ZyXEL 642 User Manual

Prestige 642

ADSL Router

User's Guide

Version 2.50

(May 2000)

ZyXEL

T

OTAL INTERNET ACCESS SOLUTION

Getting Started

Part I:

Getting Started

Chapters 1-3 are structured as a step-by-step guide to help you connect, install and setup your

Prestige to operate on your network and access the Internet.

I

Advanced Applications

Part II:

Advanced Applications

Advanced Applications (Chapters 4-7) describe the advanced applications of your Prestige, such

as Remote Node Setup IP Static routes and NAT.

II

Advanced Management

Part III:

Advanced Management

Chapters 8 - 12 provide information on Prestige Filtering, SNMP, System Maintenance, IP Policy

Routing, Troubleshooting as well as some Appendices and a Glossary.

III

Prestige 642 ADSL Internet Access Router

Chapter 8

Filter Configuration

This chapter shows you how to create and apply filter(s).

8.1 About Filtering

Your Prestige uses filters to decide whether to allow passage of a data packet and/or to make a call. There
are two types of filter applications: data filtering and call filtering. Filters are subdivided into device and
protocol filters, which are discussed later.
Data filtering screens the data to determine if the packet should be allowed to pass. Data filters are divided
into incoming and outgoing filters, depending on the direction of the packet relative to a port. Data filtering
can be applied on either the WAN side or the Ethernet side. Call filtering is used to determine if a packet
should be allowed to trigger a call. Remote node call filtering is only applicable when using
encapsulation. Outgoing packets must undergo data filtering before they encounter call filtering as shown in
the following figure.

Call Filtering

PPPoE

Outgoing

Packet

Data
Filtering

Match MatchMatch

Drop

packet

No

match

Call Filters

Drop packet
if line not up

Built-in
default

No

match

Or Or

Send packet

but do not reset

Idle Timer

User-defined

Call Filters

(if applicable)

Drop packet
if line not up

Send packet

but do not reset

Idle Timer

No

match

Active Data

Initiate call

if line not up

Send packet

and reset

Idle Timer

Figure 8-1 Outgoing Packet Filtering Process

For incoming packets, your Prestige applies data filters only. Packets are processed depending upon
whether a match is found. The following sections describe how to configure filter sets.

Filter Configuration 8-1

Prestige 642 ADSL Internet Access Router

8.1.1

A filter set consists of one or more filter rules. Usually, you would group related rules, e.g., all the rules for
NetBIOS, into a single set and give it a descriptive name. The Prestige allows you to configure up to twelve
filter sets with six rules in each set, for a total of 72 filter rules in the system. You cannot mix device filter
rules and protocol filter rules within the same set. You can apply up to four filter sets to a particular port to
block multiple types of packets. With each filter set having up to six rules, you can have a maximum of 24
rules active for a single port.
Three sets of factory default filter rules have been configured in Menu 21 to prevent NetBIOS traffic from
triggering calls and to prevent incoming telnetting. A summary of their filter rules is shown in the figures
that follow.
The following diagram illustrates the logic flow when executing a filter rule.

The Filter Structure of the Prestige

8-2 Filter Configuration

Filter Set

Prestige 642 ADSL Internet Access Router

Start

Packet into

filter

Fetch First

Filter Set

Fetch Next

Filter Set

Yes

Next Filter Set

Available?

No

Fetch Next

Filter Rule

Yes

Next filter

Rule

Available?

No

Fetch First

Filter Rule

Active?

Yes

Execute

No

Check

Next
Rule

Figure 8-2 Filter Rule Process

You can apply up to four filter sets to a particular port to block multiple types of packets. With each filter
set having up to six rules, you can have a maximum of 24 rules active for a single port.

Filter Rule

Forward

Drop

Accept PacketDrop Packet

Filter Configuration 8-3

Prestige 642 ADSL Internet Access Router

8.2 Configuring a Filter Set

To configure a filter set, follow the procedure below.

Step 1.

Step 2.
Step 3.

Step 4.

Enter 21 from the Main Menu to open Menu 21.

Menu 21 - Filter Set Configuration

Filter Filter
Set # Comments Set # Comments

------ ----------------- ------ ----------------­ 1 NetBIOS_WAN 7 _______________
2 NetBIOS_LAN 8 _______________
3 TELNET_WAN 9 _______________
4 PPPoE 10 _______________
5 _______________ 11 _______________
6 _______________ 12 _______________

Enter Filter Set Number to Configure= 0

Edit Comments= N/A

Press ENTER to Confirm or ESC to Cancel:

Figure 8-3 Menu 21 – Filter Setup

Enter the index number of the filter set (no. 1-12) you wish to configure and press

Enter a descriptive name or comment in the
Press

[ENTER]

Summary

at the message: [Press ENTER to confirm] to open

.

Edit Comments

field and press [

ENTER

Menu 21.1.1 - Filter Rules

[ENTER]

].

.

8-4 Filter Configuration

Prestige 642 ADSL Internet Access Router

Menu 21.1 - Filter Rules Summary

# A Type Filter Rules M m n

- - ---- -------------------------------------------- --------- - - ­ 1 Y IP Pr=6, SA=0.0.0.0, DA=0.0.0.0, DP=137 N D N
2 Y IP Pr=6, SA=0.0.0.0, DA=0.0.0.0, DP=138 N D N
3 Y IP Pr=6, SA=0.0.0.0, DA=0.0.0.0, DP=139 N D N
4 Y IP Pr=17, SA=0.0.0.0, DA=0.0.0.0, DP=137 N D N
5 Y IP Pr=17, SA=0.0.0.0, DA=0.0.0.0, DP=138 N D N
6 Y IP Pr=17, SA=0.0.0.0, DA=0.0.0.0, DP=139 N D F

Enter Filter Rule Number (1-6) to Configure:

Press ENTER to Confirm or ESC to Cancel:

Figure 8-4 NetBIOS_WAN Filter Rules Summary

Menu 21.2 - Filter Rules Summary

# A Type Filter Rules M m n

- - ---- -------------------------------------------- --------- - - ­ 1 Y IP Pr=17, SA=0.0.0.0, DA=0.0.0.0, DP=53 N D F
2 Y
3 Y
4 Y
5 Y
6 Y

Enter Filter Rule Number (1-6) to Configure:

Figure 8-5 NetBIOS _LAN Filter Rules Summary

Menu 21.3 - Filter Rules Summary

# A Type Filter Rules M m n

- - ---- --------------------------------------------------------------- - - ­ 1 Y IP Pr=6, SA=0.0.0.0, DA=0.0.0.0, DP=23 N D F
2 N
3 N
4 N
5 N
6 N

Enter Filter Rule Number (1-6) to Configure:

Figure 8-6 Telnet_WAN Filter Rules Summary

Filter Configuration 8-5

Prestige 642 ADSL Internet Access Router

Menu 21.4 - Filter Rules Summary

# A Type Filter Rules M m n

- - ---- --------------------------------------------------------------- - - ­ 1 Y Gen Off=12, Len=2, Mask=ffff, Value=8863 N F N
2 Y Gen Off=12, Len=2, Mask=ffff, Value=8864 N F D
3 N
4 N
5 N
6 N

Enter Filter Rule Number (1-6) to Configure:

Figure 8-7 PPPoE Filter Rules Summary

8.2.1 Filter Rules Summary Menu

This screen shows the summary of the existing rules in the filter set. The following tables contain a brief
description of the abbreviations used in the previous menus.

Table 8-1 Abbreviations Used in the Filter Rules Summary Menu

Abbreviations Description Display

# Refers to the filter rule number (1-6).

A Shows whether the rule is active or not. [Y] means the filter rule is active.

[N] means the filter rule is inactive.

Type Refers to the type of filter rule.

This shows GEN for generic, IP for
TCP/IP

Filter Rules

The filter rule parameters will be
displayed here (see below).

M

Refers to

More

More in a set behaves

.

like a logical AND i.e., the set is only
matched if ALL rules in it are matched.

[Y] means an action can not yet be taken
as there are more rules to check, which
are concatenated with the present rule
to form a rule chain. When the rule chain
is complete an action can be taken.

[GEN] for Generic

[IP] for TCP/IP

[Y] means there are more rules to check.

[N] means there are no more rules to check.

8-6 Filter Configuration

Prestige 642 ADSL Internet Access Router

[N] means you can now specify an action
to be taken i.e., forward the packet, drop
the packet or check the next rule. For the
latter, the next rule is independent of the
rule just checked.

If More is

Action Not Matched

m

n

Refers to

[F] means to forward the packet
immediately and skip checking the
remaining rules.

Refers to

[F] means to forward the packet
immediately and skip checking the
remaining rules.

Yes

Action Matched

Action Not Matched.

Action Matched

, then

will be

and

N/A

.

[F] means to forward the packet.

[D] means to drop the packet.

[N] means check the next rule.

[F] means to forward the packet.

[D] means to drop the packet.

[N] means check the next rule.

The protocol dependent filter rules abbreviation are listed as follows:

If the filter type is IP, the following abbreviations listed in the following table will be used.

z

Table 8-2 Abbreviations Used If Filter Type Is IP

Abbreviation Description

Pr Protocol

SA Source Address

SP Source Port number

DA Destination Address

DP Destination Port number

Abbreviations Used If Filter Type Is IPX

•

Table 8-3 Abbreviations Used If Filter Type Is IPX

Abbreviation Description

PT IPX Packet Type

SS Source Socket

DS Destination Socket

If the filter type is GEN (generic), the following abbreviations listed in the following table will be

z

used.

Filter Configuration 8-7

Prestige 642 ADSL Internet Access Router

Table 8-4 Abbreviations Used If Filter Type Is GEN

Abbreviation Description

Off Offset

Len Length

Refer to the next section for information on configuring the filter rules.

8.2.2 Configuring a Filter Rule

To configure a filter rule, type its number in
open

Menu 21.1.1

There are three types of filter rules:
parameters below the type will be different. Use the space bar to select the type of rule that you wish to
create in the
To speed up filtering, all rules in a filter set must be of the same class, i.e., protocol filters or generic filters.
The class of a filter set is determined by the first rule that you create. When applying the filter sets to a
port, separate menu fields are provided for protocol and device filter sets. If you include a protocol filter set
in a device filters field or vice versa, the Prestige will warn you and will not allow you to save.

for the rule.

Filter Type

TCP/IP, IPX

field and press ENTER to open the respective menu.

Menu 21.1 - Filter Rules Summary

and

Generic

. Depending on the type of rule, the

and press [

ENTER]

to

8.2.3 TCP/IP Filter Rule

This section shows you how to configure a TCP/IP filter rule. TCP/IP rules allow you to base the rule on
the fields in the IP and the upper layer protocol, e.g., UDP and TCP, headers.
To configure a TCP/IP rules, select TCP/IP Filter Rule from the Filter Type field and press ENTER to open

Menu 21.1.1 - TCP/IP Filter Rule

, as shown below.

8-8 Filter Configuration

Prestige 642 ADSL Internet Access Router

Menu 21.1.1 - TCP/IP Filter Rule

Filter #: 1,1
Filter Type= TCP/IP Filter Rule
Active= Yes
IP Protocol= 6 IP Source Route= No
Destination: IP Addr= 0.0.0.0

Source: IP Addr= 0.0.0.0

TCP Estab= No
More= No Log= None
Action Matched= Drop

Action Not Matched= Check Next Rule

Press Space Bar to Toggle.

Press ENTER to Confirm or ESC to Cancel:

IP Mask= 0.0.0.0
Port #= 137
Port # Comp= Equal

IP Mask= 0.0.0.0
Port #=
Port # Comp= None

Figure 8-8 Menu 21.1.1.1 - TCP/IP Filter Rule

The following table describes how to configure your TCP/IP filter rule.

Table 8-5 TCP/IP Filter Rule Menu Fields

Field Description Option

Active This field activates/deactivates the filter rule.

IP Protocol Protocol refers to the upper layer protocol, e.g., TCP is 6,

UDP is 17 and ICMP is 1. This value must be between 0
and 255

IP Source Route If Yes, the rule applies to packet with IP source route

option; else the packet must not have source route option.
The majority of IP packets do not have source route.

Destination: IP
Address

Destination: IP
Mask

Destination: Port # Enter the destination port of the packets that you wish to

Enter the destination IP Address of the packet you wish to
filter. This field is a don’t-care if it is 0.0.0.0.

Enter the IP mask to apply to the Destination: IP Addr. IP mask

filter. The range of this field is 0 to 65535. This field is a
don’t-care if it is 0.

Yes/No

0-255

Yes/No

IP address

0-65535

Filter Configuration 8-9

Prestige 642 ADSL Internet Access Router

Field Description Option

Destination: Port #
Comp

Source: IP Address Enter the source IP Address of the packet you wish to

Source: IP Mask Enter the IP mask to apply to the Source: IP Addr. IP Mask

Source: Port # Enter the source port of the packets that you wish to filter.

Source: Port #
Comp

TCP Estab This field is applicable only when IP Protocol field is 6,

More If yes, a matching packet is passed to the next filter rule

Log Select the logging option from the following:

Action Matched Select the action for a matching packet.

Action Not Matched Select the action for a packet not matching the rule.

Select the comparison to apply to the destination port in
the packet against the value given in Destination: Port #.

filter. This field is a don’t-care if it is 0.0.0.0.

The range of this field is 0 to 65535. This field is a don’t­care if it is 0.

Select the comparison to apply to the source port in the
packet against the value given in Source: Port #.

TCP. If yes, the rule matches only established TCP
connections; else the rule matches all TCP packets.

before an action is taken; else the packet is disposed of
according to the action fields.

If More is
Matched will be

z

z

z

z

Yes

, then Action Matched and Action Not

N/A

.

None

– No packets will be logged.

Action Matched

parameters will be logged.

Action Not Matched

match the rule parameters will be logged.

Both

– All packets will be logged.

- Only packets that match the rule

- Only packets that do not

None/Less/Greater/

Equal/Not Equal]

IP Address

0-65535

None/Less/Greater/

Equal/Not Equal

Yes/No

Yes / No

None

Action Matched

Action Not Matched

Both

Check Next Rule

Forward

Drop

Check Next Rule

Forward

Drop

8-10 Filter Configuration

Prestige 642 ADSL Internet Access Router

Field Description Option

Once you have completed filling in
[Press ENTER to Confirm] to save your configuration, or press [Esc] to cancel. This data will now be
displayed on

Menu 21.1 - Filter Rules Summary

Menu 21.1.1 - TCP/IP Filter Rule

.

, press [ENTER] at the message

The following diagram illustrates the logic flow of an IP filter.

Filter Configuration 8-11

Prestige 642 ADSL Internet Access Router

Packet

into IP Filter

Filter Active?

Yes

Apply SrcAddrMask

to Src Addr

Check Src

IP Addr

Matched

Apply DestAddrMask

to Dest Addr

Check Dest

IP Addr

Matched

Check

IP Protocol

Matched

Check Src &

Dest Port

Matched

More?

No

Not Matched

Not Matched

Not Matched

Not Matched

Yes

No

Action Matched

Drop

Drop Packet Accept Packet

Check Next Rule

Forward

Check Next Rule

Check Next Rule

Action Not Matched

Drop Forward

Figure 8-9 Executing an IP Filter

8-12 Filter Configuration

Prestige 642 ADSL Internet Access Router

8.2.4 Generic Filter Rule

This section shows you how to configure a generic filter rule. The purpose of generic rules is to allow you
to filter non-IP packets. For IP, it is generally easier to use the IP rules directly.
For generic rules, the Prestige treats a packet as a byte stream as opposed to an IP or IPX packet. You
specify the portion of the packet to check with the Offset (from 0) and the Length fields, both in bytes. The
Prestige applies the Mask (bit-wise ANDing) to the data portion before comparing the result against the
Value to determine a match. The Mask and Value are specified in hexadecimal numbers. Note that it takes
two hexadecimal digits to represent a byte, so if the length is 4, the value in either field will take 8 digits,
e.g.,

FFFFFFFF

To configure a generic rule, select Generic Filter Rule in the Filter Type field in the
[

ENTER]

.

to open Generic Filter Rule, as shown below.

Menu 21.6.1 - Generic Filter Rule

Filter #: 6,1
Filter Type= Generic Filter Rule
Active= No
Offset= 0
Length= 0
Mask= N/A
Value= N/A
More= No Log= None
Action Matched= Check Next Rule
Action Not Matched= Check Next Rule

Menu 21.6.1

and press

Press Space Bar to Toggle.

Press ENTER to Confirm or ESC to Cancel:

Figure 8-10 Generic Filter Rule

The following table describes the fields in the Generic Filter Rule Menu.

Table 8-6 Generic Filter Rule Menu Fields

Field Description Option

Filter # This is the filter set, filter rule co-ordinates, i.e., 2,3 refers to the second

filter set and the third rule of that set.

Filter Type Use the [SPACE BAR] to toggle between both types of rules. Parameters

displayed below each type will be different.

Generic Filter
Rule/

TCP/IP

Filter Rule

Active

Select

Yes

to turn on the filter rule.

Yes/No

Filter Configuration 8-13

Prestige 642 ADSL Internet Access Router

Field Description Option

Offset Enter the starting byte of the data portion in the packet that you wish to

compare. The range for this field is from 0 to 255.

Length Enter the byte count of the data portion in the packet that you wish to

compare. The range for this field is 0 to 8.

Mask Enter the mask (in Hexadecimal) to apply to the data portion before

comparison.

Value Enter the value (in Hexadecimal) to compare with the data portion.

