Paradyne Hotwire Routers User Manual
HOTWIRE DSL ROUTERS
USER’S GUIDE
Document No. 6371-A2-GB20-10
August 2000
Copyright E 2000 Paradyne Corporation.
All rights reserved.
Printed in U.S.A.
Notice
This publication is protected by federal copyright law. No part of this publication may be copied or distributed,
transmitted, transcribed, stored in a retrieval system, or translated into any human or computer language in any form
or by any means, electronic, mechanical, magnetic, manual or otherwise, or disclosed to third parties without the
express written permission of Paradyne Corporation, 8545 126th Ave. N., Largo, FL 33773.
Paradyne Corporation makes no representation or warranties with respect to the contents hereof and specifically
disclaims any implied warranties of merchantability or fitness for a particular purpose. Further, Paradyne Corporation
reserves the right to revise this publication and to make changes from time to time in the contents hereof without
obligation of Paradyne Corporation to notify any person of such revision or changes.
Changes and enhancements to the product and to the information herein will be documented and issued as a new
release to this manual.
Warranty, Sales, Service, and Training Information
Contact your local sales representative, service representative, or distributor directly for any help needed. For
additional information concerning warranty , sales, service, repair , installation, documentation, training, distributor
locations, or Paradyne worldwide office locations, use one of the following methods:
H Internet: Visit the Paradyne World Wide Web site at www.paradyne.com. (Be sure to register your warranty
at www.paradyne.com/warranty.)
H Telephone: Call our automated system to receive current information by fax or to speak with a company
representative.
— Within the U.S.A., call 1-800-870-2221
— Outside the U.S.A., call 1-727-530-2340
Document Feedback
We welcome your comments and suggestions about this document. Please mail them to Technical Publications,
Paradyne Corporation, 8545 126th Ave. N., Largo, FL 33773, or send e-mail to userdoc@paradyne.com. Include
the number and title of this document in your correspondence. Please include your name and phone number if you
are willing to provide additional clarification.
Trademarks
ACCULINK, COMSPHERE, FrameSaver, Hotwire, and NextEDGE are registered trademarks of Paradyne
Corporation. MVL, OpenLane, Performance Wizard, and TruePut are trademarks of Paradyne Corporation. All other
products and services mentioned herein are the trademarks, service marks, registered trademarks, or registered
service marks of their respective owners.
A
August 2000
6371-A2-GB20-10
Contents
About This Guide
H Document Purpose and Intended Audience v. . . . . . . . . . . . . . . . . . . . . . . . .
H Document Summary vi. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
H Product-Related Documents vii. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
H Document Conventions viii. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
1 Introduction to Hotwire DSL Routers
H What is a Hotwire DSL Router? 1-1. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
DSL Technologies Supported 1-1. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
H Typical DSL Router System 1-2. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
H Hotwire DSL Router Features 1-3. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
H Service Subscriber 1-4. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2 Accessing the DSL Router
H Access Control to the DSL Router 2-1. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Levels of Access 2-1. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Changing Access Session Levels 2-2. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Local Console Access 2-2. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Setting Up the New User’s Login 2-3. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Telnet Access 2-4. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Determining the Current Access Level 2-4. . . . . . . . . . . . . . . . . . . . . . . . .
Determining the Available Commands 2-4. . . . . . . . . . . . . . . . . . . . . . . . . .
Using the List Command 2-5. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Changing the System Identity 2-5. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
H Exiting from the System 2-5. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Manually Logging Out 2-6. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Automatically Logging Out 2-6. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
6371-A2-GB20-10
August 2000
i
Contents
3 Configuring the DSL Router
H Overview of DSL Router Configuration 3-1. . . . . . . . . . . . . . . . . . . . . . . . . . . . .
H Interfaces for the DSL Router 3-1. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Ethernet and DSL Interface Identifiers 3-2. . . . . . . . . . . . . . . . . . . . . . . . . .
Service Domain IP Address Assignments 3-2. . . . . . . . . . . . . . . . . . . . . . .
Numbered DSL Interface 3-3. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Unnumbered DSL Interface 3-3. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
H IP Routing 3-4. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
H Network Considerations 3-4. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
H Address Resolution Protocol (ARP) 3-5. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
H Proxy ARP 3-5. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
H Network Address Translation (NAT) 3-6. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Basic NAT 3-6. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Network Address Port Translation (NAPT) 3-6. . . . . . . . . . . . . . . . . . . . . .
IP Options Processing 3-7. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Applications Supported by NAT 3-7. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
H Dynamic Host Configuration Protocol (DHCP) Server 3-7. . . . . . . . . . . . . . . .
H DHCP Relay Agent 3-8. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
H Security 3-9. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
IP Filtering 3-9. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Land Bug/Smurf Attack Prevention 3-9. . . . . . . . . . . . . . . . . . . . . . . . . . . .
H Routed vs. Bridged PDUs 3-10. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
4 DSL Router Configuration Examples
H Configuration Examples 4-1. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Basic Configuration Example 4-2. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Basic NAT Configuration Example 4-3. . . . . . . . . . . . . . . . . . . . . . . . . . . . .
