![Zyxel OLT2412 [141/326] Port security](/img/pdf.png)
Zyxel OLT2412 [141/326] Port security
![Zyxel OLT2412 [141/326] Port security](/views2/1169610/page141/bg8d.png)
OLT2412 User’s Guide 141
CHAPTER 19
Port Security
This chapter shows you how to set up port security.
19.1 About Port Security
Port security allows only packets with dynamically learned MAC addresses and/or configured static
MAC addresses to pass through a port on the OLT. The OLT can learn up to 32K MAC addresses in
total with no limit on individual ports other than the sum cannot exceed 32K.
For maximum port security, enable this feature, disable MAC address learning and configure static
MAC address(es) for a port. It is not recommended you disable port security together with MAC
address learning as this will result in many broadcasts. By default, MAC address learning is still
enabled even though port security is not activated.
With port-security enabled on the OLT, each subscriber port counts the number of newly learnt MAC
addresses. Configure the number of MAC addresses a specific port can learn and the OLT drops
Source Lookup Failure (SLF) packets on the port that exceed the limit.
Anti-MAC spoofing lets you set whether or not to allow a subscriber device to move between OLT
subscriber ports. This means the OLT has learned a subscriber device’s source MAC address at one
port but receives packets containing the same source MAC address through another subscriber port
before the learned MAC address times out from the MAC address table. Disable anti-MAC spoofing
to have the OLT allow the port move and learn the source MAC address on the new port. Enable
anti-MAC spoofing to have the OLT drop the packets and not learn the source MAC address on the
new port. Anti-MAC spoofing applies to the subscriber ports, not the uplink ports.
19.2 Port Security Setup Commands
Activate port-security on the OLT and on PON port GE-5-1 (slot 5, PON port 1). Use “ge” for a PON
or Gigabit Ethernet port. Use “xe” for an uplink port. Then limit the number of (dynamic) MAC
addresses subscriber port GE-5-1 can learn to 100.
Activate learning mode on PON port GE-5-1 (slot 5, PON port 1). Use “ge” for a PON or Gigabit
Ethernet port. Use “xe” for an uplink port.
OLT2412#config
OLT2412(config)# port-security
OLT2412(config)# port-security ge-5-1
OLT2412(config)# port-security ge-5-1 address-limit 256
OLT2412#config
OLT2412(config)# no port-security ge-5-1 learn inactive
Содержание
- Default login details 1
- Olt2412 1
- Quick start guide 1
- U temperature hardened 12 slot chassis gpon olt 1
- User s guide 1
- Important 2
- Keep this guide for future reference 2
- Read carefully before use 2
- Contents overview 3
- Chapter 1 system introduction 7 5
- Chapter 2 hardware installation 1 5
- Contents overview 5
- Table of contents 5
- Chapter 3 maintenance 3 6
- Chapter 4 cli introduction 7 6
- Chapter 5 initial setup 3 6
- Chapter 6 provisioning user interfaces 9 6
- Chapter 7 basic settings 7 7
- Chapter 8 ipv6 5 7
- Chapter 9 vlan 9 7
- Chapter 10 static mac forwarding setup 01 8
- Chapter 11 static multicast forward setup 03 8
- Chapter 12 filtering 07 8
- Chapter 13 spanning tree protocol 09 8
- Chapter 14 bandwidth control 21 8
- Chapter 15 broadcast storm control 23 8
- Chapter 16 mirroring 25 8
- Chapter 17 link aggregation 27 9
- Chapter 18 port authentication 31 9
- Chapter 19 port security 41 9
- Chapter 20 classifier 45 9
- Chapter 21 policy rule 49 9
- Chapter 22 queuing method 55 10
- Chapter 23 vlan stacking and translation 59 10
- Chapter 24 multicast 69 10
- Chapter 25 ip source guard 79 11
- Chapter 26 voip 91 11
- Chapter 27 loop guard 09 11
- Chapter 28 static route 13 11
- Chapter 29 dhcp 15 12
- Chapter 30 vrrp 21 12
- Chapter 31 file management 27 12
- Chapter 32 access control 31 12
- Chapter 33 diagnostics 47 13
- Chapter 34 syslog 51 13
- Chapter 35 mac table 53 13
- Chapter 36 arp table 57 13
- Chapter 37 routing table 59 13
- Chapter 38 running configuration 61 13
- Chapter 39 remote ont 63 14
- Chapter 40 management card control 81 14
- Chapter 41 port protection switching 83 14
- Chapter 42 pppoe ia 87 14
- Chapter 43 ip and mac anti spoofing 93 14
- Appendix a legal information 19 15
- Chapter 44 ddos 97 15
- Chapter 45 troubleshooting 99 15
- Chapter 46 product specifications 15 15
- Index 21 15
- System description 17
- System introduction 17
- Chapter 1 system introduction 18
- Figure 2 olt front panel 18
- Front panel 18
- Management card 18
- Olt2412 user s guide 18
- Slots slot type module or card name description 18
- Table 1 slots and cards 18
- The following figure shows the olt chassis with line cards two management cards two 10g uplink cards two power modules and the fan module installed 18
- The following table describes the olt slots cards and modules 18
- The management card manages the olt and manages the services of the line cards this card is hot swappable 18
- Chapter 1 system introduction 19
- Figure 3 management card front panel 19
- Label description 19
- Led color status description 19
- Management card alarm connections 19
- Management card ports 19
- Note install the management card before you make the hardware connections see 19
- Olt2412 user s guide 19
- Section 2 on page 34 19
- Table 2 management card led descriptions 19
- Table 3 management card port descriptions 19
- The olt alarm connector is a db15 male connector which provides four external alarm input pairs and three alarm output pairs 19
- Console port connections 20
- Note the alarm input is only for dry contact without any power 20
- Ge uplink card 21
- Ge uplink card sfp slots 21
- Management card specifications 21
- To avoid possible eye injury do not look into an operating fiber optic module s connectors 21
- Note for slots that are at an angle do not attempt to straighten it 22
- Transceiver installation 22
- Transceiver removal 22
- Ge uplink card specifications 23
- Uplink and subtending 23
- Chapter 1 system introduction 24
- Class b class c 24
- Figure 10 gpon line card front panel 24
- Gpon line card 24
- Gpon line card connectors 24
- Install or remove the transceivers in the same was as for the 10ge uplink card see section 1 on page 21 for details 24
- Led color status description 24
- Olt2412 user s guide 24
- Table 7 gpon line card led descriptions 24
- Table 8 gpon line card supported transceiver specifications 24
- The gpon line card has sfp msa compliant connectors that support class a class b or class c gpon transceivers 24
- The gpon line card provides 4 gpon sfp slots compliant with itu t g 84 and supports up to 256 pon subscribers 24
- Chapter 1 system introduction 25
- Figure 11 ge line card front panel 25
- Ge line card 25
- Gpon line card specifications 25
- Item value 25
- Led color status description 25
- Olt2412 user s guide 25
- See table 11 on page 26 for specifications of the supported optical transceivers install or remove the transceivers in the same way as for the 10ge uplink card see section 1 on page 21 for details 25
- Table 10 ge line card led descriptions 25
- Table 9 gpon line card s specifications 25
- The following table lists the gpon line card s specifications see table 179 on page 316 for power consumption specifications 25
- The ge line card provides 4 gigabit active ethernet sfp module slots compliant with ieee 802 z 25
- Fan module 26
- Ge line card specifications 26
- Power module 26
- Cables 28
- Dc power wire specifications 28
- Dc power wires 28
- Fiber optic cables 28
- Note the black power wire is the 48 v return ground wire connected to the ground terminal of the dc input on the psu dual the blue power wire is the 48 v power wire connected to the 48 v terminal of the dc power board 28
- Chassis installation 31
- General installation instructions 31
- Hardware installation 31
- Mounting the chassis on a rack 31
- Rack mounted installation requirements 31
- Connecting the olt frame grounds 33
- Warning connect the frame grounds before you connect any other cables or wiring 33
- Installing management uplink and line cards 34
- Removing management uplink and line cards 36
- Connect the power 38
- When connecting the olt power wires to the power module push the wires firmly into the terminals as deep as possible and make sure that no exposed bare wires can be seen or touched 38
- Turn on the olt power 41
