0-10): 9 （ choose 6-10 for your demand ） key word: q(quit) (...
Page 66
Model name - 64 - please input the code of command to be excute(0-32): 1 5 key word: u(undo) d(default) q(quit) (00)cir set committed information rate (01)intf-type set interface mode for frame relay(dte/dce/nni) …… please input the code of command to be excute(0-10): 1 key word: q(quit) (00)dte set...
Page 67
Model name - 65 - inverse arp creates dynamic address mappings, as contrasted with the frame-relay map command, which build static mappings. See the section "configure dynamic or static address mapping" earlier in this chapter for more information. Inverse arp is enabled by default disable or reenab...
Page 68
Model name - 66 - user can configure the following items on the wan sub-interface with frame relay encapsulation: ♦ dlci or frame relay address mapping differ with original wan interface ♦ ip address in different networks with the original wan interface 1. Define frame relay subinterfaces to configu...
Page 69
Model name - 67 - please input the code of command to be excute(0-1): 1 subinterfaces can be configured for multipoint or point-to-point communication. (there is no default.) 2. Specify subinterface address for frame relay subinterface, the particular subinterface dlci value can be configured by set...
Page 70
Model name - 68 - frame-relay local-dlci dlci [cir speed ] specify dlci for multipoint subinterface. Refer to “configuring dlci” of the former example. 5.4.7 configure static address mapping for subinterfaces a static map links a specified next-hop protocol address to a specified dlci. To configure ...
Page 71
Model name - 69 - 5.4.9 frame relay configuration examples this section provides examples of frame relay configurations. It includes the following sections: 1. Encapsulation examples the first example that follows sets frame relay encapsulation at the interface. Encapsulation frame-relay frame-relay...
Page 72
Model name - 70 - interface s1/2 encapsulation frame-relay frame-relay intf-type dce frame-relay local-dlci 200 ！ frswitch s1/1 100 s1/2 200 2. Pure frame relay dce example using the pvc switching feature, it is possible to build an entire frame relay network using our routers. In the following figu...
Page 73
Model name - 71 - ！ frswitch s1/1 300 s1/2 200 3. Hybrid dte/dce pvc switching example routers can also be configured as hybrid dte/dce frame relay switches, see figure 5: figuer 5-5 hybrid dte/dce pvc switching in the following example, router b acts as a hybrid dte/dce frame relay switch. It can s...
Page 74
Model name - 72 - basic subinterface examples in the following example, subinterface 1 models a point-to-point subnet and subinterface 2 models a multipoint subnet. Interface s1/0 encapsulation frame-relay frame-relay intf-type dce interface s1/0.1 point-to-point ip address 10.0.1.1 255.255.255.0 fr...
Page 75
Model name - 73 - command purpose values or ranges default x25 mod modulus set the modulo, 8 or 128 8 x25 k window-size set the window size （ k ） 2 ～ (modulo minus-1)frames 7 x25 n1 bytes set the maximum bits per frame(n1) 137-1512 1500 x25 n2 tries set the counter for sending frame(n2) 1-255 times ...
Page 76
Model name - 74 - for the examples of configuring the lapb t1 timer, refer to “typical lapb configuration examples”. 5.5.2 x.25 configuration task list to configure x.25, complete the tasks in one or more of the following sections, depending upon the x.25 application or task required for your networ...
Page 77
Model name - 75 - 5.5.5 set the x.25 mode a router using x.25 level 3 encapsulation can act as a dte or dce protocol device (according to the needs of your x.25 service supplier) to configure the mode of operation and one of these encapsulation types for a specified interface, perform the following ...
Page 78
Model name - 76 - x25 htc circuit-number set the highest virtual circuit number 1-4095 1024 x25 pvc circuit-number set the highest permanent virtual circuit number 0-1024 0 key word: q(quit) …… (29)snmp modify snmp interface parameters (30)x25 set parameters for x.25 please input the code of command...
Page 79
Model name - 77 - (00)word local x.121 address please input the code of command to be excute(0-0): 0 please input a string: 123456 （ input the x121 address ） will you excute it? (y/n): y for an example of configuring the x.25 interface address, see the section "typical x.25 configuration example" la...
Page 80
Model name - 78 - command purpose x25 t20 seconds set dte t20 reset request, default value=180sec x25 t23 seconds set dte t23 clear request, default value=180sec key word: q(quit) …… (29)snmp modify snmp interface parameters (30)x25 set parameters for x.25 please input the code of command to be excu...
Page 81
Model name - 79 - command purpose x25 (undo) alias [ string ] supply an alias x.121address for the interface x25 t23 seconds set dte t23 clear request, default value=180sec key word: q(quit) …… (29)snmp modify snmp interface parameters (30)x25 set parameters for x.25 please input the code of command...
Page 82
Model name - 80 - x25 (undo) map ipaddress pvc pvc_no [ broadcast ] add/delete an permanent virtue circuit mapping. X25 (undo) map ipaddress svc x121-address [ broadcast ][ ebackup ] add/delete a switched virtue circuit mapping. Key word: q(quit) …… (29)snmp modify snmp interface parameters (30)x25 ...
Page 83
Model name - 81 - use the following command in the configuration mode: command purpose x25 (undo) map ipaddress pvc pvc_no [ broadcast ] add/delete an permanent virtue circuit mapping. [default@router /config/]# translate (00)x25 translate to x.25 encapsulation (01)tcp translate packet between tcp a...
Page 84
Model name - 82 - key word: u(undo) d(default) q(quit) …… (07)idle set inactivity time before clearing svc (08)incallcheck check calling address in incall packet or not …… please input the code of command to be excute(0-26): 7 key word: q(quit) (00) idle time for x.25 svc connection of ip keep alive...
Page 86
Model name - 84 - (00) pvc number please input the code of command to be excute(0-0): 0 please input a string: 15 key word: q(quit) (00)async async interface (01)serial serial interface please input the code of command to be excute(0-1): 1 please input a interface name: s1/1 (input the interface nam...
Page 87
Model name - 85 - x25switch (undo) xot svc x.121-address remote-ip-address [ source interface] set a svc xot interface addressing 1. Configuring a pvc xot interface addressing [default@router /config/]# x25switch key word: u(undo) d(default) q(quit) (00)connect add/delete a pvc route in x.25 switch ...
Page 88
Model name - 86 - (01)destination add/delete a svc route in x.25 switch table (02)xot configure x25 over tcp route in x.25 switch table please input the code of command to be excute(0-2): 2 key word: q(quit) (00)pvc add/delete a pvc route based on xot in x.25 switch table (01)svc add/delete a svc(xo...
Page 89
Model name - 87 - please input the code of command to be excute(0-1): 1 （ you can also choose 0 to implement the pvc configuration ） key word: q(quit) (00)serial serial interface please input the code of command to be excute(0-0): 0 please input a interface name: s1/0 （ input the interface name ） ke...
Page 90
Model name - 88 - the specifications are given below: 1 、 clear svc [default@router /enable/]# clear …… (10)telnet clear incoming telnet connection (11)x25 clear x.25 circuits please input the code of command to be excute(0-11): 11 (00)serial serial interface please input the code of command to be e...
Page 91
Model name - 89 - 5 、 debug the lapb frames [default@router /enable/]# debug …… (14)l2tp l2tp information (15)lapb lapb information …… please input the code of command to be excute(0-27): 15 (00)iframes lapb i frames (01)raw lapb raw frames content (02)sframes lapb s frames (03)uframes lapb u frames...
Page 92
Model name - 90 - (00)events all non-data packets (01)normal all data packets (02)packet raw packets (03)tcp debug x25-tcp (04)xot debug xot(x.25-over-tcp) packet please input the code of command to be excute(0-4): 3 (00)data x25tcp data packet (01)event x25tcp event (02)link-status x25tcp link stat...
Page 93
Model name - 91 - 3. Connecting the router to x.25 public packet network network requirement router a,b,c are connected to the same x.25 network to communicate with each other, as the following figure, the configurations are: the ip address of these routers are 168.173.24.1, 168.173.24.2 and 168.173...
Page 94
Model name - 92 - [default@router /enable/]#cd config [default@router /config/]#interface s1/0 [default@router /s1/0/]#ip address 168.173.24.3 255.255.255.0 ! Connect to public packet network and make the router operate as dte: [default@router /s1/0/]#encapsulation x25 [default@router /s1/0/]#x25 ad...
Page 95
Model name - 93 - [default@router /s1/0/]#x25 pvc 2 [default@router /s1/0/]#x25 map 8.0.0.1 pvc 1 5.5.21 configuring x.25-tcp switching examples the configuration commands and arrangement plan are as follows: figuer 5-9 arrangement plan of x25-tcp configuring router b1: [default@router /config/]#tra...
Page 96
Model name - 94 - figuer 5-10 standard x.25 connection between a dumb terminal and an x.25 host pads can also be configured to work with a protocol translation application. Figure 87 shows an example of a remote pc placing an analog modem call to an ip network, connecting to a d-link 4500-m router, ...
Page 97
Model name - 95 - figuer 5-12 asynchronous device dialing in to an x.25 host over an x.25 network 5.6.4 application x.28 enables pad system administrators to dial into x.25 networks or set pad parameters using the x.28 standard user interface. This standard interface is commonly used in many europea...
Page 98
Model name - 96 - prof filename load a standard profile. Reset reset the call. Set change the local values of parameters. Set? Changes and then read the values of parameters. Stat requests status of a connection. Quit exit pad connection. 5.6.7 place a call you need to designate the x.121 address of...
Page 99
Model name - 97 - command purpose ctrl-p from the remote host, escape back to the local router pad mode. Clr clear the virtual call. 5.6.9 customerize local x.3 parameter to set an x.3 pad parameter from a local terminal, use the following commands beginning in exec mode or user mode: command purpos...
Page 100
Model name - 98 - (02)xot show xot state please input the code of command to be excute(0-2): 1 key word: q(quit) (00) please input the code of command to be excute(0-0): 0 will you excute it? (y/n): y this information includes current status of virtual circuit. 5.6.11 x.25 pad access limitation this...
Page 101
Model name - 99 - [default@routerb /]# ctrl-p pad>clr clr conf pad> 5.6.13 x.3 customization examples the following example configures parameter 9 from 0 to 1, which adds one byte after the carriage return. This setting is performed from a local terminal using the set parameter-number : new-value pa...
Page 102
Model name - 100 - ===================================================================== no.Port vc i/o state x.121addr ipaddr hostname ===================================================================== 01 serial1/0 16 in work 1111 [default@routerb /enable/]# 5.7 configuring ppp this section desc...
Page 103
Model name - 101 - command purpose encapsulation ppp enabling ppp encapsulation. Key word: u(undo) d(default) q(quit) …… (11)encapsulation set encapsulation type for an interface (12)english help message in english …… please input the code of command to be excute(0-32): 11 key word: u(undo) d(defaul...
Page 104
Model name - 102 - after you have enabled chap or pap, the local router or access server requires authentication from remote devices. If the remote device does not support the enabled protocol, no traffic will be passed to that device. To use chap or pap, you must perform the following tasks: ♦ enab...
Page 105
Model name - 103 - u(undo) d(default) q(quit) (00)word user name please input the code of command to be excute(0-0): 0 please input a string: dlink （ input username ） key word: q(quit) …… (05)password specify the password for the user (06)trust-host set user trust host please input the code of comma...
Page 106
Model name - 104 - 1. Configure cbcp on this interface command purpose ppp callback request cbcp configure to start cbcp negotiation on caller. Ppp callback accept configure to start the receiving of cbcp negotiation on answerer. Key word: q(quit) …… (26)ppp point-to-point protocol (27)priority-grou...
Page 107
Model name - 105 - (01)caller dialer caller string …… please input the code of command to be excute(0-11): 1 （ you could also choose 0 to configure the called dialstring ） key word: q(quit) (00)word specify calling telephone number to be screened please input the code of command to be excute(0-0): 0...
Page 108
Model name - 106 - ♦ tacacs+ assigned ip address or ip address pooling— during the authorization phase of ipcp address negotiation, tacacs+ can return an ip address that the user being authenticated on a dialup interface can use. ♦ local address pool— the local address pool contains a set of contigu...
Page 109
Model name - 107 - q(quit) (00)word create named local address pool (01)default create default local address pool please input the code of command to be excute(0-1): 0 please input a string: dlink (input username) key word: q(quit) (00)a.B.C.D set first ip address and number of ip addresses of pool ...
Page 110
Model name - 108 - { begin-ip-address [ ip-address-number ]} interface type number specifies the interface and enters interface configuration mode. Peer default config-ip addrip-address specifies the specified address. Key word: u(undo) d(default) q(quit) …… (25)peer peer parameters for point to poi...
Page 111
Model name - 109 - please input the code of command to be excute(0-1): 1 will you excute it? (y/n): y 5.7.9 configuring multilink ppp the multilink ppp feature provides load balancing functionality over multiple wan links. The d-link implementation of the multilink ppp supports the fragmentation and...
Page 112
Model name - 110 - please input the code of command to be excute(0-18): u key word: u(undo) d(default) q(quit) (00)access-group specify access control for packets (01)address ip address …… please input the code of command to be excute(0-18): 1 key word: q(quit) (00)a.B.C.D ip address (01)negotiated ...
Page 113
Model name - 111 - will you excute it? (y/n): y repeat these steps for additional synchronous interfaces, if it’s needed. Notes: to configure set-dialer rotary-group interface, the ppp configuration will automatic synchronize with corresponding dialer interface to configure a dialer interface, use t...
Page 114
Model name - 112 - (09)dialer-group assign interface to dialer-list …… please input the code of command to be excute(0-28): 8 key word: u(undo) d(default) q(quit) …… (06)load-threshold specify threshold for placing additional calls (07)map define multiple dial-on-demand numbers …… please input the c...
Page 116
Model name - 114 - …… (04)hold-queue set output hold queue length (05)idle-timeout set idle time before disconnecting line …… please input the code of command to be excute(0-11): 5 (00) idle timeout in seconds please input the code of command to be excute(0-0): 0 please input a digital number:please...
Page 117
Model name - 115 - please input a string: 1234 （ input dial-string ， this is just an example ） will you excute it? (y/n): y key word: u(undo) d(default) q(quit) …… (10)dialer dial-on-demand routing (ddr) commands (11)dialer-group assign interface to dialer-list …… please input the code of command to...
Page 118
Model name - 116 - to set up the dialer rotary interface, use the following commands: command purpose interface dialer number define an interface ip address ip-address mask specify an appropriate ip address. Encapsulation ppp enable ppp encapsulation dialer idle-timeout seconds (optional) specifies ...
Page 119
Model name - 117 - (12)encapsulation set encapsulation type for an interface (13)english help message in english …… please input the code of command to be excute(0-32): 12 key word: u(undo) d(default) q(quit) (00)ppp ppp protocol please input the code of command to be excute(0-0): 0 will you excute ...
Page 120
Model name - 118 - …… (06)load-threshold specify threshold for placing additional calls (07)map define multiple dial-on-demand numbers …… please input the code of command to be excute(0-11): 7 (00)a.B.C.D ip address please input the code of command to be excute(0-0): 0 please input a ip address: 192...
Page 121
Model name - 119 - …… (07)multilink make interface multilink capable (08)pap set pap authentication parameters (09)timeout set ppp timeout parameters please input the code of command to be excute(0-9): 7 will you excute it? (y/n): y to configure the bri interfaces to belong to the dialer rotary grou...
Page 122
Model name - 120 - will you excute it? (y/n): y key word: u(undo) d(default) q(quit) …… (10)dialer dial-on-demand routing (ddr) commands (11)dialer-group assign interface to dialer-list…… please input the code of command to be excute(0-32): 10 key word: u(undo) d(default) q(quit) …… (05)idle-timeout...
Page 124
Model name - 122 - please input the code of command to be excute(0-5): 5 key word: q(quit) (00)null null class (01)local locally assigned address …… please input the code of command to be excute(0-5): 1 will you excute it? (y/n): y key word: q(quit) …… (21)peer peer parameters for point to point int...
