Lucent Technologies 7820-0802-003 User Manual
APX 8000™/MAX® TNT/DSLMAX™
Physical Interface Configuration Guide
Part Number 7820-0802-003
For software version 8.0
May 2000
Copyright© 2000 Lucent Technologies. All rights reserved.
This material is protected by the copyright laws of the United States and other countries. It may not be reproduced, distributed, or altered in any fashion by any
entity (either internal or external to Lucent Technologies), except in accordance with applicable agreements, contracts, or licensing, without the express
written consent of Lucent Technologies. For permis sion to reproduce or distribute, please em ai l your request to
Notice
techpubs@ascend.com.
Every effort was mad e to en sur e that the information in this document was complete and ac cu ra te at the time of printing, bu t inf ormation is subject to change.
Safety, Compliance, and Warranty Information
Before handling any Luc ent A ccess N etwor ks hard ware prod uct, rea d the Access Networks Safety and Compliance Guide included in your product package.
See that guide also to determine how products comply with the electromagnetic interference (EMI) and network compatibility requirements of your country.
See the warranty card include d in your product package for the limit ed warranty that Lucent Technologies provides for its products.
Security Statement
In rare instances, unauthoriz ed individuals make connecti ons t o the te lecommunications network through the use of access features.
Trademarks
4ESS, 5ESS, A Network of Expertise, AnyMedia, AqueView, AUDIX, B-STDX 8000, B-STDX 9000, ...Beyond Compare, CaseView, Cajun, CajunDocs,
CAJUNVIEW, Callmaster, CallVisor, CBX500, CellPipe, ChoiceNet, ClearReach, ComOS, cvMAX, DACScan, Dacsmate, Datakit, DEFINITY,
Definity One, DSLMAX, DSLTerminator, DSLPipe, DSLTNT, Elemedia, Elemedia Enhanced, EMMI, End to End Solutions, EPAC, ESS, EVEREST,
Gigabit-scaled campus netwo r king, Globalv iew, GRF, GX250, GX 550, HyperPATH, Inferno, InfernoSpaces, Intr agy, I ntragyAccess, IntragyCentral, Intu ity,
IP Navigator, IPWorX, LineReach, LinkReach, MAX, MAXENT, MAX TNT, Multiband, Multiband PLUS, MultibandRPM, MultiDSL, MultiVoice,
MultiVPN, Navis, NavisAccess, NavisConnect, NavisCore, NavisRadius, NavisXtend, NetCare, NetLight, NetPartner, OneVision,
Open Systems Innovations, OpenTrunk, P550, PacketStar, PathStar, Pinnacle, Pipeline, PMVision, PortMaster, SecureConnect, Selectools, Series56,
SmoothConnect, Stinger, SYSTIMAX, True Access, WaveLAN, WaveMANAGER, WaveMODEM, WebXtend, and Where Network Solutions Never End
are trademarks of Lucent Technologies. Advantage Pak, Advantage Services, AnyMedia, ...Beyond Compare, End to End Solutions, Inter.NetWorking,
MAXENT, and NetWork Knowledge Sol utions are service marks of Lucent Technologies. Other trademarks, service marks, and tra de names mentioned in
this publication belong to th ei r respective owners.
Copyrights for Third-Party Software Included in Lucent Access Networks Software Products
C++ Standard Template Library software cop yright© 1994 Hewlett-Packard Co mpany and copyright© 1997 Silic on Graphics. Permission to use, c opy,
modify, distribute, and sell this software and its documentation for any purpose is hereby granted without fee, provided that the above copyright no tice appear
in all copies and that both that copyright notice and this permission notice appear in supporting documentation. Neither Hewlett-Packard nor Silicon Graphics
makes any representations about the suitability of this software for any pu rpose. It is provided “as is” without expre ss or im pl ied wa rranty.
Berkeley Software Distribution (BSD ) UNIX software copyright© 1982, 1986, 1988, 1993 The Regents of Ca lifornia. All rights reserved. Redistribut ion and
use in source and binary forms, with or wit hout m odifi cation , are permitt ed prov ided th at the fol low ing co ndition s are met: 1. R edistribution s of source code
must retain the above co pyright notice, this list of condi t ion s, a nd the following disclaimer. 2. Redistributio ns in binary form must reproduce the a bove copyright notice, this list of conditions, and the following disclaimer in the documentation and/ or other materials provide d with the distribution. 3. A l l advertising
materials mentioning f ea tu res or use of this software must display the following acknowledgement: This product includes soft w a r e developed by the University of California, Berk eley, and its contributo rs. 4. Neit her the name of the Univ ersity no r the name s of its cont ributors m ay be us ed to en dorse or pro mote
products derived from this softw are w ithout specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS “AS IS” AND ANY EXPRESS OR IMPLIED WARRANTIES,
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
Ordering Information
You can order the most up-to-dat e product information and compu te r-based t r ai ni ng online at http://www.lucent.com/ins/bookstore.
Feedback
Lucent Technologies appreciates your co mm e nts, either positive or negative , abou t th is manual. Please send them to techpubs@ascend.com.
Lucent Technologies
Customer Service
Customer Service provides a variety of options for obtaining information about Lucent
products and services, software upgrades, and technical assistance.
Finding information and software on the Internet
Visit the Web site at http://www.lucent.com/ins for technical information, product
information, and descriptions of available services.
Visit the FTP site at ftp://ftp.ascend.com for software upgrades, release notes, and
addenda.
Obtaining technical assistance
You can obtain technical assistance by telephone, email, fax, modem, or regular mail, as well
as over the Internet.
Gathering information you will need
If you need to contact Lucent for help with a problem, make sure that you have the following
information when you call or that you include it in your correspondence:
• Product name and model
• Software and hardware options
• Software version
• If supplied by your carrier, Service Profile Identifiers (SPIDs) associated with your line
• Your local telephone company’s switch type and operating mode, such as AT&T 5ESS
Custom or Northern Telecom National ISDN-1
• Whether you are routing or bridging with your Lucent product
• Type of computer you are using
• Description of the problem
Calling Lucent from within the United States
In the U.S., you can take advantage of Priority Technical Assistance or an Advantage service
contract, or you can call to request assistance.
Priority Technical Assistance
If you need to talk to an engineer right away, call (900) 555-2763 to reach the Priority Call
queue. The charge of $2.95 per minute does not begin to accrue until you are connected to an
engineer. Average wait times are less than 3 minutes.
Advantage Services
Advantage Services is a comprehensive selection of services. Installation services help get
your Lucent Wide Area Network (WAN) off to the right start. Ongoing maintenance and
85x11 Book Template (Preliminary) iii
support services provide hardware and software solutions to keep your network operating at
peak performance. For more information, call (800) 272-3634.
Other telephone numbers
For a menu of Lucent’s services, call (800) 272-3634. Or call (510) 769-6001 for an operator.
Calling Lucent from outside the United States
You can contact Lucent by telephone from outside the United States at one of the following
numbers:
Telephone outside the United States (510) 769-8027
Austria/Germany/Switzerland
Benelux
France
Italy
Japan
Middle East/Africa
Scandinavia
Spain/Portugal
UK
For the Asia-Pacific region, you can find additional support resources at
http://www.lucent.com/ins/international/apac/.