NAPT Configuration Example 4-4. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Unnumbered DSL Interface with Proxy ARP Configuration Example 4-5
DHCP Relay with Proxy ARP Configuration Example 4-6. . . . . . . . . . . . .
DHCP Server with Basic NAT Configuration Example 4-7. . . . . . . . . . . .
Downstream Router Configuration Example 4-8. . . . . . . . . . . . . . . . . . . . .
ii
August 2000
6371-A2-GB20-10
5 Monitoring the DSL Router
H What to Monitor 5-1. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
H Detecting Problems 5-1. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
H Status of Interfaces 5-2. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
H Interface Statistics 5-3. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
H Clearing Statistics 5-4. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
H List of Discard Reasons 5-4. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
6 Diagnostics and Troubleshooting
H Diagnostics and Troubleshooting Overview 6-1. . . . . . . . . . . . . . . . . . . . . . . . .
H Device Restart 6-1. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
H Alarms Inquiry 6-1. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
H System Log 6-2. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
SYSLOG Events 6-3. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
SYSLOG Message Display 6-4. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
H Ping 6-5. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Ping Test Results 6-5. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
H TraceRoute 6-6. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
TraceRoute Test Results 6-6. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Contents
A Command Line Interface
H Command Line Interface Feature A-1. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Navigation A-2. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Command Recall A-2. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Document Conventions A-2. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
H Command Line Interface Commands A-3. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Configuration Control Commands A-3. . . . . . . . . . . . . . . . . . . . . . . . . . . . .
RFC 1483 Encapsulation A-3. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Ethernet Frame Format A-3. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Interface and Service Domain IP Address A-4. . . . . . . . . . . . . . . . . . . . . .
IP Routing Table A-5. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
ARP Table A-7. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Proxy ARP A-7. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
NAT A-8. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
DHCP Server A-10. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
DHCP Relay Agent A-11. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
IP Packet Processing A-12. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Traps A-12. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Show Command Outputs A-13. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
6371-A2-GB20-10
August 2000
iii
Contents
B Configuration Defaults & Command Line Shortcuts
H Configuration Default Settings B-1. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
H Command Line Input Shortcuts B-3. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
C Traps & MIBs
H SNMP Overview C-1. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
H Traps Overview C-1. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
DSL Router Traps C-2. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
H MIBs Overview C-3. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
H Standard MIBs C-3. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
MIB II (RFC 1213) C-3. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
System Group C-3. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Interfaces Group (RFC 1573) C-5. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Extension to Interfaces Table (RFC 1573) C-7. . . . . . . . . . . . . . . . . . . . . .
IP Group (RFC 1213) C-7. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
IP CIDR Route Group (RFC 2096) C-8. . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Transmission Group C-9. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
SNMP Group C-10. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Ethernet-Like MIB (RFC 2665) C-10. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
H Paradyne Enterprise MIBs C-11. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Device Control MIB C-11. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Device Diagnostics MIB C-12. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Health and Status MIB C-15. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Configuration MIB C-16. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Interface Configuration MIB C-17. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
ARP MIB C-17. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
NAT MIB C-17. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
DHCP MIB C-18. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
DSL Endpoint MIB C-19. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
SYSLOG MIB C-20. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Interface Configuration MIB C-20. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
D DSL Router Terminal Emulation
H DSL Router Terminal Emulation D-1. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Accessing the List Command Output D-1. . . . . . . . . . . . . . . . . . . . . . . . . . .
Terminal Emulation Programs D-2. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Index
iv
August 2000
6371-A2-GB20-10
About This Guide
Document Purpose and Intended Audience
This guide describes how to configure and operate Hotwire DSL routers. This
document addresses the use of the following Hotwire DSL Router models:
H Hotwire 6301/6302 IDSL Router
H Hotwire 6341/6342 Symmetric DSL Router
H Hotwire 6371 RADSL Router
This document is intended for administrators and operators who maintain the
endpoints at customer premises. A basic understanding of internetworking
protocols and their features is assumed. Specifically, you should have familiarity
with the following internetworking concepts:
H TCP/IP applications
H IP and subnet addressing
H IP routing
H Bridging
It is also assumed that you have already installed a Hotwire DSL Router. If not,
refer to
Product-Related Documents
on page vii for installation documents.
6371-A2-GB20-10
August 2000
v
About This Guide
Document Summary
Section Description
Chapter 1
Chapter 2
Chapter 3
Chapter 4
Chapter 5
Chapter 6
Appendix A
Appendix B
Introduction to Hotwire DSL Routers.
of the Hotwire DSL Routers.
Accessing the DSL Router.
Routers access control and provides instructions on how to
log in and log out of the system.
Configuring the DSL Router.
interfaces, Domain Types, IP Routing, and network
considerations.
Describes the Hotwire DSL
Describes the DSL router
DSL Router Configuration Examples.
common DSL router configuration examples.
Monitoring the DSL Router.
that monitor the Hotwire system.
Describes operator programs
Diagnostics and Troubleshooting.
Hotwire operational problems and solutions. Contains
SysLog information.
Command Line Interface.
router’s Command Line Interface and command syntax with
examples.