Page 125
Model name - 123 - multilink-group group-number add the interface to multilink group. The input order is: [default@router /config/]#interface (00)fastethernet fastethernet interface (01)serial serial interface …… please input the code of command to be excute(0-9): 1 please input a interface name:s0/...
Page 126
Model name - 124 - please input a digital number:please input a string:100 (input the group-number) will you excute it? (y/n):y repeat steps 1 through 4 for configure other dsl interfaces. Notes: to configure config-multi-link group interface, the ppp configuration will automatic synchronize with co...
Page 127
Model name - 125 - multilink ppp on dsl interface example ! Interface multilink 1 ip address 192.168.20.100 255.0.0.0 encapsulation ppp ppp lcp enddisc-type local ppp authentication chap ppp chap hostname router ppp multilink ! Interface s1/0 ip (undo) address encapsulation ppp ppp lcp enddisc-type ...
Page 128
Model name - 126 - interface s1/1 physical-layer mode async ip (undo) address ip (undo) directed-broadcast ppp lcp enddisc-type ppp ppp authentication pap ppp multilink ppp pap sent-username router mypassword physical-layer speed 57600 ! 5.8 pppoe configuration d-link router supports pppoe client en...
Page 129
Model name - 127 - pppoe-server virtual-template virtual-template-number config ether interface with pppoe server, and associate with the virtual-template interface existed. [default@lns /config/]#int key word: u(undo) d(default) q(quit) (00)fastethernet fastethernet interface (01)ethernet ethernet ...
Page 130
Model name - 128 - (37)switchport set port switching characteristics (38)vrrp vrrp configuration commands please input the code of command to be execute(0-38): 22 current status:e4/2 current directory: config key word: u(undo) q(quit) (00)virtual-template virtual-template port link please input the ...
Page 131
Model name - 129 - ip nat inside source list 1 interface dialer1 ! ! ! 5.9 configuring slip task list 5.9.1 implementation information slip protocol provides the method that encapsulate the network layer protocol information on point-to-point connection. This protocol can be configured on the follow...
Page 132
Model name - 130 - 5.10.3 enable hdlc encapsulation to encapsulate the ip packet, encapsulate the slip protocol on serial line. Command purpose encapsulation hdlc enable hdlc encapsulation. Implementing the following configuration in the interface configurative mode: key word: u(undo) d(default) q(q...
Page 133
Model name - 131 - the function group are divided as: network terminal 1(nt1): implement the function of osi layer one,including the transmit function of user’s line , loop-back function and channel d competition and so on network terminal 2(nt2): also called as intelligent terminal terminal equipme...
Page 134
Model name - 132 - 5.11.3 isdn pri interface configuration task lists when e1 is configured for pri, the 16 th time slot always used by pri for its d channel. The time slots which pri used range from 1 to 30. ♦ configuring isdn parameter ♦ configuring pri interface engross e1 time slot ♦ configuring...
Page 135
Model name - 133 - 5.11.5 configuring ip address of isdn bri or invoking address negotiation for bri interface ,all configuration will be processing in d channel interface, such as brixx/xx interface. Interface address may acquisition by ppp negotiation,or set interface ip address by command. Comman...
Page 136
Model name - 134 - (29)set_e1_threshold set e1 threshold (30)show show configuration and status (31)shutdown shutdown the current interface (32)snmp modify snmp interface parameters please input the code of command to be execute(0-32): 18 current status:b3/2 current directory: config key word: u(und...
Page 137
Model name - 135 - 5.11.6 configuring bri dialer map of destination address bri interface can access by multi-user or dialing initiative multi-network terminal,it will be realize by interface configuration dialer map.For different network terminal,it can ensure pri calling user’s number by ip addres...
Page 138
Model name - 136 - (26)router routing protocol configuration (28)service-policy assign a priority group to interface (29)show show configuration and status (30)shutdown shutdown the current interface (31)snmp modify snmp interface parameters please input the code of command to be execute(0-31): 16 c...
Page 139
Model name - 137 - 5.11.8 configuring ddr parameter please view dialing configuration. 5.11.9 configuring isdn pri parameter configure isdn router type.When you use pri interface dialing, router type would be setting to primary-net5. Command function isdn switch-type primary-net5 setting isdn router...
Page 140
Model name - 138 - (00) slot (01) please input the code of command to be execute(0-1): 0 please input a digital number:3 key word: q(quit) (00) port please input the code of command to be execute(0-0): 0 please input a digital number:2 will you execute it? [y]: current status:_controller_e1_3/2 curr...
Page 141
Model name - 139 - ip address seting ip address of port. 5.11.12 configuring pri dialer map of destination address pri interface can access by multi-user or dialing initiative multi-network terminal,it will be realize by interface configuration dialer map.For different network terminal,it can ensure...
Page 142
Model name - 140 - q(quit) …… (12)encapsulation set encapsulation type for an interface (13)english help message in english …… please input the code of command to be excute(0-32): 12 key word: u(undo) d(default) q(quit) (00)ppp ppp protocol please input the code of command to be excute(0-0): 0 will ...
Page 143
Model name - 141 - ！ configuring the dialer map to the nas key word: u(undo) d(default) q(quit) …… (10)dialer dial-on-demand routing (ddr) commands (11)dialer-group assign interface to dialer-list …… please input the code of command to be excute(0-32): 10 key word: u(undo) d(default) q(quit) …… (07)...
Page 144
Model name - 142 - 2. Example 2 connect local isdn bri interface with center isdn bri interface network requirement: d-link® 1750 router interconnects with the center isdn pri interface through isdn bri interface which implements ip network protocol. Figuer 5-14 configuration steps configuring the i...
Page 145
Model name - 143 - please input the code of command to be excute(0-1): 0 please input a ip address: 10.0.0.1 255.0.0.0 （ input ip address ） (00)secondary make this ip address a secondary address (01) please input the code of command to be excute(0-1): 1 will you excute it? (y/n): y ！ encapsulating d...
Page 146
Model name - 144 - u(undo) d(default) q(quit) …… (07)map define multiple dial-on-demand numbers (08)remote-name specify remote name …… please input the code of command to be excute(0-11): 7 (00)a.B.C.D ip address please input the code of command to be excute(0-0): 0 please input a ip address: 10.0.0...
Page 147
Model name - 145 - 5.12.2 configuring the enable of global fast-switch you must enable the global fast-switch function in the global configurative mode before you configure the fast-switch on interface. Command purpose ip fast-switch enable enable global fast-switch [default@router /config/]# ip …… ...
Page 148
Model name - 146 - 6. Ip section of network protocol configuration the configuration of protocol ip will be introduced in this chapter. Pay more attention to this chapter because it is the key factor for you to implement your configuration task correctly and rapidly. You will have more understanding...
Page 149
Model name - 147 - 6.1.3 interior gateway protocols interior protocols are used for routing networks that are under a common network administration. All ip interior gateway protocols must be associated with specified network on startup (such as configuring network). Each routing process listens to u...
Page 150
Model name - 148 - command purpose ip address ip-address mask configure master ip address of the interface. (00)access-group specify access control for packets (01)address ip address (02)beigrp enhanced interior gateway routing protocol ...... Please input the code of command to be excute(0-18): 1 i...
Page 151
Model name - 149 - input 1 ， select address option ， prompt is as below ： (00)a.B.C.D ip address (01)negotiated ip address negotiated over ppp or via dhcp please input the code of command to be excute(0-1): 0 input 0 ， select a.B.C.D option ， prompt is as below ： please input a ip address: input the...
Page 152
Model name - 150 - the select the specified type and number. The specified interface in upward commands must be an other interface holding ip address of the router, but not also an unnumbered interface. And this interface should be also enabled (in showing of command show interface the interface is ...
Page 153
Model name - 151 - in global configure directory, input arp , prompt is as below: (00)dynamic enable dynamic arp update (01)a.B.C.D host ip address please input the code of command to be excute(0-1): 1 input 1 ， select a.B.C.D option ， prompt is as below ： please input a ip address: input ip-address...
Page 154
Model name - 152 - to assign host names to addresses, perform the following command in global configuration mode: command purpose ip host name address statically associate a host name with an ip address. To specify the map from host name to ip, you should input ip command in global configure directo...
Page 155
Model name - 153 - select ip option in the prompt, it will list all arguments: (00)access-group specify access control for packets (01)address ip address (02)beigrp enhanced interior gateway routing protocol (03)directed-broadcast enable forwarding of directed broadcasts ...... Please input the code...
Page 156
Model name - 154 - (00) port number (01)biff biff (mail notification, comsat, 512) (02)bootpc bootstrap protocol (bootp) client (68) ...... Please input the code of command to be excute(0-27): input protocol to forward. 6.2.4 detect and maintain ip addressing perform the following tasks to detect an...
Page 157
Model name - 155 - ...... Please input the code of command to be excute(0-47): 1 input 1 ， select arp option 6.2.5 ip addressing example 1. Serial interfaces configuration example in the following example, serial interface (serial 1/0) uses address of ethernet1/1. Interface ethernet 1/1 ip address 2...
Page 158
Model name - 156 - a router configured with nat must not advertise the local networks to the outside. However, routing information that nat receives from the outside can be advertised in the stub domain as usual. 6.3.3 nat terminology as mentioned previously, the term inside refers to those networks...
Page 159
Model name - 157 - figuer 6-1 nat inside source translation the following process describes inside source address translation, as shown in figure 1: (1) the user at host 1.1.1.1 opens a connection to host b. (2) the first packet that the router receives from host 1.1.1.1 causes the router to check i...
Page 160
Model name - 158 - input 13, select nat option ， prompt is as below: (00)inside inside address translation (01)log nat logging (02)outside outside address translation ...... Please input the code of command to be excute(0-4): 0 input 0, select inside option ， prompt is as below: (00)source source ad...
Page 161
Model name - 159 - ...... Please input the code of command to be excute(0-10): specify outside interface type and number. Step 5 ： select 18 option in the prompt, it will list all arguments: (00)access-group specify access control for packets ...... (09)nat nat interface commands ...... Please input...
Page 162
Model name - 160 - please input the code of command to be excute(0-0): 0 input 0 ， select word option ， prompt is as below: please input a string: input pool name, prompt is as below: (00)a.B.C.D start ip address please input the code of command to be excute(0-0): 0 input 0 ， select a.B.C.D option ，...
Page 163
Model name - 161 - (01)destination destination address translation please input the code of command to be excute(0-1): 0 input 0 ， select source option ， prompt is as below: (00)list specify access list describing local addresses (01)static specify static local->global mapping please input the code ...
Page 164
Model name - 162 - step 7 ： select 18 option in the prompt, it will list all arguments: (00)access-group specify access control for packets ...... (09)nat nat interface commands ...... Please input the code of command to be excute(0-18): 9 input 9, select nat option, prompt is as below: (00)inside i...
Page 165
Model name - 163 - 4. Host b receives the packet and responds to host 1.1.1.1 by using the inside global ip address 2.2.2.2. 5. When the router receives the packet with the inside global ip address, it performs a nat table lookup, using the protocol, inside global address and port, and outside addre...
Page 166
Model name - 164 - please input a ip address: input end ip address ， prompt is as below: (00)a.B.C.D network mask please input the code of command to be excute(0-0): 0 input 0 ， select a.B.C.D option ， prompt is as below: please input a ip address: input netmask. Step 2 ： input ip command ， it will ...
Page 167
Model name - 165 - (01)pool name pool of global addresses please input the code of command to be excute(0-1): 1 input 1 ， select pool option ， prompt is as below: (00)word pool name for global addresses please input the code of command to be excute(0-0): 0 input 0 ， select word option ， prompt is as...
Page 168
Model name - 166 - the access list must permit only those addresses that are to be translated. (remember that there is an implicit "deny all" at the end of each access list.) an access list that is too permissive can lead to unpredictable results. See the "overloading inside global addresses example...
Page 169
Model name - 167 - step 1 ： input ip command ， it will list all arguments: (00)access-list named access-list ...... (13)nat nat configuration commands ...... Please input the code of command to be excute(0-20): 13 input 13, select nat option ， prompt is as below: (00)inside inside address translatio...
Page 170
Model name - 168 - input 0, select inside option, it will sign the interface to be connected with inside network. Step 4 ： input interface command in global configure directory, prompt is as below: (00)fastethernet fastethernet interface (01)ethernet ethernet interface (02)serial serial interface .....
Page 171
Model name - 169 - input 3 ， select pool option ， prompt is as below: (00)word pool name please input the code of command to be excute(0-0): 0 input 0 ， select word option ， prompt is as below: please input a string: input pool name, prompt is as below: (00)a.B.C.D start ip address please input the ...
Page 172
Model name - 170 - input 2 ， select outside option ， prompt is as below: (00)source source address translation (01)destination destination address translation please input the code of command to be excute(0-1): 0 input 0 ， select source option ， prompt is as below: (00)list specify access list descr...
Page 173
Model name - 171 - (00)access-group specify access control for packets ...... (09)nat nat interface commands ...... Please input the code of command to be excute(0-18): 9 input 9, select nat option, prompt is as below: (00)inside inside interface for address translation (01)outside outside interface...
Page 174
Model name - 172 - the next connection request will cause the router to allocate 1.1.1.2 for the inside local address. To configure destination address rotary translation, use the following commands beginning in global configuration mode. These commands allow you to map one virtual host to many real...
Page 175
Model name - 173 - input netmask. Step 2 ： key word: u(undo) d(default) q(quit) (00)access-list named access-list (01)as-path bgp as-path access list definition (02)community-list community attribute list definition ...... Please input the code of command to be excute(0-20): 0 input 0 ， select acces...
Page 176
Model name - 174 - please input the code of command to be excute(0-1): 1 input 1 ， select pool option ， prompt is as below: (00)word pool name for global addresses please input the code of command to be excute(0-0): 0 input 0 ， select word option ， prompt is as below: please input a string: (00)over...
Page 177
Model name - 175 - see the "tcp load distribution example" section at the end of this chapter for an example of rotary translation. 6.3.13 changing translation timeout and restrict connection amount by default, dynamic address translations time out after some period of nonuse. You can change the def...
Page 178
Model name - 176 - ip nat translation finrst-timeout seconds changes the tcp fin or rst timeout value from 1 minute. Take the first command for an example ： input ip command ， it will list all arguments: (00)access-list named access-list ...... (13)nat nat configuration commands ...... Please input ...
Page 179
Model name - 177 - (04)translation nat translation entry configuration please input the code of command to be excute(0-4): 4 input 4 ， select translation option ， prompt is as below: (00)dns-timeout specify timeout for nat dns flows ...... (03)max-entries specify maximum number of nat entries .........
Page 180
Model name - 178 - (03)tcp transmission control protocol (04)udp user datagram protocol please input the code of command to be excute(0-4): 0 input 0 ， it will clear all dynamic address translation items. To display translation information, use either of the following commands in exec mode: command ...
Page 181
Model name - 179 - ip access-list standard a1 permit 192.168.1.0 255.255.255.0 ! 2. Overloading inside global addresses example the following example creates a pool of addresses named net-208. The pool contains addresses from 171.69.233.208 to 171.69.233.233. Access list 1 allows packets having the ...
Page 182
Model name - 180 - interface serial1/0 ip address 192.168.15.129 255.255.255.240 ip nat outside ! Interface ethernet1/1 ip address 192.168.15.17 255.255.255.240 ip nat inside ! Ip access-list standard a2 permit 192.168.15.1 255.255.255.0 6.4 configure dhcp client dhcp (dynamic host configuration pro...
Page 183
Model name - 181 - 6.4.4 dhcp client configuration task list before any dhcp is configured, you must ensure that there is at least one dhcp-server residing in the network the router reachable. Next section will show you how to executing the following optional tasks through dhcp: ♦ obtain an ip for a...
Page 184
Model name - 182 - 6.4.7 configure dhcp parameters according to your demands, you can adjust the parameters used in dhcp interacting. Perform the following commands in global configure directory: command function ip dhcp client minlease seconds specify the minimum lease time allowed. Ip dhcp client ...
Page 185
Model name - 183 - ...... (11)dhcp dhcp information ...... Please input the code of command to be excute(0-45): 11 input 11 ， selectdhcp option ， prompt is as below: (00)lease show dhcp addresses leased from a server (01)server show dhcp servers we know about please input the code of command to be e...