Obtaining assistance through correspondence
Send your technical support questions to one of the following email addresses, or correspond
by fax, BBS, or regular mail with Customer Service in Lucent’s U.S. offices in Alameda, CA:
• Email from within the U.S.—support@ascend.com
• Email from Europe, the Middle East, or Africa—EMEAsupport@ascend.com
• Email from the Asia-Pacific region—apac.support@ascend.com
• Fax—(510) 814-2312
• Customer Support BBS (by mo dem)—(510) 814-2302
• Write to Lucent at the following address:
(+33) 492 96 5672
(+33) 492 96 5674
(+33) 492 96 5673
(+33) 492 96 5676
(+81) 3 5325 7397
(+33) 492 96 5679
(+33) 492 96 5677
(+33) 492 96 5675
(+33) 492 96 5671
Attn: Customer Service
Lucent Technologies
1701 Harbor Bay Parkway
Alameda, CA 94502-3002
USA
iv 85x11 Book Template (Preliminary)
Contents
Customer Service..................................................................................................................... iii
About This Guide............................................................................ xvii
What is in this guide.............................................................................................................. xvii
What you should know ......................................................................................................... xvii
Documentation conventions................................................................................................. xviii
Documentation set................................................................................................................... xix
Chapter 1 Performing Basic Configuration.................................................... 1-1
Introduction to basic configuration........................................................................................ 1-1
Connecting to a new unit ....................................................................................................... 1-3
New APX 8000 unit........................................................................................................ 1-3
New MAX TNT or DSLTNT unit.................................................................................. 1-3
Configuring the shelf-controller IP address on a nonredundant unit..................................... 1-4
Setting the system date........................................................................................................... 1-5
Setting the system name.........................................................................................................1-5
Setting the log level................................................................................................................ 1-5
Configuring a default gateway............................................................................................... 1-6
Configuring basic DNS information...................................................................................... 1-6
Pinging the TAOS unit from a local host............................................................................... 1-7
Recommended basic security measures................................................................................. 1-7
Changing the Admin password....................................................................................... 1-8
Securing the serial port................................................................................................... 1-8
Assigning a Telnet password.......................................................................................... 1-8
Requiring acceptance of the pool address....................................................................... 1-9
Ignoring ICMP redirects........................................................... ...... ..... ........................... 1-9
Disabling directed broadcasts......................................................................................... 1-9
Configuring SNMP access to the unit........................................................................... 1-10
Overview of SNMP security.................................................................................. 1-10
Enabling SNMP in the TAOS unit........................................................................ 1-11
Setting community strings..................................................................................... 1-11
Setting up address security.................................................................................... 1-11
Where to go next.................................................................................................................. 1-12
Chapter 2 Configuring Shelf-Controller Redundancy
(APX 8000)....................................................................................... 2-1
Overview of redundancy operations...................................................................................... 2-1
Shelf-controller startup and primary election................................................................. 2-1
Normal operation............................................................................................................ 2-2
Controller switchover ..................................................................................................... 2-3
Log messages.................................................................................................................. 2-3
APX 8000/MAX TNT/DSLTNT Physical Interface Configuration Guide v
Contents
Configuring the APX 8000 for shelf-controller redundancy................................................. 2-3
Assigning the system IP address..................................................................................... 2-4
Assigning an Ethernet IP address................................................................................... 2-4
Examples of setting shelf-controller Ethernet IP address........................................ 2-4
Defining the soft IP interface for fault tolerance............................................................ 2-5
Example of setting the soft IP address..................................................................... 2-5
Configuring shelf-controller redundancy........................................................................ 2-6
Physical interface profiles ....................................................................................... 2-6
Redundancy profile.................................................................................................. 2-6
Switching the primary controller at the command-line interface ................................... 2-8
Resetting shelf controllers and clearing controller NVRAM......................................... 2-8
Resetting the controllers.......................................................................................... 2-8
Clearing NVRAM............................................................................... ...... ............... 2-9
Obtaining status information about redundant shelf controllers............................................ 2-9
Viewing controller up time............................................................................................. 2-9
Viewing controller status............................................................................................ .. 2-10
Setting up a trap to monitor the secondary controller................................................... 2-11
Clearing the fatal-error history log ............................................................................. .. 2-11
Chapter 3 Configuring the Thermal Profile for Fan
Tray Operations (APX 8000) ........................................................... 3-1
Overview of the Thermal profile for fan tray operations....................................................... 3-1
Example of configuring thermal controls....................................................................... 3-2
Related log messages...................................................................................................... 3-3
Thermal alarms............................................................................................................... 3-3
Thermal status reporting........................................................................................................3-4
Fanstatus command......................................................................................................... 3-4
Thermalstatus command................................................................................................. 3-5
Chapter 4 Configuring Ethernet Cards........................................................... 4-1
Introduction to Ethernet slot cards......................................................................................... 4-1
Full-duplex 10/100Mbps Ethernet-2 slot card................................................................ 4-1
Full-duplex 10/100Mbps Ethernet-3 slot card................................................................ 4-1
Upgrading to the Ethernet-2 and Ethernet-3 slot cards................................................... 4-2
Overview of Ethernet configuration ...................................................................................... 4-2
Understanding the Ethernet-related profiles.......................................................................... 4-2
Ethernet profile............................................................................................................... 4-2
IP-Interface profile........................................................................................... ............... 4-3
Configuring duplex mode on the 100Mbps Ethernet port..................................................... 4-3
Chapter 5 Configuring Series56 II and
III Modem and Hybrid Access Cards
.......................................................................................................... 5-1
Overview of configuring modem cards................................................................................. 5-1
Specifying modem negotiation settings................................................................................. 5-2
Specifying modem modulation for Series56 II and III modem cards.................................... 5-3
Configuring an additional AT answer string for modem calls............................................... 5-3
Series56 II and III Call-Route profiles................................................................................... 5-4
Preventing Series56 II and III cards from delaying Frame Relay connections ..................... 5-5
Hybrid Access card implementation...................................................................................... 5-5
vi APX 8000/MAX TNT/DSLTNT Physical Interface Configuration Guide
Chapter 6 Configuring MultiDSP Cards
(MAX TNT, APX 8000)...................................................................... 6-1
Introduction to MultiDSP....................................................................... ..... ........................... 6-1
48-port MultiDSP card.................................................................................................... 6-2
96-port MultiDSP card.................................................................................................... 6-2
Card configuration constraints........................................................................................ 6-3
Using 48-port and 96-port MultiDSP cards............................................................. 6-3
Using Series56 cards with MultiDSP cards............................................................. 6-3
Supported MultiDSP services................................................................................................ 6-3
Data................................................................................................................................. 6-3
V.110............................................................................................................................... 6-3
PHS................................................................................................................................. 6-4
Voice over IP (VoIP)...................................................................................................... 6-4
Obtaining status information about a MultiDSP card.................................................. ...... .... 6-5
Displaying information about all installed cards............................................................ 6-5
Displaying information about an installed MultiDSP card............................................. 6-5
Verifying that installed software and software versions are correct............................... 6-6