Provides explanation of the DSL
Provides an overview
Presents several
Describes common
Configuration Defaults & Command Line Shortcuts.
Provides a list of all configuration options with factory
default settings and a list of all command line shortcuts with
the abbreviated command line input.
Appendix C
Appendix D
Index Lists key terms, acronyms, concepts, and sections in
A master glossary of terms and acronyms used in Paradyne documents is
available on the Web at www.paradyne.com. Select
→
Manuals
Technical Glossary.
Traps & MIBs.
supported by the DSL routers.
DSL Router Terminal Emulation.
setup procedures for two common text file programs.
alphabetical order.
Summarizes the MIBs and SNMP traps
Provides configuration
Library → Technical
vi
August 2000
6371-A2-GB20-10
Product-Related Documents
Contact your sales or service representative to order additional product
documentation.
Document Number Document Title
About This Guide
6301-A2-GN10
6341-A2-GN10
6371-A2-GN10
8000-A2-GB22
8000-A2-GB26
Contact your sales or service representative to order additional product
documentation.
Paradyne documents are also available on the World Wide Web at
www.paradyne.com. Select
Hotwire DSL & MVL
Hotwire 6301/6302 IDSL Routers Installation
Instructions
Hotwire 6341/6342 Symmetric DSL Routers
Installation Instructions
Hotwire 6371 RADSL Router Installation Instructions
Hotwire Management Communications Controller
(MCC) Card, IP Conservative, User’s Guide
Hotwire IP MVL, RADSL, IDSL, and SDSL Cards,
Models 8310/8312/8314, 8510/8373/8374, 8303/8304,
and 8343/8344, User’s Guide
Library → Technical Manuals →
.
6371-A2-GB20-10
August 2000
vii
About This Guide
Document Conventions
The following syntax is used throughout this document.
Syntax Translation
[ ]
{ }
|
Italics
Bold
x.x.x.x
xx:xx:xx:xx:xx:xx
Square brackets represent an optional element.
Braces represent a required entry.
Vertical bar separates mutually exclusive elements.
Entry is a variable to be supplied by the operator.
Enter (type) as shown.
32-bit IP address and mask information where x is an
8-bit weighted decimal notation.
MAC address information where x is a hexadecimal
notation.
viii
August 2000
6371-A2-GB20-10
Introduction to Hotwire DSL Routers
What is a Hotwire DSL Router?
The Hotwirer DSL (Digital Subscriber Line) Router operates as an IP router
connecting a DSL link to an Ethernet network. This system provides high-speed
access to the Internet or a corporate network over a traditional twisted-pair
copper telephone line to the end user.
DSL Technologies Supported
1
Paradyne’s Hotwire DSL network supports the following types of technologies:
H Hotwire IDSL (ISDN DSL) products provide IDSL multirate symmetric packet
transport and can operate over a connection with an ISDN repeater or digital
facilities. Data rates of 64 kbps, 128 kbps, or 144 kbps can be configured.
H Hotwire RADSL (Rate Adaptive DSL) products are applicable for both
asymmetric and symmetric applications. The 1 Mbps symmetric operation is
ideal for traditional business applications while the 7 Mbps downstream with
1.1 Mbps upstream asymmetric operation provides added bandwidth for
corporate Internet access. RADSL products can also save line costs by
optionally supporting simultaneous data and voice over the same line.
H Hotwire SDSL (Symmetric DSL) packet-based products provide high-speed
symmetric DSL services with bandwidth for business applications. These
products are configurable from 144 kbps up to 2.3 Mbps. This gives service
providers the opportunity to sell multiple services with a single product.
6371-A2-GB20-10
August 2000
1-1
Introduction to Hotwire DSL Routers
Typical DSL Router System
DSL is a local loop technology that uses standard twisted-pair copper wire to
support high-speed access over a single pair of twisted copper wires. DSL
applications are point-to-point, requiring DSL devices at the central site and at the
end-user site.
The Hotwire DSL routers interoperate with the following types of Hotwire IP DSL
cards (at the DSLAM/GranDSLAM chassis) to deliver applications at high speeds
in support of packet services over a DSL link:
H The Hotwire 8303 or 8304 IP IDSL Cards interoperate with two Hotwire IDSL
Routers:
— Hotwire 6301 IDSL Router with one Ethernet port
— Hotwire 6302 IDSL Router with a 4-port Ethernet hub
H The Hotwire 8343 or 8344 SDSL Cards interoperate with two Hotwire
Symmetric DSL Routers:
— Hotwire 6341 SDSL Router with one Ethernet port
— Hotwire 6342 SDSL Router with a 4-port Ethernet hub
H The Hotwire 8510, 8373, and 8374 IP RADSL Cards interoperate with the
Hotwire 6371 RADSL Router with one Ethernet port
The following illustration shows a typical Hotwire system with a Hotwire DSL
Router. All Hotwire DSL routers transport data. The Hotwire 6371 RADSL Router
can transport data and POTS simultaneously.