Page 186
Model name - 184 - (01)disable disable dhcp service (02)pool configure dhcp address pools (03)ping specify icmp parameters used by dhcp (04)write-time specify icmp parameters used by dhcp please input the code of command to be excute(0-4): 0 input 0 ， selectenable option . 6.5.2 disable dhcp server ...
Page 187
Model name - 185 - (02)pool configure dhcp address pools (03)ping specify icmp parameters used by dhcp (04)write-time specify icmp parameters used by dhcp please input the code of command to be excute(0-4): 3 input 3 ， selectping option ， prompt is as below: (00)packets specify number of icmp packet...
Page 188
Model name - 186 - (00)enable enable dhcp serveice (01)disable disable dhcp service (02)pool configure dhcp address pools (03)ping specify icmp parameters used by dhcp (04)write-time specify icmp parameters used by dhcp please input the code of command to be excute(0-4): 2 input 2 ， select pool opti...
Page 189
Model name - 187 - you can use this command to configure the hardware address used for matching client: command function hardware-address hardware-address { type } configure the hardware address used for matching client. You can use this command to configure the client id used for matching client: c...
Page 190
Model name - 188 - select 1 ， display current statistics of the dhcp server. 6.5.7 clean dhcp server information to clean current address allocating information of the dhcp server, please execute the following command in management directory: command function clear ip dhcpd binding ip-addr clean the...
Page 191
Model name - 189 - 6.6 configure ip service 6.6.1 about ip service configuration this chapter describes how to configure optional ip services. For a complete description of the ip services commands in this chapter, refer to the "ip services commands" chapter of the network protocols command referenc...
Page 192
Model name - 190 - (21)rtp rtp parameters (22)tcp tcp parameters (23)unnumbered enable ip processing without an explicit address (24)unreachables enable sending icmp unreachable messages please input the code of command to be excute(0-24): 24 input 24 ， select unreachables option. 2. Sending icmp re...
Page 193
Model name - 191 - (02)beigrp enhanced interior gateway routing protocol (03)directed-broadcast enable forwarding of directed broadcasts (04)fast-switch fast-switch interface commands (05)helper-address specify a destination address for udp broadcasts (06)igmp igmp interface command (07)irdp icmp ro...
Page 194
Model name - 192 - 6. Enable ip source routing the router examines ip header options on every packet. It supports the ip header options strict source route, loose source route, record route, and time stamp, which are defined in rfc 791. If the router finds a packet with one of these options enabled,...
Page 195
Model name - 193 - buffer for icmp messages or broadcasting messages in that generally these messages won’t be sent out continuously. If buffer memory is not enough to use, it will be deleted by timeout. Maybe fast exchange is not relevant to use for transmitting from high speed medium to low speed ...
Page 196
Model name - 194 - (01) please input the code of command to be excute(0-1): 0 input 0 ， it will allow fast exchange between messages whose sending interface identical with the receiving interface. 6.6.4 configure performance parameters to tune ip performance, complete any of the tasks in the followi...
Page 197
Model name - 195 - (00) bytes window size (default 2000) please input the code of command to be excute(0-1): 0 select0 ， and input the window size. 6.7 configure ip over wans you can configure ip over x.25, frame relay, and ppp networks. To do this for x.25, ppp, or frame relay, configure the addres...
Page 198
Model name - 196 - input 9 ， select tcp option ， prompt is as below: (00)local local host address/port (01)statistics tcp protocol statistics (02)tcb tcb address please input the code of command to be excute(0-2): 0 input 0 ， select local option ， and input the specified connection arguments, it wil...
Page 199
Model name - 197 - command function debug arp display the interacting information of address resolution protocol (arp). Debug ip icmp display the interacting information of internet control messages protocol (icmp). Debug ip raw display the received and transmitted ip message information. Debug ip p...
Page 200
Model name - 198 - (20)udp udp transactions please input the code of command to be excute(0-20): 3 input 3 ， select icmp input 15 ， select raw input 13 ， select packet input 19 ， select tcp input 20 ， select udp will you excute it? (y/n): y 6.8 filter ip packets 6.8.1 filter ip packets packet filter...
Page 201
Model name - 199 - (00)extended extended access list (01)standard standard access list please input the code of command to be excute(0-1): 1 input 1 ， select standard option ， prompt is as below: (00)word standard access-list name please input the code of command to be excute(0-0): 0 input 0 ， selec...
Page 202
Model name - 200 - (01)standard standard access list please input the code of command to be excute(0-1): 0 input 0 ， select extended option ， prompt is as below: (00)word extended access-list name please input the code of command to be excute(0-0): 0 input 0 ， select word option ， prompt is as below...
Page 203
Model name - 201 - 6.8.3 apply the access list to an interface after you create an access list, you can apply it to one or more interfaces. Access lists can be applied on either outbound or inbound interfaces. Use the following command on configuring interface. Command function ip access-group name ...
Page 204
Model name - 202 - in the following example, the ethernet network is a class b network with the address 130.20.0.0, and the mail host's address is 130.20.1.2. The keyword established is used only for the tcp protocol to indicate an established connection. A match occurs if the tcp datagram has the a...
Page 205
Model name - 203 - 6.9.2 enable rip to enable rip, use the following commands, starting in global configuration directory: command function router rip enable a rip routing process, which places you in router configuration mode. Network network-number associate a network number with a rip routing pro...
Page 206
Model name - 204 - input 0 ， select a.B.C.D option ， prompt is as below: please input a ip address ： 192.168.1.8 （ input network number ） (00)a.B.C.D network mask (01) please input the code of command to be excute(0-1): 0 please input a ip address: 255.255.255.0 （ input mask ） 6.9.3 allow unicast up...
Page 207
Model name - 205 - access-list-name offset key word: q(quit) (15)interface interface configuration (16)neighbor specify a neighbor router (17)network enable rip on an ip network (18)no negate configuration (19)offset add offset for rip routes (21)redistribute redistribute information from another pr...
Page 208
Model name - 206 - 6.9.6 specify a rip version d-link router rip version 2 supports authentication, key management, route summarization, classless interdomain routing (cidr), and variable-length subnet masks (vlsms). By default, the software receives rip version 1 and version 2 packets, but sends on...
Page 209
Model name - 207 - ip rip receive version 1 configure an interface to accept only rip version 1 packets. Ip rip receive version 2 configure an interface to accept only rip version 2 packets. Ip rip receive version 1 2 configure an interface to accept either rip version 1 or 2 packets. 6.9.7 enable r...
Page 210
Model name - 208 - ...... Please input the code of command to be excute(0-6): 3 input 3 ， select password ， prompt is as below: (00)word authentication key(16 char) please input the code of command to be excute(0-1): 0 input 1 ， select word option ， prompt is as below: please input a string: input s...
Page 211
Model name - 209 - command function ip rip split-horizon enable split horizon ip (undo) rip split-horizon disable split horizon in the prompt select ip option ， prompt is as below: u(undo) d(default) q(quit) (00)access-group specify access control for packets ...... (12)rip set rip parameter for thi...
Page 212
Model name - 210 - input 0 ， display all rip routes ； input 1 ， display rip concerned information ； input 2 ， display rip current status. You can also use following commands in management directory to trace the routing information: command function debug ip rip database trace the routing information...
Page 213
Model name - 211 - beigrp is able to process query when there’s no destination address or replacing route, so the convergence rate of beigrp can match one in optimal link status protocol. Dual (diffused upate algorithm) is the key to the advantages of beigrp over other traditional metric routing pro...
Page 214
Model name - 212 - input 0 ， select option ： please input a digital number:please input a string: 23 note: here input beigrp program amount ， 23 is only an example.. Will you excute it? (y/n): y key word: q(quit) (00)auto-summary config automatic network number summarization (01)beigrp config beigrp...
Page 215
Model name - 213 - 6.10.4 configure the percentage of link bandwidth used by default, beigrp packets consume a maximum of 50 percent of the link bandwidth. You might want to change that value if a different level of link utilization is required, or if the configured bandwidth does not match the actu...
Page 216
Model name - 214 - q(quit) (00)bandwidth-percent set beigrp bandwidth limit (01)hello-interval configures beigrp hello interval (02)hold-time configures beigrp hold time (03)passive suppress routing updates on an interface (04)split-horizon perform split horizon (05)summary-address perform address s...
Page 217
Model name - 215 - q(quit) (00) k3 please input the code of command to be excute(0-0): 0 input 0 ， select option please input a digital number:please input a string: 40 note: here input coefficient k3 ， 40 is only an example.. Key word: q(quit) (00) k4 please input the code of command to be excute(0...
Page 218
Model name - 216 - note: here you can select according to you demands ， in indicats applying access list to inbound routes, out indicats applying access list to outbound routs. Here select in is only an example.. Key word: q(quit) (00)word name of access-list please input the code of command to be e...
Page 219
Model name - 217 - the created summary route will point to interface null0 and have the minimal metric in all particular routes contained in summary route. Summary route will also be inserted in main ip routing table and its administrate distance is 5 (non-configured). When the router transmitting u...
Page 220
Model name - 218 - (05)summary-address perform address summarization please input the code of command to be excute(0-5): 5 input 5 ， select summary-address option key word: q(quit) (00)a.B.C.D ip address please input the code of command to be excute(0-0): 0 input 0 ， select a.B.C.D option please inp...
Page 221
Model name - 219 - nbma interface, bandwith > t1 5 15 point-to-point subinterface on nbma interface 5 15 in hello protocol the different default values of timers will cause the result that the beigrp neighbors connecting same ip subnet use different hello and hold timers. To resolve this problem, in...
Page 222
Model name - 220 - key word: u(undo) d(default) q(quit) (00)access-group specify access control for packets (01)address ip address (02)beigrp enhanced interior gateway routing protocol (03)directed-broadcast enable forwarding of directed broadcasts (04)fast-switch fast-switch interface commands .......
Page 223
Model name - 221 - (00)access-group specify access control for packets (01)address ip address (02)beigrp enhanced interior gateway routing protocol (03)directed-broadcast enable forwarding of directed broadcasts ...... Please input the code of command to be excute(0-19): 2 key word: q(quit) (00)band...
Page 224
Model name - 222 - (00)a.B.C.D clear beigrp neighbors (01)interface-name (02) please input the code of command to be excute(0-2): 0 note:here you can select according to your demands ， a.B.C.D indicates clearing all eigrp neighbor addresses ； interface-name indicatesinterface 的 name ， input this par...
Page 225
Model name - 223 - (01)neighbors show beigrp neighbor (02)topology show beigrp topology table (03)traffic beigrp traffic statistics (04)protocols ip routing protocol process parameters and statistics please input the code of command to be excute(0-4): 0 input 0 ， select interface option key word: q(...
Page 226
Model name - 224 - 2 input 2 ， select beigrp option key word: q(quit) (00)interface show beigrp interface (01)neighbors show beigrp neighbor (02)topology show beigrp topology table (03)traffic beigrp traffic statistics (04)protocols ip routing protocol process parameters and statistics please input ...
Page 227
Model name - 225 - 18 input 18 ， select ip option key word: q(quit) (00)access-lists list ip access lists (01)as-path-list information of as-path list (02)beigrp show beigrp information (03)bgp bgp information (04)cache ip route cache (05)community-list information of community-list (06)dhcpd dhcp s...
Page 228
Model name - 226 - ♦ routing interface parameters—configurable parameters supported include interface output cost, retransmission interval, interface transmit delay, router priority, router "dead" and hello intervals, and authentication key. ♦ virtual links—virtual links are supported. ♦ not so stub...
Page 229
Model name - 227 - (00)beigrp enable beigrp (compatible with eigrp) (01)bgp enable border gateway protocol (bgp) (02)ospf enable open shortest path first (ospf) (03)rip enable routing information protocol(rip) please input the code of command to be excute(0-3): 2 input 2 ， select ospf option ， promp...
Page 230
Model name - 228 - simple password authentication. Ip ospf message-digest-key keyid md5 key enables ospf md5 authentication. Ip ospf passive do not send a hello packet in the port. Take the first command for an example. ： in the prompt select 18 option ， prompt is as below: (00)access-group specify ...
Page 231
Model name - 229 - it costs less because it does not require a fully meshed topology. It is more reliable because it maintains connectivity in the event of vc failure. To configure your ospf network type, use the following command in interface configuration mode: command function ip ospf network { b...
Page 232
Model name - 230 - neighbor ip-address cost number specify a neighbor and assign a cost to the neighbor. Step1 ： in the prompt select 18 option ， it will list all arguments ： (00)access-group specify access control for packets ...... (10)ospf set ospf parameter for this port ...... Please input the ...
Page 233
Model name - 231 - please input the code of command to be excute(0-3): 0 input 0 ， select cost option ， prompt is as below: (00) metrics please input the code of command to be excute(0-0): 0 input 0 ， then prompt is as below: please input a digital number:please input a string: input cost value ， th...
Page 234
Model name - 232 - please input the code of command to be excute(0-0): 0 select 0 and confirm it. You can specify the following neighbor parameters, as required: ♦ priority for a neighboring router ♦ nonbroadcast poll interval ♦ reachable neighbor interface on point-to-multipoint, nonbroadcast netwo...
Page 235
Model name - 233 - input exit command ， enter into the global configure directory . Step3 ： input router command ， prompt is as below: (00)beigrp enable beigrp (compatible with eigrp) (01)bgp enable border gateway protocol (bgp) (02)ospf enable open shortest path first (ospf) (03)rip enable routing ...
Page 236
Model name - 234 - command function area area-id authentication simple enable authentication for an ospf area. Area area-id authentication message-digest enable md5 authentication for an ospf area. Area area-id stub [ no-summary ] define an area to be a stub area. Area area-id default-cost cost assi...
Page 237
Model name - 235 - input 0 ， select a.B.C.D option ， prompt is as below: please input a ip address: input ip ， (00)a.B.C.D ip address mask for match network please input the code of command to be excute(0-0): 0 input 0 ， select a.B.C.D option ， prompt is as below: please input a ip address: input ma...
Page 238
Model name - 236 - (00)originate distribute a default route please input the code of command to be excute(0-0): 0 input 0 ， select originate option ， prompt is as below: (00)always always advertise default route (01)route-map route-map reference (02) please input the code of command to be excute(0-2...
Page 239
Model name - 237 - please input a ip address: input mask ， prompt is as below: (00)secondary make this ip address a secondary address (01) please input the code of command to be excute(0-1): 1 select 1 ， confirm it. 6.11.14 configure the ospf administrative distances an administrative distance is a ...
Page 241
Model name - 239 - interface serial 1/0 ip address 130.130.0.2 255.255.0.0 encapsulation frame-relay frame-relay map 130.130.0.1 pvc 201 broadcast frame-relay map 130.130.0.3 pvc 202 broadcast frame-relay map 130.130.0.4 pvc 203 broadcast ip ospf network point-to-multipoint ! Router ospf 1 network 1...
Page 242
Model name - 240 - ! Router ospf 1 network 10.0.1.0 0.0.0.255 area 0 neighbor 10.0.1.3 cost 5 neighbor 10.0.1.4 cost 10 neighbor 10.0.1.5 cost 15 the following example is the configuration for the router on the other side: interface serial1/2 ip address 10.0.1.3 255.255.255.0 encapsulation frame-rel...
Page 243
Model name - 241 - basic ospf configuration example the following example illustrates a simple ospf configuration that enables ospf routing process 9000, attaches ethernet 0 to area 0.0.0.0, and redistributes rip into ospf, and ospf into rip: interface ethernet 1/0 ip address 130.130.1.1 255.255.255...
Page 244
Model name - 242 - consider the first network area command. Area id 10.9.50.0 is configured for the interface on which subnet 131.108.20.0 is located. Assume that a match is determined for interface ethernet 0. Interface ethernet 0 is attached to area 10.9.50.0 only. The second network area command ...
Page 245
Model name - 243 - interface ethernet 1/0 ip address 192.168.10.82 255.255.255.0 ! Interface ethernet 1/1 ip address 192.160.20.82 255.255.255.0 ! Router ospf 192 network 192.168.20.0 255.255.255.0 area 1 network 192.168.10.0 255.255.255.0 area 1 ! Router c: interface loopback 0/0 ip address 202.96....