More If yes, a matching packet is passed to the next filter rule before an action is

taken; else the packet is disposed of according to the action fields.

If More is

Log Select the logging option from the following:

z

z

z

z

Action
Matched

Action Not
Matched

Once you have completed filling in
[Press ENTER to Confirm] to save your configuration, or press [Esc] to cancel. This data will now be
displayed on

Select the action for a matching packet.

Select the action for a packet not matching the rule.

Menu 21.1.1 - Filter Rules Summary

Yes

, then Action Matched and Action Not Matched will be No.

None

– No packets will be logged.

Action Matched

be logged.

Action Not Matched

parameters will be logged.

Both

– All packets will be logged.

- Only packets that match the rule parameters will

- Only packets that do not match the rule

Menu 21.4.1.1 - Generic Filter Rule

, press [ENTER] at the message

.

Default = 0

Default = 0

Yes / No

None

Action

Matched

Action Not

Matched

Both

Check Next

Rule

Forward

Drop

Check Next

Rule

Forward

Drop

8.2.5 Novell IPX Filter Rule

This section shows you how to configure an IPX filter rule. IPX filters allow you to base the rules on the
fields in the IPX headers.

8-14 Filter Configuration

Prestige 642 ADSL Internet Access Router

To configure an IPX rules, select

Menu 21.1.5 IPX Filter Rule

Press Space Bar to Toggle.

, as shown in the figure below.

IPX Filter Rule

Menu 21.1.5 - IPX Filter Rule

Filter #: 5,1
Filter Type= IPX Filter Rule
Active= No
IPX Packet Type=
Destination: Network #=

Source: Network #=

Operation= N/A
More= No Log= None
Action Matched= Check Next Rule
Action Not Matched= Check Next Rule

Press ENTER to Confirm or ESC to Cancel:

from the

Node #=
Socket #=
Socket # Comp= None

Node #=
Socket #=
Socket # Comp= None

Filter Type

field and press [ENTER} to open

Figure 8-11 IPX Filter Rule

Filter Configuration 8-15

Prestige 642 ADSL Internet Access Router

The table below describes the IPX Filter Rule.

Table 8-7 IPX Filter Rule Menu Fields

Field Description

IPX Packet Type Enter the IPX packet type (1-byte in hexadecimal) you wish to

filter.

The popular types are (in hexadecimal):

01 - RIP

04 - SAP

05 - SPX (Sequenced Packet eXchange)

11 - NCP (NetWare Core Protocol)

14 - Novell NetBIOS

Destination/Source
Network #

Destination/Source Node#Enter in the destination/source node number (6-byte in

Destination/Source
Socket #

Destination/Source
Socket # Comp

Operation This field is applicable only if one of the Socket # fields is 0452

Once you have completed filling in
message [Press Enter to Confirm] to save your configuration, or press [Esc] to cancel. This
data will now be displayed on

Enter the destination/source network numbers (4-byte in
hexadecimal) of the packet that you wish to filter.

hexadecimal) of the packet you wish to filter.

Enter the destination/source socket number (2-byte in
hexadecimal) of the packets that you wish to filter.

Select the comparison you wish to apply to the
destination/source socket in the packet against that specified
above.

or 0453 indicating SAP and RIP packets. There are seven
options for this field that specify the type of the packet.

z None.

z RIP Request.

z RIP Response.

z SAP Request.

z SAP Response.

z SAP Get Nearest Server Request.

z SAP Get Nearest Server Response

Menu 21.1.3 - IPX Filter Rule

Menu 21.1 - Filter Rules Summary

, press [Enter] at the

.

8-16 Filter Configuration

Prestige 642 ADSL Internet Access Router

8.3 Example Filter

Let’s look at the third default ZyXEL filter, TELNET_WAN (
PNC Disk for more example filters. This filter is designed to block outside users telnetting into the Prestige.

see Figure

8-6) as an example. Please see our

Figure 8-12 Telnet Filter Example

Step 1.
Step 2.

Step 3.

Step 4.

Step 5.

Filter Configuration 8-17

Enter
Enter the index of the filter set you wish to configure (in this case, 3) and press

Enter a descriptive name or comment in the
and press
Press

Summary

Enter 1 to configure the first filter rule (the only filter rule of this set). Make the entries in this
menu as shown in the following figure.

from the Main Menu to open

21

[ENTER].

[ENTER]

at the message: [Press ENTER to confirm] to open

.

Menu 21 - Filter Set Configuration

Edit Comments

field (in this case TELNET_WAN)

Menu 21.3 - Filter Rules

.

[ENTER]

.

Prestige 642 ADSL Internet Access Router

p

Press S

ace Bar to Toggle.

There are no
more rules to
check.

Select

Drop

here so that
the packet will be
dropped if its destination
is the telnet port.

Menu 21.3.1 - TCP/IP Filter Rule

Filter #: 3,1
Filter Type= TCP/IP Filter Rule
Active= Yes
IP Protocol= 6 IP Source Route= No
Destination: IP Addr= 0.0.0.0

Source: IP Addr= 0.0.0.0

TCP Estab= No
More= No Log= None
Action Matched= Drop
Action Not Matched= Forward

Press ENTER to Confirm or ESC to Cancel:

IP Mask= 0.0.0.0
Port #= 23
Port # Comp= Equal

IP Mask= 0.0.0.0
Port #= 0
Port # Comp= None

Select
here as we are
looking for
packets going to
port 23 only.

Select
the packet will be forwarded
if its destination is not the
telnet port.

Equal

Forward

Press the [SPACEBAR] to
choose this filter rule type. The
first filter rule type determines
all subsequent filter types
within a set.

Select

to make the rule

Yes

active.

is the TCP protocol.

6

The port number for the telnet
service (TCP protocol) is 23.
See RFC 1060 for port numbers
of well-known services.

here so that

Figure 8-13 Example Filter – Menu 21.3.1

When you press

[ENTER]

to confirm, you will see the following screen. Note that there is only one filter

rule in this set.

8-18 Filter Configuration

Prestige 642 ADSL Internet Access Router

Menu 21.3 - Filter Rules Summary

# A Type Filter Rules M m n

- - ---- --------------------------------------------------------------- - - ­ 1 Y IP Pr=6, SA=0.0.0.0, DA=0.0.0.0, DP=23 N D F
2 N
3 N
4 N
5 N
6 N

Enter Filter Rule Number (1-6) to Configure: 1

This shows you that you have
configured and activated (

) a TCP/IP filter rule (

Y
IP, Pr = 6

telnet ports (

) for destination

DP = 23

A =

Type =

).

means an action can be taken

M = N

immediately. The action is to drop the
packet (
to forward the packet immediately (

) if the action is matched and

m = D

n = F

) if
the action is not matched no matter whether
there are more rules to be checked (there
aren’t in this example).

Figure 8-14 Example Filter Rules Summary – Menu 21.3

After you’ve created the filter set, you must apply it.

Step 1.
Step 2.

Step 3.

Step 4.

Enter 11 from the main menu to go to Menu 11.
Go to the

[ENTER]

Edit Filter Sets

.

field, press the

[SPACEBAR]

to toggle

Yes

to No and press

This brings you to Menu 11.5. Apply the TELNET_WAN filter set (filter set 3) as shown in

Figure 8-17

Press

.

[ENTER

] to confirm after you enter the set numbers and to leave Menu 11.5.

8.4 Filter Types and SUA

There are two types of filter rules,
rules.

Device Filter

rules act on the raw data from/to LAN and WAN.

Device Filter

and IPX packets. When NAT/SUA (Network Address Translation/Single User Account) is enabled, the
inside IP address and port number are replaced on a connection-by-connection basis, which makes it
impossible to know the exact address and port on the wire. Therefore, the Prestige applies the

to the “native” IP address and port number before NAT/SUA for outgoing packets and after

filters

(Generic) rules and

Protocol Filter

Protocol Filter

(TCP/IP and IPX)

rules act on the IP

protocol

Filter Configuration 8-19

Prestige 642 ADSL Internet Access Router

NAT/SUA for incoming packets. On the other hand, the generic, or

device filters

are applied to the raw
packets that appear on the wire. They are applied at the point when the Prestige is receiving and sending the
packets; i.e. the interface. The interface can be an Ethernet, or any other hardware port. The following
diagram illustrates this.

Figure 8-15 Protocol and Device Filter Sets

8.5 Applying a Filter and Factory Defaults

This section shows you where to apply the filter(s) after you design it (them). Sets of factory default filter
rules have been configured in Menu 21 (but have not been applied) to prevent NetBIOS traffic from
triggering calls, incoming telnet and sessions. The PPPoE filter filters out all packets
going out from the Prestige to the ISP or remote node.

8.5.1 LAN traffic

LAN traffic filter sets may be useful to block certain packets, reduce traffic and prevent security breaches.
Go to

Menu 3.1

appropriate. You can choose up to four filter sets (from twelve) by entering their numbers separated by
commas, e.g., 3, 4, 6, 11. Input filter sets filter incoming traffic to the Prestige and Output filter sets filter
outgoing traffic from the Prestige. The factory default set, NetBIOS_LAN, can be inserted in

filters –

field under

(shown next) and enter the number(s) of the filter set(s) that you want to apply as

Input Filter Sets

in

Menu 3.1

to block NetBIOS traffic to the Prestige from the LAN.

PPPoE packets

except

protocol

Menu 3.1 – LAN Port Filter Setup

Input Filter Sets:
protocol filters= 2
device filters=
Output Filter Sets:
Protocol filters=
device filters=

Press ENTER to Confirm or ESC to Cancel:

Apply
Default Filter
2 here.

Figure 8-16 Filtering LAN Traffic

8-20 Filter Configuration

Prestige 642 ADSL Internet Access Router

8.5.2 Remote Node Filters

Go to Menu 11.5 (shown below – note that call filter sets are only present for PPPoE encapsulation) and
enter the number(s) of the filter set(s) as appropriate. You can cascade up to four filter sets by entering their
numbers separated by commas. The factory default filter set, NetBIOS_WAN, can be applied in Menu 11.5
to block local NetBIOS traffic from triggering calls to the ISP (when you are using
only). Enter “1” in the

protocol filters

under

protocol filters
Output Filter Sets – protocol filters

field under

Call Filter Sets

when using Ethernet encapsulation. Filter set

when using PPPoE encapsulation and in

“3”, Telnet_WAN, blocks telnet connections from the WAN Port to help prevent security breaches. Filter
set “4”, PPPoE, blocks PPP connections from the WAN Port. Apply them as shown in the following figure.

PPPoE

encapsulation

Menu 11.5 - Remote Node Filter

Input Filter Sets:
protocol filters= 3
device filters=
Output Filter Sets:
protocol filters= 4
device filters=
Call Filter Sets:
protocol filters= 1
device filters

Enter here to CONFIRM or ESC to CANCEL:

=

Figure 8-17 Filtering Remote Node Traffic (PPPoE Encapsulation)

Apply Default
Filters 1, 3 and 4
here. Enter 1 in

protocol filters

Output

under

Filter Sets

when
using Ethernet
encapsulation

.

Filter Configuration 8-21

Prestige 642 ADSL Internet Access Router

Chapter 9

SNMP Configuration

This chapter discusses SNMP (Simple Network Management Protocol) for network management

and monitoring.

9.1 About SNMP

Your Prestige 642 supports SNMP agent functionality, which allows a manager station to manage and
monitor the Prestige through the network. Keep in mind that SNMP is only available if TCP/IP is
configured on your Prestige.

9.2 Configuring SNMP

To configure SNMP, select

SNMP Configuration

simply SNMP’s terminology for password.

SNMP Configuration

, as shown in the figure below. The “community” for Get, Set and Trap fields is

Menu 22 - SNMP Configuration

SNMP:

Get Community= public
Set Community= public
Trusted Host= 0.0.0.0
Trap:
Community= public

Destination= 0.0.0.0

(enter 22) from the Main Menu to open

Menu 22 -

Press ENTER to Confirm or ESC to Cancel:

Figure 9-1 Menu 22 - SNMP Configuration

SNMP Configuration 9-1

Prestige 642 ADSL Internet Access Router

The following table describes the SNMP configuration parameters.

Table 9-1 SNMP Configuration Menu Fields

Field Description Default

Get
Community

Set
Community

Trusted Host If you enter a trusted host, your Prestige will only respond to

Trap:
Community

Trap:
Destination

Once you have completed filling in
message [Press ENTER to Confirm] to save your configuration, or press [Esc] to cancel.

Enter the get community, which is the password for the incoming
Get- and GetNext- requests from the management station.

Enter the set community, which is the password for incoming Set­requests from the management station.

SNMP messages from this address. If you leave the field blank
(default), your Prestige will respond to all SNMP messages it
receives, regardless of source.

Enter the trap community, which is the password sent with each
trap to the SNMP manager.

Enter the IP address of the station to send your SNMP traps to. blank

Menu 22 - SNMP Configuration

, press [ENTER] at the

public

public

blank

public

9-2 SNMP Configuration

Prestige 642 ADSL Internet Access Router

Chapter 10

System Maintenance

This chapter covers the diagnostic tools that help you to maintain your Prestige.

The diagnostic tools include updates on system status, port status, log and trace capabilities and upgrades
for the system software. This chapter describes how to use these tools in detail.
Select menu 24 in the main menu to open

Figure 10-1 Menu 24 - System Maintenance

Menu 24 - System Maintenance

Menu 24 - System Maintenance

1. System Status

2. System Information and Console Port Speed

3. Log and Trace

4. Diagnostic

5. Backup Configuration

6. Restore Configuration

7. Upload Firmware

8. Command Interpreter Mode

Enter Menu Selection Number:

, as shown below.

System Maintenance 10-1

Prestige 642 ADSL Internet Access Router

10.1 System Status

The first selection, System Status, gives you information on the status and statistics of the ports, as shown
below. System Status is a tool that can be used to monitor your Prestige. Specifically, it gives you
information on your ADSL line status, number of packets sent and received.
To get to the System Status, enter number 24 to go to
select number 1,

. Entering 1 resets the counters and

Status

System Status

There are two commands in

.

ESC

The table below describes the fields present in

Menu 24 - System Maintenance.

Menu 24.1 - System Maintenance -

takes you back to the previous screen.

Menu 24.1 - System Maintenance - Status

noted that these fields are READ-ONLY and are meant to be used for diagnostic purposes.
Please note that displaying this screen degrades system performance.

Menu 24.1 -- System Maintenance – Status

Node-Lnk
1-1483
2
3
4
5
6
7
8

Status
Up
N/A
N/A
N/A
N/A
N/A
N/A
N/A

TxPkts

1462

RxPkts

0
0
0
0
0
0
0

1567

Errors

0
0
0
0
0
0
0

Tx B/s
0
0
0
0
0
0
0
0

222

Rx B/s

211
0
0
0
0
0
0
0

0
0
0
0
0
0
0

From this menu,

. It should be

Up Time
2:15:16
0:00:00
0:00:00
0:00:00
0:00:00
0:00:00
0:00:00
0:00:00

Ethernet:

Status: 100M/Full Duplex

Collisions: 0

CPU Load = 4.25%

Tx Pkts: 1583
Rx Pkts: 1521

CMDS: 1-Reset Counters ESC-Exit

Press Command:

WAN:
Line Status: Up
Upstream Speed: 608 kbps
Downstream Speed: 4000 kbps

Figure 10-2 Menu 24.1 - System Maintenance – Status

The following table describes the fields present in

Menu 24.1 - System Maintenance - Status

.

10-2 System Maintenance

Prestige 642 ADSL Internet Access Router

Table 10-1 System Maintenance - Status Menu Fields

Field Description

This is the remote node index number and link type. Link types are :Node-Lnk

PPP, ENET, 1483, PPPoE

Status Shows the status of the remote node.

TxPkts The number of packets transmitted to this remote node.

RxPkts The number of packets received from this remote node.

Errors The number of error packets on this connection.

Tx B/s Shows the transmission rate in bytes per second.

Rx B/s Shows the receiving rate in bytes per second.

Up Time Time this channel has been connected to the remote node.

Ethernet

Status Shows the current status of the LAN.

Tx Pkts The number of transmitted packets to the LAN.

Rx Pkts The number of received packets from the LAN.

Collision Number of collisions.

WAN

Line Status

Upstream Speed Shows the ADSL line upstream speed.

Downstream Speed Shows the ADSL line downstream speed

CPU Load Specifies the percentage of CPU utilization.

Press Command

1 - Reset Counters Press 1 to reset all the above statistics to 0.

ESC - Exit Press ESC to go back to Menu 24.

Shows the current status of the ADSL line which can be

Wait for Init

Initializing

or

.

Up, Down,

Menu 24.2 System Information and Console Port Speed

is as follows.

System Maintenance 10-3

Prestige 642 ADSL Internet Access Router

Menu 24.2 - System Information and Console Port Speed

1. System Information

2. Console Port Speed

Figure 10-3 System Information and Console Port Speed

Press 1 to display the next screen,

LAN

Press ESC or RETURN to Exit:

Menu 24.2.1 - System Maintenance - Information.

Menu 24.2.1 – System Maintenance - Information

Name: Johnny
Routing: IP
ZyNOS S/W Version: V2.50(AJ.0)b4 | 5/11/2000
ADSL Chipset Vendor: Alcatel, Version 1.6.25
Operational Command: Multi-Mode

Ethernet Address:00:a0:c5:02:34:56
IP Address: 192.168.1.1
IP Mask: 255.255.255.0
DHCP: Server

Figure 10-4 System Maintenance - Information

Table 10-2 Fields in System Maintenance - Information

Field Description

Name Displays the system name of your Prestige. This information can be modified in

Menu 1 - General Setup

.