Configuring a MultiDSP card................................................................................................ 6-6
Verifying that MultiDSP services are enabled ............................................................... 6-7
Verifying call routes for MultiDSP services................................................................... 6-8
Viewing the Call-Route profile and its Call-Route-Type parameter....................... 6-8
Viewing call-routing database entries ................................................................... 6-10
Verifying that configurations are correct for related services ...................................... 6-10
Adding an additional MultiDSP service....................................................................... 6-10
Contents
Chapter 7 Configuring T1 Cards..................................................................... 7-1
Introduction to T1 ..................................... ....................................... ...................................... 7-2
ISDN PRI........................................................................................................................7-2
Nailed or unchannelized T1............................................................................................ 7-2
Channelized line-side vs. trunk-side T1 ......................................................................... 7-2
Overview of T1 configuration................................................................................................ 7-3
Making a profile the working profile..................................................................................... 7-6
Assigning names to T1 line profiles ...................................................................................... 7-7
Enabling a line ..................................................... ...... ..... ........................................ ............... 7-8
Specifying the framing and encoding.................................................................................... 7-8
Configuring ISDN PRI signaling........................................................................................... 7-8
Configuring ISDN network-side emulation........................................................................... 7-9
Configuring overlap receiving on PRI lines .......................................................................... 7-9
Configuring inband robbed-bit signaling............................................................................. 7-11
Configuring NFAS .............................................................................................................. 7-13
Configuring a single NFAS group ................................................................................ 7-13
Configuring multiple NFAS groups ............................................................................. 7-13
Configuring ISDN NFAS for Japanese switch types.................................................... 7-15
Configuring T1 R1 and R1-Modified (Taiwan) with ANI and called-number processing . 7-15
Configuring clocking........................................................................................................... 7-17
Configuring the front-end transceiver.................................................................................. 7-17
Configuring channel usage................................................................................................... 7-18
Assigning telephone numbers to switched channels.................................................... ...... .. 7-19
Configuring trunk groups..................................................................................................... 7-20
Configuring nailed channels................................................................................................ 7-21
Configuring a back-to-back T1 connection ......................................................................... 7-21
APX 8000/MAX TNT/DSLTNT Physical Interface Configuration Guide vii
Contents
Specifying analog encoding for TAOS unit codecs............................................................. 7-22
Configuring specialized options........................................................................................... 7-22
Sample T1 configuration...................................................................................................... 7-23
Default Call-Route profiles........................................ ..... ...... ....................................... ........ 7-24
Chapter 8 Configuring T1 FrameLine Cards
(MAX TNT, DSLTNT)........................................................................ 8-1
Introduction to T1 FrameLine.......................................................... ...................................... 8-1
Overview of supported features............................................................................................. 8-1
PPP.................................................................................................................................. 8-1
Frame Relay............................................ ........................................ ..... ........................... 8-2
Routing protocols............................................................................................................ 8-2
RADIUS..........................................................................................................................8-2
SNMP.............................................................................................................................. 8-2
Overview of T1 FrameLine configuration............................................................................. 8-2
Configuring the clock source................................................................................................. 8-3
Chapter 9 Configuring E1 Cards..................................................................... 9-1
Introduction to E1 ..................................... ....................................... ...................................... 9-2
ISDN Primary Rate Interface (PRI)................................................................................ 9-2
Nailed or unchannelized E1............................................................................................ 9-2
Overview of E1 configuration................................................................................................ 9-2
Understanding configuration requirements............................................................................ 9-4
Making a profile the working profile..................................................................................... 9-5
Assigning names to E1 line profiles ...................................................................................... 9-6
Enabling a line ..................................................... ...... ..... ........................................ ............... 9-7
Configuring a back-to-back connection................................................................................. 9-7
Specifying the framing........................................................................................................... 9-7
Specifying E1 signaling.........................................................................................................9-8
Configuring ISDN PRI signaling........................................................................................... 9-8
Configuring ISDN network-side emulation........................................................................... 9-9
Configuring E1 R1 signaling............................................................................................... 9-10
Configuring E1 R2 signaling............................................................................................... 9-10
Configuring DPNSS signaling............................................................................................. 9-12
Configuring overlap receiving on PRI lines........................................................................ 9-13
Configuring clocking........................................................................................................... 9-13
Configuring the front-end E1 transceiver ............................................................................ 9-13
Configuring channel usage................................................................................................... 9-14
Assigning telephone numbers to switched channels.................................................... ...... .. 9-14
Configuring trunk groups..................................................................................................... 9-14
Configuring nailed channels................................................................................................ 9-15
Specifying analog encoding for TAOS unit codecs............................................................. 9-16
Default Call-Route profiles........................................ ..... ...... ....................................... ........ 9-16
Chapter 10 Configuring E1 FrameLine Cards
(MAX TNT, DSLTNT)...................................................................... 10-1
Introduction to E1 FrameLine.......................................................... .................................... 10-1
Overview of supported features........................................................................................... 10-1
PPP................................................................................................................................ 10-2
Frame Relay............................................ ........................................ .............................. 10-2
viii APX 8000/MAX TNT/DSLTNT Physical Interface Configuration Guide
Contents
Routing protocols.......................................................................................................... 10-2
RADIUS........................................................................................................................ 10-2
SNMP............................................................................................................................ 10-2
Overview of E1 FrameLine configuration........................................................................... 10-2
Example E1 FrameLine configuration.......................................................................... 10-3
Administrative profiles for E1 FrameLine........................................................................... 10-4
Admin-State profile ............................................................................. ......................... 10-5
Device-State profile...................................................................................................... 10-5
Administrative commands and status information............................................................... 10-5
Configuring the clock source............................................................................................... 10-6
Chapter 11 Configuring T3 Cards.................................................................... 11-1
Introduction to T3 ..................................... ....................................... .................................... 11-1
Overview of T3 configuration.............................................................................................. 11-1
Understanding T3 configuration requirements.................................................................... 11-2
Understanding T3 slot card profiles..................................................................................... 11-3
T3 profile ...................................................................................................................... 11-3
Call-Route profile......................................................................................................... 11-3
T1 profiles..................................................................................................................... 11-4
Assigning a name to a T3 profile......................................................................................... 11-4
Enabling a line ..................................................... ...... ..... ........................................ ............. 11-5
Configuring the T3 physical link......................................................................................... 11-5
Configuring clocking........................................................................................................... 11-5