Page 246
Model name - 244 - create a stub area with area id 36.0.0.0. (note that the authentication and stub options of the area router configuration command are specified with separate area command entries, but can be merged into a single area command.) ♦ specify the backbone area (area 0). Configuration ta...
Page 247
Model name - 245 - 6.12 configure bgp task list 6.12.1 bgp overview this chapter describes how to configure border gateway protocol (bgp). For a complete description of the bgp commands in this chapter, refer to the "bgp commands" chapter. The border gateway protocol, as defined in rfcs 1163, 1267 a...
Page 248
Model name - 246 - (7) if the autonomous system path length is the same, prefer the route with the lowest origin code (igp (8) if the origin codes are the same, prefer the route with the lowest med metric attribute. (9) if the routes have the same med, prefer ebgp instead of ibgp. All routes in as f...
Page 249
Model name - 247 - ♦ configure bgp interactions with igps ♦ configuring bgp weights ♦ configure bgp route filtering by neighbor ♦ configure bgp route filtering base on port ♦ disable next-hop processing on bgp updates 6.12.7 enable bgp routing select ion to enable bgp routing select ion, using the f...
Page 250
Model name - 248 - 6.12.8 configure bgp neighbors the purpose of bgp configuration is establishing the project of exchange route information. Bgp must be configured neighbors for exchange the route information with outside. Bgp supports two kinds of neighbors: internal and external. Internal neighbo...
Page 251
Model name - 249 - to allow inbound reconfiguration, bgp should be configured to store all received updates. Outbound reconfiguration does not require preconfiguration. To configure bgp soft configuration, use the following command in router configuration mode: command purpose neighbor { ip-address ...
Page 252
Model name - 250 - please input the code of command to be excute(0-7): 0 input 0 ， select all option ， prompt is as below: (00)soft soft reconfigure (01) please input the code of command to be excute(0-1): 1 input 1 and confirm it. 6.12.11 configure synchronization between bgp and igps if your auton...
Page 253
Model name - 251 - 6.12.12 configuring bgp weights an administrative weight is a number that you can assign to a path so that you can control the path select ion process. The administrative weight is local to the router. A weight can be a number from 0 to 65535. Paths that the local software origina...
Page 254
Model name - 252 - (00)help help information of aspath regular expression (01)word name of as-path access list please input the code of command to be excute(0-1): 1 input 1 ， select word option ， prompt is as below: please input a string: input string ， then prompt is as below: (00)deny access list ...
Page 257
Model name - 255 - please input the code of command to be excute(0-17): 7 input 2 ， select prefix-list option ， prompt is as below: (00)word name of prefix-list please input the code of command to be excute(0-0): 0 input 0 ， select word option ， prompt is as below: please input a string: input strin...
Page 258
Model name - 256 - 6.12.15 disable next-hop processing on bgp updates you can configure the router to disable next-hop processing for bgp updates to a neighbor. This might be useful in nonmeshed networks such as frame relay or x.25, where bgp neighbors might not have direct access to all other neigh...
Page 259
Model name - 257 - please input the code of command to be excute(0-0): 0 input 0 ， select a.B.C.D option ， then prompt ： please input a ip address: input ip ， prompt is as below: (00)default-originate permit announcement of default route to neighbor ...... (09)route-map apply route map to the neighb...
Page 260
Model name - 258 - 6.12.17 configure bgp community properity bgp supports transit policies via controlled distribution of routing information. The distribution of routing information is based on one of the following three values: ip address (see the "configure bgp route filtering by neighbor" sectio...
Page 262
Model name - 260 - (00) local anonymous system number please input the code of command to be excute(0-0): 0 select 0 ， prompt is as below: please input a digital number:please input a string: input au t onomous-system value . Step4 ： in the prompt select 12 option ， prompt is as below: (00)a.B.C.D i...
Page 263
Model name - 261 - (01)permit community list for permits please input the code of command to be excute(0-20): select parameter item ， and confirm the communtiy-expression value . Step2 ： input route-map command,prompt is as below: (00)word name of route-map please input the code of command to be exc...
Page 264
Model name - 262 - ...... (09)route-map apply route map to the neighbor ...... Please input the code of command to be excute(0-17): 9 input 9 ， select route-map option ， prompt is as below: (00)word name of route-map please input the code of command to be excute(0-0): 0 input 0 ， select word option ...
Page 265
Model name - 263 - bgp confederation peers autonomous-system [autonomous-system ...] specify the autonomous system that belongs to an automomous system confederation. In the prompt select 1 option ， prompt is as below: (00)always-compare-med always compare med ...... (04)confederation as confederati...
Page 266
Model name - 264 - input 10 ， select route-reflector-client option . An autonomous system can have multiple route reflectors. A route reflector treats other route reflectors just like other ibgp speakers. Usually a cluster of clients will have a single route reflector. In that case, the cluster is i...
Page 267
Model name - 265 - u(undo) d(default) q(quit) (00)a.B.C.D ip address of neighbor please input the code of command to be excute(0-0): d first input d or d ， then prompt is as below: (00)a.B.C.D ip address of neighbor please input the code of command to be excute(0-0): 0 input 0 ， select a.B.C.D optio...
Page 268
Model name - 266 - (01)bgp distance of bgp routes please input the code of command to be excute(0-1): 1 input 1 ， select bgp option ， prompt is as below: (00) distance for routes external to the as please input the code of command to be excute(0-0): 0 input 0 ， prompt is as below: please input a dig...
Page 269
Model name - 267 - 6.12.22 base path select ion on meds from other autonomous systems the med is one of the parameters that is considered when select ing the best path among many alternative paths. The path with a lower med is preferred over a path with a higher med. By default, during the best-path...
Page 270
Model name - 268 - ...... Please input the code of command to be excute(0-11): 3 input 3 ， select ip option ， prompt is as below: (00)beigrp clear beigrp (01)bgp bgp information (02)dhcpd dhcp server information ...... Please input the code of command to be excute(0-5): 1 input 1 ， select bgp option...
Page 271
Model name - 269 - (01)as-path-list information of as-path list (02)beigrp show beigrp information (03)bgp bgp information ...... Please input the code of command to be excute(0-20): 3 input 3 ， select bgp option ， prompt is as below: (00)community all bgp community information (01)dampened-paths di...
Page 272
Model name - 270 - neighbor 140.222.1.1 remote-as 1 ! Route-map fix-weight permit 10 match as-path aaa set local-preference 250 set weight 200 ! Ip aspath-list aaa permit ^690$ ip aspath-list aaa permit ^1800 in the following example, route map freddy marks all paths originating from autonomous syst...
Page 273
Model name - 271 - 3. Examples of bgp route filtering by neighbor the following is an example of bgp path filtering by neighbor. The routes that pass as-path access list 1 will get weight 100. Only the routes that pass as-path access list 2 will be sent to 193.1.12.10. Similarly, only routes passing...
Page 274
Model name - 272 - following example denies route whose prefix length larger than 25 in net 192/8: ip prefix-list abc deny 192.0.0.0/8 ge 25 following example allows route whose prefix length larger than 8 and less than 24 in the whole address space: ip prefix-list abc permit 0.0.0.0/0 ge 8 le 24 fo...
Page 275
Model name - 273 - is a common ibgp neighbor. Rtd belongs to as100 and sets up a ebgp connection with rta. Configuration is as following: 1. Rta configuration: interface s1/0 ip address 2.0.0.1 255.0.0.0 ! Interface s1/1 ip address 3.0.0.1 255.0.0.0 ! Interface s1/2 ip address 4.0.0.1 255.0.0.0 ! In...
Page 276
Model name - 274 - ! Router bgp 200 neighbor 5.0.0.1 remote-as 200 /*rta ibgp*/ network 15.0.0.0/8 ! Ip route 15.0.0.0 255.0.0.0 5.0.0.12 8. Bgp as confederation example the following is a configuration of autonomous system confederation. Rta, rtb and rtc are in ibgp connections and belong to privat...
Page 277
Model name - 275 - 3.Rtc configuration: interface s1/0 ip address 2.0.0.2 255.0.0.0 ! Interface s1/1 ip address 3.0.0.2 255.0.0.0 ! Router bgp 65010 bgp confederation identifier 200 bgp confederation peers 65020 neighbor 2.0.0.1 remote-as 65010 /*rta ibgp*/ neighbor 3.0.0.1 remote-as 65010 /*rtb ibg...
Page 278
Model name - 276 - route-map set-community 20 permit match as-path test2 ! Ip aspath-list test1 permit 70$ ip aspath-list test2 permit .* in the third example, we will set med of a route from neighbor 171.69l.232.55 and set local priority according to community attribute value of this route. Those m...
Page 279
Model name - 277 - 6.13.1 how to enable rsvp on router user should configure the interface on which rsvp will be enabled in command to enable rsvp on router. This can be implemented with commands of rsvp interface configuration. If user completes upper configurations on all interfaces wanted rsvp, r...
Page 280
Model name - 278 - 6.13.3 use rsvp assistant configuration commands on rsvp module implementation of current edition, user can process rsvp debug with assistant configuration commands, including setting up of rsvp session and transmitting information of rsvp path, path tear, resv, resv tear, offered...
Page 282
Model name - 280 - please input the code of command to be excute(0-3): 3 input 1 ， select neighbor option ， prompt is as below: (00)word access-list name please input the code of command to be excute(0-0): 0 input 0 ， select word option ， prompt is as below: please input a string: input access-list-...
Page 283
Model name - 281 - soa identifies the start of a zone of authority 3. Dns zone in general, the dns database can dispart into defferent resouce records and each record is called zone. A zone can include the resource record of all the zones or parts of a zone.A zone is divide into serveral child zone ...
Page 284
Model name - 282 - in order to enable ip dns hostname translation, you should input command ip in configure, and it will show all the arguments: (00)access-list named access-list ...... (03 domain ip dns resolver ...... Please input the code of command to be excute(0-20): 3 input 3 ， select domain, ...
Page 285
Model name - 283 - ip domain name name specify a default domain name. No ip domain name delete the default domain name. In orde to set a default domain name, you should input command ip in configure, and all the arguments will be listed: (00)access-list named access-list ...... (03 domain ip dns res...
Page 286
Model name - 284 - 6.14.8 defines static host name-to-address mapping any ip address can correspond to a name, and the same name can correspond to many ip addresses. By doing this, the command such as telnet ， ping can use the names directly. In congure use the following command ： command function i...
Page 287
Model name - 285 - in order to specify times to retry a dns query, you should input command ip in configure, and all the arguments will be listed: (00)access-list named access-list ...... (03 domain ip dns resolver ...... Please input the code of command to be excute(0-20): 3 input 3 ， select domain...
Page 288
Model name - 286 - in order to delete the mapping of a host name to ip address in cache, you should input command clear in manager state, and all the arguments will be listed: (00) arp-cache clear the entire arp cache ...... (04) ip ip ...... Please input the code of command to be excute(0-20): 4 in...
Page 289
Model name - 287 - ip domain dynamic enable enable domain dynamic no ip domain dynamic enable disable domain dynamic in order to enable update function of dynamic dns, you should input the command ip in configure, and all the arguments will be listed ： (00)access-list named access-list ...... (03 do...
Page 290
Model name - 288 - (2) by clock (3) if the binding command is used, it will add or delete a mapping in primary server. (4) when the ip address of a interface changes (5) when the interface having been binded is shut up or is deleted in congure use the following command ： command function ip domain b...
Page 291
Model name - 289 - to the command of domain dynamic,the router will register to the primary server autoly,but if the interface shut down, the communication to primary server will fail,that is,it can’t register successly. In order that the register goes along after the interface shut up, the modual s...
Page 292
Model name - 290 - ...... Please input the code of command to be excute(0-20): 17 input 17 ， select ip, and it will hint ： (00) access-lists list ip access lists …… (07) hosts show information about hosts …… please input the code of command to be excute(0-0): 7 input 7 ， select hosts, and it will hi...
Page 293
Model name - 291 - 6.15 pbr congiuration 6.15.1 pbr description this section descripe how to configure pbr. Pbr is the abbrecation of policy based routing. Pbr make the user have the ability to route ip packet according some policy other than dynamic routing protocol. We currently support the follow...
Page 294
Model name - 292 - 6.15.4 create route-map to create route-map ， following the step bellow: command function route-map pbr enter route-map configuration. Match ip address access-list configure matching policy. Match length min_length max_length configure matching policy. Set ip [ default ] next-hop ...
Page 295
Model name - 293 - key word: u(undo) q(quit) (00)as-path match as-path list (01)community match community list (02)ip match ip attribute (03)length match packet length (04)metric match metric attribute (05)tag match tag attribute please input the code of command to be execute(0-5): 03 current status...
Page 296
Model name - 294 - command function interface interface_name enter interface configurtion mode. Ip policy route-map route-map_name apply pbr on interface. Step1 : enter interface configurtion mode input on the global configuration mode ,clew: key word: u(undo) d(default) q(quit) (00)fastethernet fas...
Page 297
Model name - 295 - please input the code of command to be execute(0-39): 16 key word: q(quit) (19)policy debug policy routing please input the code of command to be execute(0-25): 19 will you execute it? [y]:y 6.15.7 pbr configution example router configure ! Interface fastethernet0/0 ip address 10....
Page 298
Model name - 296 - configure explanation policy routing is enabled on interface f0/0. For packets origined from 10.1.1.2, the gateway is 13.1.1.99 if 13.1.1.99 is reachable, if 13.1.1.99 isn't reachable, destination base routing is used. For packes from 10.1.1.21, route-map pbr 30 is used, for load-...
Page 299
Model name - 297 - 7. Configure multicast-group route 7.1 multicast-group route overview the implement of d-link’s multicast-group route ♦ igmp ♦ olnk ♦ pim-dm ♦ pim-sm ♦ dvmrp this chapter introduce how to configure multicast-group route protocol.If you want to know the complete description of mult...
Page 300
Model name - 298 - 1. Igmp igmp is a class protocol which aim at multicast group member management,igmp is short for internet group management protocol.Igmp is a anisomerous protocol,it consist host and router.The protocol of the host part regulate host how to report its own identity to the route an...
Page 301
Model name - 299 - needn’t wait for previous pruning states overtime, but send the engraft message to the previous actively to make the pruning states return to transmit states. Once source s remain send message to group g, the first hop router will periodically send (s,g)states fresh information to...
Page 302
Model name - 300 - periodically, the source performs what is known as flooding in order to push datagrams downstream. Initially, dvmrp routers assume that every node on the connected subnets wants to receive data. Along with the datagrams, a packet called the route report is transmitted (across a ti...
Page 303
Model name - 301 - 7.2 basic multicast-group configuration 7.2.1 start multicast-group route start multicast-group route in order to allow d-link router software transmit multicast-group message. Under the global configuration catalog input the following command to start multicast-group message tran...
Page 304
Model name - 302 - in parameter clew choose the 17th option, clew: (00) access-group specify access control for packets ...... (15) pim-dm pim-dm interface commands ...... Please input the code of command to be excute(0-22): 15 input 15 ， choose pim-dm option. 7.2.3 igmp speciality configuration tas...
Page 305
Model name - 303 - example of change igmp version because higher version igmp-router port protocol is compatible with the lower version igmp host, so when lower version igmp host exist in the network, it is not necessary to change the version of igmp-router port protocol which run on the multicast-g...
Page 306
Model name - 304 - 7.2.6 configure igmp querier interval for the igmp-router port protocol version 2 and version 3, if exist routers, they run the same igmp-router port protocol in the same network, it need to face the problem of querier select ion, the definition of querier is the router which coul...
Page 307
Model name - 305 - command purpose ip igmp query-max-response-time time configure igmp max response time,/second choose the 17th option in the parameter clew, notify (00)access-group specify access control for packets ...... (06)igmp igmp interface command ...... Please input the code of command to ...
Page 308
Model name - 306 - ...... Please input the code of command to be execute (0-8): 3 input 3 ， choose last-member-query-interval option ， then input time . For the igmp-router port protocol version 1, last group member query interval which is configured is not used, though, it could configure this comm...