- Fan maintenance 43
- Maintenance 43
- Procedure to remove and install the fan module 43
- Power maintenance 45
- Procedure to change a power module 45
- Procedure to disconnect the power 45
- Accessing the cli 47
- Cli introduction 47
- Console port 47
- Local telnet 47
- Logging in 48
- Note the olt automatically logs you out of the management interface after five minutes of inactivity if this happens to you simply log back in again 48
- Remote telnet 48
- Using shortcuts and getting help 48
- Listing commands available in a command mode 49
- Courier new fon 50
- Document command syntax conventions 50
- Entering partial commands 50
- Dual configuration files 51
- Dual image files 51
- Write memory 51
- Logging out 52
- Note save changes after each cli session the olt loses all unsaved configuration changes once it restarts 52
- Saving your configuration 52
- Write memor 52
- Changing the administrator password 53
- Changing the enable password 53
- Initial setup 53
- Changing the in band management ip address 54
- Changing the out of band management ip address 54
- Note afterwards you have to use the new ip address to access the olt 54
- Prohibiting concurrent logins 54
- Chapter 5 initial setup 55
- Looking at basic system information 55
- Olt2412 user s guide 55
- Use show hardware monitor to display olt temperature fan speeds and voltage for example 55
- Use show system information to display general system information about the olt including the firmware version 55
- Chapter 5 initial setup 56
- Checking installed line cards 56
- Looking at the operating configuration 56
- Olt2412 user s guide 56
- Use show running config page to look at the current operating configuration use page to display one page at a time for example 56
- Use show show lc status to display which line cards are installed in the olt s slots for example 56
- Configuring an uplink card 57
- Ont subscriber port provisioning example 59
- Ont subscriber port provisioning example overview 59
- Provisioning user interfaces 59
- A used in this example requires the serial number and password the ont sends to match the ones you configure on the olt 60
- C autolock requires the serial number the ont sends to match the one you configure on the olt 60
- C requires the physical layer operations and maintenance ploam password the ont sends to match what you configure on the olt 60
- Chapter 6 provisioning user interfaces 60
- D automatically registers the ont and brings it into service without checking the serial number or password the ont may receive a different ont id when it reconnects 60
- E automatically registers the ont and brings it into service without checking the serial number or password the olt records the sn ont id mapping and uses the same ont id for the ont when it reconnects 60
- Enable the pon port and check the slot s status 60
- Olt2412 user s guide 60
- Set the method a c c autolock or d the olt registers onts connected to the port 60
- Set the pon port s transceiver type this example displays the mapping between the transceiver type number from 0 22 and the transceiver manufacturer and class the pon port in this example has a ligent class b transceiver installed so this example uses transceiver type 5 60
- Bwprof bandwidth profiles have sustained information rate sir access information rate air and peak information rate pir settings for limiting bandwidth 61
- Chapter 6 provisioning user interfaces 61
- Configure the qos ingress profile and bandwidth profiles and then check the configuration 61
- Configure the remote ont s provisioning and bandwidth group settings when you configure remote ont settings the olt configures the ont with those settings this example uses 61
- Ingprof the qos ingress profile maps ieee 802 p priority tags to traffic classes this example s voip qos ingress profile maps ieee 802 p tags 0 to 7 to traffic class 1 61
- Model model id 1 for the zyxel pmg1006 ont used in this example others are 0 default zyxel s ies4005 uses this 2 zyxel pmg5318 ont 3 xavi xo390 ont and 4 finisar ftgn2017p1cun 61
- Olt2412 user s guide 61
- Pa password 44454641554c54000000 in this example 61
- Qos queues use bandwidth profiles to manage the bandwidth of individual traffic classes within the bandwidth groups this example creates a voice qos bandwidth profile which sets the sir to 128 kbps and limits the air and pir both to 256 kbps you could configure other bandwidth profiles for traffic like movies on demand mod and data 61
- Slot 5 port 1 and sets the ont s id to 101 61
- Sn serial number 5a59584501111110 in this example 61
- This example creates a 1g qos bandwidth profile which sets the sir to 1024 kbps and limits the air to 2048 kbps and the pir to 1000000 kbps in this step s final output you can see some other bandwidth profiles are already configured 61
- Cardtype this example uses the pmg1006 so card refers to the ethernet ports and the card type is 10_100baset other types are vdsl2 for vdsl ports on an mdu 10_100_1000baset and veip for a virtual ethernet card on a router mode ont 63
- Chapter 6 provisioning user interfaces 63
- Configure a card on the ont and check the status 63
- Data port the number of subscriber ports on the ont card expected to send traffic 3 in this example 63
- Is status means in service oos means out of service 63
- Olt2412 user s guide 63
- Slot 5 port 1 ont 101 card 1 63
- Active on or off on in this example 65
- Aes encryption enabled or disabled disabled in this example 65
- Chapter 6 provisioning user interfaces 65
- Configure the ont s card type to vdsl2 and set the number of subscriber ports on the ont expected to send traffic 1 in this example and check the status see the description for step 6 on page 63 for details 65
- Configure the ont s provisioning and bandwidth group settings and enable the ont see the description for step 5 on page 61 for details differences for this example are ont 102 serial number 5a59584501111112 and password 44454641554c54000002 65
- Enable the mdu s vdsl2 port port 1 in this example and check the status 65
- Mdu subscriber port provisioning example 65
- Olt2412 user s guide 65
- Provisioning a subscriber port on an mdu is similar to provisioning a subscriber port on an ont see section 6 on page 59 in this example the mdu is connected to the same pon port so you do not have to configure the pon port or vlan settings you also re use the qos ingress profile and bandwidth profiles this example configures vdsl port 1 on card 1 in ont 102 connected to gpon port 1 in slot 5 on the olt 65
- Chapter 6 provisioning user interfaces 66
- Configure vlan flow settings for the vdsl port on the remote ont the same as in step 9 on page 64 except it s for ont 102 66
- Olt2412 user s guide 66
- Basic settings 67
- Date and time commands 67
- System name command 67
- Bcp transparency 69
- Chapter 7 basic settings 69
- Command description 69
- Label description 69
- No bcp transparency 69
- Olt2412 user s guide 69
- Switch setup 69
- Table 24 show timesync 69
- Table 25 switch setup commands 69
- The following table describes the labels in this display 69
- This example looks at the current time server settings 69
- Use these commands to configure olt switch setup 69
- Ip setup 70
- Configure the out of band management ip address settings 71
- Display ip settings 71
- Set the out of band management default gateway ip address 71
- Slot setup 71
- Slot setup commands examples 71
- Chapter 7 basic settings 72
- Commands description 72
- Enable the slot 72
- Olt2412 user s guide 72
- Port setup 72
- Table 28 port setup commands 72
- The following table describes the commands for configuring ports 72
- Chapter 7 basic settings 73
- Commands description 73
- Flow control 73
- Olt2412 user s guide 73
- Port setup commands examples 73
- Select port 1 in slot 6 and name the port 2412 73
- Set the port to 1 gb and full duplex 73
- Set the port to forward bpdus it receives 73
- Table 28 port setup commands continued 73
- The following commands configure port 1 on a card installed in slot 6 73
- Chapter 7 basic settings 74
- Display the port s settings 74
- Olt2412 user s guide 74
- Ipv6 addressing 75
- Ipv6 overview 75
- Ipv6 terms 75
- Global address 76
- Interface id 76
- Link local address 76
- Multicast address 76