Chapter 12 Configuring Serial WAN (SWAN) Cards
(MAX TNT, DSLTNT)...................................................................... 12-1
Introduction to SWAN.................................................... ........................................ ............. 12-1
Overview of SWAN configuration...................................................................................... 12-1
Understanding SWAN card configuration requirements..................................................... 12-2
Making a profile the working profile................................................................................... 12-3
Assigning a name to a SWAN profile.................................................................................. 12-4
Enabling a line ..................................................... ...... ..... ........................................ ............. 12-4
Specifying a nailed group .................................................................................................... 12-4
Specifying the SWAN internal clock speed......................................................................... 12-5
Frame Relay configuration................................... ....................................... ......................... 12-6
Chapter 13 Configuring Unchannelized DS3 Cards
(MAX TNT, DSLTNT)...................................................................... 13-1
Introduction to unchannelized DS3...................................................................................... 13-1
Supported features................................................................................................................ 13-1
Overview of unchannelized DS3 configuration................................................................... 13-2
Using the UDS3 profile........................................................................................................ 13-2
Configuring the UDS3 physical link................................................ .................................... 13-2
Chapter 14 Configuring DS3-ATM Cards........................................................ 14-1
Introduction DS3-ATM.................................. ........................................ .............................. 14-1
Overview of DS3-ATM settings.......................................................................................... 14-1
Examples of DS3-ATM configurations............................................................................... 14-3
Configuring redundant cards ........................................................................................ 14-3
Looping back the line ................................................................................................... 14-4
APX 8000/MAX TNT/DSLTNT Physical Interface Configuration Guide ix
Contents
Chapter 15 Configuring OC3-ATM Cards
(MAX TNT/DSLTNT)....................................................................... 15-1
Introduction to OC3-ATM.............................................. ...... ....................................... ........ 15-1
Overview of OC3-ATM settings.......................................................................................... 15-1
Using OC3-ATM ports as a clock source............................................................................ 15-3
Example of an OC3-ATM configuration............................................................................. 15-4
Chapter 16 Configuring STM-0 Cards............................................................. 16-1
Introduction to STM-0........................ ........................................ ..... .................................... 16-1
Using STM and T1 profiles ................................................................................................. 16-2
Sample STM-0 configurations............................................................................................. 16-2
Example of configuring an STM profile....................................................................... 16-2
Example of configuring a T1 data trunk....................................................................... 16-3
Chapter 17 Configuring DSL Connections
(DSLTNT)........................................................................................ 17-1
Introduction to DSL technologies........................................................................................ 17-1
IDSL overview.............................................................................................................. 17-1
ADSL overview............................................................................................................ 17-2
SDSL overview............................................................................................................. 17-3
DSL configuration................................................................................................................ 17-4
Configuring switched connections....................................................................................... 17-4
Configuring nailed connections........................................................................................... 17-5
Configuring data transfer rates............................................................................................. 17-6
Configuring data transfer rates for ADSL lines............................................................ 17-6
Configuring data transfer rates for SDSL lines ............................................................ 17-7
Configuring per-session data transfer rates .................................................................. 17-8
Configuring per-session data rates using modem rate control .............................. 17-9
Configuring per-session data rate limits.............................................................. 17-10
Sample log session showing rate control negotiation.......................................... 17-10
Configuring DSLPipe Plug and Play................................................................................. 17-12
How Plug and Play works........................................................................................... 17-12
DHCP server requirements......................................................................................... 17-13
TFTP server requirements .......................................................................................... 17-14
DSLPipe default configuration................................................................................... 17-14
Configuring the DSLTNT........................................................................................... 17-15
Configuring BOOTP Relay................................................................................. 17-15
Configuring the SDSL profile............................................................................. 17-15
Configuring a Frame Relay profile...................................................................... 17-16
Configuring a Connection profile........................................................................ 17-17
Configuring IDSL voice connections ................................................................................ 17-17
Incoming calls............................................................................................................. 17-18
Outgoing calls............................................................................................................. 17-18
Configuring the DSLTNT........................................................................................... 17-18
Configuring the IDSL profile........................... ........................................ ........... 17-18
Configuring a Connection profile for the remote device..................................... 17-19
Configuring trunk groups.................................................................................... 17-20
Configuring the Pipeline............................................................................................. 17-21
Configuring the Configure profile....................................................................... 17-21
Sample DSL configurations............................................................................................... 17-22
x APX 8000/MAX TNT/DSLTNT Physical Interface Configuration Guide
Contents
Sample Frame Relay IDSL configuration .................................................................. 17-22
Configuring the DSLTNT ................................................................................... 17-23
Configuring the Pipeline...................................................................................... 17-25
Sample ADSL nailed PPP connection........................................................................ 17-26
Configuring the ADSL profile............................................................................. 17-27
Configuring the Connection profile......................................... ..... ...... ................. 17-27
Configuring the DSLPipe.................................................................................... 17-28
Sample SDSL Frame Relay configuration using numbered interfaces ...................... 17-29
Configuring the Connection profile......................................... ............................ 17-30
Configuring the IP-Route profile......................................................................... 17-31
Configuring the SDSL profile............................................................................. 17-32
Configuring the Frame-Relay profile.................................................................. 17-32
Configuring the DSLPipe-S................................................................................. 17-33
Sample SDSL Frame Relay configuration using system-based routing..................... 17-34
Configuring the Connection profile......................................... ............................ 17-34
Configuring the SDSL profile............................................................................. 17-36
Configuring the Frame-Relay profile.................................................................. 17-36
Configuring the DSLPipe-S................................................................................. 17-36
Chapter 18 Signaling System 7 (SS7)............................................................. 18-1
Introduction to SS7......................................................... ........................................ ..... ...... .. 18-1
System requirements for SS7 operations............................................................................. 18-2
TAOS unit as terminator of data calls in an SS7 network............................................ 18-2
TAOS unit as terminator of voice and data calls in an SS7 network............................ 18-3
Interface between a signaling gateway and TAOS unit................................................ 18-4
Incoming calls............................................................................................................... 18-4
Continuity tests............................................................................................................. 18-4
Configuring an SS7 signaling gateway................................................................................ 18-4
Specifying the SS7 control protocol............................................................................. 18-6
Configuring transport-layer options.............................................................................. 18-6
System IP address considerations................................................................................. 18-7
Example of a basic configuration................................................................................. 18-8
T1 lines as SS7 data trunks........................................................................................... 18-8
Example of configuring a T3 card for SS7 data.................................................... 18-9
Example of configuring a T1 data trunk................................................................ 18-9
E1 lines as SS7 data trunks......................................................................................... 18-10
V.110 bearer capability for SS7 calls using IPDC...................................................... 18-11
SS7 link establishment timer ...................................................................................... 18-11
Two-wire continuity check on T1 and E1 lines.......................................................... 18-11