Page 309
Model name - 307 - example of igmp static configuration static multicast-group configuration command could define different classes static multicast-group when it uses different parameters, the following example will introduce the results of using the different command parameters: interface ethernet...
Page 310
Model name - 308 - group”. Ip access-list standard list-name create an ip standard access list whose name is list-name. Permit source-address configure the igmp hosts we wish to implement “immediate leave” in ip standard access list. Step1 ： in the parameter prompt select 17 option ， prompt is as be...
Page 311
Model name - 309 - steps, you can ensure that the igmp host (ip is 192.168.20.168) has implemented “immediate leave” from multicast group. Interface ethernet 0/0 ip igmp immediate-leave imme-leave exit ip access-list standard imme-leave permit 192.168.20.168 7.2.11 configure ttl threshold you can us...
Page 312
Model name - 310 - example of disable multicast fast forwarding the following example demonstrates how to disable multicast fast forwarding on a port: interface ethernet 0/0 no ip mroute-cache 7.3 configure pim-dm 7.3.1 adjust timer the routing protocol employs several timerls to examine the frequen...
Page 313
Model name - 311 - input 15 ， select pim-dm option ， prompt is as below: (00)dr-priority pim-dm router dr priority (01)hello-interval pim-dm router send hello interval (02)state-refresh pim-dm state-refresh configuration (03)version pim-dm version ...... Please input the code of command to be excute...
Page 314
Model name - 312 - take the first command for an example. ： in the parameter prompt select 17 option ， prompt is as below: (00)access-group specify access control for packets ...... (15)pim-dm pim-dm interface commands ...... Please input the code of command to be excute(0-22): 15 input 15 ， select ...
Page 316
Model name - 314 - through configuring multicast static route, you can make the router process rpf examining according configuration instead of unicast routing table. So multicast messages employs tunnel and unicast messages do not. Multicast static route only resides in local and won’t be advertise...
Page 317
Model name - 315 - 7.3.8 confiugre ip multicast boundary use ip multicast boundary to configure port multicast boundary. Use ip(undo) multicast boundary to cancel the boundary. The second configuring of this command will overlay the first configuring. Command purpose ip multicast boundary access-lis...
Page 318
Model name - 316 - (01)group-list ip multicast address (02)source-list broadcast address (03) please input the code of command to be excute(0-3): 1 input 1 ， select group-list option ， prompt is as below: (00)word ip standard access list name please input the code of command to be excute(0-0): 0 sel...
Page 319
Model name - 317 - (00)access-group specify access control for packets ...... (11)multicast config ip multicast parameter ...... Please input the code of command to be excute(0-22): 11 input 11select multicast option ， prompt: (00)boundary config ip multicast boundary (01)helper-map config ip multic...
Page 320
Model name - 318 - ip directed-broadcast enable directed broadcast. Ip multicast helper-map group-address broadcast-address access-list configure command ip multicast helper and translate multicast messages into broadcast messages. Ip forward-protocol [port] configure the port number allowing forwar...
Page 321
Model name - 319 - in global configure directory input ip command ， prompt is as below: (00)access-list named access-list ...... (09)forward-protocol controls forwarding of directed ip broadcasts ...... Please input the code of command to be excute(0-25): 9 input 9 ， select forward-protocol option ，...
Page 322
Model name - 320 - please input the code of command to be excute(0-4): select destination-address . On the port connected with certral router and stub router: command purpose interface type number enter into port configuration. Ip pim-dm neighbor-filter access-list filter all pim messages sent to st...
Page 323
Model name - 321 - ...... (05)ip ip ...... Please input the code of command to be excute(0-15): 5 input 5 ， select ip option ， prompt is as below: (00)beigrp clear beigrp ...... (03)igmp igmp clear commands ...... Please input the code of command to be excute(0-7): 3 input 3 ， select igmp option ， p...
Page 324
Model name - 322 - please input the code of command to be excute(0-1): 0 input 0 ， select groups option ， prompt is as below: (00)a.B.C.D ip group address (01)interface-name (02)detail igmpv3 source information (03) please input the code of command to be excute(0-3): select parameter . 7.3.13 exampl...
Page 325
Model name - 323 - ! Ip multicast-routing ! Interface loopback1 ip address 10.10.20.1 255.255.255.0 ip igmp static-group 239.1.1.1 ip pim dense-mode ! Interface fastethernet0/0 ip address 192.168.20.204 255.255.255.0 ip pim dr-priority 20 ip pim query-interval 40 ip pim dense-mode ! Interface fastet...
Page 326
Model name - 324 - ip access-list extended testacl2 permit udp 192.168.20.97 255.255.255.0 any ip forward-protocol udp 4000 3. Example of stub multicast configuration configuration of router a and b are as below: stub router a configuration ip multicast-routing ip pim-dm ip igmp helper-address 10.0....
Page 328
Model name - 326 - 7.4.5 configure the condidate rp pim-sm can not work without rp, so there must be at least one candidate rp. To enable this function, use this command under the global configuration mode. To disable it, use the no form. Command function ip pim-sm rp-candidate [type number ] [ inte...
Page 330
Model name - 328 - ip pim-sm bsr-candidate loopback0 30 201 ip pim-sm rp-candidate loopback0 ! Router_b: ! Ip multicast-routing ! Interface ethernet0/1 ip address 192.168.200.144 255.255.255.0 ip pim-sm ip pim-sm dr-priority 200 ! Interface serial0/0 ip address 192.168.21.144 255.255.255.0 ip pim-sm...
Page 331
Model name - 329 - to enable/disable dvmrp summarization, use the following command in interface configuration state: command function [ no ] ip dvmrp auto-summary enable the automatic summarization. [ no ] ip summary-address network-address network-mask specifies a dvmrp summary address. In paramet...
Page 332
Model name - 330 - (04)dvmrp enable distance vector multicast-routing protocol. ...... Please input the code of command to be excute(0-22): 4 input 4 ， choose dvmrp option.Clew: (00)advert-metric advertising metric out of the interface ...... (06)route-filter filter routes in the interface ...... In...
Page 333
Model name - 331 - input show command, clew ： ...... (18)ip ip configuration information ...... Please input the code of command to be excute(0-46): 18 input 18 ， choose ip option ， clew ： ...... (14)mroute ip multicast routing table ...... Please input the code of command to be excute(0-29): 14 inp...
Page 334
Model name - 332 - please input the code of command to be execute(0-1): 0 input 0 ， choose * option. 7.5.9 the example of dvmrp configuration this section includes a example of dvmrp configure. For dvmrp has no accordingly commands in cisco, it is passive. So we enable pim-dm in the interface of cis...
Page 335
Model name - 333 - 8. Security configuration in this chapter we will introduce our company’s network security solution to you. If you desire to improve your network security strategy, this chapter will provide an ideal answer for you. Also we will introduce how to configure an authentification, auth...
Page 336
Model name - 334 - 2. Benefits of using aaa aaa provides the following benefits: ♦ increased flexibility and control ♦ easy to update ♦ standardized authentication methods, such as radius and tacacs+ ♦ multiple backup systems 3. Basic theories of aaa aaa is designed to dynamically configure the type...
Page 337
Model name - 335 - please remember that a fail response completely differs from an error response. Fail indicates that the user has not met the criteria of a sucessful authentication that contained in the authentication database, and the authentication ends up with a fail response. Error means that ...
Page 338
Model name - 336 - it is important to note that the router initiates an attempt to authenticate with a method listed behind only when the previous method doesn’t work out any response. If authentication fails at any part of this process—meaning that the security server or local username database res...
Page 339
Model name - 337 - (00)word named authentication list (01)default the default authentication list. Please input the code of command to be excute(0-1): 1 …… (05)radius use all radius server for authentication (06)tacacs+ use all tacacs+ server for authentication please input the code of command to be...
Page 340
Model name - 338 - please input a interface name: a0/0 （输入端口名称，此处仅为示例） will you excute it? (y/n): y key word: q(quit) …… (27)ppp point-to-point protocol (28)priority-group assign a priority group to interface …… please input the code of command to be excute(0-35): 27 key word: u(undo) d(default) q(q...
Page 341
Model name - 339 - [default@routera /config/]# aaa (00)accounting accounting configurations parameters (01)authentication authentication configurations parameters …… please input the code of command to be excute(0-5): 1 (00)enable set authentication list for enable (01)login set authentication list ...
Page 342
Model name - 340 - key word: q(quit) (00)word authentication list name (01)default use the default authentication list please input the code of command to be excute(0-1): 0 please input a string: lista （ input authentication list name ） will you excute it? (y/n): y the keyword “list-name” is to name...
Page 343
Model name - 341 - 4. Login authentication using local password use the aaa authentication login command with the local method keyword to specify that the local username database will be used as the login authentication method. For example, to specify the local username database as the method of use...
Page 344
Model name - 342 - please input the code of command to be excute(0-4): 3 (00)word named authentication list (01)default the default authentication list. Please input the code of command to be excute(0-1): 0 please input a string: dlink (input authentication list) (00)group use server-group (01)group...
Page 345
Model name - 343 - the keyword list-name is any character string used to name the list you are creating. The keyword method refers to the actual method the authentication algorithm tries. The additional methods of authentication are used only if the previous method returns an error, not if it fails....
Page 346
Model name - 344 - 3. Ppp authentication using tacacs+ use the config-aaa authentication ppp command with the keyword tacacs+ to specify tacacs+ as the authentication method for use on interfaces running ppp. For example, to specify tacacs+ as the method of user authentication when no other method l...
Page 347
Model name - 345 - tacacs+ uses tacacs+ authentication. When configured enable authentication method as the remote authentication (i.E. Configured group, group-restrict, radius or tacacs+ as the keywords), the usernames that respectively use radius and tacacs+ to authenticate are different, the foll...
Page 348
Model name - 346 - to provide a tacacs-like username and encrypted password-authentication system for networks that cannot support tacacs. To provide special-case logins: such as, access list verification, no password verification, autocommand execution at login. To establish the local authenticatio...
Page 349
Model name - 347 - aaa authentication login radius-login radius local command configures the router to use radius for authentication at the login prompt. If radius returns an error, the user is authenticated using the local database. Aaa authentication ppp radius-ppp radius command configures the ro...
Page 350
Model name - 348 - authentication and authorization example" section at the end of this chapter offers two possible implementation scenarios. “radius configuration task list“ section introduce how to apply the commands of authentication, authorization and accounting(aaa) to configure radius. “radius...
Page 351
Model name - 349 - ♦ reject:the user is not authenticated and is prompted to reenter the username and password, or access is denied. ♦ challenge:a challenge is issued by the radius server. The challenge collects additional data from the user. The accept or reject response is bundled with additional ...
Page 352
Model name - 350 - please input a digital number:please input a string: 200 (00)acct-port udp port for radius accounting server (default is 1646) (01) please input the code of command to be excute(0-1): 0 (00) port number please input the code of command to be excute(0-0): 0 please input a digital n...
Page 353
Model name - 351 - [default@router /config/]# radius (00)challenge-noecho data echoing to screen is disabled during access-challenge (01)deadtime time to stop using a server that doesn't respond …… please input the code of command to be excute(0-8): 1 (00) time in minutes please input the code of co...
Page 354
Model name - 352 - ♦ radius authentication examples ♦ radius examples in aaa application 1. Radius authentication and authorization examples the following example shows how to configure the router to authenticate and authorize using radius: ♦ aaa authentication login use-radius radius local ♦ aaa au...
Page 355
Model name - 353 - 8.3 configuretacacs+ directory 8.3.1 tacacs+ overview tacacs+ is a security application that provides centralized validation of users attempting to gain access to a router or network access server. The security of communication can be ensured for the network access server and taca...
Page 356
Model name - 354 - 2. Pap & chap mode authentication a pap login is similar to an ascii login, except that the username and password arrive at the network access server in a pap protocol packet instead of being typed in by the user, so the user is not prompted. Ppp chap logins are also similar in pr...
Page 357
Model name - 355 - key word: q(quit) (00)key config tacacs+ key (01)port config tacacs+ port number (02)timeout wait timeout in seconds (03) please input the code of command to be excute(0-3): 1 key word: q(quit) (00) port number please input the code of command to be excute(0-0): 0 please input a d...
Page 358
Model name - 356 - 8.3.4 set tacacs+ encryption key to set the tacacs+ authentication key and encryption key, use the following command in global configuration mode: command purpose tacacs key keystring set the encryption key to match that used on the tacacs+ server. [default@router /config/]# tacac...
Page 359
Model name - 357 - tacacs server command identifies the tacacs+ server as having an ip address of 10.1.2.3. The config-tacacs key command defines the shared encryption key to be "testkey." interface command selects the port, and the ppp authentication command applies the test method list to this por...
Page 360
Model name - 358 - in this example: aaa authentication command defines a method list, "default," to be used on serial interfaces running ppp. If-needed keyword means that if the user has already authenticated, then ppp authentication is not necessary and can be skipped. If authentication is needed, ...
Page 361
Model name - 359 - negotiates ipsec security associations, and establishes ipsec keys. For more information on ike, see the chapter "configuring internet key exchange security protocol." the component technologies implemented for ipsec include: ♦ des—the data encryption standard (des) is used to enc...
Page 362
Model name - 360 - access lists used for ipsec are used only to determine which traffic should be protected by ipsec, not which traffic should be blocked or permitted through the interface. Separate access lists define blocking and permitting at the interface.) a crypto map set can contain multiple ...
Page 363
Model name - 361 - ♦ defining transform sets ♦ creating crypto map entries ♦ applying crypto map sets to interfaces 8.4.3 ensuring that access lists are compatible with ipsec ike uses udp port 500. The ipsec esp and ah protocols use protocol numbers 50 and 51. Ensure that your access lists are confi...
Page 364
Model name - 362 - will you excute it? (y/n): y key word: q(quit) …… (11)permit specify packets to forward (13)router routing protocol configuration …… please input the code of command to be excute(0-14): 11 key word: u(undo) d(default) q(quit) …… (03)ip internet protocol (04)ospf ospf routing proto...
Page 365
Model name - 363 - the any keyword in a permit statement is discouraged when you have multicast traffic flowing through the ipsec interface; the any keyword can cause multicast traffic to fail. The permit any any statement is strongly discouraged, as this will cause all outbound traffic to be protec...
Page 366
Model name - 364 - q(quit) …… (18)transform-type transform type (19)where display all outgoing telnet connection please input the code of command to be excute(0-19): 18 key word: u(undo) d(default) q(quit) …… (04)esp-md5-hmac esp transform using hmac-md5 auth (05)esp-null esp transform w/o cipher (0...
Page 367
Model name - 365 - table 8-1 select transform for transform set: allowed transform combinations ah transform esp encryption transform esp authentication transorm transform description transform description transform description ah-md5-hm ac ah with the md5 (hmac variant) authenticatio n algorithm es...
Page 368
Model name - 366 - if you create more than one crypto map entry for a given interface, use the seq-num of each map entry to rank the map entries: the lower the seq-num, the higher the priority. At the interface that has the crypto map set, traffic is evaluated against higher priority map entries fir...
Page 369
Model name - 367 - command purpose crypto map map-name seq-num ipsec-manual specifies the crypto map entry to create (or modify). Perform this command into the crypto map configuration mode. Match address access-list-name configure an ipsec access list. This access list determines which traffic shou...
Page 370
Model name - 368 - (00)ipsec-isakmp ipsec w/isakmp (01)ipsec-manual ipsec w/manual keying please input the code of command to be excute(0-1): 1 will you excute it? (y/n): y key word: q(quit) …… (10)interface interface configuration (11)match match values …… please input the code of command to be exc...
Page 371
Model name - 369 - key word: q(quit) (00)ah ah key (01)esp esp key please input the code of command to be excute(0-1): 0 key word: q(quit) (00) spi for security association please input the code of command to be excute(0-0): 0 please input a digital number: 10000 （ input spi value ） key word: q(quit...
Page 372
Model name - 370 - repeat these steps to create additional crypto map entries as required. 8.4.7 creat crypto map entries that used ike to create crypto map entries that will use ike to establish the security associations, use the following commands starting in global configuration mode: command pur...