- A loopback address 0 0 0 0 0 0 0 1 or 1 allows a host to send packets to itself it is similar to 127 in ipv4 77
- An unspecified address 0 0 0 0 0 0 0 0 or is used as the source address when a device does not have its own address it is similar to 0 in ipv4 77
- Chapter 8 ipv6 77
- Loopback 77
- Multicast address 77
- Multicast address description 77
- Multicast scope allows you to determine the size of the multicast group a multicast address has a predefined prefix of ff00 8 the following table describes some of the predefined multicast addresses 77
- Olt2412 user s guide 77
- Table 31 predefined multicast address 77
- Table 32 reserved multicast address 77
- The following table describes the multicast addresses which are reserved and can not be assigned to a multicast group 77
- Unspecified 77
- Dhcpv6 78
- Eui 64 78
- Identity association 78
- Stateless autoconfiguration 78
- Dhcp relay agent 79
- Icmpv6 79
- Neighbor discovery protocol ndp 79
- Rebind 79
- Renew rebind 79
- Renew to s1 79
- Ipv6 cache 80
- Mld messages 80
- Multicast listener discovery 80
- Mld port role 81
- Mld snooping proxy 81
- Snooping 81
- Ipv6 commands 82
- Report 82
- Chapter 8 ipv6 84
- Command description 84
- Ipv6 nd managed config flag 84
- Ipv6 nd other config flag 84
- Ipv6 nd ra suppress 84
- No ipv6 nd dad attempts 84
- Olt2412 user s guide 84
- Table 37 ipv6 nd commands 84
- Chapter 8 ipv6 86
- Ipv6 command examples 86
- Olt2412 user s guide 86
- There are three addresses created in total for vlan 1 the address 2001 db8 c18 1 219 cbff fe00 1 64 is created with the interface id 219 cbff fe00 1 generated using the eui 64 format the address 2001 db8 c18 1 12b 64 is created exactly the same as what you entered in the command 86
- This example shows how to enable ipv6 in vlan 1 and display the link local address the olt automatically generated and other ipv6 information for the vlan 86
- This example shows how to manually configure two ipv6 addresses one uses the eui 64 format one doesn t in vlan 1 and then display the result before using ipv6 address commands you have to enable ipv6 in the vlan and this has the olt generate a link local address for the interface 86
- Chapter 8 ipv6 87
- Label description 87
- Olt2412 user s guide 87
- Table 39 show ipv6 neighbor 87
- The following table describes the labels in this display 87
- This example shows the olt owns l displays in the t field two manually configured permanent ip addresses 2001 1234 and fe80 219 cbff fe00 1 it also displays a neighbor fe80 2d0 59ff feb8 103c in vlan 1 is reachable from the olt 87
- By default windows xp and windows 2003 support ipv6 this example shows you how to use the ipv6 install command on windows xp 2003 to enable ipv6 this also displays how to use the ipconfig command to see auto generated ip addresses 88
- Chapter 8 ipv6 88
- Example enabling ipv6 on windows xp 2003 88
- Ipv6 is installed and enabled by default in windows vista use the ipconfig command to check your automatic configured ipv6 address as well you should see at least one ipv6 address available for the interface on your computer 88
- Olt2412 user s guide 88
- This example sends ping requests to an ethernet device with ipv6 address fe80 2d0 59ff feb8 103c in vlan 1 the device also responds the pings 88
- Introduction to ieee 802 q tagged vlans 89
- Introduction to vlans 89
- Forwarding tagged and untagged frames 90
- Note see section 7 on page 72 for interface port channel commands 90
- Static vlan 90
- Vlan configuration overview 90
- Chapter 9 vlan 91
- Command description 91
- Inactive 91
- Ingress check 91
- No inactive 91
- No ingress check 91
- Olt2412 user s guide 91
- Show vlan 91
- Table 40 vlan commands 91
- Table 41 ingress check commands 91
- The following section lists the commands for the ingress checking feature enable or disable vlan ingress checking on each port individually via the ingress check command in the config interface mode 91
- The following section lists the commands for this feature 91
- Vlan commands 91
- Chapter 9 vlan 92
- Dynamic the vlan was added via gvrp 92
- Elap time this field displays how long it has been since a dynamic vlan was registered or a static vlan was set up 92
- Idx this field displays an entry number for each vlan 92
- Label description 92
- Olt2412 user s guide 92
- Other the vlan was added in another way such as multicast vlan registration mvr 92
- Static the vlan was added as a permanent entry 92
- Status this field displays how this vlan was added to the olt 92
- Table 42 show vlan 92
- Tagctl this field displays untagged and tagged ports 92
- Tagged these ports tag outgoing frames with the vlan id 92
- The following table describes the labels in this display 92
- The number of vlan this field displays the number of vlans on the olt 92
- This example configures ports 1 to 5 as fixed and untagged ports in vlan 2000 92
- This example deletes entry 2 in the static vlan table 92
- This example shows the vlan table 92
- Untagged these ports do not tag outgoing frames with the vlan id 92
- Vid this field displays the vlan identification number 92
- Vlan command examples 92
- Automatic vlan registration 93
- Chapter 9 vlan 93
- Garp and gvrp are the protocols used to automatically register vlan membership across switches 93
- Garp generic attribute registration protocol allows network switches to register and de register attribute values with other garp participants within a bridged lan garp is a protocol that provides a generic mechanism for protocols that serve a more specific application for example gvrp 93
- Garp timers 93
- Gvrp garp vlan registration protocol is a registration protocol that defines a way for switches to register necessary vlan members on ports across the network enable this function to permit vlan groups beyond the local olt 93
- Olt2412 user s guide 93
- Please refer to the following table for common ieee 802 q vlan terminology 93
- Switches join vlans by making a declaration a declaration is made by issuing a join message using garp declarations are withdrawn by issuing a leave message a leave all message terminates all registrations garp timers set declaration timeout values 93
- Table 43 ieee 802 q vlan terminology 93
- This example enables ingress checking on ports ge 5 1 ge 5 4 93
- Vlan parameter term description 93
- Garp command examples 94
- Garp commands summary 94
- Garp configuration 94
- Gvrp command examples 95
- Gvrp commands 95
- Port vlan trunking 95
- Subnet based vlans 96
- V1 v2 v1 v2 96
- Vlan trunking setup commands example 96
- Internet 97
- Note subnet based vlan applies to un tagged packets and is applicable only when you use ieee 802 q tagged vlan 97
- Subnet based vlan commands 97
- Note protocol based vlan applies to un tagged packets and is applicable only when you use ieee 802 q tagged vlan 98
- Protocol based vlans 98
- Subnet based vlan command examples 98
- Chapter 9 vlan 99
- Command description 99
- Figure 29 protocol based vlan application example 99
- Note protocols in the hexadecimal number range 0x0000 to 0x05ff are not allowed 99
- Olt2412 user s guide 99
- Protocol based vlan 99
- Protocol based vlan commands 99
- Table 48 protocol based vlan commands 99
- The following section lists the commands for this feature 99
- Protocol based vlan command examples 100
- Overview 101
- Static mac forwarding commands 101
- Static mac forwarding setup 101
- Static multicast forward setup 103
- Static multicast forwarding overview 103
- Static multicast forwarding commands 104
- Chapter 11 static multicast forward setup 105
- Olt2412 user s guide 105
- Static multicast forwarding command examples 105
- This example creates a static multicast forwarding rule the rule forwards frames with destination mac address 01 00 5e 00 00 06 to port ge 5 1 in vlan 1 105
- This example removes a static multicast forwarding rule with multicast mac address 01 00 5e 06 01 46 which belongs to vlan 1 105
- This example shows the current multicast table the type field displays user for rules that were manually added through static multicast forwarding or displays system for rules the olt has automatically learned through igmp snooping 105
- Filtering 107
- Mac filtering commands examples 107
- Mac filtering commands summary 107
- Overview 107
- Command example filter source 108
- Spanning tree protocol 109
- Stp rstp overview 109