Network Access Provider (NAP) Service Subscriber
Customer Premises (CP)
DSL
Router
*
POTS
CP
POTS
Splitter
Optional
Network
Service
Provider
Corporate
Intranet
Core
Router
Central Office (CO)
IP DSL
Line
Card
DSLAM
POTS
Splitter
Optional
CO
MDF
POTS/DSL
Data
Interface
1-2
Legend: DSL – Digital Subscriber Line POTS– Plain Old Telephone Service
* 6371 RADSL Router Only
MDF – Main Distribution Frame
August 2000
6371-A2-GB20-10
00-16576-02
Hotwire DSL Router Features
The Hotwire DSL routers contain the following features.
H IP routing with:
— NAT (Network Address Translation)
— NAPT (Network Address Port Translation)
— DHCP Server (Dynamic Host Configuration Protocol) and DHCP Relay
Agent
— A full set of IP filters
— SNMP Set/Get capability
H High-speed Internet or intranet access.
H Diagnostics. Provides the capability to diagnose device and network
problems and perform tests.
H Device and Test Monitoring. Provides the capability of tracking and
evaluating the unit’s operation.
Introduction to Hotwire DSL Routers
H Remote Firmware Download. Provides easy setup and activation of
firmware upgrades from a remote location.
H Security. Provides multiple levels of security, which prevents unauthorized
access to the DSL router.
H Console Terminal Interface. Provides an interface for:
— Configuring and managing the DSL router.
— Remote terminal access via Telnet.
— Management from an NMS using SNMP.
6371-A2-GB20-10
August 2000
1-3
Introduction to Hotwire DSL Routers
Service Subscriber
The Service Subscriber is the user (or set of users) that has contracted to receive
networking services (e.g., Internet access, remote LAN access) for the end-user
system from an NSP (Network Service Provider). Service subscribers may be:
H Residential users connected to public network services (e.g., the Internet)
H Work-at-home users connected to their corporate intranet LAN
H Commercial users at corporate locations (e.g., branch offices) connected to
other corporate locations or connected to public network services
The Hotwire DSL Router must be installed at the customer premises to provide
the end user with access to any of the above services.
NOTE:
If you would like more information on DSL-based services, applications, and
network deployment, refer to Paradyne’s
may be downloaded or ordered through Paradyne’s World Wide Web site at
www.paradyne.com/library.
The DSL Sourcebook.
The book
1-4
August 2000
6371-A2-GB20-10
Accessing the DSL Router
Access Control to the DSL Router
The Hotwire DSL Router can be managed from an NMS using SNMP or from the
command line interface. There are two methods to access the command line
interface:
H Local access at the DSL router through the Console port, or
H Access by a Telnet session (controlled through the management interface at
the Hotwire chassis).
2
Levels of Access
When a local console connection is first established, a login prompt appears. The
Hotwire DSL Router accepts only one login session at a time. The DSL Router is
configured at the factory with a default login ID and password. However, to
provide login security to the DSL system, configure a new login ID and password.
There is one login ID and two levels of privileges on the Hotwire DSL system.
Your user account can be configured with one user name and different
passwords for:
H Administrator. The Administrator has two levels of access to the DSL router.
— Administrator, non-configuration mode: Provides read-only capabilities.
This is the same level of access as Operator.
— Administrator, configuration mode: Provides complete write access to the
DSL router. However, MIB sets are done from the NMS vs. the command
line.
H Operator. The Operator has read-only access to display device information
with no modification permission and no access to management functions.
Refer to Appendix A,
command line entry.
Command Line Interface
, for access level details for each
6371-A2-GB20-10
August 2000
2-1
Accessing the DSL Router
Changing Access Session Levels
H You can change the Administrator access level by entering:
admin enable
This command provides Administrator access level privileges. The DSL
router will respond with a prompt to enter the password for Administrator
access.
H You can end the Administrator access level by entering:
admin disable
This command results in ending the Administrator access level session. No
password is needed.
Entering exit has the same results. Refer to
page 2-5 for further details on ending a session.
The Operator and Administrator have the same Login ID with different passwords
for their access level. To determine the level of access for a session, refer to
Determining the Current Access Level
on page 2-4.
Exiting from the System
on
Local Console Access
The DSL router ships with the local console enabled. After login, the local console
can be disabled with the command console disable. After saving this change
and ending the session, there is no local access through the console port. Any
access must be through a Telnet session or the NMS.
NOTE:
Entering console disable results in NO local access to the DSL router.
If you attempt to log in, you will receive an error message.
To determine via a Telnet session if a console is enabled, enter:
show console
The display returned for the show console command will be:
H console enabled – Command line management at the console is
available, or
H console disabled – No command line management is available at the
console.
For steps to set up the new user’s login, refer to
on page 2-3.
Setting Up the New User’s Login
2-2
August 2000
6371-A2-GB20-10
Setting Up the New User’s Login
The DSL router will provide the login prompt when the local console connection is
first established. When the login prompt appears, a locally connected console
defaults to Console Enabled with Operator access only.
" Procedure
For first-time access to the Hotwire DSL Router’s command line interface:
1. At the initial login> prompt, type the default login ID paradyne and press
Enter.
2. At the password> prompt (for Operator), type the default password abc123
and press Enter.