Routing Refers to the routing protocol used.

ZyNOS S/W
Version

ADSL Chipset

Refers to the ZyNOS (ZyXEL Network Operating System) software version. ZyNOS
is a registered trademark of ZyXEL Communications Corporation.

Displays the vendor of the ADSL chipset and ADSL modem software version.

Vendor

Operational
Command

This refers to the operational protocol the Prestige and the DSLAM (Digital
Subscriber Line Access Multiplexer) is using. Please see the section on
“Standards” in Part 0 of this manual.

Ethernet Address Refers to the Ethernet MAC (Media Access Control) of your Prestige.

IP Address This is the IP address of the Prestige in dotted decimal notation.

IP Mask This shows the subnet mask of the Prestige.

10-4 System Maintenance

Prestige 642 ADSL Internet Access Router

Field Description

DHCP

This field shows the DHCP setting (

None, Relay

or

Server

) of the Prestige.

10.1.1 Console Port Speed

You can change the speed of the console port through

Menu 24.2.2 – Console Port Speed

supports 9600 (default), 19200, 38400, 57600, and 115200 bps for the console port. Use the space bar to
select the desired speed in Menu 24.2.2, as shown in the following figure.

Menu 24.2.2 – System Maintenance – Console Port Speed

Console Port Speed: 115200

Press ENTER to Confirm or ESC to Cancel:
Press Space Bar to Toggle.

Figure 10-5 Menu 24.2.2 – System Maintenance – Console Port Speed

. Your Prestige

10.2 Log and Trace

There are two logging facilities in the Prestige. The first is the error logs and trace records that are stored
locally. The second is the UNIX syslog facility for message logging.

10.2.1 Viewing Error Log

The first place you should look for clues when something goes wrong is the error log. Follow the procedure
below to view the local error/trace log:

Step 1.
Step 2.

Enter 24 from the Main Menu to open
From Menu 24, enter 3 to open

Menu 24.3 - System Maintenance - Log and Trace

1. View Error Log

2. UNIX Syslog

Menu 24.3 - System Maintenance - Log and Trace

Menu 24 - System Maintenance

.

.

Figure 10-6 Log and Trace

Step 3.

Enter 1 in

Menu 24.3 - System Maintenance - Log and Trace

to display the error log in the

system.

After the Prestige finishes displaying the error log, you will have the option to clear it.

System Maintenance 10-5

Prestige 642 ADSL Internet Access Router

Examples of typical error and information messages are presented in the following figure.

45 7203 PINI INFO Channel 11 ok
46 7204 PINI INFO Channel 10 ok
47 7205 PINI INFO Channel 9 ok
48 7206 PINI INFO Channel 8 ok
49 7207 PINI INFO Channel 7 ok
50 7208 PINI INFO Channel 6 ok
51 7209 PINI INFO Channel 5 ok
52 7210 PINI INFO Channel 4 ok
53 7211 PINI INFO Channel 3 ok
54 7212 PINI INFO Channel 2 ok
55 7213 PINI INFO Channel 1 ok
Clear Error Log (y/n):

Figure 10-7 Examples of Error and Information Messages

10.2.2 Syslog And Accounting

The Prestige uses the UNIX syslog facility to log the CDR (Call Detail Record) and system messages to a
syslog server. Syslog and accounting can be configured in

and Accounting

, as shown next.

Menu 24.3.2 -- System Maintenance - UNIX Syslog and Accounting

Press Space Bar to Toggle.

Press ENTER to Confirm or ESC to Cancel:

UNIX Syslog:
Active= No
Syslog IP Address= ?
Log Facility= Local 1

Types:
CDR= No
Packet triggered= No
Filter log= No
PPP log= No

Menu 24.3.2 - System Maintenance - Syslog

Figure 10-8 Menu 24.3.2 - System Maintenance - Syslog and Accounting

You need to configure the UNIX syslog parameters described in the following table to activate syslog then
choose what you want to log.

10-6 System Maintenance

Prestige 642 ADSL Internet Access Router

Table 10-3 System Maintenance Menu Syslog Parameters

Parameter Description

UNIX Syslog:

Active Use the space bar to turn on or off syslog.

Syslog IP Address Enter the IP Address of the server that will log the CDR (Call Detail Record) and

system messages i.e., the syslog server.

Log Facility Use the space bar to toggle between the 7 different Local options. The log facility

allows you to log the message in different files in the server. Please refer to your
UNIX manual for more detail.

Types:

CDR

Call Detail Record (CDR) logs all data phone line activity if set to

Yes.

Packet triggered The first 48 bytes or octets and protocol type of the triggering packet is sent to the

Yes.

No.

Filters with the individual filter

Yes.

Yes.

Filter log

PPP log

UNIX syslog server when this field is set to

No filters are logged when this field is set to

Filter

field set to

Yes

are logged when this field is set to

PPP events are logged when this field is set to

Your Prestige sends four types of syslog messages. Some examples of these syslog messages with their
message formats are shown next:

1.

CDR

CDR Message Format

SdcmdSyslogSend( SYSLOG_CDR, SYSLOG_INFO, String );
String = board xx line xx channel xx, call xx, str
board = the hardware board ID
line = the WAN ID in a board
Channel = channel ID within the WAN
call = the call reference number which starts from 1 and increments by 1 for each new call
str = C01 Outgoing Call dev xx ch xx (dev:device No. ch:channel No.)

L02 Tunnel Connected(L2TP)
C02 OutCall Connected xxxx (means connected speed) xxxxx (means Remote Call Number)

L02 Call Terminated
C02 Call Terminated

Log

Jul 19 11:19:27 192.168.102.2 ZyXEL Communications Corp.: board 0 line 0 channel 0, call
1, C01 Outgoing Call dev=2 ch=0 40002
Jul 19 11:19:32 192.168.102.2 ZyXEL Communications Corp.: board 0 line 0 channel 0, call
1, C02 OutCall Connected 64000 40002

System Maintenance 10-7

Prestige 642 ADSL Internet Access Router

Jul 19 11:20:06 192.168.102.2 ZyXEL Communications Corp.: board 0 line 0 channel 0, call
1, C02 Call Terminated

2.

Packet triggered

Packet triggered Message Format

sdcmdSyslogSend( SYSLOG_PKTTRI, SYSLOG_NOTICE, String );

Jul 19 11:28:39 192.168.102.2 ZyXEL Communications Corp.: Packet Trigger: Protocol=1,
Data=4500003c100100001f010004c0a86614ca849a7b08004a5c020001006162636465666768696a6b6c6d6e6
f7071727374
Jul 19 11:28:56 192.168.102.2 ZyXEL Communications Corp.: Packet Trigger: Protocol=1,
Data=4500002c1b0140001f06b50ec0a86614ca849a7b0427001700195b3e00000000600220008cd4000002040
5b4
Jul 19 11:29:06 192.168.102.2 ZyXEL Communications Corp.: Packet Trigger: Protocol=1,
Data=45000028240140001f06ac12c0a86614ca849a7b0427001700195b451d1430135004000077600000

3.

Filter log

Filter log Message Format

String = IP[Src=xx.xx.xx.xx Dst=xx.xx.xx.xx prot spo=xxxx dpo=xxxx] S04>R01mD

IP[…] is the packet header and S04>R01mD means filter set 4 (S) and rule 1 (R), match (m) drop (D).

spo: Source port
dpo: Destination port

Jul 19 14:43:55 192.168.102.2 ZyXEL Communications Corp.: IP[Src=202.132.154.123
Dst=255.255.255.255 UDP spo=0208 dpo=0208]}S03>R01mF
Jul 19 14:44:00 192.168.102.2 ZyXEL Communications Corp.: IP[Src=192.168.102.20
Dst=202.132.154.1 UDP spo=05d4 dpo=0035]}S03>R01mF
Jul 19 14:44:04 192.168.102.2 ZyXEL Communications Corp.: IP[Src=192.168.102.20
Dst=202.132.154.1 UDP spo=05d4 dpo=0035]}S03>R01mF

String = Packet trigger: Protocol=xx Data=xxxxxxxxxx…..x
Protocol: (1:IP 2:IPX 3:IPXHC 4:BPDU 5:ATALK 6:IPNG)
Data: We will send forty-eight Hex characters to the server

SdcmdSyslogSend(SYSLOG_FILLOG, SYSLOG_NOTICE, String );

Src: Source Address
Dst: Destination Address
prot: Protocol (“TCP”,”UDP”,”ICMP”)

4.

PPP log

PPP Log Message Format

sdcmdSyslogSend( SYSLOG_PPPLOG, SYSLOG_NOTICE, String );
String = ppp:Proto Starting / ppp:Proto Opening / ppp:Proto Closing / ppp:Proto Shutdown
Proto = LCP / ATCP / BACP / BCP / CBCP / CCP / CHAP/ PAP / IPCP /
IPXCP

Jul 19 11:42:44 192.168.102.2 ZyXEL Communications Corp.: ppp:LCP Closing
Jul 19 11:42:49 192.168.102.2 ZyXEL Communications Corp.: ppp:IPCP Closing

Jul 19 11:42:54 192.168.102.2 ZyXEL Communications Corp.: ppp:CCP Closing

10-8 System Maintenance

Prestige 642 ADSL Internet Access Router

10.3 Diagnostic

The diagnostic facility allows you to test the different aspects of your Prestige to determine if it is working
properly. Menu 24.4 allows you to choose among various types of diagnostic tests to evaluate your system,
as shown.

Menu 24.4 - System Maintenance - Diagnostic

WAN

1. Reset ADSL

TCP/IP

12. Ping Host

Enter Menu Selection Number:

Host IP Address= N/A

Figure 10-9 Menu 24.4 - System Maintenance - Diagnostic

Follow the procedure below to get to Diagnostic

Step 1.
Step 2.

From the Main Menu, enter 24 to open
From this menu, enter 4 to open

Menu 24.4 - System Maintenance - Diagnostic

The following table describes the diagnostic tests available in Menu 24.4 for your Prestige and the
connections.

System

21. Reboot System

22. Command Mode

Menu 24 - System Maintenance

.

.

Table 10-4 System Maintenance Menu Diagnostic

Field Description

Reset ADSL This command re-initializes the ADSL link to the telephone company.

Ping Host This diagnostic test pings the host, which determines the functionality of the

TCP/IP protocol on both systems and the links in between.

Reboot System This option reboots the Prestige.

Command Mode This option allows you to enter the command mode. This mode allows you to

diagnose and test your Prestige using a specified set of commands.

10.4 Transferring Files - Filename conventions

The configuration file (often called the romfile or romfile-0) contains the factory default settings in the
menus such as password, DHCP Setup, TCP/IP Setup etc. It arrives from ZyXEL with a name of

System Maintenance 10-9

Prestige 642 ADSL Internet Access Router

P642.ROM or similar. Once you have customized the Prestige's setting, they can be saved back to
PC/workstation under a filename of your choosing. Choose something meaningful, e.g. “MyP642.cfg”.
The ZyNOS firmware file (sometimes referred to as the ras file) is the file that contains the ZyXEL
Network Operating System firmware and usually is the router model name with a *.bin extension, e.g.,
P642.bin.
With serial (xmodem) transfer, the filenames on the PC are your choice. With many ftp and tftp clients,
they are as well as seen next.

ftp>

put P642.bin ras

This is a sample ftp session showing the transfer of the PC file "P642.bin" to the Prestige.

ftp>

get rom-0 MyP642.cfg

This is a sample ftp session saving the current configuration to the PC file MyP642.cfg.

If your [t]ftp client does not allow you to have a destination filename different from the source, you will
need to rename them as the Prestige only recognizes "rom-0" and "ras". Be sure you keep unaltered copies
of both files for later use.
The following table is a summary. Please note that the internal filename refers to the filename on the
Prestige and the external filename refers to the filename not on the Prestige, i.e., on your workstation, local
network or ftp site and so the name (but not the extension) will vary. The AT command is the command
you enter after you press “Y” when prompted in the SMT menu to go into debug mode.

Table 10-5 Filename Conventions

File Type Internal

Configuration
File

Firmware

Rom-0 *.rom This is the router configuration filename

Ras *.bin This is the generic name for the ZyNOS

Name

External

Name

Description AT

Command

ATLC
on the Prestige. Uploading the rom-0 file
replaces the entire ROM file system,
including your Prestige configurations,
system-related data (including the baud
rate and default password), the error log
and the trace log.

ATUR
firmware on the Prestige.

10.4.1 Firmware Development

It is important to upgrade your firmware regularly, especially if there are problems. If you discover an
unexpected behavior, or bug, see if your problem is mentioned in the release notes. Load it according to
instructions (e.g., see if the default configuration file is needed also). If the problem still exists, e-mail or
call tech support.

10-10 System Maintenance

Prestige 642 ADSL Internet Access Router

10.5 Backup Configuration

Option 5 in

Menu 24 - System Maintenance

your workstation. Backup is highly recommended once your Prestige is functioning properly.
You must perform the backup and restore through the console port. Any serial communications program
should work fine; however, you must use XMODEM protocol to perform the download/upload.

Step 1.

Go to Menu 24.5 (shown next).

Ready to backup Configuration via Xmodem.
Do you want to continue (y/n):

Figure 10-10 Backup Configuration

allows you to backup the current Prestige configuration to

Step 2.

Press “Y” to indicate that you want to continue. The following procedure is for the
HyperTerminal program. The procedure for other serial communications programs should be
similar.

Step 3.

Click “Transfer”, then “Receive File” to display the following screen.

Enter where you want to place
the rom configuration file on
your computer.

Choose the
X-Modem
Protocol.

Figure 10-11 HyperTerminal Screen

Step 4.

Enter where you want to place the rom configuration file on your computer, give it a suitable
name, e.g., p642.rom and make sure you choose the X-Modem Protocol. Then press “Receive”.

Step 5.

After a successful backup you will see the following screen. Press any key to return to the SMT
menu.

** Backup Configuration completed. OK.
### Hit any key to continue.###

Figure 10-12 Successful Backup

Please note that terms “download” and “upload” are relative to the workstation. Download means to
transfer from the Prestige to the workstation, while upload means from your workstation to the Prestige.

System Maintenance 10-11

Prestige 642 ADSL Internet Access Router

10.6 Restore Configuration

Selecting option 6 from

Menu 24 - System Maintenance

workstation to the Prestige. Again, you must use the console port and XMODEM protocol to restore the
configuration.

Step 1.

Go to Menu 24.6 (shown next).

Ready to restore Configuration via Xmodem.
Do you want to continue (y/n):

Figure 10-13 Restore Configuration

to restore the configuration from your

Step 2.

Step 3.

Step 4.

Step 5.

Press “Y” to indicate that you want to continue. The following procedure is for the
HyperTerminal program. The procedure for other serial communications programs should be
similar.

Click “Transfer”, then “Send File” to display the following screen.

Enter where the rom
configuration file is on your
computer.

Choose the
X-Modem
Protocol.

Figure 10-14 HyperTerminal Screen

Enter where the rom configuration file is on your computer, and make sure you choose the X­Modem Protocol. Then press “Send”.

After a successful restoration you will see the following screen. Press any key to return to
reboot the system.

Save to ROM
Hit any key to start system reboot.

Figure 10-15 Successful Backup

Keep in mind that the configuration is stored in the flash ROM in the Prestige, so even if power failure
should occur, your configuration is safe.

10-12 System Maintenance

Prestige 642 ADSL Internet Access Router

10.7 Upload Firmware

Menu 24.7 -- System Maintenance - Upload Firmware

configuration file via the console port. Note that this function erases the old data before installing the new
one; please do not attempt to update unless you have the new firmware at hand. There are 2 components in
the system: the router firmware and the configuration file, as shown next.

Menu 24.7 -- System Maintenance - Upload Firmware

1. Upload Router Firmware

2. Upload Router Configuration File

Enter Menu Selection Number:

Figure 10-16 Menu 24.7 - System Maintenance - Upload Firmware

10.7.1 Upload Router Firmware

The firmware is the program that controls the functions of the Prestige. Menu 24.7.1 shows you the
instructions for uploading the firmware. If you answer yes to the prompt, the Prestige will go into debug
mode. Follow the procedure below to upload the firmware:

Step 1.
Step 2.

Step 3.

Enter “
Wait for the “

” after the “

atur

Enter Debug Mode

Starting XMODEM upload

your terminal.
After successful firmware upload, enter “

allows you to upgrade the firmware and the

” message.

” message before activating Xmodem upload on

” to restart the Prestige.

atgo

Menu 24.7.1 -- System Maintenance - Upload Router Firmware

To upload router firmware:

1. Enter "y" at the prompt below to go into debug mode.

2. Enter "atur" after "Enter Debug Mode" message.

3. Wait for "Starting XMODEM upload" message before activating
Xmodem upload on your terminal.

4. After successful firmware upload, enter "atgo" to restart the
router.

Warning: Proceeding with the upload will erase the current router
firmware.

Do You Wish To Proceed:(Y/N)

Figure 10-17 Menu 24.7.1 - Uploading Router Firmware

System Maintenance 10-13

Prestige 642 ADSL Internet Access Router

10.7.2 Uploading Router Configuration File

The configuration data, system-related data, the error log and the trace log are all stored in the configuration
file. Please be aware that uploading the configuration file replaces everything contained within.
Menu 24.7.2 shows you the instructions for uploading the configuration file. If you answer yes to the
prompt, the Prestige will go into debug mode. Follow the procedure below to upload the configuration file:

Menu 24.6 replaces the current configuration with your customized configuration you

backed up previously. Menu 24.7.2 shows you the instructions for uploading the Router

Configuration file that replaces the current configuration file with the default

configuration file, i.e., P312.rom. You will lose all configurations that you had before

and the speed of the console port will be reset to the default of 9600 bps with 8 data

communications software to the default before you can connect to the Prestige again.