Outgoing continuity tests on T1 and T3..................................................................... 18-13
Digital milliwatt tone support on T1 and T3 .............................................................. 18-13
Analog milliwatt tone and variable tone support........................................................ 18-13
Reporting VoIP call statistics ..................................................................................... 18-14
When the unit reports VoIP statistics.................................................................. 18-14
ss7nmi debug-level command............................................................................. 18-15
Statistics and error reporting on SS7 connections ...................................................... 18-15
Command output when no errors are detected.................................................... 18-15
Command output showing errors ........................................................................ 18-18
Cause codes for SS7 ASGCP calls to the TAOS unit........................................................ 18-19
SS7 IPDC support for call ID and disconnect cause codes ........................................ 18-20
IPDC generation of a globally unique call ID..................................................... 18-20
Global-Call-ID parameter.................................................................................... 18-20
APX 8000/MAX TNT/DSLTNT Physical Interface Configuration Guide xi
Contents
Start and Stop records.......................................................................................... 18-21
Disconnect cause codes ................................................................ ....................... 18-21
SNMP support for SS7....................................................................................................... 18-23
Chapter 19 Configuring Call Routing ............................................................. 19-1
Network, host, and dual-purpose devices ............................. ...... ....................................... .. 19-1
Understanding the call-routing database.............................................................................. 19-2
How call routes affect device usage ............................................................................. 19-3
Modem usage and database sort order.......................................................................... 19-3
HDLC channel usage and database sort order.............................................................. 19-4
Trunk line usage and sort order .................................................................................... 19-5
Working with Call-Route profiles........................................................................................ 19-5
Call-Route profile settings............................................................................................ 19-5
Outbound call routing by trunk group .......................................................................... 19-6
Multilink Frame Relay requirements with Hybrid Access........................................... 19-7
Example with two E1 lines in an MFR bundle...................................................... 19-7
Example with six E1 lines in an MFR bundle....................................................... 19-8
Concentrating multilink calls on one Hybrid Access card ........................................... 19-8
Dedicating Series56 cards to modem processing ......................................................... 19-9
Enabling Series56 cards to handle HDLC processing.................................................. 19-9
Another way to route incoming calls (deprecated).............................................................. 19-9
Call routing algorithms ........................................ ...... ....................................... ...... ........... 19-10
Localization of call routes within a quadrant.............................................................. 19-10
How the system finds a route...................................................................................... 19-11
Details of how a route is chosen................................................................................. 19-12
First pass: trunk group number.......................................... .................................. 19-12
Second pass: ISDN subaddresses........................................................................ 19-12
Third pass: telephone numbers............................................................................ 19-12
Fourth pass: destination device addresses........................................................... 19-13
Fifth pass: source device addresses..................................................................... 19-13
Last pass: comparison routing type..................................................................... 19-13
Appendix A Provisioning the Switch................................................................. A-1
Provisioning the switch for T1 access................................................................................... A-1
What you need from your T1 service provider..................................................................... A-2
What you need from your E1 service provider..................................................................... A-2
Index.......................................................................................... Index-1
xii APX 8000/MAX TNT/DSLTNT Physical Interface Configuration Guide
Figures
Figure 13-1 Example of unchannelized DS3 slot card application..................................... 13-1
Figure 14-1 DS3-ATM interface to ATM network............................................................. 14-1
Figure 15-1 OC3-ATM interface to ATM network............................................................. 15-1
Figure 16-1 Example STM-0 configuration........................................................................ 16-1
Figure 17-1 DSLPipe unit obtaining its configuration (Plug and Play)............................ 17-13
Figure 17-2 Incoming and outgoing voice calls................................................................ 17-18
Figure 17-3 IDSL connection with a Pipeline................................................................... 17-22
Figure 17-4 Sample ADSL PPP connection...................................................................... 17-26
Figure 17-5 Example SDSL setup with interface-based routing....................................... 17-30
Figure 17-6 Example SDSL setup with system-based routing.......................................... 17-34
Figure 18-1 TAOS terminating data calls in an SS7 network............................................. 18-2
Figure 18-2 TAOS unit terminating voice and data calls in an SS7 network...................... 18-3
Figure 19-1 Trunk group 8 connecting to a TAOS unit ...................................................... 19-6
Figure 19-2 Matching call information to a database entry............................................... 19-11
APX 8000/MAX TNT/DSLTNT Physical Interface Configuration Guide xiii
Tables
Table 1-1 Basic TAOS unit configuration tasks ................................................................ 1-2
Table 5-1 Modem configuration tasks ............................................................................... 5-2
Table 7-1 T1 line configuration tasks ................................................................................ 7-3
Table 9-1 E1 line configuration tasks ................................................................................ 9-2
Table 11-1 T3 line configuration tasks .............................................................................. 11-2
Table 11-2 Differences between T3 card configuration and T1 card configuration.......... 11-2
Table 12-1 SWAN-card configuration tasks...................................................................... 12-2
Table 12-2 SWAN card configuration............................................................................... 12-2
Table 13-1 Unchannelized DS3 line configuration tasks................................................... 13-2
Table 17-1 DSL data rate configuration parameters.......................................................... 17-6
Table 18-1 Signaling gateway platforms and protocol support ........................................ 18-1
Table 19-1 Fields in a call-routing database entry............................................................ 19-2
Table A-1 T1 access provisioning information.................................................................. A-1
APX 8000/MAX TNT/DSLTNT Physical Interface Configuration Guide xv
About This Guide
What is in this guide
This guide provides the following instructions for an APX 8000™, MAX TNT®, or
DSLTNT™
• Basic confi guration of your unit
• Configuring shelf controller redundancy (APX 8000 only)
• Configuring Ethernet and modem cards
• Configuring T1, E1, DS3, and other network slot cards
• Configuring the unit in a Signaling System 7 (SS7) network
• Configuring call routing
• Provisioning the switch
Note: This manual describes the f ull set of f eatures fo r APX 8000, MAX TNT, and DSLTNT
!
units running True Access™ Operating System (TAOS) software version 8.0.2 or later. Some
features might not be available with earlier versions or specialty loads of the software.
This manual hereafter refers to your product as a TAO S unit except when referring to features
specific to a particular unit.
multiservice access concentrator:
!
Warning: Before installing your TAOS u nit, be sure to read the safety instructions in the
Access Networks Safety and Compliance Guide. For information specific to your unit, see the
“Safety-Related Electrical, Physical, and Environmental Information” appendix in your unit’s
hardware installation guide.
What you should know
This guide is for the person who installs, configures, and maintains a TAOS unit. T o co nfigure
a unit, you need to understand the following:
• Wide Area Network (WAN) concepts
• Local Area Network (LAN) concepts
• Dial-in LAN connections such as Point-to-Point Protocol (PPP) and Multilink PPP (MP)
• Connection cost management and accounting
• Modems
• Frame Relay
• Asynchronous Transfer Mode (ATM)
• IP routing
APX 8000/MAX TNT/DSLTNT Physical Interface Configuration Guide xvii
Documentation conventions
• Network security
Documentation conventions
Following are all the special characters and typographical conventions used in this manual:
Convention Meaning
Monospace text Represents text that appears on your computer’s screen, or that could
appear on your computer’s screen.
Boldface monospace text
Italics Represent variable information. Do not enter the words themselves in
[ ] Square brackets indicate an optional argument you might add to a
| Separates command choices that are mutually exclusive.
> Points to the next level in the path to a parameter or menu item. The
Key1-Key2 Represents a combination keystroke. To enter a combination key-
Press Enter Means press the Enter, or Return, key or its equivalent on your com-
Note:
Represents characters that you enter exactly as shown (unless the characters are also in italics—see Italics, below). If you could enter
the characters but are not specifically instructed to, they do not appear
in boldface.
the command. Enter the information they represent. In ordinary text,
italics are used for titles of publications, for some terms that would
otherwise be in quotation marks, and to show emphasis.
command. To include such an argument, type only the information
inside the brackets. Do not type the brackets unless they appear in bold
type.
item that follows the angle bracket is one of the options that appears
when you select the item that precedes the angle bracket.
stroke, press the first key and hold it down while you press one or
more other keys. Release all the keys at the same time. (For example,
Ctrl-H means hold down the Control key and press the H key.)
puter.
Introduces important additional information.
!
Caution:
!
Warning:
Warning:
xviii APX 8000/MAX TNT/DSLTNT Physical Interface Configuration Guide
W arns that a failure to follow the recom mended procedur e could result
in loss of data or damage to equipment.
Warns that a failure to take appropriate safety precautions could resu lt
in physical injury.
Warns of danger of electric shock.
Documentation set
The APX 8000/MAX TNT/D SLTNT documentation set consists of the following manuals.
• Read me first:
– Access Networks Safety and Compliance Guide
Contains important safety instructions and country-specific compliance information
that you must read before installing a TAOS unit.