The login ID and password fields are validated together.
3. At the system identity of CUSTOMER> prompt, type admin enable and press
Enter.
4. At the password> prompt (for Administrator), type the default password
abc123 and press Enter.
Accessing the DSL Router
5. The system identity will change to the Administrator display mode of
CUSTOMER#>. Type configure terminal and press Enter.
6. The system identity will change to the Administrator configuration mode of
CUSTOMER - CONFIG#>.
7. To change the login ID, enter text to replace the default of paradyne:
name
your new login ID
NOTE:
The Login ID and Password fields are NOT case-sensitive.
8. Enter a new password and specify the level:
password
Example: type password operator 238clrd3 and press Enter.
Both the Login ID and the Password fields are 1–31 printable alphanumeric
ASCII characters in the ASCII hex range of 0x21–0x7E. No spaces are
allowed. The following table lists the invalid characters.
Invalid Characters
# Number sign 0x23
$ Dollar sign 0x24
level password
Value ASCII Hex T ranslation
6371-A2-GB20-10
% Percentage 0x25
& Ampersand 0x26
August 2000
2-3
Accessing the DSL Router
9. At the prompt, enter the new Administrator-level password to replace abc123:
password admin
save
and press Enter
new password
and press Enter
NOTE:
Any input during an Administrator configuration session must be saved
while still in configuration mode.
For more information regarding the system identity, refer to
Current Access Level,
If you are denied access during a Telnet session, the session stops and an error
is logged. If you accessing the DSL router locally and a Telnet session is active,
you will receive a message:
Local console disabled by conflict
Telnet Access
The Telnet access defaults to Administrator level. If the login is at the Operator
level, then Operator level access is available. Telnet access is always enabled.
Determining the Current Access Level
The command line prompt displays the access level. The factory default for
System identity is CUSTOMER>. You can set your own system identity name to
replace CUSTOMER. See the example below.
If the prompt format
appears as . . .
below.
Then the DSL router
access level is . . .
Determining the
And if you entered a System
identity of PARADYNE, the
prompt displays . . .
CUSTOMER> Operator, display mode P ARADYNE>
CUSTOMER #> Administrator, display
CUSTOMER – CONFIG#> Administrator,
Determining the Available Commands
To determine the commands available at the current login access level, enter:
H help or
H ? (question mark)
H the command without any parameters
2-4
mode
configuration mode
August 2000
PARADYNE #>
PARADYNE – CONFIG#>
6371-A2-GB20-10
Using the List Command
The list command displays a sequence of commands, in the form of ASCII
strings, that would have the effect of setting all configuration settings to the
current values. (The two passwords are not output.)
To determine the commands available, enter the Administrator configuration
mode and enter either:
H list
Displays the output in on-screen page mode. In on-screen page mode, the
user interface displays 23 lines of information. When the 24th line is reached,
More... is displayed. Pressing any key will display the next page.
H list config
Displays the output in scroll mode as a text file. Scroll mode captures and
displays all command strings in a text file for use with a terminal emulation
program. Refer to Appendix D,
Changing the System Identity
Accessing the DSL Router
DSL Router Terminal Emulation.
Procedure
"
To change the System Identity from the factory default of CUSTOMER>:
1. Login and enter the ADMIN-configuration mode.
2. At the CUSTOMER-CONFIG#> prompt, type the new System identity
(no spaces allowed), press Enter, type save, and press Enter.
system identity
For example:
system identity PARADYNE and press Enter
save
3. In this example, after saving the entry and ending the configuration mode, the
System identity will display:
PARADYNE #>
The System identity is the same as the MIB entry of sysName. The
sysContact and SysLocation MIB entries are not displayed.
Exiting from the System
You can manually log out of the system, or let the system automatically log you
out. The DSL router will log you out immediately if you disconnect the Console
cable. Any unsaved configuration input will be lost.
and press Enter
new system identity
6371-A2-GB20-10
August 2000
2-5
Accessing the DSL Router
Manually Logging Out
To log out, there are two commands: logout and exit.
" Procedure
To log out of the Hotwire DSL Router command line session or Telnet session:
" Procedure
To exit the Hotwire DSL Router’s current access level:
1. At the > prompt, type logout and press Enter.
2. The system ends the session immediately. Any configuration updates must
be saved before exiting or the updates will be lost.
1. At the > prompt, type exit and press Enter. If there are any unsaved
configuration changes, you will be prompted to save changes before exiting.
2. The exit command has the following effect:
If you are accessing the DSL router . . .
At the Local console and logged in at the
Administrator level, configuration mode
At the Local console and logged in at the
Administrator level, non-configuration
mode
At the Local console and logged in at the
Operator level
Via a Telnet session and logged in at any
access level
Automatically Logging Out
The DSL router has an automatic timeout feature that logs you out of the system
after five minutes of inactivity. Any input that is not saved is lost. You will need to
log back in.
At the console, press Enter to display the login> prompt to log back in. The
autologout {enable | disable} command default is enabled. Unsaved
configuration input is lost.
Then . . .
You are placed at the Operator level
and any configuration updates must be
saved or the updates will be lost.