Step 1.
Step 2.

Step 3.

If you replace the current configuration file with the default configuration file, i.e., P642.rom, you will lose
all configurations that you had before and the speed of the console port will be reset to the default of 9600
bps with 8 data bit, no parity and 1 stop bit (8n1) . You will need to change your serial communications
software to the default before you can connect to the Prestige again. The password will be reset to the
default of 1234, also.

To upload router configuration file:

1. Enter "y" at the prompt below to go into debug mode.

2. Enter "atlc" after "Enter Debug Mode" message.

3. Wait for "Starting XMODEM upload" message before activating
Xmodem upload on your terminal.

4. After successful firmware upload, enter "atgo" to restart the
router.

Warning:

1. Proceeding with the upload will erase the current router
configuration file.

2. The router's console port speed (Menu 24.2.2) may change when
it is restarted; Please adjust your terminal's speed accordingly. The

bit, no parity and 1 stop bit (8n1). You will need to change your serial

The password will be reset to the default of 1234, also.

Enter “
Wait for the “

” after the “

atlc

Enter Debug Mode

Starting XMODEM upload

” message.

” message before activating Xmodem upload on
your terminal.
After successful firmware upload, enter “

Menu 24.7.2 - System Maintenance - Upload Router Configuration File

3. When uploading the DEFAULT configuration file, the console port speed

password (menu 23) may change also.

will be reset to 9600 bps and the password to "1234".

Do You Which To Proceed:(Y/N)

” to restart the Prestige.

atgo

Figure 10-18 Menu 24.7.2 - System Maintenance - Upload Router Configuration File

10-14 System Maintenance

Prestige 642 ADSL Internet Access Router

10.8 TFTP Transfer

In addition to the direct console port connection, the Prestige supports the up/downloading of the firmware
and the configuration file using TFTP (Trivial File Transfer Protocol) over LAN. Although TFTP should
work over WAN as well, it is not recommended.
To use TFTP, your workstation must have both telnet and TFTP clients. To transfer the firmware and the
configuration file, follow the procedure below:

Use telnet from your workstation to connect to the Prestige and log in. Because TFTP does not have any
security checks, the Prestige records the IP address of the telnet client and accepts TFTP requests only from
this address.

Step 1.

Step 2.

Step 3.

Step 4.

Note that the telnet connection must be active and the SMT in CI mode before and during the TFTP
transfer. For details on TFTP commands (see following example), please consult the documentation of your
TFTP client program. For UNIX, use “
other way around, and “

Put the SMT in command interpreter (CI) mode by entering 8 in

Maintenance

Enter command “
interrupted. Enter command “

.

sys stdio 0

” to disable the SMT timeout, so the TFTP transfer will not be

sys stdio 5

” to restore the five-minute SMT timeout

Menu 24 – System

(default) when the file transfer is complete.

Launch the TFTP client on your workstation and connect to the Prestige. Set the transfer mode
to binary before starting data transfer.

Use the TFTP client (see the example below) to transfer files between the Prestige and the
workstation. The file name for the firmware is “

” and for the configuration file, is “

ras

rom-0

(rom-zero, not capital o).

Note: If you upload the firmware to the Prestige, it will reboot automatically when the

file transfer is completed (the SYS LED will flash).

” to transfer from the Prestige to the workstation, “

get

binary

” to set binary transfer mode.

put

” the

”

10.8.1 Example TFTP Command

The following is an example tftp command:

TFTP [-i] host put p312.bin ras

where “i” specifies binary image transfer mode (use this mode when transferring binary files), “host” is the
Prestige IP address, “put” transfers the file source on the workstation (p312.bin – name of the firmware on
the workstation) to the file destination on the remote host (ras - name of the firmware on the Prestige).
The following table describes some of the fields that you may see in third party TFTP clients.

Table 10-6 Third Party TFTP Clients –General fields

Host

System Maintenance 10-15

Enter the IP address of the Prestige. 192.168.1.1 is the
Prestige default IP address when shipped.

Prestige 642 ADSL Internet Access Router

Send/Fetch

Local File

Remote File

Binary

Abort

Press “Send” to upload the file to the Prestige and “Fetch” to
back up the file on your computer.

Enter the path and name of the firmware file (*.bin
extension) or configuration file (*.rom extension) on your
computer.

This is the filename on the Prestige. The filename for the
firmware is “

Transfer the file in binary mode.

Stop transfer of the file.

” and for the configuration file, is “

ras

rom-0

”.

TFTP over WAN will not work if:

1. You have applied a filter in Menu 3.1 (LAN) or in Menu 11.5 (WAN) to block Telnet service.

2. You have an SMT console session running.

10.9 FTP File Transfer

In addition to uploading the firmware and configuration via the console port and TFTP client, you can also
upload the Prestige firmware and configuration files using FTP. To use this feature, your workstation must
have an FTP client.
When you telnet into the Prestige, you will see the following screens for uploading firmware and the
configuration file using FTP.

10-16 System Maintenance

Prestige 642 ADSL Internet Access Router

Menu 24.7.1 - System Maintenance - Upload Router Firmware

To upload the router firmware, follow the procedure below:

1. Launch the FTP client on your workstation.

2. Type "open" and the IP address of your router. Then type "root" and
SMT password as requested.

3. Type "put firmwarefilename ras" where "firmwarefilename" is the name
of your firmware upgrade file on your workstation and "ras" is the
remote file name on the router.

4. The system reboots automatically after a successful firmware upload.

For details on FTP commands, please consult the documentation of your FTP
client program. For details on uploading router firmware using TFTP (note
that you must remain on this menu to upload router firmware using TFTP),
please see your router manual.

Press ENTER to Exit:

Figure 10-19 Telnet into Menu 24.7.1

You see the following screen when you telnet into Menu 24.7.2.

Menu 24.7.2 - System Maintenance - Upload Router Configuration File

To upload the router configuration file, follow the procedure below:

1. Launch the FTP client on your workstation.

2. Type "open" and the IP address of your router. Then type "root" and
SMT password as requested.

3. Type "put configurationfilename rom-0" where "configurationfilename"
is the name of your router configuration file on your workstation,
which will be transferred to the "rom-0" file on the router.

4. The system reboots automatically after the upload router configuration
file process is complete.

For details on FTP commands, please consult the documentation of your FTP
client program. For details on uploading router firmware using TFTP (note
that you must remain on this menu to upload router firmware using TFTP),
please see your router manual.

Press ENTER to Exit:

Figure 10-20 Telnet into Menu 24.7.2 - System Maintenance

To transfer the firmware and the configuration file, follow these examples:

10.9.1 Using the FTP command from the DOS Prompt

Step 1.

System Maintenance 10-17

Launch the FTP client on your workstation.

Prestige 642 ADSL Internet Access Router

Step 2.
Step 3.
Step 4.
Step 5.

Step 6.

Type

and the IP address of your Prestige.

open

You may press the [ENTER] when prompted for a username.
Type
Type

and your SMT password as requested. The default is 1234.

root

to set transfer mode to binary.

bin

Use “put” to transfer files from the workstation to the Prestige, e.g.,

put p642.bin ras

transfers the firmware on your computer (p642.bin) to the Prestige and renames it “ras”.
Similarly

put p642.rom rom-0

(p642.rom) to the Prestige and renames it “rom-0”. See

transfers the configuration file on your computer

section 10.4

for more information on

filename conventions.

Step 7.

Type

Connected to 312.x.x.x
220 P312 FTP version 1.0 ready at Thu Jan 20 18:00:02 2000
User (312.x.x.x:(none)): <Enter>
331 Enter PASS command
Password:
230 Logged in
ftp> bin
200 Type I OK
ftp> put p312e.bin ras
200 Port command okay
150 Opening data connection for STOR ras
226 File received OK
ftp: 327680 bytes sent in 1.10Seconds 297.89Kbytes/sec.
ftp> quit

to exit the ftp prompt.

quit

Figure 10-21 FTP Session Example

The system reboots after a successful upload.

The following table describes some of the fields that you may see in third party FTP clients.

Table 10-7 Third Party FTP Clients –General fields

Host Address

Login Type

Transfer Type

Enter the address of the host server.

Anonymous.

•

This is when a user I.D. and password is automatically
supplied to the server for anonymous access. Anonymous
logins will work only if your ISP or service administrator has
enabled this option.

Normal.

•

The server requires a unique User ID and Password to login.

Transfer files in either ASCII (plain text format) or in binary

10-18 System Maintenance

Prestige 642 ADSL Internet Access Router

mode.

Initial Remote
Directory.

Initial Local
Directory.

Specify the default remote directory (path).

Specify the default local directory (path).

10.10 Command Interpreter Mode

This option allows you to enter the command interpreter mode. A list of valid commands can be found by
typing [help] at the command prompt. For more detailed information, check the ZyXEL Web site or send e­mail to the ZyXEL Support Group.

Enter Menu Selection Number: 8

Copyright (c) 1994 - 1999 ZyXEL Communications Corp.
ras> ?
Valid commands are:
sys exit device ether
wan ip ppp bridge
ipx hdap

Figure 10-22 Command mode

10.11 Boot module commands

Prestige boot module commands with accompanying explanations are shown in the following table. For
ATBAx, x denotes the number preceding the colon to give the console port speed following the colon in the
list of numbers that follows; e.g. ATBA3 will give a console port speed of 9.6 Kbps. ATSE displays the
seed that is used to generate a password to turn on the debug flag in the firmware. The ATSH command
shows product related information such as boot module version, vendor name, product model, RAS code
revision, etc.

System Maintenance 10-19

Prestige 642 ADSL Internet Access Router

======= Debug Command Listing =======
AT just answer OK
ATHE print help
ATBAx change baudrate. 1:38.4k, 2:19.2k, 3:9.6k 4:57.6k 5:115.2k
ATENx,(y) set BootExtension Debug Flag (y=password)
ATENx,(y) set BootExtension Debug Flag (y=password)
ATSE show the seed of password generator
ATTI(h,m,s) change system time to hour:min:sec or show current time
ATDA(w,y,m,d) change system date to week year/month/day or show current date
ATDS dump RAS stack
ATDT dump Boot Module Common Area
ATDUx,y dump memory contents from address x for length y
ATRBx display the 8-bit value of address x
ATRWx display the 16-bit value of address x
ATRLx display the 32-bit value of address x
ATGO(x) run program at addr x or boot ZyNOS
ATGR boot ZyNOS
ATGT run Hardware Test Program
ATRTw,x,y(,z) RAM test level w, from address x to y (z iterations)
ATSH dump manufacturer related data in ROM
ATDOx,y download from address x for length y to PC via XMODEM
ATUR upload RAS code to flash ROM
ATLC upload RAS configuration file

Figure 10-23 Boot module commands

10-20 System Maintenance

Prestige 642 ADSL Internet Access Router

Chapter 11

IP Policy Routing

11.1 Introduction

Traditionally, routing is based on the destination address only and the router takes the shortest path to
forward a packet. IP Policy Routing (IPPR) provides a mechanism to override the default routing behavior
and alter the packet forwarding based on the policy defined by the network administrator. Policy-based
routing is applied to incoming packets on a per interface basis, prior to the normal routing.

11.1.1 Benefits

Source-Based Routing – Network administrators can use policy-based routing to direct traffic from

•

different users through different connections.
Quality of Service (QoS) – Organizations can differentiate traffic by setting the precedence or TOS

•

(Type of Service) values in the IP header at the periphery of the network to enable the backbone to
prioritize traffic.
Cost Savings – IPPR allows organizations to distribute interactive traffic on high-bandwidth, high-cost

•

paths while using low-cost paths for batch traffic.
Load Sharing – Network administrators can use IPPR to distribute traffic among multiple paths.

•

11.1.2 Routing Policy

A policy defines the matching criteria and the action to take when a packet meets the criteria. The action is
taken only when all the criteria are met. The criteria include the source address and port, IP protocol
(ICMP, UDP, TCP, etc.), destination address and port, TOS and precedence (fields in the IP header) and
length. The inclusion of length criterion is to differentiate between interactive and bulk traffic. Interactive
applications, e.g., telnet, tend to have short packets, while bulk traffic, e.g., file transfer, tends to have large
packets.
The actions that can be taken include routing the packet to a different gateway (and hence the outgoing
interface) and the TOS and precedence fields in the IP header.

IPPR follows the existing packet filtering facility of ZyNOS in style and in implementation. The policies
are divided into sets, where related policies are grouped together. A user defines the policies before
applying them to an interface or a remote node, in the same fashion as the filters. There are 12 policy sets
with 6 policies in each set.

11.1.3 IP Policy Routing Setup

Menu 25 shows all the policies defined

IP Policy Routing 11-1

Prestige 642 ADSL Internet Access Router

Menu 25 - IP Routing Policy Setup

Policy Policy
Set # Name Set # Name

------ ----------------- ------ ----------------­ 1 test 7 _______________
2 _______________ 8 _______________
3 _______________ 9 _______________
4 _______________ 10 _______________
5 _______________ 11 _______________
6 _______________ 12 _______________

Enter Policy Set Number to Configure= 0

Edit Name= N/A

Press ENTER to Confirm or ESC to Cancel:

Figure 11-1 IP Routing Policy Setup

To setup a routing policy, follow the procedures below:

Step 1.
Step 2.

Enter 25 in the Main Menu to open

Menu 25 – IP Policy Routing Setup.

Enter the index of the policy set you wish to configure to open

Summary

.

Menu 25.1 - IP Policy Routing

Menu 25.1 shows the summary of a policy set, including the criteria and the action of a single policy, and
whether a policy is active or not. Each policy contains two lines. The former part is the criteria of the
incoming packet, and the latter is the action. Between these two parts, separator ‘|’ means the action is
taken on criteria matched and separator ‘=’ means the action is taken on criteria not matched.

11-2 IP Policy Routing

Prestige 642 ADSL Internet Access Router

Menu 25.1 - IP Routing Policy Summary

# A Criteria/Action

- - -------------------------------------------------------------------------­ 1 Y SA=1.1.1.1-1.1.1.1,DA=2.2.2.2-2.2.2.5
SP=20-25,DP=20-25,P=6,T=NM,PR=0 |GW=192.168.1.1,T=MT,PR=0
2 N __________________________________________________________________________
__________________________________________________________________________
3 N __________________________________________________________________________
__________________________________________________________________________
4 N __________________________________________________________________________
__________________________________________________________________________
5 N __________________________________________________________________________
__________________________________________________________________________
6 N __________________________________________________________________________
__________________________________________________________________________

Enter Policy Rule Number (1-6) to Configure:

Figure 11-2 Menu 25 - IP Routing Policy Summary

Table 11-1 IP Routing Policy Summary

Abbreviation Meaning

Criteria

SA Source IP address

SP Source port

DA Destination IP address

DP Destination port

P IP layer 4 protocol number(TCP=6,UDP=17…)

T Type Of Service of Incoming packet

PR Precedence of incoming packet

Action

GW Gateway IP address

T Outgoing Type of Service

P Outgoing Precedence

Type Of Service

NM Normal

mD Minimum Delay

IP Policy Routing 11-3

Prestige 642 ADSL Internet Access Router

MT Maximum Throughput

MR Maximum Reliability

MC Minimum Cost

Enter a number from 1 to 6 to display

Menu 25.1.1 – IP Routing Policy

allows you to configure a policy rule.

Menu 25.1.1 - IP Routing Policy

Policy Set Name= test
Active= Yes
Criteria:
IP Protocol = 6
Type of Service= Normal Packet length= 40
Precedence = 0 Len Comp=
Source:
addr start= 1.1.1.1 end= 1.1.1.1
port start= 20 end= 20
Destination:
addr start= 2.2.2.2 end= 2.2.2.2
port start= 20 end= 20
Action= Matched
Gateway addr = 192.168.1.1 Log= No
Type of Service= Max Thruput
Precedence = 0

Press ENTER to Confirm or ESC to Cancel:
Press Space Bar to Toggle.

Figure 11-3 IP Routing Policy

(see the next figure). This menu

Table 11-2 IP Routing Policy

Field Description

Policy Set Name This is the name of the policy set assigned in Menu 25 - IP Routing Policy

Setup.

Active Press the [SPACEBAR] to select [Yes] to activate the policy.

Criteria

IP Protocol IP layer 4 protocol, e.g., UDP, TCP, ICMP, etc.

Type of Service Prioritize incoming network traffic by choosing from [Don’t Care] / [Normal] /

[Min Delay] / [Max Thruput] / [Max Reliability].

Packet Length Enter the length of incoming packets (in bytes). The operators in the [Len

Comp] (next) apply to packets of this length.

Len Comp Press the [SPACEBAR] to choose from [Equal] / [Not Equal] / [Less] / [Greater]

/ [Less or Equal] / Greater or Equal].

Precedence Precedence value of the incoming packet. Values range from [0] to [7] or [Don’t

11-4 IP Policy Routing

Prestige 642 ADSL Internet Access Router

Care].