– TAOS Command-Line Interface Guide
Introduces the TAOS command-line environment and shows how to use the
command-line interface effectively. This manual describes keyboard shortcuts and
introduces commands, security levels, profile structure, and parameter types.
• Installation and basic configuration:
– APX 8000 Hardware Inst allation Gui de
Shows how to install APX 8000 hardware and includes APX 8000 technical
specifications.
– MAX TNT/DSLTNT Hardware Installation Guide
Shows how to install MAX TNT and DSLTNT hardware and includes technical
specifications for these units.
Documentation set
– APX 8000/MAX TNT/DSLTNT Physical Interface Configuration Guide (this guide)
Shows how to configure the cards installed in a TAOS unit and their line attributes for
such functions as framing, signaling, and channel usage. It also describes how calls
are routed through the system and includes information about configuring the unit in a
Signaling System 7 (SS7) environment. This guide explains shelf controller
redundancy for an APX 8000 unit.
• Configuration:
– APX 8000/MAX TNT/DSLTNT ATM Configuration Guide
Describes how to configure Asynchronous Transfer Mode (ATM) operations on a
T AOS unit. This guide explains how to configure physical layer attributes and how to
create permanent virtual circuit (PVC) and switched virtual circuit (SVC) ATM
interfaces. It includes information about ATM direct and ATM-Frame Relay circuits.
– APX 8000/MAX TNT/DSLTNT Frame Relay Configuration Guide
Describes how to configure Frame Relay operations on a TAOS unit. This guide
explains physical layer configuration and restrictions and how to create permanent
virtual circuit (PVC) and switched virtual circuit (SVC) interfaces. It includes
information about Multilink Frame Relay (MFR) and link management, as well as
Frame Relay and Frame Relay direct circuits.
– APX 8000/MAX TNT/DSLTNT WAN, Routing, and Tunneling Configuration Guide
Shows how to configure LAN and WAN routing for analog and digital dial-in
connections on a TAOS unit. This guide includes information about IP routing, Open
Shortest Path First (OSPF) routing, Internet Group Management Protocol (IGMP)
routing, multiprotocol routers, Virtual Routers (VRouters), and tunneling protocols.
– MultiVo ice™ for MAX TNT Configuration Guide
Shows how to configure the MultiVoice applicatio n to run on a MAX TNT unit in
both Signaling System 7 (SS7) and H.323 Voice over IP (VoIP) configurations.
APX 8000/MAX TNT/DSLTNT Physical Interface Configuration Guide xix
Documentation set
• RADIUS: TAOS RADIUS Guide and Reference
Describes how to set up a TAOS unit to use the Remote Authentication Dial-In User
Service (RADIUS) server and contains a complete reference to RADIUS attributes.
• Administration and troubleshooting: APX 8000/MAX TNT/DSLTNT Administration
Guide
Describes how to administer a TAOS unit, including how to monitor the system and cards,
troubleshoot the unit, and configure the unit to use the Simple Network Management
Protocol (SNMP).
• Reference:
– APX 8000/MAX TNT/DSLTNT Reference
An alphabetic reference to all commands, profiles, and parameters supported on
TAOS units.
– T AOS Glossary
Defines terms used in documentation for TAOS units.
xx APX 8000/MAX TNT/DSLTNT Physical Interface Configuration Guide
Performing Basic Configuration
Introduction to basic configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-1
Connecting to a new unit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-3
Configuring the shelf-controller IP address on a nonredundant unit. . . . . . . . . . . . . . . 1-4
Setting the system date. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-5
Setting the system name. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-5
Setting the log level . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-5
Configuring a default gateway. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-6
Configuring basic DNS information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-6
Pinging the TAOS unit from a local host. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-7
Recommended basic security measures. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-7
Where to go next . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-12
1
Introduction to basic configuration
Table 1-1 lists the sections describing the tasks you must perform for the TAOS unit basic
configuration. The table includes a brief description of each task and lists the commands and
parameters you will use.
For information about more advanced configuration of your TAOS unit, see the following
configuration guide:
• APX 8000/MAX TNT/DSLTNT ATM Configuration Guide
• APX 8000/MAX TNT/DSLTNT Frame Relay Configuration Guide
• APX 8000/MAX TNT/DSLTNT WAN, Routing, and Tunneling Configuration Guide
For information about commands, profiles, and parameters, see the
APX 8000/MAX TNT/DSLTNT Reference manual.
.
APX 8000/MAX TNT/DSLTNT Physical Interface Configuration Guide Preliminary May 9, 2000 1-1
Performing Basic Configuration
Introduction to basic configuration
Table 1-1. Basic TAOS unit configuration tasks
Section Description of task Related commands or parameters
“Connecting to a new unit” on
page 1-3
“Configuring the shelf-cont roller IP
address on a nonredundant unit” on
page 1-4
“Setting the system date” on
page 1-5
“Setting the system name” on
page 1-5
“Setting the log level” on page 1-5 Specify the level of event
“Configuring a default gateway” on
page 1-6
“Configuring basic DNS
information” on page 1-6
Connect the TAOS unit to a
terminal or workstation and an
Ethernet network.
Specify the date and time for the
TAOS unit system clock.
Set the correct date and time with
the Date command.
Specify the name of the TAOS unit.
This name is used for
authentication.
information that the TAOS unit
displays at the console.
Designate a default gateway so that
the T AOS unit can forward packets
for which it has no route.
Specify a Domain Name System
(DNS) server so that you can use
names instead of IP addresses to
reach IP hosts.
admin> set ip-address
admin> date ymmddhhmm
System profile > Name
Log profile > Save-level
IP-Route > gateway-address
IP-global profile > Domain-name
IP-global profile >
DNS-primary-server
IP-global profile >
DNS-secondary-server
“Pinging the TAOS unit from a
local host” on page 1-7
“Recommended basic security
measures” on page 1-7
1-2 Preliminary May 9, 2000 APX 8000/MAX TNT/DSLTNT Physical Interface Configuration Guide
After configuring the TAOS unit
with its basic settings, you can use
Ping to verify that it is
communicating on the network.
Before making the TAOS unit
accessible to users, Lucent
recommends that you configure
some basic security on the unit.
Ping
User > Password
Serial > A uto-Logout
Serial > User
IP-global profile >
Must-Accept-Address-Assign
IP-global profile>
Ignore-ICMP-Redirects
SNMP profile
Connecting to a new unit
To communicate with a new TAOS unit, you must assign an IP address to the shelf controller.
Once this is done, you can perform further configuration over a LAN using Telnet.
Use the following procedures to connect a new TAOS unit, if you have not already done so,
and assign an Ethernet IP address.
New APX 8000 unit
Use the following procedure to initially set up an APX 8000 unit:
1 Connect a PC terminal or workstation to the serial port on the shelf controller (s ee the APX
8000 Hardware Installation Guide). If the APX 8000 is equipped with redundant shelf
controllers, connect to the serial port on the primary controller.
2 Connect an Ethernet cable between the network and the Ethernet port on the shelf
controller (see the APX 8000 Hardware Installation Guide). If the APX 8000 is equipped
with redundant shelf controllers, connect to the Ethernet port on the primary controller.