- Stp terminology 109
- How stp works 110
- Multiple stp 110
- Stp port states 110
- Mstp network example 111
- Vlan 1 vlan 2 111
- Mst instance 112
- Mst region 112
- Vlan 1 vlan 2 112
- Common and internal spanning tree cist 113
- Stp and rstp commands 113
- Stp and rstp command examples 114
- Chapter 13 spanning tree protocol 115
- Enables stp on port 2 on the uplink card in slot 3 with a path cost of 150 115
- Label description 115
- Olt2412 user s guide 115
- Sets the priority for port 2 to 20 115
- Table 55 show spanning tree config 115
- The following table describes the labels in this display 115
- This example shows the current stp settings 115
- Chapter 13 spanning tree protocol 116
- Command description 116
- Label description 116
- Mstp commands 116
- No mstp 116
- Olt2412 user s guide 116
- Show mstp 116
- Table 55 show spanning tree config continued 116
- Table 56 mstp commands 116
- This example enables rstp on port xe 3 1 port 1 on the uplink card in slot 3 it also sets port xe 4 2 to not be an edge port because it is connected to another switch 116
- Use these commands to configure multiple spanning tree protocol mstp as defined in ieee 802 s 116
- Chapter 13 spanning tree protocol 117
- Command description 117
- Edge port 117
- Note an edge port becomes a non edge port as soon as it receives a bridge protocol data units bpdu 117
- Olt2412 user s guide 117
- Table 56 mstp commands continued 117
- Table 57 mstp instance commands 117
- Chapter 13 spanning tree protocol 118
- Label description 118
- Mstp command examples 118
- Olt2412 user s guide 118
- Table 58 show mstp 118
- The following table describes the labels in this display 118
- This example shows the current mstp configuration 118
- Chapter 13 spanning tree protocol 119
- Label description 119
- Olt2412 user s guide 119
- Table 59 show mstp instance 119
- The following table describes the labels in this display 119
- This example shows the current cist configuration mstp instance 0 119
- Bandwidth control 121
- Broadcast storm control 123
- Broadcast storm control commands 123
- Broadcast storm control examples 123
- Broadcast enabled how many broadcast packets the port receives per second and the enable state for broadcast packets 124
- Chapter 15 broadcast storm control 124
- Disable broadcast storm control on the olt 124
- Display storm control status and settings this example displays the settings for slots 3 to 12 124
- Dlf limit enabled how many dlf packets the port receives per second and the enable state for dfl packets 124
- Label description 124
- Multicast enabled how many multicast packets the port receives per second and the enable state for multicast packets 124
- Olt2412 user s guide 124
- Port this field displays a port number 124
- Set broadcast storm control on a port ge 5 1 which is active to limit its broadcast type traffic with a threshold of 999 packets per second 124
- Table 62 broadcast storm control port status 124
- Mirroring 125
- Port mirroring commands 125
- Port mirroring overview 125
- Chapter 16 mirroring 126
- Olt2412 user s guide 126
- Port mirroring command examples 126
- This example displays the mirror settings of the olt after you configured in the example above 126
- This example enables port mirroring and copies outgoing traffic from ge port 4 on the card in slot 6 to xe port 2 in slot 3 126
- Dynamic link aggregation 127
- Link aggregation 127
- Link aggregation overview 127
- Link aggregation commands 128
- Link aggregation id 128
- Link aggregation commands examples 129
- Chapter 17 link aggregation 130
- Label description 130
- Olt2412 user s guide 130
- Table 69 show lacp labels 130
- The following table describes the labels 130
- This example displays the current lacp settings 130
- Ieee 802 x authentication 131
- Port authentication 131
- Port authentication overview 131
- Mac authentication 132
- Authentication reply 133
- Authentication request authentication request 133
- Guest vlan 133
- Internet 133
- New connection 133
- Session granted denied 133
- Vlan 100 133
- Vlan 102 133
- Port authentication configuration 134
- Port authentication command examples 135
- Chapter 18 port authentication 136
- Configure guest vlan 100 on port ge 5 1 136
- Configure port ge 5 1 to remain in the held state and rejects further authentication requests from the client for 120 seconds after a failed authentication exchange 136
- Configure port ge 5 1 to require the subscriber to periodically re enter his or her username and password to stay connected to a specified port 136
- Configure port ge 5 1 to require the subscriber to re enter the username and password every 3600 seconds to stay connected to the specified port s 136
- Configure port ge 5 1 to wait 30 seconds before re sending an identity request to clients on the listed ports 136
- Configure port ge 5 1 to wait 30 seconds for the client s response to the challenge request before sending a request again 136
- Enable the guest vlan feature on port ge 5 1 136
- Olt2412 user s guide 136
- Set the guest vlan host mode to multi host on port ge 5 1 136
- Set the guest vlan host mode to multi secure on port ge 5 1 136
- Chapter 18 port authentication 137
- Display all 802 x port authentication settings 137
- Display port ge 5 1 s 802 x port authentication settings 137
- Olt2412 user s guide 137
- Set the guest vlan host multi secure number on port ge 5 1 to 5 137
- Chapter 18 port authentication 138
- Command description 138
- Mac authentication 138
- Mac authentication commands 138
- No mac authentication 138
- No mac authentication timeout 138
- Note you must first enable mac authentication on the olt before configuring it on each port 138
- Olt2412 user s guide 138
- Show mac authentication 138
- Show mac authentication config 138
- Table 71 mac authentication commands 138
- This table lists the commands for this feature 138
- Mac authentication command examples 139
- Radius commands 139
- Radius command examples 140
- About port security 141
- Port security 141
- Port security setup commands 141
- Address limit 142
- Chapter 19 port security 142
- Command description 142
- Disables the specified mac address limit 142
- Display the port security settings 142
- Learn inactive 142
- Limits the number of dynamic mac addresses that may be learned on the specified ports 142
- Mac address limit 142
- Olt2412 user s guide 142
- Removes the specified mac address limit 142
- Table 73 mac address limit commands 142
- You can set the mac address learning limit on a per port basis the following table lists the commands for this feature 142
- About the classifier and qos 145
- Classifier 145
- Classifier commands 146
- Chapter 20 classifier 147
- Ethernet type protocol number 147
- In an ipv4 packet header the protocol field identifies the next level protocol the following table shows some common ipv4 protocol types and the corresponding protocol number refer to http www iana org assignments protocol numbers for a complete list 147
- In an ipv6 packet header the next header field identifies the next level protocol the following table shows some common ipv6 next header values 147
- Olt2412 user s guide 147
- Protocol type protocol number 147
- Protocol type value 147
- Table 75 common ethernet types and protocol number 147
- Table 76 common ipv4 protocol types and protocol numbers 147
- Table 77 common ipv6 next header values 147
- Classifier command examples 148
- Policy commands 149
- Policy rule 149
- Policy rules overview 149
- Chapter 21 policy rule 150
- Command description 150
- Inactive 150
- Olt2412 user s guide 150
- Policy command examples 150
- Table 78 policy commands continued 150
- This example creates a policy highpriority for the traffic flow identified via classifier vlan3 see the classifier example in chapter 20 on page 145 this policy replaces the ieee 802 priority field with the ip tos priority field value 7 for vlan3 packets 150
- Trtcm color blind mode 151
- Two rate three color marker traffic policing 151
- Exceed cir 152
- Exceed pir 152
- Red yellow 152
- Trtcm color aware mode 152
- Trtcm commands 152
- Trtcm command examples 153
- Queuing method 155
- Queuing method overview 155
- Strictly priority 155
- Weighted fair queuing 155
- Weighted round robin scheduling wrr 155
- Port by port queuing command examples 156