Source:

addr start= /
end=

port start= /
end=

Destination:

addr start= /
end=

port start= /
end=

Action= Specifies whether action should be taken on criteria [Matched] or [Not

Gateway addr Defines the outgoing gateway address. The gateway must be on the same

Log Press the [SPACEBAR] to select [Yes] to make an entry in the system log when

Type of Service Set the new TOS value of the outgoing packet. Choose from Prioritize incoming

Precedence Set the new precedence value of the outgoing packet. Values range from [0] to

Source IP address range from start to end.

Source port number range from start to end; applicable only for TCP/UDP.

Destination IP address range from start to end.

Destination port number range from start to end; applicable only for TCP/UDP.

Matched].

subnet as the Prestige if it’s on the LAN, otherwise, the gateway must be the IP
address of a remote node. The default gateway is specified as 0.0.0.0.

a policy is executed.

network traffic by choosing from [No Change] / [Normal] / [Min Delay] / [Max
Thruput] / [Max Reliability].

[7] or [No Change].

11.2 Applying an IP Policy

This section shows you where to apply the IP Policies after you design them.

11.2.1 Ethernet IP Policies

From Menu 3 - Ethernet Setup, enter 2 to go to Menu 3.2 -General Ethernet Setup.
You can choose up to four IP Policy sets (from twelve) by entering their numbers separated by commas,
e.g., 2, 4, 7, 9.

IP Policy Routing 11-5

Prestige 642 ADSL Internet Access Router

Menu 3.2 - TCP/IP and DHCP Ethernet Setup

DHCP Setup:

DHCP= None
Client IP Pool Starting Address= N/A
Size of Client IP Pool= N/A
Primary DNS Server= N/A
Secondary DNS Server= N/A

TCP/IP Setup:

IP Address= 192.68.1.1
IP Subnet Mask= 255.255.255.0
RIP Direction= Both
Version= RIP-2B
Multicast = IGMP-v2
IP Policies= 2,4,7,9
Edit IP Alias= No

Press Space Bar to Toggle.

Enter here to CONFIRM or ESC to CANCEL:

Enter your IP
Policy sets
here.

Figure 11-4 Menu 3.2 - General Ethernet Setup

11.2.2 Remote Node IP Routing Policies

Go to Menu 11.3 (shown next) and enter the number(s) of the IP Routing Policy set(s) as appropriate. You
can cascade up to four policy sets by entering their numbers separated by commas.

Menu 11.3 - Remote Node Network Layer Options

VPI/VCI LLC-mux or PPP/PPPoE Encap :
VPI #= 1
VCI #= 1
IP Options :
Rem IP Addr: 0.0.0.0
Rem Subnet Mask= 0.0.0.0
My WAN Addr= 0.0.0.0
Single User Account= No
Metric= 2
Private= No
RIP Direction= Both
Version= RIP-2B
Multicast= None
IP Policies= 1,3,5,10

IPX Options :

Rem LAN Net #= 00000000
My WAN Net #= 00000000
Hop Count= 1

Tick Count= 2
W/D Spoofing(min)= N/A
SAP/RIP Timeout(min)= N/A

Dial-On-Query= N/A

Bridge Options:
Dial-On-Broadcast= N/A

Ethernet Addr Timeout(min)=

Enter your IP
Policy sets
here.

Enter here to CONFIRM or ESC to CANCEL:

Figure 11-5 Menu 11.3 - Remote Node Network Layer Options

11-6 IP Policy Routing

Prestige 642 ADSL Internet Access Router

Chapter 12

Troubleshooting

This chapter covers the potential problems you may run into and the possible remedies. After

each problem description, some instructions are provided to help you to diagnose and to solve the

problem.

12.1 Problems Starting Up the Prestige

Table 12-1 Troubleshooting the Start-Up of your Prestige

Problem Corrective Action

None of the LEDs are on when
you power on the Prestige

Cannot access the Prestige via
the console port.

Check the connection between the AC adapter and the Prestige.

If the error persists, you may have a hardware problem. In this case
you should contact technical support.

1.Check to see if the Prestige is connected to your computer’s serial
port.

2. Check to see if the
communications program is
configured correctly. The
communications software should
be configured as follows:

VT100 terminal emulation

9600 bps

No parity, 8 Data bits, 1 Stop bit.

Troubleshooting 12-1

Prestige 642 ADSL Internet Access Router

12.2 Problems With the WAN Interface

Table 12-2 Troubleshooting the ADSL connection

Problem Corrective Action

Initialization of the PVC
connection failed.

Ensure that the cable is connected properly from the ADSL port to the wall
jack. The ADSL LED on the front panel of the Prestige should be on. Check
that your VPI, VCI, type of encapsulation and type of multiplexing settings are
the sama as what you collected from your telephone company and ISP. Reboot
the Prestige. If you still have problems, you may need to verify these variables
with the telephone company and/or ISP.

12.3 Problems with the LAN Interface

Table 12-3 Troubleshooting the LAN Interface

Problem Corrective Action

Can’t ping any station on the LAN

Check the Ethernet LEDs on the front panel. The LED should be
on for a port that has a station connected. If it is off, check the
cables between your Prestige and the station.

Verify that the IP address and the subnet mask are consistent
between the Prestige and the workstations.

12.4 Problems Connecting to a Remote Node or ISP

Table 12-4 Troubleshooting a Connection to a Remote Node or ISP

Problem Corrective Action

Can’t connect to a remote node or
ISP

Check Menu 24.1 to verify the line status. If it indicates [down], then
refer to the section on the line problems.

In Menu 11.1, verify your login name and password for the remote
node.

12-2 Troubleshooting

10BaseT

ADSL

ARP

Backbone
Bandwidth
Bit

Byte
CDR
CHAP

Client

crossover
Ethernet
cable
CSU/DSU

DCE

DHCP

DNS

Prestige 642 ADSL Internet Access Router

Glossary

The 10-Mbps baseband Ethernet specification that uses two pairs of twisted-pair cabling
(Category 3 or 5): one pair for transmitting data and the other for receiving data.
Asymmetrical Digital Subscriber Line is an asymmetrical technology, meaning that the
downstream data rate is much higher than the upstream data rate. ADSL operates in a
frequency range that is above the frequency range of voice services, so the two systems can
operate over the same cable.
Address Resolution Protocol is a protocol for mapping an Internet Protocol address (IP
address) to a physical machine address that is recognized in the local network.
A high-speed line or series of connections that forms a major pathway within a network.
This is the capacity on a link usually measured in bits-per-second (bps)
(Binary Digit) -- A single digit number in base-2, in other words, either a 1 or a zero. The
smallest unit of computerized data.
A set of bits that represent a single character. There are 8 bits in a Byte.
Call Detail Record. This is a name used by telephone companies for call related information.
Challenge Handshake Authentication Protocol is an alternative protocol that avoids sending
passwords over the wire by using a challenge/response technique
A software program that is used to contact and obtain data from a Server software program
on another computer. Each Client program is designed to work with one or more specific
kinds of Server programs, and each Server requires a specific kind of Client. A Web Browser
is a specific kind of Client
A cable that wires a pin to its opposite pin, for example, RX+ is wired to TX+. This cable
connects two similar devices, for example, two data terminal equipment (DTE) or data
communications equipment (DCE) devices.
Channel Service Unit/Data Service Unit. CSUs (channel service units) and DSUs (data
service units) are actually two separate devices, but they are used in conjunction and often
combined into the same box. The devices are part of the hardware you need to connect
computer equipment to digital transmission lines). The Channel Service Unit device connects
with the digital communication line and provides a termination for the digital signal. The Data
Service Unit device, sometimes called a digital service unit, is the hardware component you
need to transmit digital data over the hardware channel. The device converts signals from
bridges, routers, and multiplexors into the bipolar digital signals used by the digital lines.
Multiplexors mix voice signals and data on the same line.
Data Communications Equipment is typically a modem or other type of communication
device. The DCE sits between the DTE (data terminal equipment) and a transmission circuit
such as a phone line.
Dynamic Host Configuration Protocol automatically assigns IP addresses to clients when they
log on. DHCP centralizes IP address management on central computers that run the DHCP
server program. DHCP leases addresses for a period of time which means that addresses are
made available to assign to other systems.
Domain Name System links names to IP addresses. When you access Web sites on the
Internet, you can type the IP address of the site or the DNS name. When you type a domain
name in a Web browser, a query is sent to the primary DNS server defined in your Web
browser’s configuration dialog box. The DNS server converts the name you specified to an IP
address and returns this address to your system. From then on, the IP address is used in all

Glossary

A

Prestige 642 ADSL Internet Access Router

subsequent communications.

Domain
Name

DRAM
DSL

DSLAM

DTE

EMI

Ethernet

FAQ

FCC

Flash
memory
Gateway

Host

IANA

ICMP

internet

The unique name that identifies an Internet site. Domain Names always have 2 or more parts,
separated by dots. The part on the left is the most specific, and the part on the right is the
most general.
Dynamic RAM that stores information in capacitors that must be refreshed periodically.
Digital Subscriber Line technologies enhances the data capacity of the existing twisted-pair
wire that runs between the local telephone company switching offices and most homes and
offices. There are actually seven types of DSL service, ranging in speeds from 16 Kbits/sec to
52 Mbits/sec. The services are either symmetrical (traffic flows at the same speed in both
directions), or asymmetrical (the downstream capacity is higher than the upstream capacity).
DSL connections are point-to-point dedicated circuits, meaning that they are always
connected. There is no dial-up. There is also no switching, which means that the line is a
direct connection into the carrier’s frame relay, ATM (Asynchronous Transfer Mode), or
Internet-connect system.
A Digital Subscriber Line Access Multiplexer (DSLAM) is a network device, usually at a
telephone company central office, that receives signals from multiple customer Digital
Subscriber Line connections and puts the signals on a high-speed backbone line using
multiplexing techniques. Depending on the product, DSLAM multiplexers connect DSL lines
with some combination of asynchronous transfer mode ATM, frame relay, or IP networks.
Originally, the DTE (data terminal equipment) was a dumb terminal or printer, but today it is a
computer, or a bridge or router that interconnects local area networks.
ElectroMagnetic Interference. The interference by electromagnetic signals that can cause
reduced data integrity and increased error rates on transmission channels.
A very common method of networking computers in a LAN. There are a number of
adaptations to the IEEE 802.3 Ethernet standard, including adaptations with data rates of 10
Mbits/sec and 100 Mbits/sec over coaxial cable, twisted-pair cable, and fiber-optic cable. The
latest version of Ethernet, Gigabit Ethernet, has a data rate of 1 Gbit/sec.
(Frequently Asked Questions) -- FAQs are documents that list and answer the most common
questions on a particular subject.
The FCC (Federal Communications Commission) is in charge of allocating the
electromagnetic spectrum and thus the bandwidth of various communication systems.
The nonvolatile storage that can be electrically erased and reprogrammed so that data can be
stored, booted, and rewritten as necessary.
A gateway is a computer system or other device that acts as a translator between two
systems that do not use the same communication protocols, data formatting structures,
languages, and/or architecture.
Any computer on a network that is a repository for services available to other computers on
the network. It is quite common to have one host machine provide several services, such as
WWW and USENET.
Internet Assigned Number Authority acts as the clearinghouse to assign and coordinate the
use of numerous Internet protocol parameters such as Internet addresses, domain names,
protocol numbers, and more. The IANA Web site is at http://www.isi.edu/iana.
Internet Control Message Protocol is a message control and error-reporting protocol between
a host server and a gateway to the Internet. ICMP uses Internet Protocol (IP) datagrams, but
the messages are processed by the TCP/IP software and are not directly apparent to the
application user.
(Lower case i) Any time you connect 2 or more networks together, you have an internet.

B Glossary

Prestige 642 ADSL Internet Access Router

Internet

Intranet

IP

IPCP (PPP)
IPX

ISP

LAN

MAC

NAT

Network

NIC

Node
PAP

PNC
Port

POTS

PPP

(Upper case I) The vast collection of inter-connected networks that all use the TCP/IP
protocols and that evolved from the ARPANET of the late 60’s and early 70’s. The Internet
now (July 1995) connects roughly 60,000 independent networks into a vast global internet
A private network inside a company or organization that uses the same kinds of software that
you would find on the public Internet, but that is only for internal use.
Internet Protocol he IP (currently IP version 4, or IPv4), is the underlying protocol for routing
packets on the Internet and other TCP/IP-based networks.
IP Control Protocol allows changes to IP parameters such as the IP address.
Internetwork Packet eXchange The native NetWare internetworking protocol is IPX
(Internetwork Packet Exchange). Like IP (Internet Protocol), IPX is an internetworking
protocol that provides datagram services.
Internet Service Providers provide connections into the Internet for home users and
businesses. There are local, regional, national, and global ISPs. You can think of local ISPs
as the gatekeepers into the Internet.
Local Area Network is a shared communication system to which many computers are
attached. A LAN, as its name implies, is limited to a local area. This has to do more with the
electrical characteristics of the medium than the fact that many early LANs were designed for
departments, although the latter accurately describes a LAN as well. LANs have different
topologies, the most common being the linear bus and the star configuration.
On a local area network (LAN) or other network, the MAC (Media Access Control) address is
your computer's unique hardware number. (On an Ethernet LAN, it's the same as your
Ethernet address.) The MAC layer frames data for transmission over the network, then
passes the frame to the physical layer interface where it is transmitted as a stream of bits.
Network Address Translation is the translation of an Internet Protocol address used within
one network to a different IP address known within another network.
Any time you connect 2 or more computers together so that they can share resources, you
have a computer network. Connect 2 or more networks together and you have an internet.
Network Interface Card. A board that provides network communication capabilities to and
from a computer system. Also called an adapter.
Any single computer connected to a network
Password Authentication Protocol PAP is a security protocol that requires users to enter a
password before accessing a secure system. The user’s name and password are sent over
the wire to a server, where they are compared with a database of user account names and
passwords. This technique is vulnerable to wiretapping (eavesdropping) because the
password can be captured and used by someone to log onto the system.
Prestige Network Commander, a Windows-based setup wizard for Prestige routers (not all).
An Internet port refers to a number that is part of a URL, appearing after a colon (:) right after
the domain name. Every service on an Internet server listens on a particular port number on
that server. Most services have standard port numbers, e.g. Web servers normally listen on
port 80.
Plain Old Telephone Service is the analog telephone service that runs over copper twisted­pair wires and is based on the original Bell telephone system. Twisted-pair wires connect
homes and businesses to a neighborhood central office. This is called the local loop. The
central office is connected to other central offices and long-distance facilities.
Point to Point Protocol. PPP encapsulates and transmits IP (Internet Protocol) datagrams
over serial point-to-point links. PPP works with other protocols such as IPX (Internetwork
Packet Exchange). The protocol is defined in IETF (Internet Engineering Task Force) RFC

Glossary

C

Prestige 642 ADSL Internet Access Router

1661 through 1663. PPP provides router-to-router, host-to-router, and host-to-host
connections.

PSTN

PVC

RFC

RIP

SAP

Server

SNMP

STP

Straight
through
Ethernet
cable
SUA

TCP

Telnet

Terminal

Terminal
Software

Public Switched Telephone Network was put into place many years ago as a voice telephone
call-switching system. The system transmits voice calls as analog signals across copper
twisted cables from homes and businesses to neighborhood COs (central offices); this is
often called the local loop. The PSTN is a circuit-switched system, meaning that an end-to­end private circuit is established between caller and callee.
Permanent Virtual Circuit. A PVC is a logical point-to-point circuit between customer sites.
PVCs are low-delay circuits because routing decisions do not need to be made along the
way. Permanent means that the circuit is preprogrammed by the carrier as a path through the
network. It does not need to be set up or torn down for each session.
An RFC (Request for Comments) is an Internet formal document or standard that is the result
of committee drafting and subsequent review by interested parties. Some RFCs are
informational in nature. Of those that are intended to become Internet standards, the final
version of the RFC becomes the standard and no further comments or changes are
permitted. Change can occur, however, through subsequent RFCs.
Routing Information Protocol is an interior or intra-domain routing protocol that uses the
distance-vector routing algorithms. RIP is used on the Internet and is common in the NetWare
environment as a method for exchanging routing information between routers.
In NetWare, the SAP (Service Advertising Protocol) broadcasts information about available
services on the network that other network devices can listen to. A server sends out SAP
messages every 60 seconds. A server also sends out SAP messages to inform other devices
that it is closing down. Workstations use SAP to find services they need on the network.
A computer, or a software package, that provides a specific kind of service to client software
running on other computers.
System Network Management Protocol is a popular management protocol defined by the
Internet community for TCP/IP networks. It is a communication protocol for collecting
information from devices on the network.
Twisted-pair cable consists of copper-core wires surrounded by an insulator. Two wires are
twisted together to form a pair, and the pair form a balanced circuit. The twisting prevents
interference problems. STP (shielded twisted-pair) provides protection against external
crosstalk.
A cable that wires a pin to its equivalent pin. This cable connects two dissimilar devices, for
example, a data terminal equipment (DTE) and a data communications equipment (DCE)
device. A straight through Ethernet cable is the most common cable used.

Single User Account – The Prestige's SUA (Single User Account) feature allows multiple user
Internet access for the cost of a single ISP account - see also NAT.
Transmission Control Protocol handles flow control and packet recovery and IP providing
basic addressing and packet-forwarding services.
Telnet is the login and terminal emulation protocol common on the Internet and in UNIX
environments. It operates over TCP/IP networks. Its primary function is to allow users to log
into remote host systems.
A device that allows you to send commands to a computer somewhere else. At a minimum,
this usually means a keyboard and a display screen and some simple circuitry.
Software that pretends to be (emulates) a physical terminal and allows you to type commands
to a computer somewhere else.