You are placed at the Operator level.
The Exit command responds exactly
like the Logout command.
Entering either of the following ends
the Telnet session immediately:
H Exit
H Ctrl + ] (right bracket)
2-6
When autologout is:
H Enabled, the current configuration is retained through a power recycle.
H Disabled, the system inactivity timer is disabled.
August 2000
6371-A2-GB20-10
Configuring the DSL Router
Overview of DSL Router Configuration
The Hotwire DSL Routers support various customer premises distribution
networks that contain IP forwarding devices or routers, in addition to locally
attached hosts or subnets. The Hotwire DSL Router has an IP Routing Table that
contains IP address and subnet mask information.
The DSL router supports Internet Protocol as specified in RFC 791 and Internet
Control Message Protocol (ICMP) as specified in RFCs 792 and 950. The DSL
router acts as a router (or gateway) as defined in RFC 791.
3
For more information on supported RFCs, refer to Appendix C,
Interfaces for the DSL Router
The Hotwire DSL Router has two interfaces:
H DSL Interface
The Hotwire DSL Router interface type is determined by the model number:
— 6301 and 6302 are Hotwire IDSL Routers
— 6341 and 6342 are Hotwire SDSL Routers
— 6371 is a Hotwire RADSL Router
The DSL interface has a unique MAC address assigned before shipping.
Traps & MIBs.
6371-A2-GB20-10
August 2000
3-1
Configuring the DSL Router
H Ethernet Interface
— All DSL routers have an Ethernet interface with a unique MAC address
assigned before shipping.
— The Ethernet interface is a 10/100BaseT interface that automatically
negotiates the rate. If all attached Ethernet devices support 100BaseT,
the DSL router will default to 100BaseT. Otherwise, the DSL router
operates at 10BaseT.
— The DSL router can be configured for either DIX format or IEEE 802.3
format. When the DSL router is configured to use IEEE 802.3 format, the
DSL router uses SNAP encapsulation as specified in RFC 1042.
— The Hotwire 6302 IDSL and the 6342 SDSL Routers each have a hub
configuration with four Ethernet connectors. The hub acts as a bit-level
repeater. There is logically one Ethernet communications interface and
one single collision domain.
— The DSL router only accepts frames on the Ethernet interface with its
own MAC address or a broadcast or multicast MAC address.
Ethernet and DSL Interface Identifiers
The following are the naming conventions used for the Hotwire DSL Router
interfaces:
H eth1 (or e0) – Ethernet interface name.
H dsl1 (or d0) – DSL interface name.
Service Domain IP Address Assignments
H Multiple Service Domains can be defined using network addresses and
subnet masks.
H For both the DSL interface and the Ethernet interface, four Service Domain
IP Addresses and subnet masks can be defined.
3-2
August 2000
6371-A2-GB20-10
Numbered DSL Interface
In this scenario, the hosts attached to the DSL router’s Ethernet interface are on
a different logical network than the core router. The DSL router is the next hop
router for the hosts. The upstream next hop router for the DSL router is the core
router.
Configuring the DSL Router
Simplified Network Topology
Core
Router
The hosts can be assigned IP addresses on the network attached to the DSL
router’s Ethernet interface. The upstream next hop router is assigned an address
on a different logical network than the hosts.
Actions required to configure the DSL router interfaces in this scenario:
H Assign IP address to Ethernet interface: eth1
H Assign IP address to DSL interface: dsl1
H Assign upstream next hop router
Unnumbered DSL Interface
In this LAN extension application scenario, the hosts connected to a corporate
network for virtual office connection or teleworkers want to look like they are on
the same network as the core router. The core router will be the next hop router
for the hosts.
WAN
DSL
Router
Host
(End Users)
99-16609
6371-A2-GB20-10
Actions required to configure the DSL router interfaces in this scenario:
H Assign IP address to Ethernet interface: eth1
H Specify the DSL interface as unnumbered: dsl1
H Assign upstream next hop router
H Enable Proxy ARP for both the eth1 and dsl1 interfaces
H Disable scoping on the DSL card at the DSLAM/GranDSLAM chassis
August 2000
3-3
Configuring the DSL Router
IP Routing
The DSL router uses destination-based routing for downstream traffic. An IP
Routing Table is maintained to specify how to forward IP datagrams downstream.
The DSL router is capable of supporting 32 entries in the IP Routing Table. This
table can be viewed by both Operator and Administrator access levels.
The DSL router uses source-based forwarding for upstream traffic to ensure that
packets are forwarded to the upstream router specified for the configured Service
Domain.
Refer to Chapter 4,
Network Considerations
The DSL routers can be configured to function in a variety of network
environments. The following sections provide descriptions of some of the DSL
router features:
Address Resolution Protocol (ARP)
H
H
Proxy ARP
H
Network Address Translation (NAT)
—
Basic NA T
—
Network Address Port Translation (NAPT)
—
IP Options Processing
—
Applications Supported by NAT
H
Dynamic Host Configuration Protocol (DHCP) Server
H
DHCP Relay Agent
H
Security
DSL Router Configuration Examples,
for further details.