Page 373
Model name - 371 - please input the code of command to be excute(0-1): 0 key word: q(quit) (00)dynamic enable dynamic crypto map support (01) please input the code of command to be excute(0-1): 1 will you excute it? (y/n): y key word: q(quit) …… (10)interface interface configuration (11)match match ...
Page 374
Model name - 372 - (00)word transform-set name please input the code of command to be excute(0-0): 0 please input a string: ts-1 key word: q(quit) (00)word transform-set name (01) please input the code of command to be excute(0-1): 1 will you excute it? (y/n): y key word: q(quit) …… (15)router routi...
Page 375
Model name - 373 - …… (05)english help message in english (06)exit exit / quit …… please input the code of command to be excute(0-19): 6 will you excute it? (y/n): y repeat these steps to create additional crypto map entries as required. 8.4.8 apply crypto map sets to interfaces you need to apply a ...
Page 376
Model name - 374 - the crypto map is applied to an interface: config-interface serial0/0 config-ip addr192.2.2.2 crypto map toshanghai 8.5 configuring internet key exchange security protocol 8.5.1 overview this chapter describes how to configure the internet key exchange (ike) protocol. Ike is a key...
Page 377
Model name - 375 - ♦ md5 (hmac variant)—md5 (message digest 5) is a hash algorithm used to authenticate packet data. Hmac is a variant which provides an additional level of hashing. ♦ sha (hmac variant)—sha (secure hash algorithm) is a hash algorithm used to authenticate packet data. Hmac is a varia...
Page 378
Model name - 376 - you must create multiple, prioritized policies at each peer to ensure that at least one policy will match a remote peer's policy. 2. What parameters do you define in a policy there are five parameters to define in each ike policy: parameter accepted values keyword default value en...
Page 379
Model name - 377 - 5. Creating policies you can create multiple ike policies, each with a different combination of parameter values. For each policy that you create, you assign a unique priority (1 through 10,000, with 1 being the highest priority). You can configure multiple policies on each peer—b...
Page 380
Model name - 378 - please input the code of command to be excute(0-1): 0 will you excute it? (y/n): y key word: q(quit) …… (10)hash set hash algorithm for protection suite (11)help description of the interactive help system …… please input the code of command to be excute(0-22): 10 key word: u(undo)...
Page 381
Model name - 379 - …… please input the code of command to be excute(0-22): 8 will you excute it? (y/n): y [default@router /config/]# show key word: u(undo) d(default) q(quit) …… (09)cpu cpu usage information (10)crypto encryption module …… please input the code of command to be excute(0-50): 10 key ...
Page 382
Model name - 380 - (00)key set pre-shared key for remote peer (01)policy set policy for an isakmp protection suite please input the code of command to be excute(0-1): 0 key word: q(quit) (00)word pre-shared key please input the code of command to be excute(0-0): 0 please input a string: 123 key word...
Page 383
Model name - 381 - key word: q(quit) (00)map clear all isakmp sas for a given crypto map (01)peer clear all isakmp sas for a given crypto peer (02) please input the code of command to be excute(0-2): 1 key word: q(quit) (00)a.B.C.D crypto peer address please input the code of command to be excute(0-...
Page 384
Model name - 382 - crypto isakmp policy 20 authentication pre-share lifetime 10000 crypto isakmp key 1234567890 192.168.1.3 in the above example, encryption des of policy 10 would not appear in the written configuration because this is the default value for the encryption algorithm parameter. If the...
Page 385
Model name - 383 - 9. Qos configuration this chapter explains what is quality of service (qos for short ), and the service models that fulfill it. Moreover, introduce queue algorithms of qos. The relating configuration please refer to qos configuration. 9.1 qos overview this chapter explains quality...
Page 386
Model name - 384 - the qos provides weighted random early detection (wred), custom queueing (cq), and priority queueing (pq) to deliver differentiated services. 3. Qos queueing algorithms qos queueing algorithms are the important guarantee to achieve qos configuration. D-link router supports weighte...
Page 387
Model name - 385 - synchronization of tcp hosts can occur as multiple tcp hosts reduce their transmission rates. The congestion clears, and the tcp hosts increase their transmissions rates, resulting in waves of congestion followed by periods where the transmission link is not fully used. Red reduce...
Page 388
Model name - 386 - 9.1.3 qos link efficiency mechanisms the router offers compressed real-time protocol (crtp) mechanism to improve efficiency of the bandwidth. See to related crtp references for information. 9.2 configure qos 9.2.1 qos configuration overview before configuring qos, you must configu...
Page 389
Model name - 387 - (16)fair-queue enable fair queue on interface (17)help description of the interactive help system (18)history look up history (19)interface interface configuration (20)ip ip configuration commands (21)keepalive enable keepalive (22)llc2 setup llc2(logic link control type2) paramet...
Page 390
Model name - 388 - map. [default@router /config/]# policy-map key word: u(undo) d(default) q(quit) (00)word policy-map name please input the code of command to be excute(0-0): 0 input 0 and select word option, input policy-map name at prompt: please input a string: name note: input policy map name h...
Page 391
Model name - 389 - 9.2.5 configure class map by configuring t the class map, flow type can be specified. When an interface uses the policy map that embodies the class map, certain qos can be ensured according to the specified flow type. In command to configure class map, you can use the commands bel...
Page 392
Model name - 390 - command purpose class-map class-name match protocol protocol-type configuring a class map classified by protocol type. Class-map class-name match config-interface interface-type interface-number configuring a class map classified by interface type. Class-map class-name match acces...
Page 393
Model name - 391 - please input a string: name note ： input class map name, name is only for example here. Key word: q(quit) (00)match specify classification criteria please input the code of command to be excute(0-0): 0 input 0, select match option, then display: input0 key word: q(quit) (00)access...
Page 394
Model name - 392 - please input a string: name note: input the list name here, name is only for example. Will you excute it? (y/n): y here we completed the configuration of the class map of access list classification. 9.2.6 configurewred if you need to configure a wred on an interface, you can choos...
Page 395
Model name - 393 - key word: u(undo) d(default) q(quit) (00) queue list number please input the code of command to be excute(0-0): 0 select option and input the list number input0at prompt: please input a digital number:: 1 note: input 1-16 list numbers here, 1 is only for example. Will you excute i...
Page 396
Model name - 394 - (01)limit set queue max packets of a particular queue please input the code of command to be excute(0-1): 1 input 1, select option: (if you want to configure the customed list to send the byte numer, you can select the 0option) key word: q(quit) (00) size in bytes please input the...
Page 397
Model name - 395 - (00) queue list number please input the code of command to be excute(0-0): 0 please input a digital number: 2 key word: q(quit) (00)interface establish priorities for packets from a named interface (01)protocol establish priorities for packets of a protocol (02)queue configure par...
Page 398
Model name - 396 - (01)protocol establish priorities for packets of a protocol (02)queue configure parameters for a particular queue (03)default set custom queue for unspecified packets please input the code of command to be excute(0-3): 0 input 0 and select interface option key word: q(quit) (00)fa...
Page 399
Model name - 397 - queue-list 5 protocol ip 6 gt 1000 9.2.9 configure pq if you want to configure pq to an interface, you can use the command below in interface configuration mode after the interface specified: command purpose priority-group list-number applying pq to the interface, list-number is t...
Page 400
Model name - 398 - please input the code of command to be excute(0-0): 0 input 0 and select option: please input a digital number: 15 note ： input the upper limit of 0 － 32767queue, 15 is only for example. Key word: q(quit) (00) middle limit please input the code of command to be excute(0-0): 0 inpu...
Page 401
Model name - 399 - please input the code of command to be excute(0-0): 0 input 0, select option, it will prompt to input the pq number. Please input a digital number: 1 note ： input numbers of 1-16 pq list, 1 is only for example. Key word: q(quit) (00)interface establish priorities for packets from ...
Page 403
Model name - 401 - [default@router /config/]# priority-list key word: u(undo) d(default) q(quit) (00) priority list number please input the code of command to be excute(0-0): 0 input0 ， selectoption ， it will prompt to input the pq number ： please input a digital number: 1 note ： input 1-16 priority...
Page 404
Model name - 402 - (18)ip ip information (19)job job parameters and statistics (20)l2tp l2tp information (21)line tty line information (22)llc llc2 parameters and statistics (23)logging show the contents of logging buffers (24)memory memory info (25)pdp pdp state information (26)policy-map show poli...
Page 405
Model name - 403 - (19)job job parameters and statistics (20)l2tp l2tp information (21)line tty line information (22)llc llc2 parameters and statistics (23)logging show the contents of logging buffers (24)memory memory info (25)pdp pdp state information (26)policy-map show policy-map configuration (...
Page 406
Model name - 404 - (19)job job parameters and statistics (20)l2tp l2tp information (21)line tty line information (22)llc llc2 parameters and statistics (23)logging show the contents of logging buffers (24)memory memory info (25)pdp pdp state information (26)policy-map show policy-map configuration (...
Page 407
Model name - 405 - 5. Display the policy-map configuration in command to display the policy-map configuration, you can use the command below: command purpose show policy-map [ policy-name ] display the policy-map configuration. To display your policy map configuration, you can use: show policy-map c...
Page 408
Model name - 406 - packet size, so you must take the packet size into account when you configure the total bytes, not specify them into 100:200:400:300 simply, in this way, the bandwidth ratio must be 1428:582:371:1525. In command to achieve the purpose, follow these steps: (1) produce a ratio of al...
Page 409
Model name - 407 - note: you must enable crtp on both ends of a serial connection, otherwise, it’s unavailable. 9.3.2 brief introduction of crtp the router crtp is only supported on serial lines using ppp encapsulation currently, and we will support on frame relay, hdlc encapsulation and over isdn i...
Page 410
Model name - 408 - (01)ethernet ethernet interface (02)serial serial interface (03)async asynchronous interface (04)null null interface (05)loopback loopback interface (06)tunnel tunnel interface (07)dialer dialer interface (08)multilink multilink-group interface (09)virtual-template virtual templat...
Page 411
Model name - 409 - (03)directed-broadcast enable forwarding of directed broadcasts (04)fast-switch fast-switch interface commands (05)helper-address specify a destination address for udp broadcasts (06)irdp icmp router discovery protocol (07)mask-reply enable sending icmp mask reply messages (08)mtu...
Page 412
Model name - 410 - (09)nat nat interface commands (10)ospf set ospf parameter for this port (11)redirects enable sending icmp redirect messages (12)rip set rip parameter for this port (13)route-cache enable fast-switching cache for outgoing packets (14)rsvp rsvp interface command (15)rtp rtp paramet...
Page 413
Model name - 411 - (19)job job parameters and statistics (20)l2tp l2tp information --more-- 18 input 18 ， select ip option ： key word: q(quit) (00)access-lists list ip access lists (01)as-path-list information of as-path list (02)beigrp show beigrp information (03)bgp bgp information (04)cache ip ro...
Page 414
Model name - 412 - the above commands should be used under the global configuration directory. [default@router /enable/]# debug key word: u(undo) d(default) q(quit) (00)aaa debug aaa process information (01)arp ip arp transactions (02)backup debug backup information (03)chat chat scripts activity (0...
Page 415
Model name - 413 - 9.3.7 configuration examples the following example showes how to configure the crtp on serial lines using point-to-point protocol (ppp) encapsulation: interface serial 1/2 ip rtp header-compression ip rtp compression-connections 25 encapsulation ppp 9.4 configure ctcp (tcp/ip head...
Page 416
Model name - 414 - crtp is applied to ppp links. However, if the opposite terminal ppp implementation support only ctcp of rfc1144, ipcp of rfc1144 can be used in the same. But if you apply ctcp on fr and hdlc link, cisco-format will adopt ctcp of rfc1144, iphc-format will adopt ctcp of rfc2507, and...
Page 417
Model name - 415 - (34)snmp modify snmp interface parameters (35)speed configure speed operation please input the code of command to be excute(0-35): 20 （ option ip ） will you excute it? (y/n): y key word: u(undo) d(default) q(quit) (00)access-group specify access control for packets (01)address ip ...
Page 418
Model name - 416 - key word: u(undo) d(default) q(quit) (00)access-group specify access control for packets (01)address ip address (02)beigrp enhanced interior gateway routing protocol (03)directed-broadcast enable forwarding of directed broadcasts (04)fast-switch fast-switch interface commands (05)...
Page 419
Model name - 417 - (08)controller interface controller status (09)cpu cpu usage information (10)debug state of each debugging option (11)dhcp dhcp information (12)dialer dialer parameters and statistics (13)frame-relay display frame relay state (14)frswitch display frame relay switch state (15)hdlc ...
Page 420
Model name - 418 - ip/tcp header compression statistics: interface serial2/0: you must use the command in interface configuration mode. 9.4.6 ctcp debugging command purpose debug ip tcp header-compression display the information of the received and transformed ctcp packets information. The above com...
Page 421
Model name - 419 - q(quit) (00)header-compression tcp header compression (01)packet tcp packets (02)transactions significant tcp events please input the code of command to be excute(0-2): 0 input 0 ， select header-compression option will you excute it? (y/n): y the screen will display the ctcp infor...
Page 422
Model name - 420 - 9.5.3 example of configuration suppose that router a and b are available. A is dlink router ，Ｂ is cisco router ， a and b are connected by synchro serial line. Suppose that one serial interface number of a is s2/0:1 与 one serial interface number of b is s1/ １ :1; both two interface...
Page 423
Model name - 421 - (30)shutdown shutdown the current interface (31)snmp modify snmp interface parameters please input the code of command to be execute(0-31): 11 current status:s3/2:0 current directory: config key word: u(undo) d(default) q(quit) (00)frame-relay frame relay protocol (01)hdlc hdlc pr...
Page 424
Model name - 422 - run command: show compress we can get information below: dlc data statistics --- in interface serial0/0 compress type lempel-ziv receive bytes compressed: 0 receive bytes decompressed: 0 sent bytes compresseds: 0 sent bytes original: 0 resyns: 0 note ： when configured lz, cpu reso...
Page 425
Model name - 423 - (21)ppp point-to-point protocol (22)priority-group assign a priority group to interface (24)random-detect enable weighted random early detect on interface (25)rate-limit rate limit (26)router routing protocol configuration (28)service-policy assign a priority group to interface (2...
Page 426
Model name - 424 - 9.6 car configuration 9.6.1 car introduction car （ committed access rate ） provides rate-limit feature. You can designate car rate-limiting policies based on physical port to limit input or output rate, and other criteria specifiable by access lists or extended access lists. Suppo...
Page 427
Model name - 425 - input 30 ， choose rate-limit option ,clew: (00)fastethernet fastethernet interface (01)ethernet ethernet interface (02)serial serial interface (03) please input the code of command to be execute(0-3):0 input 0 ， choose fastethernet option,clew: please input slot/port:0/0 input fas...
Page 428
Model name - 426 - 10. Dialer configuration 10.1 about dialer d-link router provides perfect dialer solution for user: support dialer interface backup, meet all kinds of backup requirements support all kinds of dialer interfaces, such as asynchronous or synchronous serial interface. Provide ddr dial...
Page 429
Model name - 427 - (09)virtual-template virtual template interface (10)virtual-tunnel virtual tunnel interface please input the code of command to be excute(0-10): 2 (select serialinterface) please input a interface name: s2/0 will you excute it? (y/n): y configuring the dialer method: line dial key...
Page 430
Model name - 428 - (05)crypto encryption module (06)custom-queue-list assign a custom queue list to interface (07)default restore default configuration (08)delay set the interface delay (09)description set the interface description (10)dialer dial-on-demand routing (ddr) commands (11)dialer-group as...
Page 431
Model name - 429 - (05)crypto encryption module (06)custom-queue-list assign a custom queue list to interface (07)default restore default configuration (08)delay set the interface delay (09)description set the interface description (10)dialer dial-on-demand routing (ddr) commands ...... Please input...
Page 432
Model name - 430 - please input a string: 2 note ： input dialer string here,for example,2. Will you excute it? (y/n): y 10.4.2 send calls to several interfaces and accept calls from them in command to send calls to several interfaces and accept calls from them, you can perform the configuration task...