D Glossary

Prestige 642 ADSL Internet Access Router

TFTP

UDP

URL

VCI

VPI
WAN

WWW

Trivial File Transfer Protocol is an Internet file transfer protocol similar to FTP (File Transfer
Protocol), but it is scaled back in functionality so that it requires fewer resources to run. TFTP
uses the UDP (User Datagram Protocol) rather than TCP (Transmission Control Protocol).
UDP is a connectionless transport service that dispenses with the reliability services provided
by TCP. UDP gives applications a direct interface with IP and the ability to address a
particular application process running on a host via a port number without setting up a
connection session.
(Uniform Resource Locator) URL is an object on the Internet or an intranet that resides on a
host system. Objects include directories and an assortment of file types, including text files,
graphics, video, and audio. A URL is the address of an object that is normally typed in the
Address field of a Web browser. The URL is basically a pointer to the location of an object.
Virtual Channel Identifier Identifies virtual channels between users or between users and
networks.
Virtual Path Identifier Identifies virtual paths between users or between users and networks.
Wide Area Network s link geographically dispersed offices in other cities or around the globe.
Just about any long-distance communication medium can serve as a WAN link, including
switched and permanent telephone circuits, terrestrial radio systems, and satellite systems.
(World Wide Web) -- Frequently used (incorrectly) when referring to "The Internet", WWW has
two major meanings - First, loosely used: the whole constellation of resources that can be
accessed using Gopher, FTP, HTTP, telnet, USENET, WAIS and some other tools. Second,
the universe of hypertext servers (HTTP servers).

Glossary

E

Prestige 642 ADSL Internet Access Router

Appendix A

PPPoE in Action

An ADSL modem bridges a PPP session over Ethernet (PPP over Ethernet, RFC 2516) from your PC to an
ATM PVC (Permanent Virtual Circuit) which connects to a xDSL Access Concentrator where the PPP
session terminates (see the next figure). One PVC can support any number of PPP sessions from your LAN.
PPPoE provides access control and billing functionality in a manner similar to dial-up services using PPP.

Benefits of PPPoE

PPPoE offers the following benefits:

1. It provides you with a familiar dial-up networking (DUN) user interface.

2. It lessens the burden on the carriers of provisioning virtual circuits all the way to the ISP on multiple
switches for thousands of users. For GSTN (PSTN & ISDN), the switching fabric is already in place.

3. It allows the ISP to use the existing dial-up model to authenticate and (optionally) to provide
differentiated services.

Traditional Dial-up Scenario

The following diagram depicts a typical hardware configuration where the PCs use traditional dial-up
networking.

Diagram 1 Single-PC per Modem Hardware Configuration

How PPPoE Works

The PPPoE driver makes the Ethernet appear as a serial link to the PC and the PC runs PPP over it, while the
modem bridges the Ethernet frames to the Access Concentrator (AC). Between the AC and an ISP, the AC is

Appendix A G

Prestige 642 ADSL Internet Access Router

acting as a L2TP (Layer 2 Tunneling Protocol) LAC (L2TP Access Concentrator) and tunnels the PPP
frames to the ISP. The L2TP tunnel is capable of carrying multiple PPP sessions.
With PPPoE, the VC (Virtual Circuit) is equivalent to the dial-up connection and is between the modem and
the AC, as opposed to all the way to the ISP. However, the PPP negotiation is between the PC and the ISP.

Prestige as a PPPoE Client

When using the Prestige as a PPPoE client, the PCs on the LAN see only Ethernet and are not aware of
PPPoE. This alleviates the administrator from having to manage the PPPoE clients on the individual PCs.

Diagram 2 Prestige as a PPPoE Client

H Appendix A

Prestige 642 ADSL Internet Access Router

Appendix B

VPI & VCI

ATM is a connection-oriented technology, meaning that it sets up virtual circuits over which end systems
communicate. The terminology for virtual circuits is as follows:

z VC (virtual channel)
z VP (virtual path)

Think of a VP as a cable that contains a bundle of wires. The cable connects two points, and wires within the
cable provide individual circuits between the two points. In an ATM cell header, a
Identifier) identifies a link formed by a virtual path and a
channel within a virtual path. The
switches as shown. Your telephone company should supply you with these numbers.

Logical connections between end stations

A bundle of VCs

(Virtual Channel Identifier) identifies a

VCI

VPI

and

are identified and correspond to termination points at ATM

VCI

(Virtual Path

VPI

Diagram 3 VPI's & VCI's.

Appendix B I

A

always on...........................................................xix

AT command ................................................10-10

ATBAx........................................................... 10-19

...........................................................

atgo

Authentication ............................................4-3, 4-4

10-14

B

Bridge ................................................See Bridging

Bridging..................................... 2-10, 4-4, 7-1, 7-3

Ethernet Setup ...................................................... 7-1

Handle IPX

Remote Node........................................................ 7-3

Static Route .......................................................... 7-4

..........................................................

7-2

C

CDR ................................................................ 10-7

CHAP................................................................ 4-4

collaborative computing ..................................... xix

Connecting the Prestige....................................2-2

Connections

Additional Requirements...................................... 2-2

ADSL Line........................................................... 2-2

Console Port ......................................................... 2-2

LAN Port.............................................................. 2-2

Power Adapter...................................................... 2-2

Rear Panel ............................................................2-1

Copyright ............................................................. ii

Customer Support................................................ v

D

Diagnostic Tools ....................................10-1, 10-9

Backup..............................................................10-11

Boot Module Commands..................................10-19

Command Interpreter Mode ............................. 10-19

Firmware Update.............................................. 10-13

Upload Router Configuration....................... 10-14

P312 Broadband Access Security Gateway

Index

Upload Router Firmware ............................. 10-13

Reset ADSL ....................................................... 10-9

Restore .............................................................10-12

Digital Subscriber Line Access Multiplexer....... 1-3

distance learning ...............................................xix

DNS.................................................................. 3-6

Domain Name System...................................... 3-3

DSL (Digital Subscriber Line) .......................... xviii

DSLAMSee Digital Subscriber Line Access

Multiplexer

Dynamic Host Configuration Protocol........ 1-2, 3-3

E

Encapsulation........... 1-2, 3-8, 3-10, 3-11, 4-3, 4-5

ENET ENCAP .....................................................3-8

PPP....................................................................... 3-9

PPP over Ethernet ........................................... 3-8, G

RFC 1483............................................................. 3-9

End User............................................................ xix

Ethernet............................................................ 2-9

F

FAQ ................................................................... xvi

FCC Rules ........................................................... iii

Filename Conventions.................................... 10-9

Filter ................................................................. 2-9

About.................................................................... 8-1

Applying............................................................. 8-20

Configuring.......................................................... 8-4

Example ............................................................. 8-17

Filter log

Generic Filter Rule............................................. 8-13

IPX

IPX Rule............................................................. 8-14

Remote Node........................................................ 4-6

Structure............................................................... 8-2

SUA.................................................................... 8-19

Filter log.......................................................... 10-8

Filters

Executing a Filter Rule......................................... 8-2

............................................................

Packet Types.................................................. 8-16

10-7

Index K

P312 Broadband Access Security Gateway

Logic Flow of an IP Filter...................................8-11

Frame Relay..................................................... 1-3

Frame Types .............................................6-1, 6-4

FTP File Transfer.......................................... 10-16

Full Rate .....................................................xxi, 2-3

G

G.Lite................................................................. xxi

Gateway .............................................5-7, 6-9, 7-5

General Setup .................................................. 2-8

H

Hop Count .................................................6-7, 6-9

I

IANA ................................................................. 3-2

Initialization....................................................... 2-4

Interactive Applications................................... 11-1

3-1

3-1

,

11-5

Internet access ...............................................

Internet Accessxvi, 1-1, 1-3, 1-4, 2-7, 2-10,

3-9, 3-10, 3-11, 3-12, 3-13, 5-5

Internet Assigned Numbers Authority .....See IANA

IP Address............................3-7, 4-4, 5-4, 5-7, 7-5

IP Address Assignment .................................... 3-9

ENET ENCAP......................................................3-9

PPP or PPPoE .......................................................3-9

RFC 1483..............................................................3-9

IP Multicast

Internet Group Management Protocol(IGMP) ......1-2

IP network number ........................................... 3-2

IP Policies....................................................... 11-5

IP Policy Routing (IPPR)...................1-2, 3-4, 11-1

Applying an IP Policy.........................................11-5

Benefits...............................................................11-1

Cost Savings .......................................................11-1

Criteria................................................................11-1

Ethernet IP Policies.............................................11-5

Gateway

Load Sharing.......................................................11-1

Remote Node IP Policies....................................11-6

Setup...................................................................11-1

IP Pool.............................................................. 3-3

...........................................................

IP Routing Policy............................................ 11-4

IP Routing Policy Setup.................................. 11-3

IP static route ................................................... 5-6

IPX ................................................................... 6-1

Ethernet Setup ......................................................6-4

LAN-to-LAN........................................................ 6-5

Network Number..................................................6-1

Node Number ....................................................... 6-1

Novell...................................................................6-5

Prestige.................................................................6-2

Remote Node Setup.............................................. 6-6

Static Route ..........................................................6-7

IPX

Network Number..................................................6-1

L

LAN ................................................................ 10-3

LAN-to-LAN...................................................... 5-1

LED Indicators.................................................. 2-1

Log and Trace ................................................ 10-5

View Error Log...................................................10-5

Log Facility ..................................................... 10-7

M

MAC ................................................................. 7-1

Main Menu........................................................ 2-7

Media Access Control ............................ See MAC

Metric ........................................................ 5-5, 5-8

Multiplexing

LLC-based............................................................3-8

VC-based..............................................................3-8

Multiplexing ...............1-2, 3-8, 3-10, 3-11, 4-3, 5-1

LLC-based............................................................5-2

VC-based..............................................................5-1

Multiprotocol Encapsulation ............................. 3-9

N

NetWare Clients ............................................... 6-3

Network Service Provider (NSP) ......................xviii

NIC ................................................................... 2-2

Novell ............................................................... 6-1

L Index

P312 Broadband Access Security Gateway

P

Packet triggered.....................................10-7, 10-8

Packing List Card.............................................. xvii

PAP................................................................... 4-4

Password ................................................... 2-5, 2-8

Ping................................................................. 10-9

Point-to-Point ................................................... xviii

PPP............................................................4-4, 4-5

PPP log..................................................10-7, 10-8

PPPoE Encapsulation....................................... 4-6

Precedence............................................11-1, 11-4

Prestige Network Commander............ xvi, xvii, 1-3

Private........................................................5-5, 5-8

private, secure channel......................................xix

Protocols...........................................................2-9

Q

Quality of Service............................................ 11-1

R

RAS code...................................................... 10-13

Read Me First ....................................................xvi

real-time, interactive......................................... xviii

Related Documentation .....................................xvi

Remote DHCP Server....................................... 3-7

Remote Node...........................................4-1, 10-3

Profile................................................................... 4-1

Setup..................................................................... 4-1

RIP.............................................................3-7, 5-5

Route ................................................................ 4-4

Routing Information Protocol ............................ 3-2

Routing Policy.................................................11-1

S

Trusted Host ....................................................9-2

Socket............................................................... 6-9

Splitters............................................................. 2-3

Static Route Setup............................................ 5-5

STP................................................................... 2-2

Structure of this Manual.................................... xvii

SUA ..................................................1-4, 3-12, 5-5

Advantages......................................................... 3-12

Configuration ..................................................... 3-12

Multiple Servers................................................. 3-13

Submenus ........................................................ 2-6

Subnet Mask................................3-2, 3-7, 5-4, 5-7

Support Notes.................................................... xvi

Syntax Conventions.......................................... xvii

Syslog IP Address .......................................... 10-7

System

Syslog And Accounting .....................................10-6

System Maintenance.................................... 10-17

System Management Terminal......................... 2-6

System Status ................................................ 10-2

T

TCP/IP............. 5-1, 8-6, 8-8, 8-9, 8-11, 8-13, 10-9

TCP/IP filter rule ............................................... 8-8

TCP/IP Parameters .......................................... 3-2

Telephone Microfilters ...................................... 2-3

Terminal Speed .............................................. 10-5

TFTP Transfer .............................................. 10-15

Tick Count .................................................6-7, 6-9

TOS (Type of Service).................................... 11-1

Transmission Rates.................................... xvi, 1-1

Troubleshooting.............................................. 12-1

ADSL ................................................................. 12-2

LAN ...................................................................12-2

Remote Node...................................................... 12-2

Type of Service....................11-1, 11-3, 11-4, 11-5

Security............................................................. 1-3

Seed Router...............................................6-3, 6-4

Single User Account ...................... 3-11. See SUA

SNMP ...............................................................9-1

About.................................................................... 9-1

Configuring ..........................................................9-1

Community ......................................................9-1

Trap.................................................................. 9-2

Universal ADSL Working Group (UAWG).......... xxi

Universal DSL.................................................... xxi

UNIX Syslog .......................................... 10-6, 10-7

U

Index M

P312 Broadband Access Security Gateway

V

video conferencing ............................................xix

video-on-demand............................................... xix

VPI & VCI ...................................................... 3-8, I

W

WAN Address ................................................... 5-4

watchdog.......................................................... 6-7

X

XMODEM protocol ....................................... 10-12

Z

ZyNOS................................................. 10-10, 11-1

N Index

Prestige 642 ADSL Internet Access Router

Chapter 4

Remote Node Configuration

In this chapter, we discuss the parameters that are protocol independent.

The protocol-dependent configuration will be covered in subsequent chapters.

A remote node is required for placing calls to a remote gateway. A remote node represents both the remote
gateway and the network behind it across a WAN connection. Note that when you use Menu 4 to set up
Internet access, you are actually configuring one of the remote nodes.

4.1 Remote Node Setup

This section describes the protocol-independent parameters for a remote node.

4.1.1 Remote Node Profile

To configure a remote node, follow these steps:

Step 1.
Step 2.

From the Main Menu, select menu option
When Menu 11 appears, as shown below, enter the number of the remote node that you wish to
configure.

Menu 11 - Remote Node Setup

1. nodename

2. ________

3. ________

4. ________

5. ________

6. ________

7. ________

1. Remote Node Setup

Enter Node # to Edit:

Figure 4-1 Menu 11 – Remote Node Setup

When

Menu 11.1 - Remote Node Profile

define this remote profile. The Remote Node Profile Menu Fields table shows how to configure the Remote
Node Menu.

appears fill in the fields as described in the table that follows to

4.1.2 Encapsulation & Multiplexing Scenarios

For Internet Access you should use the encapsulation and multiplexing methods used by your ISP. For a
LAN-to-LAN application, e.g., branch office and corporate headquarters, prior mutual agreement on

Remote Node Configuration 4-1

Prestige 642 ADSL Internet Access Router

methods used is necessary because there is no mechanism to automatically determine
encapsulation/multiplexing. Selection of which encapsulation and multiplexing methods to use depends on
how many VCs you have and how many different network protocols you need. The extra overhead that PPP
over Ethernet (

PPPoE

) and

ENET ENCAP

encapsulation entail makes them a poor choice in a LAN-to-

LAN application. Here are some examples of more suitable combinations in such an application.

Scene 1. One VC, Multiple Protocols

(RFC 2364) encapsulation with

PPP

protocol identifying headers that

VC-based

LLC-based

multiplexing is the best combination because the extra

multiplexing uses is unneeded. The

protocol already

PPP

contains this information.

Scene 2. One VC, One Protocol (IP)

Select

RFC-1483

encapsulation with VC-based multiplexing requires the least amount of overhead (0
octets). However, if there is a potential need for multiple protocol support in the future, it may be safer to
select

encapsulation instead of

PPP

RFC-1483

, so you don’t need to reconfigure either machine when the

time comes.

Scene 3. Multiple VCs

If you have an equal number (or more) of VCs than the number of protocols, then select
encapsulation and

VC-based

multiplexing.

RFC-1483

Menu 11.1 - Remote Node Profile

Rem Node Name= nodename
Active= Yes

Encapsulation= PPP
Multiplexing= VC-based
Incoming:
Rem Login=
Rem Password=********
Outgoing:
My Login= oscar
My Password= ********
Authen= CHAP/PAP

Enter here to CONFIRM or ESC to CANCEL:

Route= IP
Bridge= No

Edit PPP Options= No
Rem IP Addr= 0.0.0.0
Edit IP/IPX/Bridge= No

Session Options:
Edit Filter Sets= No

PPPoE Idle Timeout(sec)= 100
PPPoE Service Name= N/A

Enter a unique name
of less than 8
characters for the
remote name.

Enter the IP address
of the remote
gateway here.

Figure 4-2 Menu 11.1 Remote Node Profile

4-2 Remote Node Configuration

Prestige 642 ADSL Internet Access Router

Table 4-1 Remote Node Profile Menu Fields

Field Description Options

Rem Node Name This is a required field [?]. Enter a descriptive name for the

remote node, for example, Corp. This field can be up to
eight characters. This name must be unique from any other
remote node name.

Active Press the spacebar to toggle between Yes and No. Inactive

nodes are displayed with a minus sign (-) at the beginning of
the name in Menu 11.

Encapsulation= PPPoE refers to RFC 2516 and PPP refers to RFC 2364,

"PPP Encapsulation over ATM Adaptation Layer 5". If RFC
1483 ("Multiprotocol Encapsulation over ATM Adaptation
Layer 5") or ENET ENCAP are selected, then the Rem
Login, Rem Password, My Login, My Password, Edit PPP
Options and Authen fields will not be applicable (N/A).
Moreover, ENET ENCAP encapsulation does not apply for
IPX routing.