- Port by port queuing commands 156
- System wide queuing command examples 157
- System wide queuing commands 157
- Vlan stacking and translation 159
- Vlan stacking example 159
- Vlan stacking overview 159
- Note if you use q in q static vlan tx tagging must be enabled on a port set to the normal or access port role 160
- Otherwise static vlan tx tagging must be disabled on a port set to the normal or access port role 160
- Vlan stacking port roles 160
- Vlan translation overview 160
- Port 3 161
- Service provider network 161
- Vlan tag format 161
- Vlan translation example 161
- Chapter 23 vlan stacking and translation 162
- Frame format 162
- Note selective q in q rules are only applied to single tagged frames received on the access ports if the incoming frames are untagged or single tagged but received on a tunnel port or cannot match any selective q in q rules the olt applies the port based q in q rules to them 162
- Olt2412 user s guide 162
- Port based q in q 162
- Port based q in q lets the olt treat all frames received on the same port as the same vlan flows and add the same outer vlan tag to them even if they have different customer vlan ids 162
- Selective q in q 162
- Selective q in q is vlan based it allows the olt to add different outer vlan tags to the incoming frames received on one port according to their inner vlan tags 162
- Table 83 single and double tagged 802 1q frame format 162
- Table 84 802 q frame 162
- The frame format for an untagged ethernet frame a single tagged 802 q frame customer and a double tagged 802 q frame service provider is shown next 162
- Vlan stacking command examples 163
- Vlan stacking commands 163
- A 37 24 164
- B 48 24 164
- Chapter 23 vlan stacking and translation 164
- Customer a customer a 164
- Customer b customer b 164
- Figure 44 example vlan stacking 164
- Olt2412 user s guide 164
- This example shows how to configure ports ge 5 1 and ge 5 2 on the olt to tag incoming frames with the service provider s vid of 37 ports are connected to customer a network this example also shows how to set the priority for ports ge ge 5 1 and ge 5 2 1 to 3 it also sets port xe 3 1 as a tunnel port with tpid 8100 164
- Vlan 24 vlan 24 164
- Vlan translation commands 165
- Active on off 166
- Chapter 23 vlan stacking and translation 166
- Command description 166
- Cross connect enable disable 166
- Cross port aid 166
- Egr vlan xlate miss drop 166
- N1map group 166
- Olt2412 user s guide 166
- Table 86 vlan translation commands continued 166
- Tr156 on off 166
- Vlan xlate miss drop 166
- Vlan translation command examples 167
- Igmp filtering 169
- Igmp snooping 169
- Ip multicast addresses 169
- Multicast 169
- Multicast overview 169
- Chapter 24 multicast 170
- Command description 170
- Igmp snooping 170
- Igmp snooping mld support 170
- Label description 170
- Multicast commands 170
- Multicast status 170
- Olt2412 user s guide 170
- Table 87 multicast status 170
- Table 88 igmp snooping commands 170
- The following table describes the labels in the output 170
- Use the igmp snooping commands in configure mode to configure the multicast settings the following table describes the command s options 170
- Use the show multicast command to display the multicast group information 170
- Igmp snooping vlan commands 171
- Igmp filtering profile 172
- Multicast vlan vlan 1 173
- Mvr overview 173
- Vlan 2 173
- Vlan 3 173
- General mvr configuration 174
- How mvr works 174
- Multicast vlan vlan 1 174
- Mvr modes 174
- Note you can create up to five multicast vlans and up to 256 multicast rules on the olt 174
- Types of mvr ports 174
- Mvr group configuration 175
- Note your olt automatically creates a static vlan with the same vid when you create a multicast vlan 175
- Ge 5 1 176
- Ge 5 2 176
- Ge 5 3 176
- Multicast vid 200 vlan 1 176
- Mvr configuration example 176
- Note a port can belong to more than one multicast vlan however ip multicast group addresses in different multicast vlans cannot overlap 176
- Xe 3 1 176
- Chapter 24 multicast 177
- Olt2412 user s guide 177
- To configure the mvr settings on the olt create a multicast group set the receiver and source ports and create mvr groups by mvr command 177
- Dhcp snooping overview 179
- Ip source guard 179
- Ip source guard overview 179
- Dhcp relay option 82 information 180
- Dhcp snooping database 180
- Note the olt will drop all dhcp requests if you enable dhcp snooping and there are no trusted ports 180
- Arp inspection overview 181
- Configuring dhcp snooping 181
- Arp inspection and mac address filters 182
- Configuring arp inspection 182
- Note it is recommended you enable dhcp snooping at least one day before you enable arp inspection so that the olt has enough time to build the binding table 182
- Syslog 182
- Trusted vs untrusted ports 182
- Ip source guard binding command examples 183
- Ip source guard binding commands 183
- Dhcp snooping dhcp vlan commands 184
- Note you must set up a management ip address for each vlan that you want to configure dhcp settings for on the olt 184
- Dhcp snooping dhcp vlan command examples 185
- Arp inspection 186
- Arp inspection commands 186
- Chapter 25 ip source guard 186
- Clear arp inspection statistics 186
- Command description 186
- Disables arp inspection on the olt 186
- Displays all arp inspection statistics on the olt 186
- Displays arp inspection configuration details 186
- Displays arp inspection statistics for the specified vlan s 186
- Displays dhcp snooping configuration details 186
- Enables arp inspection on the olt you still have to enable arp inspection on specific vlan and specify trusted ports 186
- No arp inspection 186
- Olt2412 user s guide 186
- Removes all arp inspection statistics on the olt 186
- Removes arp inspection statistics for the specified vlan s 186
- Show arp inspection 186
- Show arp inspection statistics 186
- Table 98 arp inspection commands 186
- Use arp inspection to look at the current list of mac address filters that were created because the olt identified an unauthorized arp packet when the olt identifies an unauthorized arp packet it automatically creates a mac address filter to block traffic from the source mac address and source vlan id of the unauthorized arp packet 186
- Use these commands to filter unauthorized arp packets in your network 186
- Arp inspection command examples 188
- Chapter 25 ip source guard 189
- Label description 189
- Olt2412 user s guide 189
- Table 104 show arp inspection log 189
- The following table describes the labels in this display 189
- This example displays whether ports are trusted or untrusted ports for arp inspection 189
- This example looks at log messages that were generated by arp packets and that have not been sent to the syslog server yet 189
- Chapter 25 ip source guard 190
- Label description 190
- Olt2412 user s guide 190
- Table 105 show arp inspection interface port channel 190
- The following table describes the labels in this display 190
- Voip overview 191
- Chapter 26 voip 192
- Command description 192
- Olt2412 user s guide 192
- Table 106 voip common profile commands 192
- The following table lists the commands for configuring profiles of common voip settings 192
- Voip common profile commands 192
- Chapter 26 voip 193
- Command description 193
- Olt2412 user s guide 193
- Piggyback 193
- Table 106 voip common profile commands continued 193
- Chapter 26 voip 194
- Command description 194
- Olt2412 user s guide 194
- Table 106 voip common profile commands continued 194
- Table 107 voip sip profile commands 194
- The following table lists the commands for configuring voip sip profiles 194
- Voip sip profile commands 194
- Chapter 26 voip 195
- Command description 195
- Olt2412 user s guide 195
- Table 107 voip sip profile commands continued 195
- A dial plan defines the dialing patterns such as the length and range of the digits for a telephone number it also includes country codes access codes area codes local numbers long distance numbers or international call prefixes for example the dial plan 2 9xxxxxx does not allow a local number which begins with 1 or 0 196
- Chapter 26 voip 196
- Command description 196
- Dial plan rule details 196
- Olt2412 user s guide 196
- Table 108 voip dial plan profile commands 196
- The following table lists the commands for configuring voip dial plan profiles 196