3-4
—
IP Filtering
—
Land Bug/Smurf Attack Prevention
H
Routed vs. Bridged PDUs
August 2000
6371-A2-GB20-10
Address Resolution Protocol (ARP)
Address Resolution Protocol, as specified in RFC 826, is supported in the DSL
router. The DSL router provides for a total of 265 ARP table entries. The timeout
for completed and uncompleted ARP table entries is configurable.
NOTE:
The DSL router does not process ARP requests and ARP responses on its
DSL interface when it is configured to support RFC 1483 PDU routing
(Standard mode). See
information. The operating mode (Standard or VNET) can be changed from
the DSL card without requiring any reconfiguration of the DSL router. If any
static ARP entries have been configured, they will remain in the database
and can be displayed with the show arp command. You can create static
ARP entries regardless of the current operating mode.
The Command Line Interface provides the ability to:
H Create up to 64 static ARP table entries to be retained across power cycles.
Routed vs. Bridged PDUs
Configuring the DSL Router
on page 3-10 for more
Proxy ARP
H Display the ARP table.
H Delete ARP table entries.
H Display and delete automatically added static ARP table entries by the DHCP
server and relay functions. Refer to
(DHCP) Server
The DSL router supports Proxy ARP. Proxy ARP responses are based on the IP
Routing table contents. The IP Routing table must have an entry for every host
that is reachable on the Ethernet interface, including hosts for which the DSL
router will not forward packets because of IP filters. If an ARP request is received
on one interface for an IP address that is reachable on the other interface, the
DSL router will respond with its own MAC address.
on page 3-7.
Dynamic Host Configuration Protocol
NOTE:
The Proxy ARP option is not available on the DSL interface when the DSL
router is configured to support RFC 1483 PDU routing. See
Bridged PDUs
The Command Line Interface provides the ability to enable and disable Proxy
ARP for each interface.
on page 3-10 for more information.
Routed vs.
6371-A2-GB20-10
NOTES:
— When Basic NAT is enabled, the DSL interface (dsl1) must have Proxy
ARP enabled if the dsl1 interface address is part of the Basic NAT global
IP network address.
— Proxy ARP and NAPT cannot be enabled at the same time.
August 2000
3-5
Configuring the DSL Router
Network Address Translation (NAT)
Network Address Translation is used when a private network’s internal IP
addresses cannot be used outside the private network. The IP addresses may be
restricted for privacy reasons or they may not be valid public IP addresses.
Basic NAT
The DSL router provides NAT as described in
Translator (NAT)
public (global) external IP addresses.
Two variations of traditional NAT are supported:
H Basic NA T
H Network Address Port Translation (NAPT)
. NAT allows the private (local) hosts to transparently access
RFC 1631 The IP Network Address
NOTE:
Basic NAT and NAPT cannot be enabled at the same time.
Basic NAT allows hosts in a private network to transparently access the external
network by using a block of public addresses. Static mapping enables access to
selected local hosts from the outside. Basic NAT is often used in a large
organization with a large network setup for internal use and the need for
occasional external access.
Basic NAT provides a one-to-one mapping by translating a range of assigned
public IP addresses to a similar-sized pool of private addresses (typically from the
x.x.x
10.
host appears to have an unique IP address. Up to 256 IP addresses can be
allocated for use with Basic NAT.
address space). Each local host currently communicating with a external
Network Address Port Translation (NAPT)
NAPT allows multiple clients in a local network to simultaneously access remote
networks using a single IP address. This benefits telecommuters and SOHO
(Small Office/Home Office) users that have multiple clients in an office running
TCP/UDP applications. NAPT is sometimes referred to as PAT (Port Address
Translation).
NAPT provides a many-to-one mapping and uses one public address to interface
numerous private users to an external network. All hosts on the global side view
all hosts on the local side as one Internet host. The local hosts continue to use
their corporate or private addresses. When the hosts are communicating with
each other, the translation is based on the IP address and the IP port numbers
used by TCP/IP applications.
3-6
August 2000
6371-A2-GB20-10
IP Options Processing
Configuring the DSL Router
The NAT and NAPT functions handle and process the IP datagrams with options
set as described below. No command is available to set IP options.
The DSL Router does not process (and drops) any IP datagrams with the
following IP options:
H Loose source and record route (type 131)
H Strict source and record route (type 133)
H Security (type 130)
H Stream ID (type 136)
The DSL Router does process IP datagrams with the following IP options, but
does not provide its IP address or timestamp information in the response
message:
H Record route (type 7)
H Timestamp (type 68)
Applications Supported by NAT
The DSL routers support the following applications and protocols:
H FTP
H HTTP
H NetMeeting
H Ping
H RealPlayer
H Telnet
H TFTP
Dynamic Host Configuration Protocol (DHCP) Server
The DSL router provides a DHCP Server feature as specified in RFC 2131,
Dynamic Host Configuration Protocol, and RFC 2132, DHCP Option and BOOTP
Vendor Extensions. DHCP is the protocol used for automatic IP address
assignment.
DHCP setup considerations:
6371-A2-GB20-10
H The range of IP addresses to be used by the DHCP server must be
configured. The maximum number of clients is 256.