Multiplexing= Press the spacebar to the select the multiplexing method.

Yes/No

PPPoE,

PPP,

RFC 1483

or ENET

ENCAP

VC-based

LLC-based

Incoming: Rem

Login

Name

Incoming: Rem

Password

Outgoing: My Login Enter the login name for your Prestige when it calls this

Outgoing: My

Password

Outgoing: Authen This field sets the authentication protocol used for outgoing

Enter the login name that this remote node will use when it
calls your Prestige.

The login name in this field combined with the Rem Node
Password will be used to authenticate this node.

Enter the password used when this remote node calls your
Prestige.

remote node. If you are using PPPoE encapsulation, then
this field must be of the form
identifies your ISP. Some ISPs append this field to the
Service Name field below (e.g.,
PPPoE server.

Enter the password for your Prestige when it calls this
remote node.

calls.

Options for this field are:

user@domain

jim@poellc

where domain

) to access the

Remote Node Configuration 4-3

Prestige 642 ADSL Internet Access Router

Field Description Options

CHAP/PAP - Your Prestige will accept either CHAP or

z

PAP when requested by this remote node.

CHAP - accept CHAP only.

z

PAP - accept PAP only.

z

Route This field determines the protocols that your Prestige will

route.

Bridge Bridging is used for protocols that the Prestige does not

support, e.g., SNA, or not turned on in the previous Route
field. When bridging is enabled, your Prestige will forward
any packet that it does not route to this remote node;
otherwise, the packets are discarded. Press space bar to
toggle the options.

Edit PPP Options To edit the PPP options for this remote node, move the

cursor to this field, use the space bar to select Yes and
press [ENTER]. This will bring you to Menu 11.2 - Remote
Node PPP Options. For more information on configuring
PPP options, see the section Editing PPP Options. Press
space bar to toggle

Rem IP Addr Enter the IP address of the remote gateway.

Edit IP/IPX/Bridge Press the space bar to select Yes and press ENTER to go

to Menu 11.3 - Remote Node Network Layer Options menu.

Session Option:

Edit Filter Sets

PPPoE Idle
Timeout(sec)=

PPPoE Service Name

Use the space bar to toggle this field to Yes and press
[ENTER] to open Menu 11.5 to edit the filter sets. See the
Remote Node Filter section for more details.

This value specifies the number of idle seconds that elapse
before the Prestige automatically disconnects the PPPoE
session.

This is valid only when you have chosen
encapsulation. If you are using PPPoE encapsulation, then
type the name of your PPPoE service here.

Yes

then press [ENTER].

PPPoE

CHAP/PAP

CHAP

PAP

Yes or No

Yes or No

Default=

No

100

(default)

poellc

Once you have completed filling in Menu 11.1 – Remote Node Profile, press [ENTER] at the message
[Press ENTER to Confirm…] to save your configuration, or press [Esc] at any time to cancel.

4.1.3 Outgoing Authentication Protocol

Generally speaking, you should employ the strongest authentication protocol possible, for obvious reasons.
However, some vendor’s implementation includes specific authentication protocol in the user profile. It

4-4 Remote Node Configuration

Prestige 642 ADSL Internet Access Router

will disconnect if the negotiated protocol is different from that in the user profile, even when the negotiated
protocol is stronger than specified. If you encounter the case where the peer disconnects right after a
successful authentication, please make sure that you specify the correct authentication protocol when
connecting to such an implementation.

4.1.4 Editing PPP Options

To edit the remote node PPP Options, move the cursor to the

Remote Node Profile

, and use the space bar to select

Yes

. Press

Edit PPP Options

ENTER

field in

Menu 11.1 -

to open Menu 11.2, as shown

next.

Menu 11.2 - Remote Node PPP Options

Encapsulation= Standard PPP
Compression= No

Press Space Bar to Toggle.

Press ENTER to CONFIRM or ESC to CANCEL:

Figure 4-3 Menu 11.2 - Remote Node PPP Options

The following table describes the Remote Node PPP Options Menu, and contains instructions on how to
configure the PPP options fields.

Table 4-2 Remote Node PPP Options Menu Fields

Field Description Option

Encapsulation Select the CISCO PPP only when this remote node is

a Cisco machine; otherwise, select the Standard
PPP.

Compression Turn on/off Stac Compression. The default for this

Off

field is

.

Standard

PPP

CISCO

PPP

On/Off

(Default =

Off

)

Once you have completed filling in Menu 11.2 – Remote Node PPP Options, press [ENTER] at the
message [Press ENTER to Confirm…] to save your configuration, or press [Esc] at any time to
cancel.

Remote Node Configuration 4-5

Prestige 642 ADSL Internet Access Router

4.1.5 Remote Node Filter

Menu 11.5 – Remote Node Filter

Use

traffic between this remote node and the Prestige. You can specify up to 4 filter sets separated by comma,
e.g., 1, 5, 9, 12, in each filter field. The default is no filters.
Note that spaces are accepted in this field. For more information on defining the filters, see the

Configuration

chapter. Note that there are two versions of this menu depending on whether you use PPPoE

encapsulation or not. When using PPPoE encapsulation, you can also specify remote node call filter sets.

Menu 11.5 - Remote Node Filter

Input Filter Sets:
protocol filters= 3
device filters=
Output Filter Sets:
protocol filters= 1
device filters=

Figure 4-4 Menu 11.5 – Remote Node Filter

to specify the filter set(s) to apply to the incoming and outgoing

Enter here to CONFIRM or ESC to CANCEL:

Menu 11.5 - Remote Node Filter

Input Filter Sets:
protocol filters= 3
device filters=
Output Filter Sets:
protocol filters= 1
device filters=
Call Filter Sets:
protocol filters=
device filters=

Filter

Enter here to CONFIRM or ESC to CANCEL:

Figure 4-5 Remote Node Filter (PPPoE Encapsulation)

4-6 Remote Node Configuration

Prestige 642 ADSL Internet Access Router

Chapter 5

Remote Node TCP/IP Configuration

This chapter shows you how to configure the TCP/IP parameters of a remote node.

A typical LAN-to-LAN application is to use your Prestige to connect a branch office to the headquarters, as
depicted in the following diagram.

5.1 LAN-to-LAN Application

Figure 5-1 TCP/IP LAN-to-LAN Application

For the branch office, you need to configure a remote node in order to dial out to the headquarters.
Additionally, you may also need to define static routes if some services reside beyond the immediate
remote LAN.

5.1.1 Editing TCP/IP Options

Follow the steps below to edit
In Menu 11.1, move the cursor to the
value to
There are two versions of menu 11.3 for the P642, depending on whether you chose

based
VC-Based Multiplexing

Remember that for
virtual circuit, e.g., VC1 will carry IP, VC2 will carry IPX etc.

Remote Node TCP/IP Configuration 5-1

Yes

. Press

Multiplexing

[ENTER]

in menu 11.1.

VC-based

Menu 11.3 - Remote Node Network Layer Options

Edit IP/IPX/Bridge

to open

multiplexing, by prior mutual agreement, a protocol is assigned a specific

Menu 11.3 - Network Layer Options

, then press the space bar to toggle and set the

.

shown next.

VC-based

or

LLC-

Prestige 642 ADSL Internet Access Router

Menu 11.3 - Remote Node Network Layer Options

IPX Options:
Rem LAN Net #= N/A
My WAN Net #= N/A
IP Options: Hop Count= N/A
Rem IP Addr: 0.0.0.0 Tick Count= N/A
Rem Subnet Mask= 0.0.0.0 W/D Spoofing(min)= N/A
My WAN Addr= 0.0.0.0 SAP/RIP Timeout(min)= N/A
Single User Account= Yes Dial-On-Query= N/A
Metric= 2 VPI #= N/A
Private= No VCI #= N/A
RIP Direction= None
Version= RIP-1 Bridge Options:
Multicast= None Dial-On-Broadcast= N/A
IP Policies= Ethernet Addr Timeout(min)= N/A
VPI #= 0 VPI #= N/A
VCI #= 35 VCI #= N/A
Enter here to CONFIRM or ESC to CANCEL:

Figure 5-2 Menu 11.3 for VC-based multiplexing.

In this case, separate VPI and VCI numbers must be specified for each protocol.

LLC-based multiplexing

LLC-based

For

multiplexing, one VC may carry different protocols with protocol identifying information

being contained in each packet header.

Menu 11.3 - Remote Node Network Layer Options

VPI/VCI LLC-mux or PPP/PPPoE Encap :
VPI #= 1
VCI #= 1
IP Options :
Rem IP Addr: 0.0.0.0
Rem Subnet Mask= 0.0.0.0
My WAN Addr= 0.0.0.0
Single User Account= No
Metric= 2
Private= No
RIP Direction= Both
Version= RIP-2B
Multicast= None
IP Policies=

IPX Options :

Rem LAN Net #= 00000000
My WAN Net #= 00000000
Hop Count= 1

Tick Count= 2
W/D Spoofing(min)= N/A
SAP/RIP Timeout(min)= N/A

Dial-On-Query= N/A

Bridge Options:
Dial-On-Broadcast= N/A

Ethernet Addr Timeout(min)= 0

Separate VPI and
VCI numbers must
be specified for
each protocol when
using VC-based
multiplexing as
there must be a
distinct PVC for
each protocol.

Only one set of VPI
and VCI numbers
need be specified

LLC-based

as for
multiplexing, one
VC may carry
different protocols.

Enter here to CONFIRM or ESC to CANCEL:

Figure 5-3 Menu 11.3 for LLC-based multiplexing

5-2 Remote Node TCP/IP Configuration

Prestige 642 ADSL Internet Access Router

In this case, only one set of VPI and VCI numbers need be specified for all protocols. The valid range for
the VPI is 1 to 255 and for the VCI is 32 to 65535 (1 to 32 is reserved for local management of ATM
traffic).

The following diagram explains the Sample IP Addresses to help you to understand the field of

in Menu 11.3. Refer to the following figure for a brief review of what a WAN IP is.

Addr

indicates the local Prestige WAN IP while

Rem IP Address

indicates the peer WAN IP.

My Wan

My WAN Addr

Figure 5-4 Sample IP Addresses for a TCPI/IP LAN-to-LAN Connection

To configure the TCP/IP parameters of a remote node, first configure the two fields in

Node Profile

Remote Node TCP/IP Configuration 5-3

, as shown in the table below.

Menu 11 – Remote

Prestige 642 ADSL Internet Access Router

Table 5-1 TCP/IP related fields in Remote Node Profile

Field Description Option

Route

Rem IP Address

Edit IP

The following table shows the TCP/IP related fields in

Options

.

Make sure IP is among the protocols in the [Route] field in

Menu 11.1 - Remote Node Profile

Enter the IP address of the remote gateway in

Remote Node Profile

Prestige WAN IP address or the remote Prestige LAN IP
address. This depends on the remote router’s WAN IP i.e., for
the (remote) Prestige, the

11.3 – Remote Node Network Layer Options

if the remote WAN IP is set to 172.16.0.2 (the remote router’s
WAN IP), then you should enter 172.16.0.2 in the

Address

192.168.1.1(the remote router’s LAN IP) in the

Address

Press the [SPACE BAR] to toggle this field to
press [ENTER] to go to

Layer Options

field. If the remote WAN IP is 0.0.0.0, then enter

field).

. You must fill in either the remote

My WAN Addr

Menu 11.3 - Remote Node Network

menu.

.

Menu 11.1 -

settings in

). For example

Rem IP

Rem IP

Yes

and then

Menu

Menu 11.3 - Remote Node Network Layer

Table 5-2 TCP/IP Remote Node Configuration

Field Description Option

IP

Yes

Yes/No

(

)

VPI Enter the Virtual Path Identifier (VPI) number that your

telephone company supplies.

VCI Enter the Virtual Channel Identifier (VCI) number that your

telephone company supplies.

Rem IP Address This will show the IP address you entered for this remote node in

the previous menu.

Rem IP Subnet
Mask

My WAN Addr Some implementations, especially the UNIX derivatives, require

Enter the subnet mask for the remote network.

the WAN link to have a separate IP network number from the
LAN and each end must have a unique address within the WAN
network number. If this is the case, enter the IP address
assigned to the WAN port of your Prestige.

Note that this is the address assigned to your local Prestige
WAN, not the remote router. If the remote router is a Prestige,
then this entry determines the local Prestige

Rem IP Address

in

5-4 Remote Node TCP/IP Configuration

Prestige 642 ADSL Internet Access Router

Field Description Option

menu 11.1.

Single User
Account

Metric The metric represents the “cost” of transmission for routing

Private This parameter determines if the Prestige will include the route to

RIP Direction

Version=

Multicast IGMP (Internet Group Multicast Protocol) is a session-layer

IP Policies

Once you have completed filling in the Network Layer Options Menu, press [ENTER] to return to Menu 11.
Press [ENTER] at the message [Press ENTER to Confirm...] to save your configuration, or press [Esc] at
any time to cancel.

Set this field to
your Prestige. Use the space bar to toggle between
See Chapter 3 - Internet Access Application for more information
on the Single User Account feature.

purposes. IP routing uses hop count as the measurement of cost,
with a minimum of 1 for directly connected networks. Enter a
number that approximates the cost for this link. The number need
not be precise, but it must be between 1 and 15. In practice, 2 or
3 is usually a good number.

this remote node in its RIP broadcasts. If set to
kept private and not included in RIP broadcast. If No, the route to
this remote node will be propagated to other hosts through RIP
broadcasts.

Press the space bar to select the

Only/Out Only

Press the space bar to select the RIP version from

2B/RIP-2M.

protocol used to establish membership in a Multicast group. The
Prestige supports both IGMP version 1 (
Press the space bar to enable IP Multicasting or select
disable it. Please see Part 1 for more information on these two
fields.

Create policies using SMT Menu 25 (see the IP Policy Routing
chapter in Part 3) and apply them on the Prestige LAN interface
here. You can apply up to four IP Policy sets (from twelve) by
entering their numbers here separated by commas, e.g., 2, 4, 7,

9.

Yes

to enable the Single User Account feature for

Yes

Yes

, this route is

or

None

RIP direction

.

IGMP-v1

from

RIP-1/RIP-

) and

Both/In

and No.

IGMP-v2
None

to

.

Yes/No

1

15

to

Yes/No

Both/In Only/Out

Only

None

or

RIP-1/RIP-

2B/RIP-2M

IGMP-v1
IGMP-v2

None

5.1.2 Static Route Setup

Static routes tell the Prestige routing information that it cannot learn automatically through other means.
This can arise in cases where RIP is disabled on the LAN or a remote network is beyond the one that is
directly connected to a remote node.

Remote Node TCP/IP Configuration 5-5

Prestige 642 ADSL Internet Access Router

Each remote node specifies only the network to which the gateway is directly connected, and the Prestige
has no knowledge of the networks beyond. For instance, the Prestige knows about network N2 in the
following diagram through remote node Router 1. However, the Prestige is unable to route a packet to
network N3 because it doesn’t know that there is a route through remote node Router 1 (via Router 2). The
static routes are for you to tell the Prestige about the networks beyond the remote nodes.

Figure 5-5 Example of Static Routing Topology

To configure an IP static route, use

Step 1.

Enter 12 from the main menu to bring up the following screen.

Menu 12.1 – IP Static Route Setup

. Follow this procedure.

Menu 12 - Static Route Setup

1. IP Static Route

2. IPX Static Route

3. Bridge Static Route

Please enter selection:

Figure 5-6 Menu 12 – Static Route Setup

Step 2.

From Menu 12, enter 1 to bring up the next screen.

5-6 Remote Node TCP/IP Configuration

Prestige 642 ADSL Internet Access Router

Menu 12.1 - IP Static Route Setup

1. Tokyo

2. Seoul

3. Taipei

4. ________

5. ________

6. ________

7. ________

8. ________

Enter selection number:

Figure 5-7 Menu 12.1 - IP Static Route Setup

From Menu 12.1, enter the index of the static route you wish to edit to open

Route.

Menu 12.1.1 - Edit IP Static Route

Route #: 1
Route Name= ?
Active= No
Destination IP Address= ?
IP Subnet Mask= ?
Gateway IP Address= ?
Metric= 2
Private= No

Press ENTER to Confirm or ESC to Cancel:

Menu 12.1.1 -Edit IP Static

Figure 5-8 Edit IP Static Route

The following table describes the fields for

Menu 12.1.1 – Edit IP Static Route Setup

.

Table 5-3 Edit IP Static Route Menu Fields

Field Description

Route Name Enter a descriptive name for this route. This is for identification purpose only.

Active This field allows you to activate/deactivate this static route.

Destination IP
Address

This parameter specifies the IP network address of the final destination.
Routing is always based on network number. If you need to specify a route to
a single host, use a subnet mask of 255.255.255.255 in the subnet mask field
to force the network number to be identical to the host ID.

IP Subnet Mask Enter the subnet mask for this destination. Follow the discussion on IP subnet

mask in this chapter.

Gateway IP Enter the IP address of the gateway. The gateway is an immediate neighbor of

Remote Node TCP/IP Configuration 5-7

Prestige 642 ADSL Internet Access Router

Address your Prestige that will forward the packet to the destination. On the LAN, the

gateway must be a router on the same segment as your Prestige; over WAN,
the gateway must be the IP address of one of the remote nodes.