3 Configure an IP address and network mask in the ip-interface profile.
Performing Basic Configuration
Connecting to a new unit
– For an APX 8000 unit with one shelf controller, see “Configuring the shelf-controller
IP address on a nonredundant unit” on page 1-4.
– For an APX 8000 unit with redundant shelf controllers, see “Assigning an Et hernet IP
address” on page 2-4.
4 Verify that the connection and IP address are correct by pinging any device on the
network.
5 If redundant controllers are used, set the secondary and soft IP addresses (see “Assigning
an Ethernet IP address” on page 2-4 and “Defining the soft IP interface for fault toler ance”
on page 2-5 for details).
6 Exit the terminal or workstation.
7 T e lnet fro m a workstat ion on t he LAN. The syst em will pro mpt you for the usernam e and
password.
User: admin
Password: Ascend
8 Complete the configuration.
New MAX TNT or DSLT NT unit
Use the following procedure to initially set up a MAX TNT or DSLTNT unit:
1 Connect a PC terminal or workstation to the serial port on the shelf controller (see the
MAX TNT/DSLTNT Hardware Installation Guide). Ensure that the speed is set to
9600 bps.
2 Connect an Ethernet cable to the network and to the Ethernet port on the shelf controller
(see the MAX TNT/DSLTNT Hardware Installation Guide).
3 Configure an IP address and network mask in the ip-interface profile (see
“Configuring the shelf-controller IP address on a nonredundant unit” on page 1-4).
APX 8000/MAX TNT/DSLTNT Physical Interface Configuration Guide Preliminary May 9, 2000 1-3
Performing Basic Configuration
Configuring the shelf-controller IP address on a nonredundant unit
4 Verify that the connection and the IP address are correct by pinging any device on the
network.
admin> ping 10.10.10.1
64 bytes from 10.10.10.1: icmp_seq=0 ttl=255 time=0 ms
5 Exit the terminal or workstation.
6 Telnet to the MAX TNT or DSLTNT using a workstation on the LAN. The system will
prompt you for a username and passwor d.
User: admin
Password: Ascend
7 Complete the configuration.
Configuring the shelf-controller IP address on a
nonredundant unit
See “Assigning an Ethernet IP address” on page 2-4 for details about IP address configuration
for an APX 8000 unit with redundant shelf controllers.
All TAOS units have an Ethernet port on the shelf cont roller. This Ethernet port is designed for
out-of-band management and light traffic loads. It is not intended to be the primary Ethernet
interface for the system. If your unit will be routing heavy Ethernet traffic, use an Ethernet
card.
T o assign an IP address to the Ethernet interface of the shelf controller on a nonr edundant APX
8000 or a MAX TNT or DSLTNT, use the R ead and Li st commands to display the control ler’s
IP-Interface profile, then set the IP-Address parameter. For example:
admin> read ip-interface {{1 controller 1 } 0 }
IP-INTERFACE/{ { shelf-1 controller 1 } 0 } read
admin> list
interface-address* = { { shelf-1 controller 1 } 0 }
ip-address = 0.0.0.0/0
2nd-ip-address = 0.0.0.0/0
rip-mode = routing-off
..
..
admin> set ip-address = 10.2.3.4/24
admin> write
After you assign the unit’s hostname and IP address, you might need to modify the host
information on your local Domain Name System (DNS) server to include the TAOS unit.
1-4 Preliminary May 9, 2000 APX 8000/MAX TNT/DSLTNT Physical Interface Configuration Guide
Setting the system date
If the system date displayed on your screen is incorrect, set the correct date and time with the
Date command. For example, to set the date and time to October 22, 2000, 8:50 in the
morning:
admin> date 0010220850
The format for setting the date and time is ymmddhhmm. Enter the hour in military (24-hour)
time.
Setting the system name
You can assign the TAOS unit a system name of up to 24 characters. Because the system name
is used for authenticating connections, keep it relatively simple and use only standard
characters.
Here is an example of how to set the TAOS unit system name:
Performing Basic Configuration
Setting the system date
admin> read system
SYSTEM read
admin> list
name = ""
system-rmt-mgmt = no
use-trunk-groups = no
idle-logout = 0
parallel-dialing = 5
single-file-incoming = yes
admin> set name = apx01
admin> write
Setting the log level
While you are configuring the TAOS unit, you might want to increase the log level to display
messages that can help you debug configuration settings. First display the current settings, then
enter a new log level.
To display the system-wide event-logging parameters, use the Read and List commands:
admin> read log
LOG read
admin> list
save-level = info
save-number = 100
syslog-enabled = no
host = 0.0.0.0
facility = local0
APX 8000/MAX TNT/DSLTNT Physical Interface Configuration Guide Preliminary May 9, 2000 1-5
Performing Basic Configuration
Configuring a default gateway
To change the log level, specify an option for the Save-Level parameter:
admin> set save-level = [none|emergency|alert|critical|error|warning|notice|info|debug]
admin> write
If your local network supports a Syslog server, you can configure the server’s IP address and
the Syslog facility number by setting the Host and Facility parameters in this profile.
Configuring a default gateway
If the TAOS unit does not have a route for the destination address of a packet, it forwards the
packet to the default router. Most sites use the default router (such as a GRF® router or a
UNIX host running the route daemon ) to dist ri b ute routi n g tas ks among devices. If you do not
configure a default route, the TAOS unit drops packets for which it has no route.
You configure the default route in the IP-Route profile. The name of the default IP-Route
profile is always Default, and its destination is always 0.0.0.0.
To configure the default route, first use the Read and List commands to display the default
IP-Route profile, and then set the Gateway-Address parameter. For example:
admin> read ip-route default
IP-ROUTE/default read
admin> list
name* = default
dest-address = 0.0.0.0/0
gateway-address = 0.0.0.0
metric =1
cost =1
preference = 100
third-party = no
ase-type = type-1
ase-tag = c0:00:00:00
private-route = no
active-route = no
admin> set gateway-address = 10.2.3.17
admin> set active-route=yes
admin> write
IP-ROUTE/default written
Configuring basic DNS information
The example in this section uses the domain name abc.com and sets the IP address of the
primary Domain Name System (DNS) server on the local network. Setting this basic
information enables you to access IP hosts by name instead of by IP address.
Here is an example that shows how to configure the DNS information:
admin> read ip-global
IP-GLOBAL read
admin> list
1-6 Preliminary May 9, 2000 APX 8000/MAX TNT/DSLTNT Physical Interface Configuration Guide
Performing Basic Configuration
Pinging the TAOS unit from a local host
domain-name = ""
dns-primary-server = 0.0.0.0
dns-secondary-server = 0.0.0.0
netbios-primary-ns = 0.0.0.0
netbios-secondary-ns = 0.0.0.0
must-accept-address-assign = no
pool-base-address = [ 0.0.0.0 0.0.0.0 ]
..
..
admin> set domain-name = abc.com
admin> set dns-primary-server = 10.1.2.3
admin> set dns-secondary-server = 10.24.112.57
admin> write -f
Pinging the TAOS unit from a local host
After you configure the T AOS unit for IP network access, go to an IP host on the local network
and use the Ping command to verify that the unit can communicate on the network. For
example:
host-1% ping 10.2.3.4
In addition, you can verify that the TAOS unit is integrated into your DNS system. For
example:
host-1% ping apx01
Recommended basic security measures
The TAOS unit is shipped from the factory with all its security features set to defaults that
enable you to configure and set up the unit without any restrictions. Before you make the
TAOS unit generally accessible, you must change the default security settings to protect the
configured unit from unauthorized access.