Page 433
Model name - 431 - (12)help description of the interactive help system (13)history look up history (14)interface interface configuration (15)ip ip configuration commands (16)mtu set the interface mtu ...... Please input the code of command to be excute(0-28): 15 （ select command ip ） key word: u(und...
Page 434
Model name - 432 - key word: q(quit) (00)a.B.C.D ip address please input the code of command to be excute(0-0): 0 input 0 ， select option a.B.C.D please input a ip address:192.168.19.80 note ： input ip address here,for example: 192.168.19.80 key word: q(quit) (00)word dialer string (01)broadcast bro...
Page 435
Model name - 433 - (07)description set the interface description (08)dialer dial-on-demand routing (ddr) commands (09)dialer-group assign interface to dialer-list ...... Please input the code of command to be excute(0-28): 8 （ select command dialer ） key word: u(undo) d(default) q(quit) (00)called d...
Page 436
Model name - 434 - q(quit) (00)bandwidth set the interface bandwidth (01)chinese help message in chinese (02)chmem change memory of system (03)clear_drv clear interface statistic counter (04)crypto encryption module (05)default restore default configuration (06)delay set the interface delay (07)desc...
Page 437
Model name - 435 - 10.5.2 set idle time for busy interfaces when an interface has set up a link, another interface is need to set up a new link with it, that’s called competition. If the line-idle time exceeds the specified amount of time, the current call is disconnected by ddr. Key word: u(undo) d...
Page 438
Model name - 436 - note ： input dialer timeout here,for example 2. Will you excute it? (y/n): y 10.5.4 set wait time of carrying interface data set wait time of carrying interface data: dialer wait-for-carrier-time seconds key word: u(undo) d(default) q(quit) key word: u(undo) d(default) q(quit) ......
Page 439
Model name - 437 - will you excute it? (y/n): y 10.5.7 specify the threshold value of the dialer rotary group after the threshold value is specified, ddr will monitor the flow of the interface. When the flow exceeds the threshold and there is an usable interface in the dialer group, the interface wi...
Page 440
Model name - 438 - (07)map define multiple dial-on-demand numbers (08)priority set interface priority in dialer rotary group (09)rotary-group add this interface to a dialer rotary group (10)string set default telephone number (11)wait-for-carrier-time set the router wait for carrier time please inpu...
Page 441
Model name - 439 - (02)sessions show dialer sessions please input the code of command to be excute(0-2): 0 input 0 ， select interface key word: q(quit) (00)serial serial interface (01)async asynchronous interface (02)dialer dialer interface please input the code of command to be excute(0-2): 0 input...
Page 442
Model name - 440 - dialer rotary-group dialer 1 interface serial1/2 dialer rotary-group d1 3. The examples of dialing to one or multiple points with dialer map as the following figure if local router only need dial to router a, you can use command dialer string configure 55555555 to the dialer strin...
Page 443
Model name - 441 - 1. Modem script execution example expected and sending character string pair execution abort error end the script execution if the text "error" is found. " " "at z" without expecting anything, send an "at z" command to the modem. Connect \c expect "connect," but do not send anythi...
Page 444
Model name - 442 - 11. Reliability configuration 11.1 interface backup configuration this chapter will describe how to configure the interface backup function.The interface backup function executed on asynchronism serial 、 synchronism serial and isdn interface are also included. Please refer to the ...
Page 445
Model name - 443 - (02)serial serial interface (03)async asynchronous interface (04)null null interface (05)loopback loopback interface (06)tunnel tunnel interface (07)dialer dialer interface (08)multilink multilink-group interface (09)virtual-template virtual template interface (10)virtual-tunnel v...
Page 446
Model name - 444 - (01)ethernet ethernet interface (02)serial serial interface ...... Please input the code of command to be excute(0-10): 0 note ： input the interface needs to configure backup here,for example fast ethernet. Please input a interface name: f0/0 note ： input the interface name here,f...
Page 447
Model name - 445 - note ： if selecting avtivate delay,input time here,for example 34. Key word: q(quit) (00) deactive seconds (01)never never deactive the backup line please input the code of command to be excute(0-1): 0 note ： determine whether disactivate delay is needed or not here,for example 0....
Page 448
Model name - 446 - u(undo) d(default) q(quit) (00)delay delays before backup line up or down transitions (01)interface configure an interface as a backup (02)load load thresholds for line up or down transitions (03)always second interface always up when primary interface down(dialer) please input th...
Page 449
Model name - 447 - will you excute it? (y/n): y 11.1.3 interface backup configuration example this section provide the ppp configuration example as below: launch interface backup function on serial1/0 interface,choosing serial1/1 as backup interface.The time of backup interface activate delay and di...
Page 450
Model name - 448 - (02)load load thresholds for line up or down transitions (03)always second interface always up when primary interface down(dialer) please input the code of command to be excute(0-3): 1 input 1 ， select interface ： key word: q(quit) (00)serial serial interface (01)async asynchronou...
Page 451
Model name - 449 - backup to each other. One of the routers is selected to be the active router and another to be the standby router, which assumes control of the group mac address and ip address should the designated active router fail. Hsrp detects when the designated active router fails, and a se...
Page 452
Model name - 450 - standby [ group-number ] timers hello-timer hold-timers configure standby timer. Standby (undo) [group-number] timers use default timer. You should input command standby in interface configure model , and it will show all the arguments: (00) arp set arp timeout ...... (34) standby...
Page 453
Model name - 451 - key word: q(quit) (00)h:h:h:h:h:h 48-bit hardware address of arp entry please input the code of command to be execute(0-0): input 0, it will hint : please input a mac address : you can input a virtual mac address here. 3. Configure standby group priority in congure use the followi...
Page 454
Model name - 452 - …… (04)preempt config hsrp group preempt …… please input the code of command to be excute(0-7): 4 , it will hint q(quit) (00)delay hsrp group preempt delay time (s) (01) please input the code of command to be execute(0-1):): input 1, it will set standby group preempt model without...
Page 455
Model name - 453 - you should input command standby in interface configure model , and it will show all the arguments: (00) arp set arp timeout ...... (34) standby hsrp configuration commands ...... Please input the code of command to be excute(0-35): 34 input 34 ， select domain, it will hint ： u(un...
Page 456
Model name - 454 -.
Page 457
Model name - 455 - 12. Ip voice configuration task list 12.1 about voice d-link 1700, 2600, 2700, 3600 series support voice transmission. D-link’s voice support is implemented using voice packet technology. In voice packet technology, voice signals are packetized and transported in compliance with i...
Page 458
Model name - 456 - the key command that must be configureds are config-port and config-destination-pattern. The command config-destination-pattern defines the telephone number associated with this pots dial peer. The command config-port associate this pots dial peer with a specific voice port. Gener...
Page 459
Model name - 457 - in response to the limitations of analog transmission, the telephony network migrated to digital transmission using pulse code modulation (pcm) or adaptive differential pulse code modulation (adpcm). In both cases, analog sound is converted into digital form by sampling the analog...
Page 460
Model name - 458 - signal distortion due to multiple encodings (called tandem encodings). For example, when a g.729 voice signal is tandem encoded three times, the mos score drops from 3.92 (very good) to 2.68 (unacceptable). Another drawback is codec-induced delay with low bit-rate codecs. 4. Delay...
Page 461
Model name - 459 - 12.2 about qos 12.2.1 what is qos quality of service (qos) refers to the capability of a network to provide better service to select ed network traffic over various technologies. Network transfer can be controlled with qos. Qos also provides services based on various policies and ...
Page 462
Model name - 460 - d-linkip telephone equipment provides ip precedence and rsvp. Each voice packet will be marked corresponding identifier. Please see the correlative documents for complete information of qos signalling. 12.3 about dsp sensing switch signalling tone 12.3.1 sense command sense cptone...
Page 463
Model name - 461 - time_on and time_off are system specified values (respectively to be 300 and 1023). Other signaling tone must be configured four parameters. If this switch is single frequency, then the high frequency will take the invalid value 2001. After completing configuring and exiting from ...
Page 464
Model name - 462 - 12.4.2 prerequisite tasks before you can configure your d-linkip telephone equipments to use voice over ip, you must first: ♦ establish a working ip network. ♦ install the voice network module and the voice card into d-link router (voice port of v100 is fixed). ♦ complete your com...
Page 465
Model name - 463 - 12.4.4 configure dial peers the key point to understand how voice over ip functions is to understand dial peers. Each dial peer defines the characteristics associated with a call leg, as shown in figure 1 and figure 2. A call leg is a discrete segment of a call connection that lie...
Page 466
Model name - 464 - 1750_config_dialpeer#destination-pattern 260. 1750_config_dialpeer#session target ipv4: 10.1.2.2 1750_config_dialpeer#exit in the previous configuration example, the last one digits of v100’s set-dial-peer 3 was replaced with wildcards “.”. This means that from 2621(10.1.2.2), cal...
Page 467
Model name - 465 - command function dial-peer voice num pots enter the dial-peer configuration mode to configure a pots peer. The num value of the command is a tag that uniquely identifies the dial peer. To configure the identified pots peer, use the following commands in dial-peer configuration mod...
Page 468
Model name - 466 - the meanings of pots dial-peers are shown in upper presentations. Require-qos this indicates that the communication of the dial-peer needs the qos guarantee. 12.4.8 configure the replace of voip dial-peer as configuring dial-peer, you can configure replace dial-peer so that you ca...
Page 469
Model name - 467 - occurring between the both sides. Connection-plar str after receiving the hanging up of the other side on voice port, it will evoke a voip call by the port according to the hot line dialing configured on the port. Description str add specification on specified voice port so that t...
Page 470
Model name - 468 - note ： each machine must be configured the ip address used by the voice gateway at one time. Such as in example 1, configuration of 1750_1 is as below: 1750_1_config#gateway-cfg 1750_1_config_gw#gateway ipaddr 10.1.1.1 12.7.1 fxs-to-fxs connection in this example, a very small com...
Page 471
Model name - 469 - 1750_2_config#wr 12.7.2 pstn gateway access using fxo connection the following example shows how to configure voice over ip to link users with the pstn gateway using an fxo connetion. In this example, users connected to 2621 in shanghai can reach pstn users in beijing. Router 1750...
Page 472
Model name - 470 - 1750_config_dialpeer#destination-pattern 8012 1750_config_dialpeer#exit 1750_config#wr 12.7.3 use ip connection to connect two fxo in some cases, it is very useful of using ip network to connect two pbx. The following example demonstrates how to configure voice over ip so that it ...
Page 473
Model name - 471 - 3660_2_config# 3660_3 configure ： 3660_3_config#inter e1/0 3660_3_config_e1/0#ip address 10.1.1.3 255.255.255.0 3660_3_config_e1/0#exit 3660_3_config#dial-peer voice 1 pots 3660_3_config_dialpeer#destination-partten 100000 3660_3_config_dialpeer#port 1/0 3660_3_config_dialpeer#exi...
Page 474
Model name - 472 - 3660_1_config_dialpeer#port 1/0 3660_1_config_dialpeer#exit 3660_1_config#dial-peer voice 2 voip 3660_1_config_dialpeer#destination-partten 10.... 3660_1_config_dialpeer#session target ipv4: 10.1.2.2 3660_1_config_dialpeer#exit 3660_1_config# 3660_2 configure ： 3660_2_config#inter...
Page 475
Model name - 473 - 12.7.6 configure the fax function based on voice over ip the way of configuring is to configure fax-protocol t38/rtp in dialpeer of voip. It will employ bypass mode to processing fax while there is not the two commands. Our voice products now support two fax mode: t38 and rtp. The...
Page 476
Model name - 474 - 2621_configr#dial-peer voice 2 voip 2621_config_dialpeer#session target ipv4:10.1.1.1 2621_config_dialpeer#destination-pattern 4117 2621_config_dialpeer#codec g723r53 2621_config_dialpeer#fax protocol t38 2621_config_dialpeer#exit 2621_config#write ♦ rtp fax we support rtp faxing ...
Page 477
Model name - 475 - 12.8 configure gatway and gatekeeper of voice over ip our voip gateway primarily supplies accessing of pstn and ip network, supplies proper translation between transmitting form (such as from/to h.225.0 to/from h.221) and communicating program in order to transparently reflect the...
Page 478
Model name - 476 - 12.8.2 examine ip address and gatekeeper of the gateway. Use the command show getekway to confirm the voice gateway on the devices have been properly configured. Use these debug commands: debug voip event asn 、 debug voip event ras 、 debug voip event gw. 12.8.3 configure voice ove...
Page 479
Model name - 477 - figuer 12-9 connecting between gateway and gatekeeper 2621_1 configure: 2621_config#interface e1/0 2621_config_e1/0#ip address 10.1.1.20 255.255.255.0 2621_config_e1/0#exit 2621_1_config#gatekeeper-cfg 2621_1_config_gk#zone local gk1 zone1.Com 10.1.1.20 2621_1_config_gk#zone remot...
Page 480
Model name - 478 - 13. Configure ivr ivr is a function module in d-link voice product and takes charge of voice exchanging and supports voice authentic cost service. Its cost function needs cooperate of radius server. If you select radius in authentication, you should also configure radius server. T...
Page 481
Model name - 479 - 13.1.1 configure dial flow access number essentially is only a symbol of dial flow. You must configure a series of parameters for it in order to implement a real dial flow. Although each parameter has default value, it can support the basic service without configuring. Two-dial ca...
Page 482
Model name - 480 - command function dial dialing numlen dialing-time configure the length of called number and the times of re-dial. Dial timeout time1 time2 configure the wait time of first dial and whole dial. The first parameter of the first command is default phone number length and the second p...
Page 483
Model name - 481 - dial timeout time1 time2 cofigure the wait time of first dial and whole dial. In default case: numlen = 10, dialing-time = 3 ,dial timeout time1 = 30 seconds, time2 = 60 seconds 13.1.3 configure ivr one-dial mode if you enable one-dial mode, it won’t enable single authentication t...
Page 484
Model name - 482 - the first parameter and the second parameter are all default once recording time. But the unit of first parameter is second, but the second is 0.1 sendond. The default once recording time is 15-second. For an example: record time 12 10 it indicates the default recording time is 12...
Page 485
Model name - 483 - command function gw-accounting-h323 enabling/closing off the accounting function of all the subscribers. Configure the method of sending radius costing information: there’s no default method for the costing request corresponding from radius client to radius. Please perform the fol...
Page 486
Model name - 484 - 2621_1_config_dialpeer #exit 2621_config#aaa authentication login def radius 2621_config#aaa accounting connection h323 wait-start radius 2621_config#interface e1/0 2621_config_e1/0#ip address 192.168.0.1 255.255.255.0 2621_config_e1/0#exit 2621_1_config#gw-accounting-h323 2621_1_...
Page 487
Model name - 485 - 2621_1_config#dial-peer voice 11 pots 2621_1_config_dialpeer#des 1002 2621_1_config_dialpeer#exit 2621_config#aaa authentication login def radius 2621_config#aaa accounting connection h323 wait-start radius 2621_config#interface e1/0 2621_config_e1/0#ip address 192.168.0.1 255.255...
Page 488
Model name - 486 - 2621_1_config#radius key 1111 2621_1_config#wr 5. Example 5 － raplce the welcome word with record ( in two steps) step1 ： 2621_1_config#dial-peer voice 10 pots 2621_1_config_dialpeer #des 1001 2621_1_config_dialpeer #exit 2621_1_config#dial-peer voice 11 pots.
Page 489
Model name - 487 - 14. Ibm networking configuration 14.1 configure dlsw before configuring dlsw, you should first get some knowledge of dlsw, which is helpful. Data link switching is a new protocol of channel or encapsulation. It can encapsulate the frames from logical link control type1 or type2 of...
Page 490
Model name - 488 - dlsw icannotreach saps sap [ sap... ] this command is used to configure the unreachable local sap. The no argument is used to cancel the configuration. Dlsw mac-addr mac-addr this command is used to configure the static mac address. The no argument is used to cancel the configurat...