H The DHCP server must be enabled.
August 2000
3-7
Configuring the DSL Router
H When the DHCP IP address range is changed, all binding entries,
H When the DHCP Server is enabled, there can be only one service domain
H The IP address for the next hop router that is provided to the hosts in the
H The subnet mask can be configured along with the IP address range
H The DHCP server domain name can be configured (optional).
H The Domain Name Server (DNS) IP address can be configured (optional).
H The minimum and maximum lease time settings can be configured.
automatically added routes, and ARP table entries for the clients configured
with the old address range are removed.
(Ethernet interface) configured.
DHCP reply must be configured.
(optional).
For additional information, refer to Chapter 4,
Examples.
DHCP Relay Agent
The DSL router provides the capability of serving as a DHCP Relay Agent, as
specified in RFC 2131, Dynamic Host Configuration Protocol. The DSL router
provides the capability to enable and disable the DHCP Relay Agent and to
configure the IP address of the DHCP server to which the DHCP requests are to
be forwarded.
The DHCP server assigns an IP address to the end-user system. When DHCP
Relay is enabled, it is possible to limit the number of DHCP clients. The DSL
router’s IP Routing table and ARP table are automatically updated. The DHCP
relay agent in the DSL router should be used when there is a DHCP server
upstream in the service domain. DHCP relay agent setup considerations:
H DHCP server IP address must be configured.
H DHCP relay must be enabled.
H The number of DHCP clients can be limited to 1—256.
H DHCP server and DHCP relay functions cannot be enabled at the same time.
H NAT and DHCP relay cannot be enabled at the same time.
DSL Router Configuration
3-8
August 2000
6371-A2-GB20-10
Security
IP Filtering
Configuring the DSL Router
The DSL router offers security via the following:
H IP Filtering – Can be enabled or disabled.
H Land Bug/Smurf Attack Prevention – Always present.
NOTE:
All Hotwire DSL Router filters are configured on the Hotwire DSL card.
By default, filtering is disabled on the Hotwire DSL card for the DSL router.
If enabled, filtering provides security advantages on LANs by restricting traffic on
the network and hosts based on the IP source and/or destination addresses.
IP packets can be filtered based on:
H Destination IP Address
H IP Protocol Type
H Source and Destination Port Number (if applicable)
H Source IP Address
H TCP Filter (prevents the receipt of downstream TCP connect requests)
NOTE:
If the Source IP Address filter is enabled on the Hotwire card and an
IP address is assigned to the DSL interface, there must also be an entry
configured in the Hotwire Client Table for the DSL interface’s IP address.
For more information about IP filtering, see the
SDSL Cards, Models 8310/8312, 8510/8373/8374, 8303/8304, and 8343/8344,
User’s Guide.
Land Bug/Smurf Attack Prevention
Land Bug and Smurf Attack prevention are enhanced firewall features provided
by the DSL Router:
H Land Bug – The DSL router drops all packets received on its DSL interface
or Ethernet interface when the source IP address is the same as the
destination IP address. This prevents the device from being kept busy by
constantly responding to itself.
Hotwire MVL, RADSL, IDSL, and
6371-A2-GB20-10
H Smurf Attack – The DSL Router will not forward directed broadcasts on its
DSL and Ethernet interfaces, nor will it send an ICMP echo reply to the
broadcast address. This ensures that a legitimate user will be able to use the
network connection even if ICMP echo/reply (smurf) packets are sent to the
broadcast address.
August 2000
3-9
Configuring the DSL Router
Routed vs. Bridged PDUs
The DSL router supports both the VNET model and the 1483 Routed model
(derived from RFC 1483) for the transportation of PDUs (Protocol Data Units)
from the DSL router to the router in the core network. When operating in
Standard mode, the DSL router supports both routed and bridged PDUs. When
operating in VNET mode, the DSL router supports bridged PDUs only.
NOTE:
Standard mode vs. VNET mode is configured on the DSL card at the
DSLAM/GranDSLAM chassis.
Both ends of the network (e.g., the DSL router and the DSL line card or the core
router) must be configured to operate the same way (i.e., routed or bridged).
If Using This Network Model . . .
1483 Routed or Bridged
(Standard Mode)
Then These DSL Cards Can Be Used . . .
Model 8303 24-port IDSL
Model 8344 24-port SDSL
Model 8374 12-port RADSL
1483 Bridged (VNET Mode) Models 8303/8304 24-port IDSL
Models 8343/8344 24-port SDSL
Models 8373/8374 12-port RADSL
Model 8510 12-port RADSL
The following diagram illustrates the 1483 Routed model (Standard mode) in the
network.
NSP's
Access
Device
POWER
NAP's
Core
Router
NSP's
Access
Device
NAP's ATM
Network
O
I
IPC Hotwire
GranDSLAM
ALARMS
MajorMinorFanBA
DSL
Router
Client
Client
3-10
Figure 3-1. 1483 Routed Network Model (Standard mode)
August 2000
IP/MACIP/1483/FUNIIP/1483/ATM
00-16802
6371-A2-GB20-10
Loading...