Before bringing the TAOS unit online, Lucent recommends performing the following
important security measures:
•“Changing the Admin password” on page 1-8
•“Securing the serial port” on page 1-8
•“Assigning a Telnet password” on page 1-8
•“Requiring acceptance of the pool address” on page 1-9
•“Ignoring ICMP redirects” on page 1-9
•“Disabling directed broadcasts” on page 1-9
•“Configuring SNMP access to the unit” on page 1-10
For additional security measures, see the APX 8000/MAX TNT/DSLTNT WAN, Routing and
Tunneling Configuration Guide.
APX 8000/MAX TNT/DSLTNT Physical Interface Configuration Guide Preliminary May 9, 2000 1-7
Performing Basic Configuration
Recommended basic security measures
Changing the Admin password
A user who knows the password to the Admin level can perform any operation on the
TAOS unit, including changing the configuration. The Admin password is set to Ascend by
default. Lucent recommends that you assign a secret password immediately to prevent
unauthorized users from gaining access to the unit by means of the default password.
Following is an example of changing the Admin password:
default> auth admin
Password: Ascend
admin> read user admin
USER/admin read
admin> set password = secret
admin>
USER/admin written
Note that the Allow-Password permission is set to No in the Admin login. Although this
setting protects the unit’s passwords, it also prevents the Save command from storing
passwords in a configuration file. To save passwords in a configuration file, you can set
Allow-Password to Yes in the Admin profile, or you can create another User profile for the
purpose of backing up the unit and set Allow-Password to Yes in that profile.
write
Securing the serial port
By default, when users connect to the serial po rt on the shelf cont roller, they are logged in with
the Admin User profile. To secure the serial port with a username and password, proceed as
follows:
1 Read the Serial profile:
admin> read serial { 1 17 2}
2 Set the User profile to null:
admin> set user =
3 Set Auto-Logout to Yes:
admin> set auto-logout = yes
This setting automatically logs out the current User profile if the Data Terminal Ready
signal (DTR) is lost on the serial port.
4 Write the profile:
admin> write
Now users connecting to the serial port must supply a valid us ername an d p assword for access
to the TAOS unit through the serial port.
Assigning a Telnet password
Lucent recommends that you assign a Telnet password, which can be up to 21 characters in
length, to prevent unauthorized Telnet sessions. A user who opens a Telnet session to the
TAOS unit is prompted to supply this password.
1-8 Preliminary May 9, 2000 APX 8000/MAX TNT/DSLTNT Physical Interface Configuration Guide
Following is an example of assigning a Telnet password:
admin> read ip-global
IP-GLOBAL read
admin> set telnet-password = SDwiw87
admin> write
IP-GLOBAL written
All users attempting to access the TAOS unit unit via Telnet are prompted for the Telnet
password. They are allowed three tries, each with a 60-second time limit, to enter the correct
password. If all three tries fail, the connection attempt times out.
Requiring acceptance of the pool address
During PPP negotiation, a caller can reject the IP address of fered by the TAOS unit and present
its own IP address for consideration. For security reasons, you might want to set the
Must-Accept-Address-Assign parameter to Yes to ensure that the TAOS unit terminates such a
call:
admin> read ip-global
IP-GLOBAL read
admin>
admin> write
IP-GLOBAL written
set must-accept-address-assign = yes
Performing Basic Configuration
Recommended basic security measures
If you enforce acceptance of the assigned address, the Answer-Defaults profile must enable
dynamic assignment, the caller’s configured profile must specify dy namic assignment, and the
caller’s PPP dial-in software must be configured to acquire its IP address dynamically. For
more details, see the APX 8000/MAX TNT/DSLTNT WAN, Routing and Tunneling
Configuration Guide.
Ignoring ICMP redirects
The Internet Message Control Protocol (ICMP) was d esigned to find the most ef ficient IP route
to a destination. ICMP redirect packets are one of the oldest route-discovery methods on the
Internet. They are also one of the least secure, because ICMP redirects can be counterfeited to
change the way a device routes packets. The following commands configure the TAOS unit to
ignore ICMP redirect packets:
admin> read ip-global
IP-GLOBAL read
admin>
admin> write
IP-GLOBAL written
set ignore-icmp-redirects = yes
Disabling directed broadcasts
Denial-of-service attacks known as “smurf” attacks typically use ICMP Echo Request packets
with a spoofed source address to direct packets to IP broadcast addresses. These attacks are
intended to degrade network performance, possibly to the point that the network becomes
unusable.
APX 8000/MAX TNT/DSLTNT Physical Interface Configuration Guide Preliminary May 9, 2000 1-9
Performing Basic Configuration
Recommended basic security measures
To prevent the TAOS unit router from being used as an intermediary in this type of
denial-of-service attack laun ched from another network, you must dis able the TAOS unit from
forwarding the directed broadcasts it receives from another network. The following example
shows how to disable directed broadcasts that are not generated locally on all IP interfaces of a
TAOS unit with a four-port Ethernet card in shelf 1, slot 12:
admin> read ip-int {{1 c 1} 0}
IP-INTERFACE/{ { shelf-1 controller 1 } 0 } read
admin> set directed-broadcast-allowed = no
admin> write
IP-INTERFACE/{ { shelf-1 controller 1 } 0 } written
admin> read ip-int {{1 12 1} 0}
IP-INTERFACE/{ { shelf-1 slot-12 1 } 0 } read
admin> set directed-broadcast-allowed = no
admin> write
IP-INTERFACE/{ { shelf-1 slot-12 1 } 0 } written
admin> read ip-int {{1 12 2} 0}
IP-INTERFACE/{ { shelf-1 slot-12 2 } 0 } read
admin> set directed-broadcast-allowed = no
admin> write
IP-INTERFACE/{ { shelf-1 slot-12 2 } 0 } written
admin> read ip-int {{1 12 3} 0}
IP-INTERFACE/{ { shelf-1 slot-12 3 } 0 } read
admin> set directed-broadcast-allowed = no
admin> write
IP-INTERFACE/{ { shelf-1 slot-12 3 } 0 } written
admin> read ip-int {{1 12 4} 0}
IP-INTERFACE/{ { shelf-1 slot-12 4 } 0 } read
admin> set directed-broadcast-allowed = no
admin> write
IP-INTERFACE/{ { shelf-1 slot-12 4 } 0 } written
Configuring SNMP access to the unit
For Simple Network Management Protocol (SNMP) access, an SNMP manager must be
running on a host on the local IP network, and the TAOS unit must be able to find that host by
means of either a static route or RIP . In addition to these restrictions, the TAOS unit has its own
SNMP password security (community strings), which you must set up to protect the TAOS unit
from being reconfigured from an unauthorized SNMP station.
Overview of SNMP security
The SNMP profile contains SNMP-readable information about the un it and its SNMP security.
There are two levels of security:
• Community strings limit access to the TAOS unit to the community of SNMP managers
who know the strings.
• Address security excludes SNMP access unless it is initiated from a specified IP address.
1-10 Preliminary May 9, 2000 APX 8000/MAX TNT/DSLTNT Physical Interface Configuration Guide
Loading...