Page 491
Model name - 489 - user can use the following command in management mode: command function clear dlsw circuit [ circuit-id ] clear dlsw circuit rm dlsw reachability clear dlsw statistics 14.2 configuring llc2 llc2 (ieee 802.2) type 2 provides connection-oriented service and is widely used in lan env...
Page 492
Model name - 490 - 14.2.2 configure the wait-for-response time command function llc2 t1-time seconds this command is used to set the amount of time the router waits for a final response to a poll frame before resending the poll frame. Number of seconds (s) the router waits for a final response to a ...
Page 493
Model name - 491 - select the iic2 commands from the interface commands of the global configuration list, all iic2 selection as fellow: key word: u(undo) d(default) q(quit) (00)ack-max the max i-frames received before sent acknowledgment (01)ack-delay-time the max time to delay the acknowledgment of...
Page 494
Model name - 492 - input 8 ， select item key word: q(quit) (00) seconds -- the time interval for a response pdu(f=1) please input the code of command to be excute(0-0): 0 please input a digital number: 12 input 12 ， set the wait peer response time as 12s. Will you excute it? (y/n): y 14.2.5 configur...
Page 495
Model name - 493 - llc2 local-window packet-count control the maximum number of information frames the router sends before it waits for an acknowledgment. Maximum number of packets that can be sent before the router must wait for an acknowledgment. The minimum is 1 packet. The maximum is 127 packets...
Page 496
Model name - 494 - key word: u(undo) d(default) q(quit) (00)ack-max the max i-frames received before sent acknowledgment (01)ack-delay-time the max time to delay the acknowledgment of i-frames (02)holdqueue the max queue lenght (03)idle-time the timer for idle (04)local-window the local window size ...
Page 497
Model name - 495 - input the show command from the interface commands of the global configuration list, it will list all show items, select the iic, display as fellow: key word: q(quit) (00)interface the llc tx/rx and config infomation int interface (01) please input the code of command to be excute...
Page 498
Model name - 496 - 14.2.12 example of llc2 configuration you can configure the number of llc2 frames received before the ack. In this example, at the time 0, two information frames are received, it doesn’t reach the max number 3, so the ack frames are not sent. If set the 3 rd ack frame sent by rout...
Page 499
Model name - 497 - 14.3 sdlc configuration the sdlc tasks described in this section configure the router as an sdlc station. (this is in contrast to a router configured for sdlc transport, where the device is not an sdlc station, but passes sdlc frames between two sdlc stations across a mixed-media,...
Page 500
Model name - 498 - (00)xxxx.Xxxx.Xxxx virtual ieee mac address please input the code of command to be excute(0-0): 0 select 0 ， and input mac-address 。 step 4: select 28 item from listing , display: (00)k the size of the sending window ...... (06)partner the remote mac address for partner ...... Ple...
Page 501
Model name - 499 - 14.3.4 configure sdlc timer and retry counts when an sdlc station sends a frame, it waits for an acknowledgment from the receiver indicating that this frame has been received. You can modify the time the router allows for an acknowledgment before resending the frame. You can also ...
Page 502
Model name - 500 - 14.3.6 control the buffer size you can control the buffer size on the router. The buffer holds data that is pending transmission to a remote sdlc station. This command is particularly useful in the case of the sdllc media translator, which allows an llc2-speaking sna station on a ...
Page 503
Model name - 501 - (08)poll-pause-timer the interval of polling the secondary station ...... Please input the code of command to be excute(0-16): 8 input 8 ， select poll-pause-timer item ， display ： (00) time between polls for each secondary sdlc station(ms) please input the code of command to be ex...
Page 504
Model name - 502 - input address ， display ： (00) xid of secondary station in hex format please input the code of command to be excute(0-0): 0 select 0 ， input xid 14.3.10 set the largest sdlc information-frame size generally, the router and the sdlc device with which it communicates should support ...
Page 505
Model name - 503 - please input the code of command to be excute(0-4): select the configuration interface of the sdlc station to be displayed 14.3.12 configuration examples the following sections provide sdlc configuration examples: ♦ sdlc two-way simultaneous mode configuration example ♦ sdlc confi...
Page 506
Model name - 504 - 3. Half-duplex configuration example in the following example, an sdlc interface has been configured for half-duplex mode: ♦ config-encap sdlc ♦ sdlc simultaneous half-duplex sdlc configuration example 1-1 host a router a router b c1 c2 llc2 dlsw sdlc this example describes an sdl...
Page 507
Model name - 505 - config-sdlc partner 4000.5678.00c1 c1 config-sdlc address c2(default configuration is pu2.1) config-sdlc partner 4000.5678.00c2 c2 config-sdlc role secondary router b as remote secondary station: primary station of c1 and c2, c1 and c2 reserved for dlsw+ and can not be used by any...
Page 508
Model name - 506 - 15. Vpdn configuration in l2tp modules,vpdn sub-module contacts with vpdn group, it’s mainly used for creating and managing vpdn group information, both lac and lns need obtain relative information from vpdn group for creating tunnel and session. Vpdn sub-module is a sub-module to...
Page 509
Model name - 507 - first enter the vpdn-group 1 with command "vpdn-group 1"(see the example of command vpdn-group) . Then, configure the "accept-dialin" just as below. Current status:vpdn current directory: config key word: q(quit) (00)accept_dialin vpdn accept-dialin group configuration (01)chmem c...
Page 510
Model name - 508 - 15.1.4 protocol binding vpdn group must bind with relative protocol, for this product, only l2tp protocol is enabled, the following command can bind vpdn group and protocol: command function protocol protocol-type binding vpdn group and protocol. Protocol(undo) protocol-type cancl...
Page 511
Model name - 509 - the example below creates a vpdn group and sets it as nac and also sets a domain name. First enter the vpdn-group 1 with command "vpdn-group 1"(see the example of command vpdn-group) then configure as nac with command "request-dialin" (see the example of command request-dialin ) ....
Page 512
Model name - 510 - (11)lcp-renegotiation force lcp negotiate locally (12)local-name local name used for group authentication (13)pptp pptp specific commands (14)protocol tunneling protocol to be used (16)request-dialin vpdn request-dialin group configuration (17)router routing protocol configuration...
Page 513
Model name - 511 - (02)controller controller configuration (03)domain initiate a tunnel based on domain name (04)exit exit / quit (05)force-local-chap force a chap challenge to be instigated locally (06)help description of the interactive help system (07)hotkey ctrl+\ :print system information , ctr...
Page 514
Model name - 512 - please input a string: nac will you execute it? [y]:y 15.1.8 set remote lac tunnel name connected with lns after receiving sccrq information, lns will find vpdn group matching remote tunnel name with lac tunnel name, so lns vpdn group can configure remote tunnel name which connect...
Page 515
Model name - 513 - will you execute it? [y]: 15.1.9 reconfirm lns and client after establishing session successfully and lns authenticating instead of lac,lns and client can reconfirm, relative command as follows: command function force-local-chap reconfirm lns and client. Force-local-chap cancle re...
Page 516
Model name - 514 - (05)force-local-chap force a chap challenge to be instigated locally (06)help description of the interactive help system (07)hotkey ctrl+\ :print system information , ctrl+] :reboot (08)initiate-to initiate tunnel to remote peer (09)interface interface configuration (10)l2tp l2tp ...
Page 517
Model name - 515 - (14)protocol tunneling protocol to be used (16)request-dialin vpdn request-dialin group configuration (17)router routing protocol configuration (19)set_e1_threshold set e1 threshold (20)show show configuration and status (21)terminate-from terminate tunnel from remote peer (22)vir...
Page 518
Model name - 516 - (11)lcp-renegotiation force lcp negotiate locally (12)local-name local name used for group authentication (13)pptp pptp specific commands (14)protocol tunneling protocol to be used (16)request-dialin vpdn request-dialin group configuration (17)router routing protocol configuration...
Page 519
Model name - 517 - please input the code of command to be execute(0-1): 00 current status:vpdn current directory: config key word: q(quit) (00)authentication tunnel authentication (01)hello set the interval of sending hello packet (02)password password tunnel for authentication (03)receive-window se...
Page 520
Model name - 518 - 15.1.14 set time interval of sending hello diagram after session establishing successfully, lac and lns will send hello diagram to each other regularly for testing the line. The time interval of sending hello diagram can be assigned from 0s to 4294967294s.Relative command as below...
Page 521
Model name - 519 - 15.1.15 set tunnel accepting window size this command is used to specify local accepting buffer size. At the same time, it will notify the opposite when the l2tp tunnel negotiating. The opposite station specify the sliding window size of corresponding sent diagram. The size can ch...
Page 522
Model name - 520 - please input the code of command to be execute(0-3): 03 current status:vpdn current directory: config key word: q(quit) (00) receive window size please input the code of command to be execute(0-0): 00 please input a digital number:6 will you execute it? [y]:y 15.1.16 set l2tp prop...
Page 523
Model name - 521 - please input the code of command to be execute(0-1): 2004-3-18 13:06:15 configured from vty 0 by default(172.16.20.198) 00 will you execute it? [y]:y current status:vpdn current directory: config key word: q(quit) (00)accept_dialin vpdn accept-dialin group configuration (01)chmem ...
Page 524
Model name - 522 - please input the code of command to be excute(0-0): 0 input 0 ， select group will you excute it? (y/n): y the screen will display the below similar information: ! Vpdn enable ! Vpdn-group 1 accept-dialin force-local-chap lcp-renegotiation terminate-from lac l2tp hidden l2tp tunnel...
Page 525
Model name - 523 - ...... (12)ip ip information (13)job debug job information (14)l2tp l2tp information (15)lapb lapb information (16)line recv and send data on line --more-- 14 input 14 ， select 12tp key word: q(quit) (00)error l2tp error (01)event l2tp event (02)packets l2tp packets please input t...
Page 526
Model name - 524 - 15.1.21 configuration example both the router 2621-client and serial interface 1 of 2621-lac are encapsulated ppp protocol, lac adopts chap authentication; chap user must input the opposite router user name in prompt; the password of two routers using chap must be the same, router...
Page 527
Model name - 525 - 16. Bridge configuration 16.1 layer 2 stp configuration 16.1.1 selecting spanning tree mode stp (spanning tree protocol) is used for disrupting redundant path in the network so that to prevent network loopback and traffic congestion. It transfer ieee 802.1d protocol packets (bpdu)...
Page 529
Model name - 527 - (00)mode setup spanning-tree protocol mode (01)vlan setup spanning-tree protocol on vlans (02)sstp setup spanning-tree protocol on sstp mode (03)backbonefast setup spanning-tree protocol backbonefast function (04)uplinkfast setup spanning-tree protocol uplinkfast function (05)port...
Page 530
Model name - 528 - please input the code of command to be execute(0-0): 0 please input a string:200 key word: q(quit) (00)forward-time vlan mode forward time (01)hello-time vlan mode hello time (02)max-age vlan mode max age (03)priority vlan mode priority (04) please input the code of command to be ...
Page 531
Model name - 529 - q(quit) (00) vlan mode max-age time please input the code of command to be execute(0-0): 0 please input a digital number:24 will you execute it? [y]: [default@lns /config/]# 16.1.7 configure the forward delay time for spanning tree setting the status change interval when the switc...
Page 532
Model name - 530 - key word: q(quit) (00) vlan mode forward time please input the code of command to be execute(0-0): 0 please input a digital number:20 will you execute it? [y]: [default@lns /config/]# 16.1.8 configure the port path cost for spanning tree use the following commands to configure por...
Page 533
Model name - 531 - (36)spanning-tree config spanning-tree protocol on port (37)speed configure speed operation (38)standby hsrp configuration commands (39)switchport set port switching characteristics (41)vrrp vrrp configuration commands please input the code of command to be execute(0-41): 36 curre...
Page 534
Model name - 532 - (36)spanning-tree config spanning-tree protocol on port (37)speed configure speed operation (38)standby hsrp configuration commands (39)switchport set port switching characteristics (41)vrrp vrrp configuration commands please input the code of command to be execute(0-41): 36 curre...
Page 535
Model name - 533 - key word: q(quit) (00)cost setup spanning-tree protocol port cost (01)port-priority setup spanning-tree protocol port priority please input the code of command to be execute(0-1): 1 current status:f1/0 current directory: config key word: q(quit) (00) interface port priority value ...
Page 536
Model name - 534 - (02)sstp setup spanning-tree protocol on sstp mode (03)backbonefast setup spanning-tree protocol backbonefast function (04)uplinkfast setup spanning-tree protocol uplinkfast function (05)portfast setup spanning-tree protocol portfast function (06)loopguard setup spanning-tree prot...
Page 537
Model name - 535 - u(undo) q(quit) (00)vlan setup spanning-tree protocol interface vlan function (01)sstp setup spanning-tree protocol interface sstp function (02)cost setup spanning-tree protocol port cost (03)port-priority setup spanning-tree protocol port priority (04)bpdufilter setup spanning-tr...
Page 538
Model name - 536 - (00)loop setup guard loop function (01)none setup guard none function (02)root setup guard root function please input the code of command to be execute(0-2): 2 will you execute it? [y]: 16.1.14 configure the loopguard for spanning tree configuring uplinkfast enables the loopguard ...
Page 539
Model name - 537 - (37)speed configure speed operation (38)standby hsrp configuration commands (39)switchport set port switching characteristics (41)vrrp vrrp configuration commands please input the code of command to be execute(0-41): 36 current status:f1/0 current directory: config key word: u(und...
Page 540
Model name - 538 - (07)guard setup spanning-tree protocol guard function please input the code of command to be execute(0-7): 5 current status:f1/0 current directory: config key word: q(quit) (00)disable bpduguard disable (01)enable bpduguard enable please input the code of command to be execute(0-1...
Page 541
Model name - 539 - interface port id designated port id name prio.Nbr cost sts cost bridge id prio.Nbr ---------------- -------- --------- --- --------- -------------------- -------- fa0/1 128.1 100 fwd 20 32769 0009.7cf7.7dc0 128.1 fa0/2 200.2 20 fwd 0 1000 0030.80d5.37e0 128.3 fa0/3 128.3 15 fwd 2...
Page 542
Model name - 540 - number of transitions to forwarding state: 1 bpdu: sent 17790, received 18172 port 3 (fastethernet0/3) of vlan0001 is forwarding port path cost 15, port priority 128, port identifier 128.3. Designated root has priority 1000, address 0030.80d5.37e0 designated bridge has priority 32...
Page 543
Model name - 541 - (02)exit exit / quit (03)help description of the interactive help system (04)hotkey ctrl+\ :print system information , ctrl+] :reb oot (05)interface interface configuration (06)name config the name of current vlan (08)router routing protocol configuration (10)set_e1_threshold set ...
Page 544
Model name - 542 - please input the code of command to be execute(0-2): 1 current status:f1/0 current directory: config key word: q(quit) (00) vlan id of the vlan please input the code of command to be execute(0-0): 0 please input a digital number:10 will you execute it? [y]: configure the port to t...
Page 545
Model name - 543 - (01)add add vlans to the current list (02)all all vlans (03)except all vlans except the following (04)none no vlans (05)remove remove vlans from the current list please input the code of command to be execute(0-5): 0 please input a string:1-10 will you execute it? [y]: 16.2.3 insp...
Page 546
Model name - 544 - please input a digital number:1 will you execute it? [y]: vlan id: 1, name: default, totalports:11 ports atttributes ----------------------------------------------------------------- f1/0 trunk,untagged e1/0 access display vlan information of a certain interface: [default@lns /con...
Page 547
Model name - 545 - no ip directed-broadcast ! Interface ethernet1/0 no ip address no ip directed-broadcast switchport pvid 3 switchport mode access duplex half ! Interface ethernet1/1 no ip address no ip directed-broadcast switchport pvid 3 switchport mode trunk swtichport trunk vlan-allowed 2-6,7 d...
Page 548: International Offices
Model name - 546 - international offices u.S.A 17595 mt. Herrmann street fountain valley, ca. 92708 tel: 714-885-6000 fax 866-743-4905 url: www.Dlink.Com canada 2180 winston park drive oakville, ontario, l6h 5w1 canada tel: 1-905-8295033 fax: 1-905-8295223 url: www.Dlink.Ca europe (u. K.) 4th floor,...
Page 549
- 1 -.