- Voip dial plan profile commands 196
- Chapter 26 voip 198
- Command description 198
- Olt2412 user s guide 198
- Show voip common profile 198
- Show voip dial plan 198
- Show voip sip profile 198
- Table 109 uni port voip service commands 198
- Table 110 voip show commands 198
- The following table lists the commands for configuring voip service settings for a subscriber port on the remote ont the remote ont must also support the voip services you configure for it 198
- The following table lists the commands for displaying voip settings and status 198
- Uni port voip service settings 198
- Voip service help 198
- Voip show commands 198
- Chapter 26 voip 199
- Command description 199
- Olt2412 user s guide 199
- Show remote ontpots 199
- Table 110 voip show commands continued 199
- Table 111 voip configuration supported on the pmg5318 199
- The following table lists the voip configuration the pmg5318 can support 199
- Voip configuration supported on the pmg5318 199
- Chapter 26 voip 200
- Command description 200
- Olt2412 user s guide 200
- Ont subscriber voip port provisioning example 200
- Table 111 voip configuration supported on the pmg5318 continued 200
- The voip function is on the ont not the olt the olt uses omci to configure voip settings on the ont the ont must support receiving voip configuration by omci 200
- Bwgroup number 1 in this example 202
- Chapter 26 voip 202
- Configure cards 2 and 4 in this example on the remote ont set the card types to veip and pots respectively and activate them configure interfaces on the cards and activate them 202
- Configure the remote ont s provisioning and bandwidth group settings when you configure remote ont settings the olt configures the ont with those settings 202
- Dsbwprofname this example uses the 100m bandwidth profile for downstream traffic 202
- Enable the ont 202
- Model model id 2 for the pmg5318 202
- Olt2412 user s guide 202
- Pa password 44454641554c54000000 in this example 202
- Set the pon port s register method for how the olt registers onts connected to the port a in this example and the pon port s transceiver type 6 in this example then enable the pon port 202
- Set the slot containing the gpon card slot 5 to use a gpon card and enable the slot 202
- Slot 5 port 1 and sets the ont s id to 1 202
- Sn serial number 5a59584517035116 in this example 202
- Type this example uses bandwidth group type 5 which applies the sir and air and uses a pir greater than the sir and air added together 202
- Usbwprofname this example uses the 100m bandwidth profile for upstream traffic 202
- Chapter 26 voip 204
- Display the voip common profile configuration 204
- Display the voip dial plan profile configuration 204
- Display the voip sip profile configuration 204
- Olt2412 user s guide 204
- Show the olt voip setup and status 204
- Chapter 26 voip 205
- Display the pots status 205
- Display the remote ont card s status 205
- Display the remote ont uni port s status 205
- Olt2412 user s guide 205
- Pmg5318 voip setup example 206
- Loop guard 209
- Loop guard overview 209
- Loopguard command examples 211
- Loopguard commands 211
- Note after resolving the loop problem on your network you can re activate the disabled port see section 7 on page 72 211
- Chapter 27 loop guard 212
- Label description 212
- Olt2412 user s guide 212
- Table 113 show loopguard continued 212
- Static route 213
- Static route command examples 213
- Static route commands 213
- Chapter 28 static route 214
- Label description 214
- Olt2412 user s guide 214
- Table 115 show ip route static 214
- The following table describes the labels in this display 214
- This example shows the current routing table 214
- You can create an active static route that routes traffic for 192 68 0 24 to 192 68 214
- You can however create this static route if it is inactive 214
- Dhcp configuration options 215
- Dhcp modes 215
- Dhcp overview 215
- Dhcp relay 215
- Dhcp commands 216
- Dhcp relay agent information 216
- Dhcp command examples 217
- Internet 218
- Vlan1 vlan2 218
- 6 0 00 219
- Configuring dhcp vlan 219
- Vlan 1 vlan 2 219
- Vrrp overview 221
- Advertisement interval 222
- Note all routers participating in the virtual router must use the same advertisement interval 222
- Preempt mode 222
- Priority 222
- Vrrp parameters 222
- Vrrp configuration 223
- Vrrp status 223
- Add a vrrp configuration 224
- Chapter 30 vrrp 224
- Enable a vrrp configuration 224
- Enable preempt mode for a vrrp 224
- Olt2412 user s guide 224
- Set the advertisement interval for a vrrp 224
- Set the name for a vrrp 224
- Set the primary virtual ip for a vrrp 224
- Set the secondary virtual ip for a vrrp 224
- Vrrp configuration examples 224
- Chapter 30 vrrp 225
- Olt2412 user s guide 225
- Set the priority ip for a vrrp 225
- File management 227
- Filename conventions 227
- Ftp command line 227
- Be sure to upload the correct model firmware as uploading the wrong model firmware may damage your device 228
- Ftp command line procedure 228
- Gui based ftp clients 228
- Ftp restrictions 229
- About snmp 231
- Access control 231
- Access control overview 231
- Snmp v3 and security 232
- Supported mibs 232
- An oid object id that begins with 1 90 7 is defined in private mibs otherwise it is a standard mib oid 233
- Chapter 32 access control 233
- Olt2412 user s guide 233
- Option object label object id description 233
- Snmp traps 233
- Table 125 snmp system traps 233
- The oids beginning with 1 90 7 3 are specific to the olt2412 233
- The olt sends traps to an snmp manager when an event occurs the following tables outline the snmp traps by category 233
- Chapter 32 access control 234
- Olt2412 user s guide 234
- Option object label object id description 234
- Table 126 snmp interface traps 234
- Table 127 snmp ip traps 234
- Chapter 32 access control 235
- Command description 235
- Olt2412 user s guide 235
- Option object label object id description 235
- Snmp server commands 235
- Table 127 snmp ip traps continued 235
- Table 128 snmp switch traps 235
- Table 129 snmp server commands user input values 235
- The following table describes user input values available in multiple commands for this feature 235
- Use these commands to configure snmp on the olt 235
- A non administrator username is something other than admin is someone who can view but not configure olt settings 239
- An administrator is someone who can both view and configure olt changes the username for the administrator is always admin the default administrator password is 1234 239
- Chapter 32 access control 239
- Note it is highly recommended that you change the default administrator password 1234 239
- Olt2412 user s guide 239
- Setting up login accounts 239
- Snmp command examples 239
- This example shows you how to display all snmp user information on the olt 239
- This example shows you how to display the snmp information on the olt 239
- Up to five people one administrator and four non administrators may access the olt via telnet at any one time 239
- Login account command examples 240
- Login account commands 240
- Password encryption 240
- Password commands 241
- Ssh overview 241
- How ssh works 242
- Requirements for using ssh 243
- Service access control commands 243
- Ssh implementation on the olt 243
- Remote management commands 244
- Service access control command example 244
- Chapter 32 access control 245
- Olt2412 user s guide 245
- Remote management command example 245
- This example allows computers in subnet 172 6 7 24 to access the olt through any service except snmp allows the computer at 192 68 0 to access the olt only through snmp and prevents other computers from accessing the olt at all 245
- Diagnostics 247
- Diagnostics commands 247
- Avg this field displays the average round trip time to ping the specified ip address 248
- Chapter 33 diagnostics 248
- Diagnostics commands examples 248
- Label description 248
- Max this field displays the maximum round trip time to ping the specified ip address 248
- Mdev this field displays the standard deviation in the round trip time to ping the specified ip address 248
- Min this field displays the minimum round trip time to ping the specified ip address 248
- Olt2412 user s guide 248
- Rate this field displays the percentage of icmp responses for icmp requests 248