Metric The metric represents the “cost” of transmission for routing purposes. IP

routing uses hop count as the measurement of cost, with a minimum of 1 for
directly connected networks. Enter a number that approximates the cost for
this link. The number need not be precise, but it must be between 1 and 15. In
practice, 2 or 3 is usually a good number.

Private This parameter determines if the Prestige will include the route to this remote

node in its RIP broadcasts. If set to
included in RIP broadcast. If No, the route to this remote node will be
propagated to other hosts through RIP broadcasts.

Yes

, this route is kept private and not

5-8 Remote Node TCP/IP Configuration

Prestige 642 ADSL Internet Access Router

Chapter 6

IPX Configuration

This chapter shows you how to configure the IPX parameters of the Prestige 642.

6.1 IPX Network Environment

Novell bundles the protocol stack, the server software and routing functionality in their NetWare server
products, so a NetWare server is not only a file or print server, it is also a router.

6.1.1 Network and Node Number

Every IPX machine has a network number and a node number, together they form the complete address of
the machine. The IPX network number is a 32-bit quantity and is usually expressed in 8 hexadecimal
digits, e.g., 0893A8CF. The host number is a 48-bit quantity and usually is taken from the MAC (Media
Access Control) address of the Ethernet hardware, so you don’t have to explicitly configure the node
number.
An IPX client obtains its network number from a server that has the network numbers statically configured.
If there are multiple servers on a network, only one server need to have the network numbers configured
and all other stations (clients and servers) can obtain the network numbers from it. The server with
configured network numbers is called a seed router.
If you have a NetWare server on the same LAN as the Prestige 642, we recommend that you set up a
NetWare server as a seed router. Even though the Prestige 642 is capable as a seed router, a NetWare
server offers a much more extensive facility for network management.

6.1.2 Frame Types

IPX can run on top of four different frame types on the Ethernet. These frame types are 802.2, 802.3,
Ethernet II (DIX), and SNAP (Sub-Network Access Protocol). Each frame type is a separate logical
network, even though they exist on one physical cable (see the following diagram).
Although there are four frame types available on the Ethernet, you should configure as few frame types as
possible on your NetWare server and use automatic frame detection on the clients to simplify management
and to reduce network overhead.

6.1.3 External Network Number

Each of the four logical networks (based on frame type) has its own external network number.

IPX Configuration 6-1

Prestige 642 ADSL Internet Access Router

6.1.4 Internal Network Number

In addition to the external network numbers, each NetWare server has its own internal network number that
is a virtual network to which the server is attached. It is important to remember that every network number
must be unique for that entire internetwork, either internal or external.

Figure 6-1 NetWare Server

6.2 Prestige 642 in an IPX Environment

There are two scenarios in which your Prestige 642 is deployed, depending on whether there is a NetWare
server on the LAN, as depicted in the following diagram.

6-2 IPX Configuration

Prestige 642 ADSL Internet Access Router

Figure 6-2 Prestige 642 in an IPX Environment

6.2.1 Prestige 642 on LAN with Server

If your Prestige 642 is on a LAN with a seed router, you do not need to configure the LAN network
numbers. Your Prestige 642 will learn the network number from the seed router and add the routes to its
routing table.

6.2.2 Prestige 642 on LAN without Server

Each IPX network must have a seed router. If you only have NetWare clients on your network, then you
must configure the Prestige 642 as a seed router and set up unique network numbers for each frame type
enabled using the Ethernet Setup Menu.

IPX Configuration 6-3

Prestige 642 ADSL Internet Access Router

6.3 IPX Ethernet Setup

From

Menu 3 - Ethernet Setup

figure below.

, enter 3 to go to

Menu 3.3 - Novell IPX Ethernet Setup

Seed Router= No

Frame Type 802.2= Yes

IPX Network #= N/A

Frame Type 802.3= No

IPX Network #= N/A

Frame Type Ethernet II= No

IPX Network #= N/A

Frame Type SNAP= No

IPX Network #= N/A

Menu 3.3 - Novell IPX Ethernet Setup

as shown in the

Press Space Bar to Toggle.

Enter here to CONFIRM or ESC to CANCEL:

Figure 6-3 Menu 3.3 - Novell IPX Ethernet Setup

The following table describes the Novell IPX Ethernet Setup Menu.

Table 6-1 Novell IPX Ethernet Setup Fields

Field Description Options

Seed Router Determine if your Prestige 642 is to act as a seed

router.

Frame Type Enable/Disable the individual frame type.

Remember to enable only the ones that are actually
used on your network.

IPX Network#If your Prestige 642 is a seed router, enter a unique

network number for each frame type enabled.

Press [ENTER] at the message [Press ENTER to Confirm ...] to save your
configuration, or press [Esc] at any time to cancel.

Yes/No

802.2

802.3

Ethernet

SNAP

II

6-4 IPX Configuration

Prestige 642 ADSL Internet Access Router

6.4 LAN-to-LAN Application with Novell IPX

A typical LAN-to-LAN application is to use your Prestige 642 to call from a branch office to the corporate
headquarters to enable the stations in the branch office to access the NetWare servers at the headquarters, as
depicted in the figure below.

Figure 6-4 LAN-to-LAN Application with Novell IPX

IPX Configuration 6-5

Prestige 642 ADSL Internet Access Router

6.4.1 IPX Remote Node Setup

Follow the procedure in

Remote Node Profile
Options

Step 1.

follow the instructions below.

In Menu 11.1, make sure
display

Step 2.

Move the cursor to the
press [

. For the IPX-specific parameters in

Route

ENTER]

Chapter 5

= IPX or

to open

to configure the protocol-independent parameters in

IPX

is among the protocols in the

= IP + IPX.)

Route

Edit IP/IPX/Bridge

Menu 11.3 - Network Layer Options

Menu 11.3 - Remote Node Network Layer Options

Menu 11.1 -

Menu 11.3 - Remote Node Network Layer

field. (The

Route

Route

field, then press the space bar to select

.

field should

Yes

and

VPI/VCI LLC-mux or PPP/PPPoE Encap :
VPI #= 1
VCI #= 1
IP Options :
Rem IP Addr: 0.0.0.0
Rem Subnet Mask= 0.0.0.0
My WAN Addr= 0.0.0.0
Single User Account= No
Metric= 2
Private= No
RIP Direction= Both
Version= RIP-2B
Multicast= None
IP Policies=

Enter here to CONFIRM or ESC to CANCEL:

IPX Options :

Rem LAN Net #= 00000000
My WAN Net #= 00000000
Hop Count= 1

Tick Count= 2
W/D Spoofing(min)= N/A
SAP/RIP Timeout(min)= N/A

Dial-On-Query= N/A

Bridge Options:
Dial-On-Broadcast= N/A

Ethernet Addr Timeout(min)= 0

Figure 6-5 Menu 11.3 - Remote Node Novell IPX Options

6-6 IPX Configuration

Prestige 642 ADSL Internet Access Router

The table below describes the IPX-specific parameters of the remote node setup.

Table 6-2 Remote Node Novell IPX Options

Field

Description Option

Rem LAN
Net #

My WAN
Net #

Hop Count This field indicates the number of intermediate networks that must

Tick Count This field indicates the time-ticks required to reach the remote

Please note that the following 3 fields are only valid for PPPoE encapsulation.

W/D
Spoofing
(min)

SAP/RIP
Timeout
(min)

Dial-On­Query

Once you have completed filling in the Network Layer Options Menu, press [ENTER] to return
to Menu 11.1. Then press [ENTER] at the message [Press ENTER to Confirm] to save your
configuration, press [Esc] to cancel.

In this field, enter the internal network number of the NetWare
server on the remote LAN.

In this field, enter the network number of the WAN link. If you
leave this field as
automatically the network number through negotiation with the
PPP peer.

be passed through to reach the remote node.

node.

This field is for the Prestige on the server side. Your Prestige can
spoof a response to a server’s WatchDog request after the
connection is dropped. In this field, type in the time (number of
minutes) that you want your Prestige to spoof the WatchDog
response.

This field indicates the amount of time that you want your Prestige
to maintain the SAP and RIP entries learned from this remote
node in its internal tables after the connection has been dropped.
If this information is retained, then your Prestige will not have to
get the SAP information when the line is brought back up. Enter
the time (number of minutes) in this field.

This field is necessary for your Prestige on the client side. When
set to [Yes], any Get Service SAP or RIP broadcasts will trigger
your Prestige to make a call to that remote node.

00000000

, your Prestige will determine

00000000

(default)

1

(default)

2

(default)

Yes/No

6.4.2 IPX Static Route Setup

Similar to IP, IPX static routes tell the Prestige 642 how to reach servers beyond a remote node before a
connection to that remote node is established.

Step 1.

IPX Configuration 6-7

Enter 12 from the main menu to bring up the following screen.

Prestige 642 ADSL Internet Access Router

Menu 12 - Static Route Setup

1. IP Static Route

2. IPX Static Route

3. Bridge Static Route

Please enter selection:

Figure 6-6 Menu 12 – Static Route Setup

Step 2.

From Menu 12, select two, to bring up this screen.

Menu 12.2 - IPX Static Route Setup

1. ________

2. ________

3. ________

4. ________

Enter selection number:

Figure 6-7 Menu 12.2 – IPX Static Route Setup

Step 3.

Select one of the IPX Static Routes to open
next.

Menu 12.2.1 - Edit IPX Static Route

, as shown

Menu 12.2.1 - Edit IPX Static Route

Route #= 11
Server Name= ?
Active= Yes
Network #= ?
Node #= 000000000001
Socket #= 0451
Type #= 0004
Hop Count= 2
Tick Count= 3
Gateway Node= 1

Press ENTER to CONFIRM or ESC to CANCEL:

Figure 6-8 Menu 12.2 - Edit IPX Static Route

6-8 IPX Configuration

Prestige 642 ADSL Internet Access Router

The following table contains the instructions on how to configure the Edit IP Static Route Menu.

Table 6-3 Edit IPX Static Route Menu Fields

Field Description

Server Name

Network # This field contains the internal network number of the remote server that

Node # This field contains the address of the node on which the server resides. If

Socket # This field contains the socket number on which the server will receive

Type # This field identifies the type of service the server provides. The default for

Gateway Node In this field, enter the number of the remote node that is the gateway for

Hop Count and
Tick Count

Once you have completed filling in the menu, press [ENTER] at the message [Press ENTER
to Confirm…] to save your configuration, or press [Esc] to cancel to cancel.

In this field, enter the name of the server. This must be the exact name
configured in the NetWare server

you wish to access. [00000000] or [FFFFFFFF] are reserved.

you are using a Novell IPX implementation, this value is [000000000001].

service requests. The default for this field is hex [0451].

this field is hex [0004].

this static route.

These two fields have the same meaning as those in the Ethernet setup.

.

IPX Configuration 6-9

Prestige 642 ADSL Internet Access Router

Chapter 7

Bridging Setup

This chapter shows you how to configure the bridging parameters of your Prestige.

7.1 Bridging in General

Bridging bases the forwarding decision on the MAC (Media Access Control), or hardware address, while
routing does it on the network layer (IP or IPX) address. Bridging allows the Prestige 642 to transport
packets of network layer protocols that the Prestige 642 does not route, e.g., SNA, from one network to
another. The caveat is that, compared to routing, bridging generates more traffic for the same network layer
protocol and it also demands more CPU cycles and memory.
For efficiency reasons, do
your network. For IP and IPX, enable the respective routing if you need it; do not bridge what the Prestige
642 can route.

7.2 Bridge Ethernet Setup

Basically, all non-local packets are bridged to the WAN; however, your Prestige 642 applies special handling
for certain IPX packets to reduce the number of calls, depending on the setting of the

turn on bridging unless you need to support protocols other than IP and IPX on

not

Handle IPX

field.

Bridging Setup 7-1

Prestige 642 ADSL Internet Access Router

From

Menu 3 - Ethernet Setup

Press Space Bar to Toggle.

, enter 4 to bring up

Menu 3.4 - Bridge Ethernet Setup

Handle IPX= None

Press ENTER to CONFIRM or ESC to CANCEL:

Menu 3.4 - Bridge Ethernet Setup

as shown next.

Figure 7-1 Menu 3.5 - Bridge Ethernet Setup

The following table describes how to configure the

Handle IPX

field in Menu 3.5.

Table 7-1 Bridge Ethernet Setup Menu - Handle IPX Field Configuration

Field Description

Handle IPX Field

Press the [SPACE BAR] to toggle between the options for this field

None

Client

Server

When there is no IPX traffic on the LAN or when you do
not want to apply any special handling for IPX.

When there are only client workstations on the LAN. RIP
and SAP (Service Advertising Protocol) response packets
will not trigger calls.
When there are only IPX servers on the LAN. No RIP or
SAP packets will trigger calls. In addition, during the time
when the line is down, your Prestige 681 will reply to
watchdog messages from the servers on behalf of remote
clients. The period of time that your Prestige 681 will do
this is linked to the Ethernet Address Timeout parameter
in each remote node (see Remote Node Configuration).
When a remote Ethernet address is aged out, there is no
need to maintain its connection to the IPX server.

.

If there are both clients and servers on the LAN, and the local clients will access the remote servers, set this
field to

Server

but turn on the

Dial-On-Broadcast

(if using PPPoE encapsulation) parameter in Menu

11.3 to allow the client queries to trigger calls.

7-2 Bridging Setup

7.2.1 Remote Node Bridging Setup

Follow the procedure in

Remote Node Profile

. For bridging-specific parameters, you need to configure

Network Layer Options

To set up

Step 1.
Step 2.

Menu 11.3 - Remote Node Network Layer Options

In Menu 11.1, make sure the
Move the cursor to the
[

ENTER]

to open Menu 11.3 - Network Layer Options.

Chapter 5

.

Menu 11.3 - Remote Node Network Layer Options

to configure the protocol-independent parameters in

field is set to

Bridge

Edit IP/IPX/Bridge

Prestige 642 ADSL Internet Access Router

Menu 11.1 -

Menu 11.3 - Remote Node

follow these steps:

Yes

.

field, then press the space bar to select

Yes

and press

VPI/VCI LLC-mux or PPP/PPPoE Encap :
VPI #= 1
VCI #= 1
IP Options :
Rem IP Addr: 0.0.0.0
Rem Subnet Mask= 0.0.0.0
My WAN Addr= 0.0.0.0
Single User Account= No
Metric= 2
Private= No
RIP Direction= Both
Version= RIP-2B
Multicast= None
IP Policies=

Enter here to CONFIRM or ESC to CANCEL:

IPX Options :

Rem LAN Net #= 00000000

My WAN Net #= 00000000

Hop Count= 1

Tick Count= 2
W/D Spoofing(min)= N/A
SAP/RIP Timeout(min)= N/A

Dial-On-Query= N/A

Bridge Options:
Dial-On-Broadcast= N/A

Ethernet Addr Timeout(min)= 0

Figure 7-2 Menu 11.3 - Remote Node Bridging Options

The following table describes the bridging-specific parameters in the Remote Node Profile and Network
Layers menus.

Table 7-2 P642 Remote Node Network Layers Menu Bridge Options

Field Description

Bridge

Edit IP/IPX/Bridge

Make sure this field is set to

Press the space bar to change it to
Network Layer Options Menu.

Please note that the following fields are only valid for PPPoE encapsulation.

Dial-On-Broadcast This field is necessary for your Prestige on the caller side LAN. When

Yes

set to

, any broadcasts coming from the LAN will trigger your
Prestige to make a call to this remote node. If it is set to No, your
Prestige will not make the outgoing call.

Ethernet Addr In this field, enter the time (number of minutes) that you wish your

Yes

.

Yes

and press ENTER] to go to the

Bridging Setup 7-3

Prestige 642 ADSL Internet Access Router

Timeout (min) Prestige 642 to retain the Ethernet Addr information in its internal tables

while the line is down. If this information is retained, your Prestige 642
will not have to recompile the tables when the line is brought back up.

Once you have completed filling in the Network Layer Options Menu, press [ENTER] to return to
Menu 11.1. Then press [ENTER] at the message [Press ENTER to Confirm…] to save your
configuration, or press [Esc] to cancel.

7.3 Bridge Static Route Setup

Similar to network layer static routes, a bridging static route tells the Prestige 642 about the route to a node
before a connection is established. You configure bridge static routes in Menu 12.3.1, by pressing 3 in menu
12 as shown next.

Menu 12.3 - Bridge Static Route Setup

1. ________

2. ________

3. ________

4. ________

Enter selection number:

Figure 7-3 Menu 12.3 - Bridge Static Route Setup

Then select one of the bridge static routes.

Menu 12.3.1 - Edit Bridge Static Route

Route #: 21
Route Name=
Active= No
Ether Address= ?
IP Address=
Gateway Node= 1

Press ENTER to CONFIRM or ESC to CANCEL:

Figure 7-4 Menu 12.3.1 - Edit Bridge Static Route

7-4 Bridging Setup

Prestige 642 ADSL Internet Access Router

The following table describes the Bridge Static Route Menu.

Table 7-3 Bridge Static Route Menu Fields

Field Description

Route Name Enter a name for the bridge static route for identification purposes.

Active Activate/deactivate the static route.

Ether Address Enter the MAC address of the destination machine that you wish to

bridge the packets to.

IP Address If available, enter the IP address of the destination machine that you

wish to bridge the packets to.

Gateway Node Enter the number of the remote node that is the gateway of this static

route.

Once you have completed filling in this menu, press [ENTER] at the message [Press
ENTER to Confirm…] to save your configuration, or press [Esc] to cancel.

Bridging Setup 7-5