- Rcvd this field displays the sequence number of the icmp response the olt received 248
- Reply from this field displays the ip address from which the olt received the icmp response 248
- Rtt this field displays the round trip time of the ping 248
- Sent this field displays the sequence number of the icmp request the olt sent 248
- Table 137 ping 248
- The following table describes the labels in this display 248
- This example sends ping requests to an ethernet device with ip address 172 6 7 54 248
- This example shows the current alarm led status for each slot in the olt it also lists the type of alarm detected when the alarm led is on 248
- This example shows the current and recent cpu utilization 248
- Chapter 33 diagnostics 249
- Label description 249
- Olt2412 user s guide 249
- Table 138 show cpu utilization 249
- The following table describes the labels in this display 249
- Syslog 251
- Syslog commands 251
- Syslog overview 251
- Mac table 253
- Mac table overview 253
- Mac address command examples 254
- Mac address commands 254
- Arp commands 257
- Arp table 257
- Arp table overview 257
- How arp works 257
- Arp command examples 258
- Chapter 36 arp table 258
- Label description 258
- Olt2412 user s guide 258
- Table 145 show ip arp 258
- The following table describes the labels in this display 258
- This example shows the arp table 258
- Overview 259
- Routing table 259
- Routing table commands 259
- Chapter 37 routing table 260
- Label description 260
- Olt2412 user s guide 260
- Routing table command examples 260
- Table 147 show ip route 260
- The following table describes the labels in this display 260
- This example shows the current routing table 260
- Olt configuration file 261
- Running configuration 261
- Running configuration commands 261
- Running configuration command examples 262
- Remote ont 263
- Remote ont configuration overview 263
- Alarm indication 266
- Bwgroup 266
- Chapter 39 remote ont 266
- Command description 266
- Counter 266
- No inactive 266
- Olt2412 user s guide 266
- Table 150 remote ont commands continued 266
- Chapter 39 remote ont 267
- Command description 267
- Here are the commands to configure a card on the ont and show the status 267
- Inactive 267
- Olt2412 user s guide 267
- Ont card 267
- Show remote ont summary 267
- Show remote ont unreg 267
- Table 150 remote ont commands continued 267
- Table 151 remote ont card commands 267
- Chapter 39 remote ont 268
- Command description 268
- Here is an example of the status 268
- Inactive 268
- Label description 268
- No inactive 268
- Olt2412 user s guide 268
- Ont ethernet port settings 268
- Pmenable 268
- Show remote ontcard config all 268
- Table 151 remote ont card commands continued 268
- Table 152 show remote ontcard status 268
- Table 153 remote ont ethernet port commands 268
- The following table describes labels in this display 268
- Use the remote ontenet commands to create and configure a subscriber ethernet interface on the ont s card this applies to a 10_100baset or 10_100_1000baset card type you can enable performance monitoring set the port speed and enable or disable the port here is the format of the command with the help displayed 268
- Chapter 39 remote ont 269
- Command description 269
- Inactive 269
- No inactive 269
- No pmenable 269
- Olt2412 user s guide 269
- Ont vdsl port settings 269
- Show remote ontenet config all 269
- Show remote ontvdsl config all 269
- Table 153 remote ont ethernet port commands continued 269
- Table 154 ont vdsl commands 269
- Use the remote ontvdsl command to create and configure a subscriber vdsl interface on a vdsl2 card on an mdu you can apply a vdsl line configuration template the following table describes the related commands 269
- Chapter 39 remote ont 270
- Inactive 270
- Label description 270
- No inactive 270
- Olt2412 user s guide 270
- Ont pots port settings 270
- Ont venet port settings 270
- Pmenable 270
- Table 155 ont venet commands 270
- Table 156 ont pots commands 270
- Use the remote ontpots command to create and configure a voip interface on a voip pots card on an ont such as zyxel s pmg5323 b20a the following table describes the related commands 270
- Use the remote ontvenet command to create and configure a virtual ethernet interface on a veip card a virtual ethernet card on a router mode ont you can enable performance monitoring and enable or disable the port the following table describes the related commands 270
- Ont video port settings 271
- Uni port settings 271
- Uni port queue settings 272
- Chapter 39 remote ont 273
- Olt2412 user s guide 273
- Tc4 limits upstream and downstream rates to 40 mbps 273
- This example removes all traffic classes on uniport 1 1 of ont 5 1 3 273
- This example removes traffic class 3 273
- This example shows the protocol base vlan rules on uniport 1 1 of ont 5 1 3 273
- Aesencryp 274
- Before creating a vlan rule we need to create the tc traffic class that controls the vlan s bandwidth 274
- Chapter 39 remote ont 274
- Gem por 274
- In the previous section we created tc3 and tc4 as below 274
- Ingpro 274
- Label description 274
- No vlan all 274
- Olt2412 user s guide 274
- Table 159 uni port vlan command parameters 274
- Uni port vlan settings 274
- Use the vlan command to configure vlan flow settings for the subscriber port on the remote ont see figure 45 on page 167 for where the vlan ids in the uni port vlan command fit in the reference configuration defined in itu t g 84 274
- Vlan help 274
- Chapter 39 remote ont 275
- Olt2412 user s guide 275
- The gem port 256 does not enable aes encryption 275
- The gem port 257 does not enable aes encryption 275
- The ont assigns traffic with vlan 103 and priority bit 3 to tc4 based on ingress profile pbit3totc3 tc3 limits the upstream and downstream traffic rates to 20 mbps 275
- The ont assigns traffic with vlan 103 and priority bit 4 to tc4 based on ingress profile pbit4totc4 tc4 limits the upstream and downstream traffic rates to 40 mbps 275
- The ont assigns vlan 103 traffic to gemport 256 275
- The ont assigns vlan 203 traffic to gemport 257 275
- The ont sends downstream vlan 103 traffic out untagged 275
- The ont sends downstream vlan 203 traffic out untagged 275
- The uniport vlan does not use tr156 mode 275
- This example creates vlan 103 on the ont with the following actions 275
- This example creates vlan 203 on the ont with the following actions 275
- This example deletes vlan rules on uniport 1 1 of ont 5 1 3 275
- This example shows the vlan rules on uni port 1 1 of ont 5 1 3 275
- To map the ieee 802 p priority bit from a vlan to a traffic class we need to create an ingress profile to use when we create the uni port vlan 275
- Chapter 39 remote ont 276
- Insert vlan103 and pbit 4 in arp packets the ont forwards to the olt 276
- Insert vlan103 and pbit 4 in ipoe packets the ont forwards to the olt 276
- Insert vlan203 and pbit 0 in pppoe packets the ont forwards to the olt 276
- Label description 276
- Olt2412 user s guide 276
- Table 160 uni port protocol based vlan command parameters 276
- This example creates 3 protocol based vlan rules on ont 5 1 3 uniport 1 1 to have the ont do the following 276
- This example deletes 3 protocol based vlan rules on ont 5 1 3 uniport 1 1 276
- Uni port protocol based vlan settings 276
- Use the protocol based command to configure uni port protocol based vlan 276
- Chapter 39 remote ont 277
- Label description 277
- No pvid 277
- Olt2412 user s guide 277
- Table 161 uni port pvid command parameters 277
- This example deletes the pvid on uniport 1 1 of ont 5 1 3 277
- This example sets up pvid on uniport 1 1 of ont 5 1 3 untagged packets from port 1 of ont 5 1 3 will be tagged by the ont with vid 203 and priority bit 2 277
- This example shows protocol based vlan rules on ont 5 1 3 uniport 1 1 277
- This example shows the pvid setting on uniport 1 1 of ont 5 1 3 277
- Uni port pvid settings 277
- Use the pvid command to configure uni port default vlan settings 277
- Chapter 39 remote ont 278
- For example we can create an igmp channel for the remote ont uni port as follows 278
- Igmpchannel counter 278
- Label description 278
- Olt2412 user s guide 278
- Table 162 uni port igmp channel commands 278
- Uni port igmp channel settings 278
- Use the igmpchannel command to configure a uni port with multicast subscriber information 278
- Cfm mep help 279
- Chapter 39 remote ont 279
- Label description 279
- Olt2412 user s guide 279
- Table 163 uni port mac limit commands 279
- Table 164 uni port cfm mep commands 279
- This example disables the mac limit on uniport 1 1 of ont 5 1 3 279
- This example sets up a mac limit number on uniport 1 1 of ont 5 1 3 279
- This example shows the mac limit setting on uniport 1 1 of ont 5 1 3 279
- Uni port cfm mep settings 279
- Uni port mac limit settings 279
- Use the cfm mep command to configure a maintenance association end point on a uni port 279
- Use the mac limit command to limit the number of mac addresses a uni port can learn 279
- Chapter 39 remote ont 280
- Label description 280
- Olt2412 user s guide 280
- Table 164 uni port cfm mep commands continued 280
- Management card control 281
- Management card control commands 281
- Management card control commands examples 281
- Management card control overview 281
- Chapter 40 management card control 282
- Olt2412 user s guide 282
- This example copies the active management card s running firmware to the standby management card s running firmware 282
- This example displays management card state and firmware version information from configuration mode 282
- Port protection switching 283
- Uplink port protection switching 283
- Downlink port protection switching 285
- Port state 287
- Pppoe ia 287
- Pppoe intermediate agent overview 287
- Chapter 42 pppoe ia 288
- Command description 288
- Olt2412 user s guide 288
- Pppoe intermediate agent commands summary 288
- Pppoe intermediate agent trust 288
- Table 168 pppoe intermediate agent commands 288
- This table describes the commands 288
- Activating pppoe ia 290
- Note you must activate pppoe ia for both the olt system and the vlan to use pppoe ia 290
- Pppoe ia configuration 290
- Access loop identification info description 291
- Chapter 42 pppoe ia 291
- Note the default access node identifier string is olt2412 291
- Note you must activate pppoe ia for the circuit id or remote id of the corresponding vlan to insert the given access loop identification information 291
- Olt2412 user s guide 291
- Pppoe ia access loop identification settings 291
- Table 169 access loop identification info 291
- The olt adds information to a padi or padr packet received from a non trusted port and forwards it to a trusted port 291
- The olt drops a pado or pads packet received from a non trusted port 291
- The olt handles pppoe discovery stage packets as follows 291
- These commands assign access loop identification information for the circuit id string and remote id strings for the specified port 291
- These commands assign access loop identification information for the circuit id string and remote id strings for the specified vlan on the specified port 291
- These commands assign an identifier string string option and delimiter for the circuit id string 291
- Chapter 42 pppoe ia 292
- Here are the pppoe ia show commands 292
- In other cases besides those described above the olt forwards pppoe discovery stage packets 292
- Olt2412 user s guide 292
- The olt forwards a padi or padr packet received from a trusted port to all trusted ports 292
- Ip and mac anti spoofing 293
- Ip and mac anti spoofing overview 293
- Activating ip and mac anti spoofing 294
- Chapter 43 ip and mac anti spoofing 294
- Ip and mac anti spoofing configuration 294
- Note you must activate anti spoofing on both the olt and the port 294
- Olt2412 user s guide 294
- The olt drops packets from source ip addresses or mac addresses listed in the exclusive entries and forwards others 294
- These commands activate and de activate anti spoofing on the olt 294
- These commands activate and de activate anti spoofing on the specified port 294
- These commands configure an anti spoofing entry on a port channel interface 294
- These commands delete all the anti spoofing entries for all ports 294
- These commands delete the specified anti spoofing entry on a port channel interface 294
- Vlan and mac spoofing settings 294
- Chapter 43 ip and mac anti spoofing 295
- Olt2412 user s guide 295
- These commands display the anti spoofing entries for all ports or a specified port 295
- Ddos overview 297
- Ddos setup 297
- Troubleshooting 299
- The alm led is on 300
- The olt cannot detect an onu or an onu cannot connect to the olt 300
- The olt cannot detect multiple onts onus or onts onus cannot connect to the olt 300
- Checking service related settings on the olt 301
- Rogue ont troubleshooting 301
- Chapter 45 troubleshooting 302
- Due to a rogue ont the olt finally finds the rogue ont with a serial number of 414c434c00050017 and blocks all of its upstream traffic 302
- Olt2412 user s guide 302
- While a rogue ont discovery is in progress you can use the stop command to terminate the discovery process at any time this command also has the olt add all onts back into the accepted ont list but if any ont still transmits traffic at the wrong time the olt will block all the pon port s ont traffic again 302
- Error logs troubleshooting 303
- Chapter 45 troubleshooting 304
- Olt2412 user s guide 304
- Table 176 log messages category log message type severity 304
- This table lists all log messages and their corresponding categories types and severities 304
- Chapter 45 troubleshooting 305
- Olt2412 user s guide 305
- Table 176 log messages continued category log message type severity 305
- Chapter 45 troubleshooting 306
- Olt2412 user s guide 306
- Table 176 log messages continued category log message type severity 306
- Chapter 45 troubleshooting 307
- Olt2412 user s guide 307
- Table 176 log messages continued category log message type severity 307
- Chapter 45 troubleshooting 308
- Olt2412 user s guide 308
- Table 176 log messages continued category log message type severity 308
- Chapter 45 troubleshooting 309
- Olt2412 user s guide 309
- Table 176 log messages continued category log message type severity 309
- Chapter 45 troubleshooting 310
- Olt2412 user s guide 310
- Table 176 log messages continued category log message type severity 310
- Chapter 45 troubleshooting 311
- Olt2412 user s guide 311
- Table 176 log messages continued category log message type severity 311
- Chapter 45 troubleshooting 312
- Olt2412 user s guide 312
- Table 176 log messages continued category log message type severity 312
- After you turn on the debug flag the omci provisioning process displays on the screen of the computer connected to the olt s console port 313
- Chapter 45 troubleshooting 313
- Olt2412 user s guide 313
- Product specifications 315
- System specifications 315
- Chapter 46 product specifications 316
- Frame ground cable specifications 316
- Item description 316
- Item value quantity 316
- Olt2412 user s guide 316
- Power consumption 316
- Table 177 system specifications continued 316
- Table 178 frame ground cable specifications 316
- Table 179 power consumption specifications 316
- The following table gives an overview of power consumption information 316
- The following table lists the specifications of the frame ground cable 316
- Firmware naming conventions 317
- Legal information 319
- Ppendi 319
- Appendix a legal information 320
- Olt2412 user s guide 320
- Registration 320
- Safety warnings 320
- Zyxel limited warranty 320
Похожие устройства
- HP 15-af012ur, n0k21ea Инструкция по эксплуатации
- Zyxel OLT2412 Инструкция по эксплуатации
- Zyxel OLT2412 Технические характеристики
- HP 15-af013ur, n0m60ea Инструкция по эксплуатации
- Zyxel PMG1006-B20A Инструкция по эксплуатации
- HP 15-af014ur, n0m61ea Инструкция по эксплуатации
- Zyxel PMG5318-B20A Инструкция по эксплуатации
- HP 15-af025ur, n2h87ea Инструкция по эксплуатации
- Zyxel PMG1005-T20A Инструкция по эксплуатации
- Zyxel VMG1312-B10B Инструкция по эксплуатации
- Zyxel VMG1312-B10B Технические характеристики
- Zyxel VMG5313-B10A Инструкция по эксплуатации
- Zyxel VMG5313-B10A Технические характеристики
- Zyxel VES-1624FT-55A Инструкция по эксплуатации
- Zyxel VES-1624FT-55A Инструкция по установке
- Zyxel VES-1616FE-55A Инструкция по эксплуатации
- Zyxel IES-1248 EE Инструкция по эксплуатации
- Барс EKO ARC 164 Инструкция по эксплуатации
- Барс EKO ARC 184 Инструкция по эксплуатации
- Барс EKO ARC 204 Инструкция по эксплуатации
Скачать
Случайные обсуждения